gcp-bc-784-ontariofarmer.gdev.postmedia.digital Open in urlscan Pro
34.95.11.30  Public Scan

Submitted URL: http://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Effective URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Submission: On February 17 via api from CA — Scanned from CA

Summary

This website contacted 76 IPs in 6 countries across 65 domains to perform 246 HTTP transactions. The main IP is 34.95.11.30, located in Montreal, Canada and belongs to GOOGLE-PRIVATE-CLOUD, US. The main domain is gcp-bc-784-ontariofarmer.gdev.postmedia.digital.
TLS certificate: Issued by R3 on February 16th 2022. Valid for: 3 months.
This is the only time gcp-bc-784-ontariofarmer.gdev.postmedia.digital was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 20 34.95.11.30 396982 (GOOGLE-PR...)
8 142.251.40.98 15169 (GOOGLE)
4 52.85.63.179 16509 (AMAZON-02)
2 16 104.16.190.66 13335 (CLOUDFLAR...)
1 52.85.61.78 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 52.85.61.89 16509 (AMAZON-02)
1 52.85.61.36 16509 (AMAZON-02)
5 52.85.61.25 16509 (AMAZON-02)
5 2607:f8b0:400... 15169 (GOOGLE)
2 2600:9000:220... 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
2 6 52.85.61.125 16509 (AMAZON-02)
1 2a04:4e42:400... 54113 (FASTLY)
6 151.101.130.133 54113 (FASTLY)
3 3.227.87.232 14618 (AMAZON-AES)
6 34.149.157.221 15169 (GOOGLE)
4 2a04:4e42:200... 54113 (FASTLY)
2 142.250.72.98 15169 (GOOGLE)
2 2600:141b:13:... 20940 (AKAMAI-ASN1)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 146.75.28.157 54113 (FASTLY)
2 99.83.154.140 16509 (AMAZON-02)
3 151.101.66.133 54113 (FASTLY)
1 4 2607:f8b0:400... 15169 (GOOGLE)
1 104.244.42.3 13414 (TWITTER)
1 104.244.42.197 13414 (TWITTER)
1 54.230.242.59 16509 (AMAZON-02)
3 3 52.200.181.105 14618 (AMAZON-AES)
2 2 185.184.10.30 203690 (RTB-HOUSE...)
2 2 2606:ae80:145... 25751 (VALUECLICK)
1 34.75.117.5 396982 (GOOGLE-PR...)
1 1 69.90.254.78 13768 (COGECO-PEER1)
5 10 35.169.48.117 14618 (AMAZON-AES)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 12 209.54.176.128 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
3 5 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
11 2607:f8b0:400... 15169 (GOOGLE)
1 54.224.102.47 14618 (AMAZON-AES)
5 5 35.173.74.115 14618 (AMAZON-AES)
8 12 142.250.65.194 15169 (GOOGLE)
12 34.204.255.47 14618 (AMAZON-AES)
1 4 35.190.60.146 15169 (GOOGLE)
2 2 23.209.184.224 16625 (AKAMAI-AS)
5 5 151.101.2.49 54113 (FASTLY)
2 2 54.236.214.209 14618 (AMAZON-AES)
3 3 185.29.134.248 30419 (MEDIAMATH...)
2 6 34.235.23.231 14618 (AMAZON-AES)
1 156.154.202.36 19907 (NEUSTAR-AS6)
4 4 23.52.162.21 16625 (AKAMAI-AS)
4 9 35.71.139.29 16509 (AMAZON-02)
2 23.52.161.180 16625 (AKAMAI-AS)
2 23.64.109.237 16625 (AKAMAI-AS)
1 5 34.98.64.218 15169 (GOOGLE)
4 4 68.67.179.155 29990 (ASN-APPNEX)
2 3 63.251.114.182 12181 (INTERNAP-...)
2 2 64.74.236.159 22075 (AS-OUTBRAIN)
1 104.36.115.113 62713 (AS-PUBMATIC)
2 3 23.36.85.188 16625 (AKAMAI-AS)
1 1 198.148.27.140 19189 (PULSEPOINT)
3 63.251.86.51 32475 (SINGLEHOP...)
1 1 199.38.167.129 54312 (ROCKETFUEL)
4 4 199.127.204.142 26120 (RHYTHMONE)
6 6 15.197.193.217 16509 (AMAZON-02)
4 5 8.43.72.98 26667 (RUBICONPR...)
1 2 34.210.160.53 16509 (AMAZON-02)
2 2 52.203.157.37 14618 (AMAZON-AES)
2 3 52.55.144.0 14618 (AMAZON-AES)
1 2 2600:1f18:4e9... 14618 (AMAZON-AES)
1 2 185.167.164.49 198622 (ADFORM)
3 8.28.7.83 62713 (AS-PUBMATIC)
2 2 107.178.254.65 15169 (GOOGLE)
1 1 34.98.67.3 15169 (GOOGLE)
1 8.28.7.84 62713 (AS-PUBMATIC)
3 104.36.115.109 62713 (AS-PUBMATIC)
1 1 52.116.221.248 36351 (SOFTLAYER)
1 1 2620:112:f002... 6336 (TURN-US-ASN)
1 5 8.43.72.97 26667 (RUBICONPR...)
10 2607:f8b0:400... 15169 (GOOGLE)
1 2 142.250.64.102 15169 (GOOGLE)
6 52.85.61.22 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2001:4998:14:... 14777 (YAHOO)
2 2600:9000:220... 16509 (AMAZON-02)
1 3.211.225.169 14618 (AMAZON-AES)
5 52.73.222.75 14618 (AMAZON-AES)
3 143.204.143.123 16509 (AMAZON-02)
7 2607:f8b0:400... 15169 (GOOGLE)
1 2600:9000:220... 16509 (AMAZON-02)
1 104.36.115.114 62713 (AS-PUBMATIC)
1 2a04:4e42::645 54113 (FASTLY)
246 76
Apex Domain
Subdomains
Transfer
32 postmedia.digital
gcp-bc-784-ontariofarmer.gdev.postmedia.digital
fem.prod.postmedia.digital — Cisco Umbrella Rank: 86165
smartcdn.prod.postmedia.digital — Cisco Umbrella Rank: 178808
smartcdn.gprod.postmedia.digital — Cisco Umbrella Rank: 68899
671 KB
26 krxd.net
cdn.krxd.net — Cisco Umbrella Rank: 1228
consumer.krxd.net — Cisco Umbrella Rank: 1569
usermatch.krxd.net — Cisco Umbrella Rank: 981
beacon.krxd.net — Cisco Umbrella Rank: 371
186 KB
26 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159
googleads.g.doubleclick.net — Cisco Umbrella Rank: 37
cm.g.doubleclick.net — Cisco Umbrella Rank: 175
ad.doubleclick.net — Cisco Umbrella Rank: 167
200 KB
19 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 356
ib.3lift.com — Cisco Umbrella Rank: 1015
tlx.3lift.com — Cisco Umbrella Rank: 532
img.3lift.com — Cisco Umbrella Rank: 2316
154 KB
18 googlesyndication.com
6b00730def75e20ba1a0d041587698a9.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 120
pagead2.googlesyndication.com — Cisco Umbrella Rank: 92
197 KB
17 districtm.io
hb.districtm.io — Cisco Umbrella Rank: 70016
cdn.districtm.io — Cisco Umbrella Rank: 1644
dmx.districtm.io — Cisco Umbrella Rank: 1164
dmx.us-east-31.districtm.io — Cisco Umbrella Rank: 14111
20 KB
16 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 263
s.amazon-adsystem.com — Cisco Umbrella Rank: 266
50 KB
12 rubiconproject.com
eus.rubiconproject.com — Cisco Umbrella Rank: 512
token.rubiconproject.com — Cisco Umbrella Rank: 593
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 935
pixel.rubiconproject.com — Cisco Umbrella Rank: 288
17 KB
11 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 429
image6.pubmatic.com — Cisco Umbrella Rank: 582
simage2.pubmatic.com — Cisco Umbrella Rank: 552
image4.pubmatic.com — Cisco Umbrella Rank: 738
image2.pubmatic.com — Cisco Umbrella Rank: 752
simage4.pubmatic.com — Cisco Umbrella Rank: 1024
26 KB
11 adsafeprotected.com
cdn.adsafeprotected.com — Cisco Umbrella Rank: 3336
pixel.adsafeprotected.com — Cisco Umbrella Rank: 519
static.adsafeprotected.com — Cisco Umbrella Rank: 502
dt.adsafeprotected.com — Cisco Umbrella Rank: 465
104 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 346
221 KB
10 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 561
2 KB
6 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 295
3 KB
6 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 598
ce.lijit.com — Cisco Umbrella Rank: 696
5 KB
6 ml314.com
ml314.com — Cisco Umbrella Rank: 1357
15 KB
6 google.com
adservice.google.com — Cisco Umbrella Rank: 59
www.google.com — Cisco Umbrella Rank: 2
2 KB
6 mparticle.com
jssdkcdns.mparticle.com — Cisco Umbrella Rank: 5051
identity.mparticle.com — Cisco Umbrella Rank: 2515
jssdks.mparticle.com — Cisco Umbrella Rank: 4790
48 KB
6 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 129
3 KB
5 openx.net
u.openx.net — Cisco Umbrella Rank: 636
us-u.openx.net — Cisco Umbrella Rank: 322
1 KB
5 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 491
1 KB
5 gstatic.com
fonts.gstatic.com
78 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 210
4 KB
4 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 463
ssum.casalemedia.com — Cisco Umbrella Rank: 1125
4 KB
4 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 283
id.rlcdn.com — Cisco Umbrella Rank: 548
827 B
3 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 419
ads.yahoo.com — Cisco Umbrella Rank: 835
2 KB
3 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 845
2 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 480
2 KB
3 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 789
1 KB
3 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 387
2 KB
3 google.ca
adservice.google.ca — Cisco Umbrella Rank: 12901
www.google.ca — Cisco Umbrella Rank: 8810
1 KB
3 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 768
1 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50
199 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
2 KB
2 pippio.com
pippio.com — Cisco Umbrella Rank: 692
849 B
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 529
950 B
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 662
585 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 187
2 KB
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 523
1 KB
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 444
1 KB
2 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 447
2 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 97
426 B
2 dotomi.com
districtm-match.dotomi.com — Cisco Umbrella Rank: 6427
685 B
2 creativecdn.com
us.creativecdn.com — Cisco Umbrella Rank: 2383
697 B
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 2498
srv-2022-02-17-05.pixel.parsely.com
20 KB
2 sail-personalize.com
api.sail-personalize.com — Cisco Umbrella Rank: 2482
474 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 126
115 KB
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 830
3 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 99
16 KB
2 cloudfront.net
d395dw5zk780j2.cloudfront.net
13 KB
1 ribn.com
assets.ribn.com — Cisco Umbrella Rank: 44469
4 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 146
38 KB
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 653
518 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 691
653 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 3850
359 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 821
584 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 615
747 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 516
679 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 388
680 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 946
606 B
1 t.co
t.co — Cisco Umbrella Rank: 456
336 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 468
458 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 539
6 KB
1 sail-horizon.com
ak.sail-horizon.com — Cisco Umbrella Rank: 2571
43 KB
1 lrcontent.com
auth.lrcontent.com — Cisco Umbrella Rank: 37875
47 KB
1 npttech.com
www.npttech.com — Cisco Umbrella Rank: 4023
3 KB
246 65
Domain Requested by
20 gcp-bc-784-ontariofarmer.gdev.postmedia.digital 1 redirects gcp-bc-784-ontariofarmer.gdev.postmedia.digital
12 beacon.krxd.net gcp-bc-784-ontariofarmer.gdev.postmedia.digital
cdn.krxd.net
12 cm.g.doubleclick.net 8 redirects ap.lijit.com
u.openx.net
eus.rubiconproject.com
12 s.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
match.sharethrough.com
ap.lijit.com
u.openx.net
cdn.districtm.io
ads.pubmatic.com
eus.rubiconproject.com
10 tpc.googlesyndication.com gcp-bc-784-ontariofarmer.gdev.postmedia.digital
securepubads.g.doubleclick.net
tpc.googlesyndication.com
10 cdn.ampproject.org securepubads.g.doubleclick.net
10 match.sharethrough.com 5 redirects s.amazon-adsystem.com
match.sharethrough.com
10 dmx.districtm.io 1 redirects hb.districtm.io
cdn.districtm.io
gcp-bc-784-ontariofarmer.gdev.postmedia.digital
9 eb2.3lift.com 4 redirects gcp-bc-784-ontariofarmer.gdev.postmedia.digital
8 securepubads.g.doubleclick.net gcp-bc-784-ontariofarmer.gdev.postmedia.digital
securepubads.g.doubleclick.net
www.googletagservices.com
7 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
6 ib.3lift.com securepubads.g.doubleclick.net
ib.3lift.com
gcp-bc-784-ontariofarmer.gdev.postmedia.digital
6 match.adsrvr.org 6 redirects
6 ml314.com 2 redirects gcp-bc-784-ontariofarmer.gdev.postmedia.digital
ml314.com
6 smartcdn.gprod.postmedia.digital gcp-bc-784-ontariofarmer.gdev.postmedia.digital
6 cdn.krxd.net fem.prod.postmedia.digital
cdn.krxd.net
6 sb.scorecardresearch.com 2 redirects fem.prod.postmedia.digital
gcp-bc-784-ontariofarmer.gdev.postmedia.digital
5 dt.adsafeprotected.com gcp-bc-784-ontariofarmer.gdev.postmedia.digital
5 token.rubiconproject.com 4 redirects eus.rubiconproject.com
5 sync-tm.everesttech.net 5 redirects
5 usermatch.krxd.net 5 redirects
5 www.google.com 3 redirects gcp-bc-784-ontariofarmer.gdev.postmedia.digital
tpc.googlesyndication.com
5 cdn.districtm.io 1 redirects hb.districtm.io
cdn.districtm.io
s.amazon-adsystem.com
5 fonts.gstatic.com fonts.googleapis.com
5 smartcdn.prod.postmedia.digital gcp-bc-784-ontariofarmer.gdev.postmedia.digital
4 pixel.rubiconproject.com eus.rubiconproject.com
4 ib.adnxs.com 4 redirects
4 googleads.g.doubleclick.net 1 redirects www.googleadservices.com
gcp-bc-784-ontariofarmer.gdev.postmedia.digital
4 identity.mparticle.com jssdkcdns.mparticle.com
4 c.amazon-adsystem.com gcp-bc-784-ontariofarmer.gdev.postmedia.digital
c.amazon-adsystem.com
3 img.3lift.com ib.3lift.com
gcp-bc-784-ontariofarmer.gdev.postmedia.digital
3 image2.pubmatic.com ads.pubmatic.com
3 simage2.pubmatic.com ads.pubmatic.com
3 us-u.openx.net u.openx.net
3 ps.eyeota.net 2 redirects gcp-bc-784-ontariofarmer.gdev.postmedia.digital
3 sync.1rx.io 3 redirects
3 ce.lijit.com ap.lijit.com
3 px.owneriq.net 2 redirects ap.lijit.com
3 ap.lijit.com 2 redirects s.amazon-adsystem.com
3 sync.mathtag.com 3 redirects
3 idsync.rlcdn.com 1 redirects gcp-bc-784-ontariofarmer.gdev.postmedia.digital
ads.pubmatic.com
3 sync.srv.stackadapt.com 3 redirects
3 consumer.krxd.net cdn.krxd.net
3 pixel.adsafeprotected.com cdn.adsafeprotected.com
gcp-bc-784-ontariofarmer.gdev.postmedia.digital
3 www.googletagmanager.com fem.prod.postmedia.digital
www.googletagmanager.com
3 fonts.googleapis.com gcp-bc-784-ontariofarmer.gdev.postmedia.digital
securepubads.g.doubleclick.net
2 static.adsafeprotected.com pixel.adsafeprotected.com
gcp-bc-784-ontariofarmer.gdev.postmedia.digital
2 ad.doubleclick.net 1 redirects gcp-bc-784-ontariofarmer.gdev.postmedia.digital
2 pippio.com 2 redirects
2 c1.adform.net 1 redirects ads.pubmatic.com
2 pr-bh.ybp.yahoo.com 1 redirects u.openx.net
2 sync.crwdcntrl.net 2 redirects
2 dpm.demdex.net 1 redirects gcp-bc-784-ontariofarmer.gdev.postmedia.digital
2 b1sync.zemanta.com 2 redirects
2 ssum.casalemedia.com 2 redirects
2 u.openx.net 1 redirects s.amazon-adsystem.com
2 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
2 ads.pubmatic.com s.amazon-adsystem.com
ads.pubmatic.com
2 ssum-sec.casalemedia.com 2 redirects
2 match.prod.bidr.io 2 redirects
2 stags.bluekai.com 2 redirects
2 www.google.ca gcp-bc-784-ontariofarmer.gdev.postmedia.digital
2 www.facebook.com gcp-bc-784-ontariofarmer.gdev.postmedia.digital
2 districtm-match.dotomi.com 2 redirects
2 us.creativecdn.com 2 redirects
2 api.sail-personalize.com ak.sail-horizon.com
2 connect.facebook.net gcp-bc-784-ontariofarmer.gdev.postmedia.digital
connect.facebook.net
2 snap.licdn.com www.googletagmanager.com
snap.licdn.com
2 www.googleadservices.com www.googletagmanager.com
www.googleadservices.com
2 d395dw5zk780j2.cloudfront.net fem.prod.postmedia.digital
d395dw5zk780j2.cloudfront.net
1 jssdks.mparticle.com jssdkcdns.mparticle.com
1 simage4.pubmatic.com ads.pubmatic.com
1 assets.ribn.com gcp-bc-784-ontariofarmer.gdev.postmedia.digital
1 tlx.3lift.com ib.3lift.com
1 id.rlcdn.com eus.rubiconproject.com
1 ads.yahoo.com eus.rubiconproject.com
1 www.googletagservices.com securepubads.g.doubleclick.net
1 pixel-us-east.rubiconproject.com 1 redirects
1 ad.turn.com 1 redirects
1 um.simpli.fi 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 tags.rd.linksynergy.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 p.rfihub.com 1 redirects
1 bh.contextweb.com 1 redirects
1 image6.pubmatic.com ads.pubmatic.com
1 aa.agkn.com gcp-bc-784-ontariofarmer.gdev.postmedia.digital
1 srv-2022-02-17-05.pixel.parsely.com gcp-bc-784-ontariofarmer.gdev.postmedia.digital
1 6b00730def75e20ba1a0d041587698a9.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.ca securepubads.g.doubleclick.net
1 ums.acuityplatform.com 1 redirects
1 dmx.us-east-31.districtm.io gcp-bc-784-ontariofarmer.gdev.postmedia.digital
1 cdn.parsely.com www.googletagmanager.com
1 t.co gcp-bc-784-ontariofarmer.gdev.postmedia.digital
1 analytics.twitter.com static.ads-twitter.com
1 static.ads-twitter.com gcp-bc-784-ontariofarmer.gdev.postmedia.digital
1 jssdkcdns.mparticle.com fem.prod.postmedia.digital
1 fem.prod.postmedia.digital gcp-bc-784-ontariofarmer.gdev.postmedia.digital
1 ak.sail-horizon.com gcp-bc-784-ontariofarmer.gdev.postmedia.digital
1 auth.lrcontent.com gcp-bc-784-ontariofarmer.gdev.postmedia.digital
1 www.npttech.com gcp-bc-784-ontariofarmer.gdev.postmedia.digital
1 cdn.adsafeprotected.com gcp-bc-784-ontariofarmer.gdev.postmedia.digital
1 hb.districtm.io gcp-bc-784-ontariofarmer.gdev.postmedia.digital
246 104
Subject Issuer Validity Valid
gcp-bc-784-driving.gdev.postmedia.digital
R3
2022-02-16 -
2022-05-17
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-01-17 -
2022-04-11
3 months crt.sh
c.amazon-adsystem.com
Amazon
2021-07-06 -
2022-06-27
a year crt.sh
districtm.io
Cloudflare Inc ECC CA-3
2021-06-02 -
2022-06-01
a year crt.sh
*.adsafeprotected.com
Amazon
2021-07-21 -
2022-08-19
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-01-17 -
2022-04-11
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-07-05 -
2022-07-04
a year crt.sh
ak.sail-horizon.com
Amazon
2022-01-06 -
2023-02-02
a year crt.sh
fem.prod.postmedia.digital
Amazon
2021-11-08 -
2022-12-06
a year crt.sh
*.prod.postmedia.digital
Amazon
2022-01-15 -
2023-02-13
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-02-07 -
2022-05-02
3 months crt.sh
*.cloudfront.net
Amazon
2021-03-19 -
2022-03-17
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-01-17 -
2022-04-11
3 months crt.sh
*.scorecardresearch.com
Amazon
2022-01-29 -
2023-02-27
a year crt.sh
jssdkcdns.mparticle.com
R3
2021-12-27 -
2022-03-27
3 months crt.sh
cdn.krxd.net
DigiCert TLS RSA SHA256 2020 CA1
2021-12-30 -
2022-12-29
a year crt.sh
fw.adsafeprotected.com
Amazon
2021-08-11 -
2022-09-09
a year crt.sh
smartcdn.gprod.postmedia.digital
GTS CA 1D4
2022-02-12 -
2022-05-13
3 months crt.sh
identity.mparticle.com
Go Daddy Secure Certificate Authority - G2
2021-07-07 -
2022-08-08
a year crt.sh
www.googleadservices.com
GTS CA 1C3
2022-02-07 -
2022-05-02
3 months crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA
2021-07-15 -
2022-07-20
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-11-26 -
2022-02-24
3 months crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1
2021-07-21 -
2022-07-26
a year crt.sh
api.sail-personalize.com
Amazon
2021-06-24 -
2022-07-23
a year crt.sh
consumer.krxd.net
DigiCert TLS RSA SHA256 2020 CA1
2021-07-13 -
2022-07-12
a year crt.sh
*.googleadservices.com
GTS CA 1C3
2022-02-07 -
2022-05-02
3 months crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1
2021-03-24 -
2022-03-23
a year crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1
2021-03-24 -
2022-03-23
a year crt.sh
*.parsely.com
Amazon
2021-07-05 -
2022-08-03
a year crt.sh
s.amazon-adsystem.com
Amazon
2021-07-14 -
2022-06-27
a year crt.sh
*.google.ca
GTS CA 1C3
2022-02-07 -
2022-05-02
3 months crt.sh
*.google.com
GTS CA 1C3
2022-01-17 -
2022-04-11
3 months crt.sh
www.google.com
GTS CA 1C3
2022-02-07 -
2022-05-02
3 months crt.sh
*.pixel.parsely.com
R3
2022-01-22 -
2022-04-22
3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2022-02-03 -
2023-02-25
a year crt.sh
*.ml314.com
Amazon
2021-12-17 -
2023-01-14
a year crt.sh
*.sharethrough.com
Amazon
2021-08-13 -
2022-09-11
a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA
2022-02-04 -
2023-02-03
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2021-04-01 -
2022-04-04
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2021-07-08 -
2022-08-08
a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2
2021-03-11 -
2022-04-12
a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-01-18 -
2022-07-13
6 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1
2021-09-06 -
2022-10-07
a year crt.sh
misc-sni.google.com
GTS CA 1C3
2022-01-17 -
2022-04-11
3 months crt.sh
*.3lift.com
Amazon
2021-06-12 -
2022-07-11
a year crt.sh
static.adsafeprotected.com
Amazon
2021-09-05 -
2022-10-04
a year crt.sh
dt.adsafeprotected.com
Amazon
2021-04-22 -
2022-05-21
a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1
2021-11-03 -
2022-11-02
a year crt.sh
*.ribn.com
Amazon
2021-09-20 -
2022-10-19
a year crt.sh
jssdks.mparticle.com
R3
2021-12-27 -
2022-03-27
3 months crt.sh

This page contains 29 frames:

Primary Page: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Frame ID: 335BB8B8B8AB2542F9B590C3654DF51C
Requests: 106 HTTP requests in this frame

Frame: https://d395dw5zk780j2.cloudfront.net/v51.1/xd.html
Frame ID: 856F6A12A44E45E785F0B9EE78FDF6DC
Requests: 2 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 6B3AAE13AB3B50E12C6E01488DB5BBAB
Requests: 9 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: ECC1204CE70683BEEA478AC826317960
Requests: 23 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&dcc=t
Frame ID: AA4C002F82DFDFC7E3F1AF3478AC10FE
Requests: 1 HTTP requests in this frame

Frame: https://6b00730def75e20ba1a0d041587698a9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 60DFAC139994BE909327E76EA41FE196
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Frame ID: 26E176C335A0B195D887ACB8FC5C099B
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: 9AA0083F1DDBEA8274DA622AFCF52B3A
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Frame ID: 0A2A19EB2B35F8A98F8F4CF13D90933F
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: 8EC1BFB6F38397A17E336197237DA9EE
Requests: 12 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: 5E96712FE025849DF374E35F4B73BD7E
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=565191321469147478&ex=districtm
Frame ID: B03D4BF15B02AC4CDDB07D65534B6A1A
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=565191321469147478&ex=appnexus.com
Frame ID: A960297E54C0CCAF08DD46AD792E420C
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Frame ID: 271631F33372070EE510067A0616F3EA
Requests: 7 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
Frame ID: 86E375D1AB5759D812CBC84B88949CCC
Requests: 3 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2058278953832408679159
Frame ID: 3A12AF425F37E0D93D0CACC7BE50E244
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: D60B14664C2838EA475C9A5131B11E78
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=7FA3C964-8A29-4CB7-927F-A9B0E818EA92
Frame ID: 0D8FE2D203C3C730E582F58107122390
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yg3YdAAG1RV6CABH&gdpr=0&gdpr_consent=
Frame ID: 0E51FE4E6F014C2B7283F7AB2EBA6F0B
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=7FA3C964-8A29-4CB7-927F-A9B0E818EA92&ex=pubmatic.com
Frame ID: 5AB635080CD92AFD9823237835F6321C
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012202072236000/amp4ads-v0.mjs
Frame ID: 6440E8CD80487A9BBE772B2AA67B3F38
Requests: 13 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012202072236000/amp4ads-v0.mjs
Frame ID: 5513F8E3D68AEFFA1EFB2442ADDC29D7
Requests: 17 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=928934&campId=5x5&pubId=4811995650&chanId=21809871911&placementId=5900230719&pubCreative=138379291044&pubOrder=2975178441&cb=782100468&custom=index&custom2=1&adsafe_par&impId=bc0649aa-8faf-11ec-8885-02858871ae57
Frame ID: 9DB28714804DF1E4BE0DA7AE3704B784
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvEr9wwBnups9omI9sbc7tLQyh7bsgw7g3cLcT9mpJ-FxXf50aXfGzBCZrxAcoEu53upmu7fDg-Bl5ssP9dmwRGF2Rj_0jqvLGHiUhoDCOz7dl4JhZQNikTagIJ7Mw2G2inA8Qruz3Y1n9GmkURlfIOh5vFQQUIvzSG3DxB2V3xwppaJ_UrVnQEW7Pr7ahy8vlAiuHY6n9kscLcQfPWqT2H_Yif-4XopuKzMqK1tC9rs-_NNrnIdoBSxNtjQ2DbwYVbTeBm6S1CM4JL3hH9tezXcoZBgfusALu7WoIwoduFVN8SNsCvvl-mncLnULu7LxjYPsLNEs_sezGDTJ7T34UdQwNZuhv41tmJdhaLCMo2w2grhjHoKFTM&sai=AMfl-YQJBv-ZtEvpD6gQjrQQrXaQDWCUYfK2K5hrckq121jiQRS5bjR1IZ0bsC4PoxZzlHEjl3NaEecrMk9n4Nq9r9yRCoKsmfApqwIZWXJmKywnAPE3wlLrpujOKTl7g4R_9iLqMW74Z0JC7n3EcX4v&sig=Cg0ArKJSzO7JZi5xljdFEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: C5E660207EA7E3EDFC16B59BB579A29E
Requests: 10 HTTP requests in this frame

Frame: https://tlx.3lift.com/web/adserving?inv_code=Promoted_By_Desktop&referrer=https%3A%2F%2Fgcp-bc-784-ontariofarmer.gdev.postmedia.digital%2F&rev=e0fe245&fe=0&ft=1&cb=9761425052&tid=11059141&n=1
Frame ID: 8D24092B64FF71B5594479A1243AB830
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: A46934BC4FCB5BEECCF3E7543FC76999
Requests: 1 HTTP requests in this frame

Frame: https://img.3lift.com/lp?width=334&height=258&url=%2F%2Fimages.3lift.com%2F15221614.jpg&logo_exclude=&v=15
Frame ID: 0933358C70010055086CF04ACB3D4FED
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 726A10CC2D9221C49ADF6EC5DC6ADADF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E649A7662A7ABEBA68BA19DA77ED99E7
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Home | Ontario FarmerOntario Farmer

Page URL History Show full URLs

  1. http://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/ HTTP 308
    https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

246
Requests

78 %
HTTPS

28 %
IPv6

65
Domains

104
Subdomains

76
IPs

6
Countries

2505 kB
Transfer

7242 kB
Size

100
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/ HTTP 308
    https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62
  • https://sb.scorecardresearch.com/b?c1=2&c2=10276888&ns__t=1645074547950&ns_c=UTF-8&c8=Home%20%7C%20Ontario%20Farmer&c7=https%3A%2F%2Fgcp-bc-784-ontariofarmer.gdev.postmedia.digital%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=10276888&ns__t=1645074547950&ns_c=UTF-8&c8=Home%20%7C%20Ontario%20Farmer&c7=https%3A%2F%2Fgcp-bc-784-ontariofarmer.gdev.postmedia.digital%2F&c9=
Request Chain 81
  • https://sync.srv.stackadapt.com/sync?nid=132 HTTP 302
  • https://dmx.districtm.io/s/10026/cnQHT8ghQ_dqj0z63FAP4JU4mbU
Request Chain 82
  • https://us.creativecdn.com/cm-notify?pi=districtm HTTP 302
  • https://us.creativecdn.com/cm-notify?pi=districtm&tc=1 HTTP 302
  • https://dmx.districtm.io/s/10027/A4OH1k88hu6Ht1EPJ5NN?pi=districtm&tc=1
Request Chain 83
  • https://districtm-match.dotomi.com/match/bounce/current?version=1&networkId=33921&nuid=25DvcHLEs95bmyzizY2Hake2SeC&rurl=//dmx.us-east-31.districtm.io/s/10007/ HTTP 302
  • https://districtm-match.dotomi.com/match/bounce/current?DotomiTest=164461534bee11fe&is_secure=true&version=1&networkId=33921&nuid=25DvcHLEs95bmyzizY2Hake2SeC&rurl=%2F%2Fdmx.us-east-31.districtm.io%2Fs%2F10007%2F HTTP 302
  • https://dmx.us-east-31.districtm.io/s/10007/AAAGZMIGL6OoRwMys_10AAAAAAA&expiration=1645160948&nuid=25DvcHLEs95bmyzizY2Hake2SeC&is_secure=true
Request Chain 84
  • https://ums.acuityplatform.com/tum?umid=137&rurl=https%3A%2F%2Fdmx.districtm.io%2Fs%2F10022%2F___AUID___ HTTP 302
  • https://dmx.districtm.io/s/10022/647778910327
Request Chain 85
  • https://match.sharethrough.com/1PQ8qgv7/v1/ HTTP 302
  • https://dmx.districtm.io/s/10059/91b7ffb9-173e-4d3a-80d6-baa9ea5bbbb0
Request Chain 88
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&dcc=t
Request Chain 91
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/580448699/?random=43574426&cv=9&fst=1645074548259&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg2g0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgcp-bc-784-ontariofarmer.gdev.postmedia.digital%2F&tiba=Home%20%7C%20Ontario%20Farmer&auid=108795257.1645074548&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=dNgNYtaBFK6MoPMP7quTwAo&sscte=1&crd=CNPgGw&eitems=ChAIgN6ykAYQsKClzo649cImEh0AY0P93OIJcj0EPGUvPZYKnno9JyWIKE2Vy-wN5g HTTP 302
  • https://www.google.com/pagead/1p-conversion/580448699/?random=43574426&cv=9&fst=1645074548259&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg2g0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgcp-bc-784-ontariofarmer.gdev.postmedia.digital%2F&tiba=Home%20%7C%20Ontario%20Farmer&auid=108795257.1645074548&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=dNgNYtaBFK6MoPMP7quTwAo&cid=CAQSKQCNIrLM5Lm6x_xy3S5lidkMCosszUD0SNwUPi1Sjk-piYDZvWSCRbwD&eitems=ChAIgN6ykAYQsKClzo649cImEh0AY0P93KLyJKUOFXGryVeBgkmrvFTGOHs2HMzH8w&random=1304662963&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.ca/pagead/1p-conversion/580448699/?random=43574426&cv=9&fst=1645074548259&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg2g0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgcp-bc-784-ontariofarmer.gdev.postmedia.digital%2F&tiba=Home%20%7C%20Ontario%20Farmer&auid=108795257.1645074548&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=dNgNYtaBFK6MoPMP7quTwAo&cid=CAQSKQCNIrLM5Lm6x_xy3S5lidkMCosszUD0SNwUPi1Sjk-piYDZvWSCRbwD&eitems=ChAIgN6ykAYQsKClzo649cImEh0AY0P93KLyJKUOFXGryVeBgkmrvFTGOHs2HMzH8w&random=1304662963&resp=GooglemKTybQhCsO&ipr=y&prhg=0
Request Chain 100
  • https://usermatch.krxd.net/um/v2?partner=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=T3F0UDdwU1M HTTP 302
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESEI0Bw69BjhWGowyk_GbWNPQ&google_cver=1
Request Chain 101
  • https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=T3F0UDdwU1M HTTP 302
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESEI0Bw69BjhWGowyk_GbWNPQ&google_cver=1
Request Chain 103
  • https://stags.bluekai.com/site/26357?id=OqtP7pSS&redir=https://beacon.krxd.net/usermatch.gif?_kuid%3DOqtP7pSS%26partner%3Dbluekai%26bk_uuid%3D%24_BK_UUID HTTP 302
  • https://beacon.krxd.net/usermatch.gif?_kuid=OqtP7pSS&partner=bluekai&bk_uuid=$_BK_UUID
Request Chain 105
  • https://sync-tm.everesttech.net/upi/pid/NC4WTmcy?redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner_id%3Dcb276571-e0d9-4438-9fd4-80a1ff034b01%26puid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/NC4WTmcy?redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner_id%3Dcb276571-e0d9-4438-9fd4-80a1ff034b01%26puid%3D%24%7BTM_USER_ID%7D&_test=Yg3YdAAG1RV6CABH HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner_id=cb276571-e0d9-4438-9fd4-80a1ff034b01&puid=Yg3YdAAG1RV6CABH&_test=Yg3YdAAG1RV6CABH
Request Chain 106
  • https://usermatch.krxd.net/um/v2?partner=beeswax HTTP 302
  • https://match.prod.bidr.io/cookie-sync/krux?partner_user_id=OqtP7pSS HTTP 303
  • https://match.prod.bidr.io/cookie-sync/krux?partner_user_id=OqtP7pSS&_bee_ppp=1 HTTP 303
  • https://beacon.krxd.net/usermatch.gif?partner=beeswax&partner_uid=AACoA07EG7EAAHNu_qSMdA
Request Chain 107
  • https://usermatch.krxd.net/um/v2?partner=mediamath HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10031&mt_exuid=OqtP7pSS&redirect=https://beacon.krxd.net/usermatch.gif?partner%3Dmediamath%26partner_id%3D%5BMM_UUID%5D HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=mediamath&partner_id=c96e620d-d875-4000-b105-ca4d790b2560
Request Chain 109
  • https://usermatch.krxd.net/um/v2?partner=neustar HTTP 302
  • https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=OqtP7pSS
Request Chain 110
  • https://ssum-sec.casalemedia.com/usermatchredir?s=183716&cb=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcasale%26partner_uid%3D__UID__ HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcasale%26partner_uid%3D__UID__&s=183716&C=1 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=casale&partner_uid=Yg3YdHjLBAU6rtOYMfvLqgAA%26037
Request Chain 111
  • https://sync.srv.stackadapt.com/sync?nid=salesforce HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=stackadapt&partner_uid=cnQHT8ghQ_dqj0z63FAP4JU4mbU
Request Chain 112
  • https://usermatch.krxd.net/um/v2?partner=triplelift&gdpr=0&cmp_cs=&us_privacy=undefined HTTP 302
  • https://eb2.3lift.com/xuid?mid=3587&xuid=OqtP7pSS&dongle=13b2&rdir=https://beacon.krxd.net/usermatch.gif?partner%3Dtriplelift%26partner_uid%3D$UID&gdpr=0&cmp_cs=&us_privacy=undefined HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=3587&xuid=OqtP7pSS&dongle=13b2&gdpr=0&cmp_cs=&us_privacy=undefined&rdir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dtriplelift%26partner_uid%3D%24UID HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=triplelift&partner_uid=2058278953832408679159
Request Chain 116
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Request Chain 117
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=districtm HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Ddistrictm HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=565191321469147478&ex=districtm
Request Chain 118
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=565191321469147478&ex=appnexus.com
Request Chain 119
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com HTTP 302
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Request Chain 120
  • https://cdn.districtm.io/ids/?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D HTTP 301
  • https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
Request Chain 121
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2058278953832408679159
Request Chain 125
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1 HTTP 302
  • https://sync.srv.stackadapt.com/sync?nid=15 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-7274074f-c821-43f7-6a8f-4cfadc500fe0$ip$149.56.153.181
Request Chain 126
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2 HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?s=186046&cb=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DGM7HYz3VFjuymbiqnJLyjuPy%26source_user_id%3D__UID__ HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=Yg3YdHjLBAU6rtOYMfvLqgAA%26037
Request Chain 127
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3 HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?s=186046&cb=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DGM7HYz3VFjuymbiqnJLyjuPy%26source_user_id%3D__UID__ HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=Yg3YdHjLBAU6rtOYMfvLqgAA%26037
Request Chain 128
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4 HTTP 302
  • https://b1sync.zemanta.com/usersync/sharethrough/ HTTP 302
  • https://stags.bluekai.com/site/23178?id=5CssYB7_TZQrcfZZbsR_&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS63LBORRWQLTTNBQXEZLUNBZG65LHNAXGG33NF5ZXS3TDF53DCP3FPBRWQYLOM5ST243IMFZGK5DIOJXXKZ3IEZZW65LSMNSV62LEHVQTOOJTGUZTANJYGE2GMODDGVSTEYJTGRRGCNJUEZZW65LSMNSV65LTMVZF62LEHU2UG43TLFBDOX2ULJIXEY3GLJNGE42SL4 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS63LBORRWQLTTNBQXEZLUNBZG65LHNAXGG33NF5ZXS3TDF53DCP3FPBRWQYLOM5ST243IMFZGK5DIOJXXKZ3IEZZW65LSMNSV62LEHVQTOOJTGUZTANJYGE2GMODDGVSTEYJTGRRGCNJUEZZW65LSMNSV65LTMVZF62LEHU2UG43TLFBDOX2ULJIXEY3GLJNGE42SL4 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=a7935305814f8c5e2a34ba54&source_user_id=5CssYB7_TZQrcfZZbsR_
Request Chain 135
  • https://px.owneriq.net/eucm/p/sv?gdpr=0&gdpr_consent= HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fpx.owneriq.net%2ffr%2fepx.gif&uid=Q6983609491834525044&ref=%2Feucm%2Fp%2Fsv HTTP 302
  • https://px.owneriq.net/fr/epx.gif
Request Chain 136
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=OTZlM2EzMmU0YjU0NjlmNmU2OWY0N2Y5&gdpr=0
Request Chain 137
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=49&3pid=URGjRyg863Kd&ev=1&pid=558511&gdpr_consent=&gdpr=0
Request Chain 138
  • https://p.rfihub.com/cm?in=1&pub=1827&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=10&3pid=997336229462069891
Request Chain 139
  • https://sync.1rx.io/usersync2/sovrn?gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/sovrn?zcc=1&cb=1645074549291 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1973604982 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/6ec115a6-b8c6-4d04-b7cf-011668d723f5 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-059baaf5-995d-4f85-9abe-1b67a194b8d0-005?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D56%263pid%3DRX-059baaf5-995d-4f85-9abe-1b67a194b8d0-005 HTTP 302
  • https://ce.lijit.com/merge?pid=56&3pid=RX-059baaf5-995d-4f85-9abe-1b67a194b8d0-005
Request Chain 141
  • https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3625196176948068415&redir= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3625196176948068415&redir=
Request Chain 142
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
  • https://ml314.com/utsync.ashx?eid=53819&et=0&fp=7c3db795-87bc-407a-a70f-27243940d7c4&gdpr=0&gdpr_consent=
Request Chain 143
  • https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3625196176948068415 HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3625196176948068415 HTTP 302
  • https://ml314.com/csync.ashx?fp=3adb5b806e5680cd270c0279f7a98553&eid=50146&person_id=3625196176948068415
Request Chain 144
  • https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif HTTP 302
  • https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2CIA8wru2QP48_ux8OjlDpPGim8SP_XT5Rbkbz-NnWPg&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26referrer_pid%3Dr8hrb20 HTTP 302
  • https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
Request Chain 145
  • https://ml314.com/csync.ashx?fp=OqtP7pSS&person_id=3625196176948068415&eid=748&return=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dmadisonlogic%26partner_uid%3D3625196176948068415 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=madisonlogic&partner_uid=3625196176948068415
Request Chain 148
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yg3YdAAG1RV6CABH
Request Chain 150
  • https://match.adsrvr.org/track/cmf/openx?oxid=4c929a01-0701-3072-4893-d1903c875d67&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=4c929a01-0701-3072-4893-d1903c875d67&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=6ec115a6-b8c6-4d04-b7cf-011668d723f5&ttd_puid=4c929a01-0701-3072-4893-d1903c875d67
Request Chain 152
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDx00nhRFOhu7c08doAztIg&google_cver=1
Request Chain 153
  • https://dmx.districtm.io/s/v1/users/10002 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=dmx.com&id=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAyLCJ1c3IiOiJxZ1llc2dZYk1qVkVkbU5JVEVWek9UVmliWGw2YVhwWk1raGhhMlV5VTJWRCJ9.Q2jMHc0O2-oguVUwcqYvTGNVun_WoVNXwuhKlVBk3SZuosDsXUCKE-0Eoipk0a2nEZCCvXs-HEEnpY8GA9c-Fg
Request Chain 154
  • https://c1.adform.net/serving/cookie/match?party=14&cid=7FA3C964-8A29-4CB7-927F-A9B0E818EA92 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=7FA3C964-8A29-4CB7-927F-A9B0E818EA92
Request Chain 155
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yg3YdAAG1RV6CABH&gdpr=0&gdpr_consent=
Request Chain 157
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=f6PJZIopTLeSf6mw6Bjqkg%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 158
  • https://idsync.rlcdn.com/420486.gif?partner_uid=7FA3C964-8A29-4CB7-927F-A9B0E818EA92 HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=d3b4dac02aa471cd9dfd3e8df903f46257e5aa51260522509f1fa3be156f67d4791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBkM2I0ZGFjMDJhYTQ3MWNkOWRmZDNlOGRmOTAzZjQ2MjU3ZTVhYTUxMjYwNTIyNTA5ZjFmYTNiZTE1NmY2N2Q0NzkxNDI2YjU0MTdkY2UyMRAAGgwI9bC3kAYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBkM2I0ZGFjMDJhYTQ3MWNkOWRmZDNlOGRmOTAzZjQ2MjU3ZTVhYTUxMjYwNTIyNTA5ZjFmYTNiZTE1NmY2N2Q0NzkxNDI2YjU0MTdkY2UyMRAAGgwI9bC3kAYSBAgCEABCAEoA&google_gid=CAESEBPMslHONnhBE7h8yxLvWWc&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=c66f3f1a-d27a-48af-8eee-5f9eb3f6b38a
Request Chain 159
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=9c31620d-d875-4700-8aaa-f4be4888411e
Request Chain 160
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=N0ZBM0M5NjQtOEEyOS00Q0I3LTkyN0YtQTlCMEU4MThFQTky&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 161
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELf0le0gClPWlGY5stwrSLU&google_cver=1
Request Chain 162
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:1B55EB1C413341B7B075D7432670536F
Request Chain 163
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2790509209170058835&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 164
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7c3db795-87bc-407a-a70f-27243940d7c4
Request Chain 165
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=KZQIWU27-X-84BV HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=KZQIWU27-X-84BV&ex=d-rubiconproject.com&status=ok
Request Chain 175
  • https://ad.doubleclick.net/ddm/trackimp/N349404.134426GOOGLEDISPLAYNETWO/B10474315.325077534;dc_trk_aid=517454269;dc_trk_cid=164133779;ord=3948357834;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N349404.134426GOOGLEDISPLAYNETWO/B10474315.325077534;dc_pre=CMvJl6H8hfYCFQRCDQod0pkHjw;dc_trk_aid=517454269;dc_trk_cid=164133779;ord=3948357834;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
Request Chain 193
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHJQz7Yw81MXLW6aTJr0FN0&google_cver=1
Request Chain 194
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZQIWU27-X-84BV&sigv=1&esig=2~1b3c1f4c3fe81139eb35ef6c211342da2ceb3c65
Request Chain 195
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmQ5OWU0YjU2YmUzNDkyNmExMTQ0ZDMwNmVlN2NiODQ0NjNjOThkYw
Request Chain 196
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=9c31620d-d875-4700-8aaa-f4be4888411e&expires=28
Request Chain 198
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=Yg3YdAAG1RV6CABH
Request Chain 199
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/Y4frTM95XenQJUuhX7AoCA?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3123417347365743647
Request Chain 200
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pRSVdVMjctWC04NEJW
Request Chain 201
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 206
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 224
  • https://sb.scorecardresearch.com/c2/10276888/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js

246 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Redirect Chain
  • http://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
  • https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
621 KB
187 KB
Document
General
Full URL
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
8efbcfc1488414976756588dc8fb8abd48092a7135d3322a6c7b643689184305
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

date
Thu, 17 Feb 2022 05:09:07 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding user-agent
expires
Thu, 17 Feb 2022 05:14:06 GMT
cache-control
max-age=300
x-frame-options
SAMEORIGIN
x-pmd-backend
cheetah-nginx
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains

Redirect headers

Date
Thu, 17 Feb 2022 05:08:56 GMT
Content-Type
text/html
Content-Length
164
Connection
keep-alive
Location
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital
gpt.js
securepubads.g.doubleclick.net/tag/js/
81 KB
27 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
sffe /
Resource Hash
49c4ff5327d8a44e14ed42511af5b03abaabd68a0e0620b2fee7a05e40fe58c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 05:09:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27383
x-xss-protection
0
server
sffe
etag
"1134 / 303 of 1000 / last-modified: 1645068793"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 17 Feb 2022 05:09:07 GMT
apstag.js
c.amazon-adsystem.com/aax2/
134 KB
36 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.63.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-63-179.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
238a7b88a5b7237a3fde744d5b7a0d8deafbe118e52453771e9e1872cac1b41f

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
_sJxGhvCZeE1QDAzTxsPGF.D7a87Nyvk
content-encoding
gzip
etag
f1657332112584c2a291a2c0cf3f7f54
age
41493
x-cache
Hit from cloudfront
server
Server
x-amz-rid
0TFM074HJEMBPGQJZZGA
date
Wed, 16 Feb 2022 17:37:38 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 45abe1833dce03139cbfcdfadefbc17a.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
80IDaTx3LPNCH8DN5QqSiwgvh8d5Z8P77pKZEr-57NTDhu09ZXztiQ==
all.postmedia.js
hb.districtm.io/prod/100549/
36 KB
13 KB
Script
General
Full URL
https://hb.districtm.io/prod/100549/all.postmedia.js
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5f7c1c0cbec2c27d4165db4cd06b7780f477fc9161008bde67c7a9d62b223aa

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 05:09:07 GMT
via
1.1 3500217a9615be8281152e7c88016d27.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
2489
x-cache
Miss from cloudfront
cf-bgj
minify
content-encoding
br
last-modified
Thu, 10 Dec 2020 10:37:54 GMT
server
cloudflare
etag
W/"5f2e83162e71fb84bb30df8f49e91eee"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=43200
x-amz-cf-pop
YTO50-C3
cf-ray
6dec8070be523fdf-YYZ
x-amz-cf-id
oMLzit6jFwj77cuISbncmYKu6Otu__klaSHlOdizxtKrKjCVudcWUg==
expires
Thu, 17 Feb 2022 17:09:07 GMT
iasPET.1.js
cdn.adsafeprotected.com/
22 KB
7 KB
Script
General
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-78.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 11 Feb 2022 17:55:56 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Wed, 02 Jun 2021 17:38:57 GMT
Server
AmazonS3
Age
472392
ETag
W/"51636de3ce868a2172f9e6996c2934e0"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 45abe1833dce03139cbfcdfadefbc17a.cloudfront.net (CloudFront)
Cache-Control
max-age=604800
Transfer-Encoding
chunked
X-Amz-Cf-Pop
EWR53-P1
X-Amz-Cf-Id
0aMg4iFAvwdX3W6VSLkj8zA_UjeabzCozIvS1lC23TXLyJmKq9jlaw==
css
fonts.googleapis.com/
7 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aa8c4f5924fd06cbaf5c65fac729f0c3207d1f70534b07fc0915948c41b29d6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 17 Feb 2022 03:48:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 17 Feb 2022 05:09:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 17 Feb 2022 05:09:07 GMT
advertising.js
www.npttech.com/
7 KB
3 KB
Script
General
Full URL
https://www.npttech.com/advertising.js
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:3c3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 05:09:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2577
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
JNMEQGQ9NJ9E6X1S
x-amz-id-2
fxImh/8M8kos4PfArLZQ66EMsMP9XUBIudAFPFkNaHH9tQrUf3+tzsmbOphXS4daZ7ig6eUbrKc=
last-modified
Wed, 19 Jun 2019 08:25:01 GMT
server
cloudflare
etag
W/"3d6f80c860866175f58a84bbbc9217c6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zj6jtODq8f16E6jhSK4%2BdbDMM2tgIHMd0FcTsqtCuRV5OJudV22Jv623Vlv7Ev2Wgk6n3dj2hmGfq028RJ0ci0Mg7S0p5GmMbUcz1cvCgkKS1XpBHx6Dre538CvyXcl3A1U6s6QZXpjUBOeZTq4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=28800
x-amz-version-id
hXQWgdpwSBM26VgKOeTSlm.4VT89.h9w
cf-ray
6dec80712eefca5f-YUL
LoginRadiusV2.js
auth.lrcontent.com/v2/js/
199 KB
47 KB
Script
General
Full URL
https://auth.lrcontent.com/v2/js/LoginRadiusV2.js
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:48e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68a335c0d87dce935fee1811892070e78c514828d50bfe2ae21fde739ec1002c
Security Headers
Name Value
Strict-Transport-Security max-age= 63072000; includeSubdomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 05:09:07 GMT
via
1.1 c1c976b1b60b605adb44f62da9e0bb8a.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
age
6006
cf-polished
origSize=1238069
x-cache
Miss from cloudfront
content-encoding
gzip
last-modified
Mon, 13 Dec 2021 05:19:58 GMT
server
cloudflare
etag
W/"ae3463c4a59ae100b160ed4dd5dbf4b8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age= 63072000; includeSubdomains; preload
content-type
application/javascript
cache-control
max-age=14400
x-amz-cf-pop
EWR52-C3
cf-ray
6dec8070bda37139-YUL
x-amz-cf-id
UKx_SLTr25mJR9OxZ3Jl1iZpjZMyCaPjbVBPFMpyn7yVrNt_E6CAIg==
cf-bgj
minify
spm.v1.min.js
ak.sail-horizon.com/spm/
121 KB
43 KB
Script
General
Full URL
https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-89.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d06ae5e97e495832fc4526c3e93d7e9440f1faf5f77669b41678c9d564a25faf

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 04:59:35 GMT
content-encoding
gzip
last-modified
Tue, 08 Jun 2021 04:22:34 GMT
server
AmazonS3
age
572
etag
W/"b22b4f4738e8722be1636447be239da2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 45abe1833dce03139cbfcdfadefbc17a.cloudfront.net (CloudFront)
cache-control
max-age=600; must-revalidate
x-amz-cf-pop
EWR53-P1
x-amz-cf-id
CEekHa-b-SHUGQMOtEV5BJfz3kxDzbAMkvwwmE6QPCVDTEw3qYZmWw==
fem.js
fem.prod.postmedia.digital/v51.1/
259 KB
78 KB
Script
General
Full URL
https://fem.prod.postmedia.digital/v51.1/fem.js
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-36.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
79c381d0b010da04e31a1da615ecb7b142984a8fa33f080485a2c109ce064f15

Request headers

Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Origin
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 05:09:08 GMT
content-encoding
gzip
last-modified
Mon, 07 Feb 2022 18:52:49 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-P1
etag
W/"4cc3e49974273ce5cad6c7cb78d3c130"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31536000
x-cache
Miss from cloudfront
x-amz-cf-id
IuhcEH6sy-Pc3Y4UXhCE7iy6GxPezollXoxmBt4CSq7Lcblu44VdCQ==
via
1.1 3c5c6d0ac004d7cc9b79e2835fc1f6a4.cloudfront.net (CloudFront)
business-wire-logo.svg
gcp-bc-784-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/images/common/
11 KB
4 KB
Image
General
Full URL
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/images/common/business-wire-logo.svg
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
7fb15552a88b764ca42963e71136255cecf99c6bccc6fdc68fbe0f930a516cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Thu, 17 Feb 2022 05:09:07 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 16:21:23 GMT
etag
W/"620d2483-2b6a"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Sun, 12 Feb 2023 05:09:07 GMT
Newsfile-High-Res.png
smartcdn.prod.postmedia.digital/nexus/wp-content/uploads/2021/04/
13 KB
13 KB
Image
General
Full URL
https://smartcdn.prod.postmedia.digital/nexus/wp-content/uploads/2021/04/Newsfile-High-Res.png
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-25.ewr53.r.cloudfront.net
Software
nginx/1.19.10 /
Resource Hash
7720a0f40d088f144d749c07f075b8dfdc84afd25900a59045fe6c29d0fc5090

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nexus
date
Tue, 04 May 2021 23:36:37 GMT
via
1.1 11140291d542e546b40770525cf1e1b4.cloudfront.net (CloudFront)
server
nginx/1.19.10
age
24903150
etag
"58a1b532378c9a60bc8df47534dea7218beaf9a0"
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=31536000,public
x-amz-cf-pop
EWR53-P1
x-pmd-smart-cdn-proxy
da21880a3f69
content-length
13064
x-amz-cf-id
8fDhvZdoQk3zjQ33lB5wAXPNqaGexCnDX856y25YLGzrFlQiNhd6dg==
expires
Wed, 04 May 2022 23:36:37 GMT
globe-newswire.svg
gcp-bc-784-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/images/common/
14 KB
4 KB
Image
General
Full URL
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/images/common/globe-newswire.svg
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
ca157b8a9c98a19c0446a974ea642d13e3b3398f328d312fd474df9f63c45fe9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Thu, 17 Feb 2022 05:09:07 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 16:21:23 GMT
etag
W/"620d2483-3750"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Sun, 12 Feb 2023 05:09:07 GMT
icon-soc-fb.svg
gcp-bc-784-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/images/share-icons/
775 B
692 B
Image
General
Full URL
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/images/share-icons/icon-soc-fb.svg
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
40e562e806ce113ae7879d0dd76db82797b5c274794751c260381f2c8b283641
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Thu, 17 Feb 2022 05:09:07 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 16:21:23 GMT
etag
W/"620d2483-307"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Sun, 12 Feb 2023 05:09:07 GMT
icon-soc-tw.svg
gcp-bc-784-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/images/share-icons/
2 KB
1 KB
Image
General
Full URL
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/images/share-icons/icon-soc-tw.svg
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
975a64dc9bbc5e1884ba8ca2e76d9b2791d16d5c9f3619bf30477cd21a8636d2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Thu, 17 Feb 2022 05:09:07 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 16:21:23 GMT
etag
W/"620d2483-6a2"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Sun, 12 Feb 2023 05:09:07 GMT
shared.efbcf9736443.js
gcp-bc-784-ontariofarmer.gdev.postmedia.digital/9.5.0/CACHE/js/
24 KB
10 KB
Script
General
Full URL
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/9.5.0/CACHE/js/shared.efbcf9736443.js
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
efbcf9736443f6712f739180d23323034ad12e490a1aebeb54336e68957d0943
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Origin
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Thu, 17 Feb 2022 05:09:07 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 16:21:27 GMT
etag
W/"620d2487-5e1d"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Sun, 12 Feb 2023 05:09:07 GMT
main.34a66062ea7e.js
gcp-bc-784-ontariofarmer.gdev.postmedia.digital/9.5.0/CACHE/js/
95 KB
31 KB
Script
General
Full URL
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/9.5.0/CACHE/js/main.34a66062ea7e.js
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
34a66062ea7e90197e657b08409549b35fd639a2f5fd894a276f72c9f60053bd
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Origin
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Thu, 17 Feb 2022 05:09:07 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 16:21:27 GMT
etag
W/"620d2487-17dc8"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Sun, 12 Feb 2023 05:09:07 GMT
truncated
/
128 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
23d00276404c2322c5d3bb27f5e930b67f81bc964189b36b028ab1521a5929db

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 01:28:42 GMT
x-content-type-options
nosniff
age
531625
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 11 Feb 2023 01:28:42 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v24/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v24/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 19:35:46 GMT
x-content-type-options
nosniff
age
34401
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15660
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:19:40 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 16 Feb 2023 19:35:46 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 16:23:56 GMT
x-content-type-options
nosniff
age
132311
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 15 Feb 2023 16:23:56 GMT
xd.html
d395dw5zk780j2.cloudfront.net/v51.1/ Frame 856F
167 B
507 B
Document
General
Full URL
https://d395dw5zk780j2.cloudfront.net/v51.1/xd.html
Requested by
Host: fem.prod.postmedia.digital
URL: https://fem.prod.postmedia.digital/v51.1/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:be00:8:f216:eb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1aefec411441da454a39e812f8300125bfd117abc33f50f98c124419314da704

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/

Response headers

content-type
text/html
content-length
167
date
Mon, 07 Feb 2022 19:41:14 GMT
last-modified
Mon, 07 Feb 2022 18:52:49 GMT
etag
"1cb7c3921583ebfd6049b00de4ee73de"
cache-control
max-age=31536000
accept-ranges
bytes
server
AmazonS3
x-cache
Hit from cloudfront
via
1.1 e832d261a0bb86f8ba09ea0550c8e77e.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-P1
x-amz-cf-id
X_GGT6E-IIFtjdIDu33mHYqXMnVRPgGlo8grQUY2oo8g5u6njhrkOA==
age
811674
gtm.js
www.googletagmanager.com/
495 KB
110 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer
Requested by
Host: fem.prod.postmedia.digital
URL: https://fem.prod.postmedia.digital/v51.1/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2008 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2d4728a50c85f15c59630aa9eed0a333bed2826df78841417504901274d148ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 05:09:07 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112759
x-xss-protection
0
last-modified
Thu, 17 Feb 2022 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 17 Feb 2022 05:09:07 GMT
beacon.js
sb.scorecardresearch.com/
1 KB
1 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: fem.prod.postmedia.digital
URL: https://fem.prod.postmedia.digital/v51.1/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-125.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:51:03 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
55427
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 52b969a4ab7956a248b07efba57c92a4.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-P1
x-amz-cf-id
RbdB1t-PxhaD8Q_flHB3avt9z8vCcwh8_3ZdTxcRYLWLK8Ukq0Myyw==
mparticle.js
jssdkcdns.mparticle.com/js/v2/us1-a9588c0ddc27594cabd152e47ffe27ee/
184 KB
48 KB
Script
General
Full URL
https://jssdkcdns.mparticle.com/js/v2/us1-a9588c0ddc27594cabd152e47ffe27ee/mparticle.js
Requested by
Host: fem.prod.postmedia.digital
URL: https://fem.prod.postmedia.digital/v51.1/fem.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
f7914b4836b5815c4b3dcd79c44fa3390dedf00785d79f90dc7f6c6f38c947c5

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 05:09:07 GMT
via
1.1 varnish, 1.1 varnish
server
Kestrel
age
11
x-origin-name
fastlyshield--shield_ssl_cache_iad_kjyo7100059_IAD
x-served-by
cache-iad-kjyo7100059-IAD, cache-yul12829-YUL
vary
Accept, Accept-Encoding
x-cache
MISS, HIT
content-type
application/javascript
content-encoding
gzip
cache-control
public, max-age=3600
accept-ranges
bytes
x-timer
S1645074548.688735,VS0,VE1
content-length
48496
x-cache-hits
0, 1
uthtxmddg.js
cdn.krxd.net/controltag/
29 KB
7 KB
Script
General
Full URL
https://cdn.krxd.net/controltag/uthtxmddg.js
Requested by
Host: fem.prod.postmedia.digital
URL: https://fem.prod.postmedia.digital/v51.1/fem.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
76a237b880fbfc8ac655e91dcf5c9af3b44ccc506c69328409b4047d72519eea

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Thu, 17 Feb 2022 05:09:07 GMT
via
1.1 varnish, 1.1 varnish
age
1048
x-cache
MISS, HIT, HIT
x-app-cache
HIT
x-age
0
content-encoding
gzip
content-length
6471
x-served-by
config-service-a002-ash-prod.krxd.net, cache-iad-kiad7000022-IAD, cache-yul12833-YUL
x-response-time
1
x-do-esi
esi
x-timer
S1645074548.695601,VS0,VE0
etag
"8d8408c6b02eb41f93710c678ece74490c4f6485"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 1, 14
gtm.js
www.googletagmanager.com/
110 KB
34 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer
Requested by
Host: fem.prod.postmedia.digital
URL: https://fem.prod.postmedia.digital/v51.1/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2008 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ca503f7837f4130e64c59682e91077d01318cc1ed83ad43b5ffddf31ca8c5b0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 05:09:07 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34225
x-xss-protection
0
last-modified
Thu, 17 Feb 2022 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 17 Feb 2022 05:09:07 GMT
a556277d29cfe35510470.js
gcp-bc-784-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/
9 KB
4 KB
Script
General
Full URL
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/a556277d29cfe35510470.js
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/9.5.0/CACHE/js/shared.efbcf9736443.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
64877850f9e838b0e76c3cf59b45760f44598fae0a8d2b14ba491b682c0ad92e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Thu, 17 Feb 2022 05:09:07 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 16:19:49 GMT
etag
W/"620d2425-24d6"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Sun, 12 Feb 2023 05:09:07 GMT
b47e59e4ac72deb523a01.js
gcp-bc-784-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/
20 KB
6 KB
Script
General
Full URL
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/b47e59e4ac72deb523a01.js
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/9.5.0/CACHE/js/shared.efbcf9736443.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
6f33bb6fb3ab3ed9893e8cf1ad0bda09b99a535be0a54c7a8f1dd1c3a688c4ee
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Thu, 17 Feb 2022 05:09:07 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 16:19:49 GMT
etag
W/"620d2425-4f04"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Sun, 12 Feb 2023 05:09:07 GMT
2f6dcc6ecbc4a629d0c58.js
gcp-bc-784-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/
12 KB
4 KB
Script
General
Full URL
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/2f6dcc6ecbc4a629d0c58.js
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/9.5.0/CACHE/js/shared.efbcf9736443.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
28ebe438c9cebbf8b49baf284b7c0624f1a1e52c823572afe5dba64d858ebb09
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Thu, 17 Feb 2022 05:09:07 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 16:19:49 GMT
etag
W/"620d2425-2ea9"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Sun, 12 Feb 2023 05:09:07 GMT
319134f8edfeb15b070c18.js
gcp-bc-784-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/
12 KB
4 KB
Script
General
Full URL
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/319134f8edfeb15b070c18.js
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/9.5.0/CACHE/js/shared.efbcf9736443.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
a1f4086973dc8059c20b2a680c1e4cfae4069ff3a4a063a297bbcd9281115dab
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Thu, 17 Feb 2022 05:09:07 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 16:19:49 GMT
etag
W/"620d2425-2e3e"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Sun, 12 Feb 2023 05:09:07 GMT
a31b63a7db010a13439a4.js
gcp-bc-784-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/
8 KB
3 KB
Script
General
Full URL
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/a31b63a7db010a13439a4.js
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/9.5.0/CACHE/js/shared.efbcf9736443.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
dea759394a532f5d3ca25e8697fd2077dac60131e9eb3bd1ab3d6aee3a86ec47
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Thu, 17 Feb 2022 05:09:07 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 16:19:49 GMT
etag
W/"620d2425-1eaa"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Sun, 12 Feb 2023 05:09:07 GMT
44d6844c95c62adce80b7.js
gcp-bc-784-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/
19 KB
6 KB
Script
General
Full URL
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/44d6844c95c62adce80b7.js
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/9.5.0/CACHE/js/shared.efbcf9736443.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
5122c98605367c14582885aacdfd443bc832001303f137203ca6ceddc96ceb94
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Thu, 17 Feb 2022 05:09:07 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 16:19:49 GMT
etag
W/"620d2425-4ddf"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Sun, 12 Feb 2023 05:09:07 GMT
e44c3917b5779afbe5a513.js
gcp-bc-784-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/
50 KB
14 KB
Script
General
Full URL
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/e44c3917b5779afbe5a513.js
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/9.5.0/CACHE/js/shared.efbcf9736443.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
a2999aa2aff07ed8528366d8ef153a35afd7d792a746bd0347496a28f3ceaf38
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Thu, 17 Feb 2022 05:09:07 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 16:19:49 GMT
etag
W/"620d2425-c868"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Sun, 12 Feb 2023 05:09:07 GMT
ebada5baf015643cf58b15.js
gcp-bc-784-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/
7 KB
3 KB
Script
General
Full URL
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/ebada5baf015643cf58b15.js
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/9.5.0/CACHE/js/shared.efbcf9736443.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
0a055b94dddc24c4d91c386d3eb855fc8eb2e973346a021eafb4e625398b60da
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Thu, 17 Feb 2022 05:09:07 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 16:19:49 GMT
etag
W/"620d2425-1a84"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Sun, 12 Feb 2023 05:09:07 GMT
3b3f819d1ffe0e05145e10.js
gcp-bc-784-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/
11 KB
4 KB
Script
General
Full URL
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/3b3f819d1ffe0e05145e10.js
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/9.5.0/CACHE/js/shared.efbcf9736443.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
9008ac843d4735e349bdde45c352caeb6d5c1517622730fa602d6b56cf5e4b3a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Thu, 17 Feb 2022 05:09:07 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 16:19:49 GMT
etag
W/"620d2425-2ab4"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Sun, 12 Feb 2023 05:09:07 GMT
ddbb15d55d3fae80804b28.js
gcp-bc-784-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/
10 KB
3 KB
Script
General
Full URL
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/ddbb15d55d3fae80804b28.js
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/9.5.0/CACHE/js/shared.efbcf9736443.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
caac5c71c9d790e8cd32ed97b5a978c08c5543b7f25ace068aa767d1f4987488
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Thu, 17 Feb 2022 05:09:07 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 16:19:49 GMT
etag
W/"620d2425-27b8"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Sun, 12 Feb 2023 05:09:07 GMT
pubads_impl_2022021401.js
securepubads.g.doubleclick.net/gpt/
360 KB
121 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
sffe /
Resource Hash
8e2dcb9912e96ad6472e010d4e66d67c647dfc385f09d652c1ff8d4d752baf14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 04:31:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2249
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123280
x-xss-protection
0
last-modified
Mon, 14 Feb 2022 09:43:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 17 Feb 2023 04:31:38 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
126 B
138 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=gcp-bc-784-ontariofarmer.gdev.postmedia.digital
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
403147f6e8ff70cb72ddd13b981b9368f0264f5dc5c79f93bea6407d593967bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Feb 2022 05:09:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
expires
Thu, 17 Feb 2022 05:09:07 GMT
config
c.amazon-adsystem.com/cdn/prod/
0
325 B
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3528&u=https%3A%2F%2Fgcp-bc-784-ontariofarmer.gdev.postmedia.digital
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.63.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-63-179.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 05:09:07 GMT
via
1.1 45abe1833dce03139cbfcdfadefbc17a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR53-P1
x-cache
Miss from cloudfront
access-control-allow-origin
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
LO7s1s1LTV7KB9MElkApO99sskk7TxZTbk5TR0PcirQhhYPsE2bk4Q==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.63.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-63-179.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 05:09:08 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
x-amz-cf-pop
EWR53-P1
x-cache
Miss from cloudfront
access-control-allow-origin
*
last-modified
Fri, 21 Jan 2022 02:54:57 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
eaU6ir6qmGswM2SGRmLi7PKhBcBrRdvn
via
1.1 4b6e1bc9480bffb0b8980e408fffa59e.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
content-type
application/javascript
x-amz-cf-id
puoD7gKur77HNOY9Jjv-K2zEPg6n7UfRfnyKclPwTtN0ftPHw1gqDA==
pub
pixel.adsafeprotected.com/services/
2 KB
2 KB
XHR
General
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=928934&slot=%7Bid:ad-1,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENCO_MAGOnFarmer_EN_WEB/index,t:display%7D&slot=%7Bid:ad-2,ss:%5B6.6,1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENCO_MAGOnFarmer_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-1,ss:%5B5.5%5D,p:/3081/SMCO_ENCO_MAGOnFarmer_EN_WEB/index,t:display%7D&slot=%7Bid:ad-3,ss:%5B7.7,1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENCO_MAGOnFarmer_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-2,ss:%5B5.5%5D,p:/3081/SMCO_ENCO_MAGOnFarmer_EN_WEB/index,t:display%7D&slot=%7Bid:ad-4,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENCO_MAGOnFarmer_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-3,ss:%5B5.5%5D,p:/3081/SMCO_ENCO_MAGOnFarmer_EN_WEB/index,t:display%7D&slot=%7Bid:ad-5,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENCO_MAGOnFarmer_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-4,ss:%5B5.5%5D,p:/3081/SMCO_ENCO_MAGOnFarmer_EN_WEB/index,t:display%7D&slot=%7Bid:ad-6,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENCO_MAGOnFarmer_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-5,ss:%5B5.5%5D,p:/3081/SMCO_ENCO_MAGOnFarmer_EN_WEB/index,t:display%7D&slot=%7Bid:ad-7,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENCO_MAGOnFarmer_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-6,ss:%5B5.5%5D,p:/3081/SMCO_ENCO_MAGOnFarmer_EN_WEB/index,t:display%7D&slot=%7Bid:ad-8,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENCO_MAGOnFarmer_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-7,ss:%5B5.5%5D,p:/3081/SMCO_ENCO_MAGOnFarmer_EN_WEB/index,t:display%7D&slot=%7Bid:ad-9,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENCO_MAGOnFarmer_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-8,ss:%5B5.5%5D,p:/3081/SMCO_ENCO_MAGOnFarmer_EN_WEB/index,t:display%7D&slot=%7Bid:ad-10,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENCO_MAGOnFarmer_EN_WEB/index,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=676db6ea-802a-469f-0596-f7ba157e5a0b&url=https%253A%252F%252Fgcp-bc-784-ontariofarmer.gdev.postmedia.digital%252F
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.87.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-87-232.compute-1.amazonaws.com
Software
nginx /
Resource Hash
99ae2ba5123f8c557e29bc5d5e5ebe1f737e315b5a90e5c8af77b61ff24e2fa2

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 05:09:07 GMT
x-server-name
app21.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
server
nginx
CD_Bake-it-Foward-Truck-e1639757520670.jpg
smartcdn.prod.postmedia.digital/nexus/wp-content/uploads/2021/12/
31 KB
32 KB
Image
General
Full URL
https://smartcdn.prod.postmedia.digital/nexus/wp-content/uploads/2021/12/CD_Bake-it-Foward-Truck-e1639757520670.jpg?quality=90&strip=all&w=344&type=webp
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-25.ewr53.r.cloudfront.net
Software
nginx/1.19.10 /
Resource Hash
5853621d02d975fba45c91907a09fec43c635c608a30f31ecd9b85342693b41d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nexus
date
Sun, 13 Feb 2022 01:32:07 GMT
via
1.1 11140291d542e546b40770525cf1e1b4.cloudfront.net (CloudFront)
server
nginx/1.19.10
age
358620
etag
"ad4eb5e4458105b8a5460e49803224b75633b8a0"
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=31536000,public
x-amz-cf-pop
EWR53-P1
x-pmd-smart-cdn-proxy
b5be47d68c91
content-length
32210
x-amz-cf-id
paJoueQ-CGBJbiI5cpVm-tksIsftQvQ--lYv3bdtuT5jUtIo3iaISA==
expires
Mon, 13 Feb 2023 01:32:07 GMT
wild-boars-e1637260632118.jpg
smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2021/11/
16 KB
16 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2021/11/wild-boars-e1637260632118.jpg?quality=90&strip=all&w=344&type=webp
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
c6d4675d324e5b40ed5fe0f15dfc55855a7d6389232ce7c981062d99b80d366c

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nexus
date
Wed, 16 Feb 2022 16:57:39 GMT
via
1.1 google
server
nginx/1.19.10
cache-control
max-age=2592000,public
age
43888
etag
"7a09af2688eda187779b301412175145979f59a9"
vary
Accept
content-type
image/webp
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-64c799cd7-85q8c
alt-svc
clear
content-length
16430
Peggy-Brekveld-President-e1637684271190.jpg
smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2021/11/
35 KB
35 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2021/11/Peggy-Brekveld-President-e1637684271190.jpg?quality=90&strip=all&w=344&type=webp
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
42cb48fcecb9f09d629e736d1ca8a7eb9c37c8e493b140d071fa92396897b333

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nexus
date
Wed, 16 Feb 2022 16:57:39 GMT
via
1.1 google
server
nginx/1.19.10
cache-control
max-age=2592000,public
age
43888
etag
"9427ccddca2fc4413cf31e61819ef57d3a7733a0"
vary
Accept
content-type
image/webp
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-64c799cd7-85q8c
alt-svc
clear
content-length
35688
ca.0402-dn-migrants.dn_.jpg
smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2021/10/
28 KB
29 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2021/10/ca.0402-dn-migrants.dn_.jpg?quality=90&strip=all&w=344&type=webp
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
39874e19af66fa05a8e943e773c81187cb7437bb3cb0076df6defb9381d32911

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nexus
date
Wed, 16 Feb 2022 16:57:39 GMT
via
1.1 google
server
nginx/1.19.10
cache-control
max-age=2592000,public
age
43888
etag
"0f76a31c5e5eab3492b396502a69587e7ce4fc0b"
vary
Accept
content-type
image/webp
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-64c799cd7-4zpbt
alt-svc
clear
content-length
29074
wild-boars-e1637260632118.jpg
smartcdn.prod.postmedia.digital/nexus/wp-content/uploads/2021/11/
16 KB
16 KB
Image
General
Full URL
https://smartcdn.prod.postmedia.digital/nexus/wp-content/uploads/2021/11/wild-boars-e1637260632118.jpg?quality=90&strip=all&w=344&type=webp
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-25.ewr53.r.cloudfront.net
Software
nginx/1.19.10 /
Resource Hash
c6d4675d324e5b40ed5fe0f15dfc55855a7d6389232ce7c981062d99b80d366c

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nexus
date
Sun, 13 Feb 2022 01:32:07 GMT
via
1.1 11140291d542e546b40770525cf1e1b4.cloudfront.net (CloudFront)
server
nginx/1.19.10
age
358620
etag
"7a09af2688eda187779b301412175145979f59a9"
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=31536000,public
x-amz-cf-pop
EWR53-P1
x-pmd-smart-cdn-proxy
7f80d7c13d9a
content-length
16430
x-amz-cf-id
jFjts9-VYfX3EjS-VTvaxhRD9ALnepP7-QiFucvCAF7NHx1OCrqQVg==
expires
Mon, 13 Feb 2023 01:32:07 GMT
John-Hambly-and-Senator-Robert-Black-e1638401412154.jpg
smartcdn.prod.postmedia.digital/nexus/wp-content/uploads/2021/12/
23 KB
23 KB
Image
General
Full URL
https://smartcdn.prod.postmedia.digital/nexus/wp-content/uploads/2021/12/John-Hambly-and-Senator-Robert-Black-e1638401412154.jpg?quality=90&strip=all&w=344&type=webp
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-25.ewr53.r.cloudfront.net
Software
nginx/1.19.10 /
Resource Hash
166b32472bd35ab18cf94e37efd5055f293406d30ffac183474318140b45ebf2

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nexus
date
Sun, 13 Feb 2022 01:32:07 GMT
via
1.1 11140291d542e546b40770525cf1e1b4.cloudfront.net (CloudFront)
server
nginx/1.19.10
age
358620
etag
"147c41b1ed8f81ee472e83e273ada9d134e9c4a1"
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=31536000,public
x-amz-cf-pop
EWR53-P1
x-pmd-smart-cdn-proxy
f57c70a41ad7
content-length
23408
x-amz-cf-id
7NENLHhzO_9bXc8R2ouYAsn-xwVpBeR6G4MZBFOVTwXxnIn6wuUQWw==
expires
Mon, 13 Feb 2023 01:32:07 GMT
pg.1125-pg-shawn.jpg
smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2021/11/
43 KB
43 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2021/11/pg.1125-pg-shawn.jpg?quality=90&strip=all&w=344&type=webp
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
c4cf4079ec71eea0051719d77dad827e876accf52dff47dbb7822f06d628fed4

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nexus
date
Tue, 15 Feb 2022 15:26:38 GMT
via
1.1 google
server
nginx/1.19.10
cache-control
max-age=2592000,public
age
135749
etag
"2ce9a641b071a9f7a6680503aeb6e5dac9bddd85"
vary
Accept
content-type
image/webp
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-64c799cd7-plgxw
alt-svc
clear
content-length
43806
0525_na_farmers_1-scaled-e1605745495325.jpg
smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2021/04/
17 KB
17 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2021/04/0525_na_farmers_1-scaled-e1605745495325.jpg?quality=90&strip=all&w=344&type=webp
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
5702be858374d0c1b9cfa6164335204df766faceb85311b0311cc81b77041708

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nexus
date
Tue, 15 Feb 2022 15:26:37 GMT
via
1.1 google
server
nginx/1.19.10
cache-control
max-age=2592000,public
age
135750
etag
"7391dc2d7e0f6c688ac932b148865f9d0a7131bb"
vary
Accept
content-type
image/webp
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-64c799cd7-nc9ch
alt-svc
clear
content-length
17506
potato-wart.png
smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2021/11/
15 KB
15 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2021/11/potato-wart.png?quality=90&strip=all&w=344&type=webp
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
5e2aab555cbfbe4f398bc031f658fd37c078428446a48154a9e9301fe01b72d9

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nexus
date
Tue, 15 Feb 2022 15:26:37 GMT
via
1.1 google
server
nginx/1.19.10
cache-control
max-age=2592000,public
age
135750
etag
"3ed5c9b1efe187888cedb87f003fb971133fddab"
vary
Accept
content-type
image/webp
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-64c799cd7-nc9ch
alt-svc
clear
content-length
15746
same-three-crops-e1637087061815.jpg
smartcdn.prod.postmedia.digital/nexus/wp-content/uploads/2021/11/
47 KB
48 KB
Image
General
Full URL
https://smartcdn.prod.postmedia.digital/nexus/wp-content/uploads/2021/11/same-three-crops-e1637087061815.jpg?quality=90&strip=all&w=344&type=webp
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-25.ewr53.r.cloudfront.net
Software
nginx/1.19.10 /
Resource Hash
2987df61c80f5e13507666bcb5e2805b7c766a6e3e4f664d4bd557848839e60c

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nexus
date
Sun, 13 Feb 2022 01:32:07 GMT
via
1.1 11140291d542e546b40770525cf1e1b4.cloudfront.net (CloudFront)
server
nginx/1.19.10
age
358620
etag
"8e64c1dd4cdac9fa97cfc843c6037477648f4b10"
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=31536000,public
x-amz-cf-pop
EWR53-P1
x-pmd-smart-cdn-proxy
2cace11a199b
content-length
48502
x-amz-cf-id
FwQyN3qvCN1FJ4U86RxsCVzRg45RX8I1c0heimAidGOMiGnqIJ5neA==
expires
Mon, 13 Feb 2023 01:32:07 GMT
index.html
cdn.districtm.io/ids/ Frame 6B3A
116 B
298 B
Document
General
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: hb.districtm.io
URL: https://hb.districtm.io/prod/100549/all.postmedia.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/

Response headers

date
Thu, 17 Feb 2022 05:09:07 GMT
content-type
text/html
cf-ray
6dec8073bad63fdf-YYZ
age
61252
last-modified
Thu, 20 May 2021 02:18:27 GMT
via
1.1 9fa1ea4b10eec46f816675074f76e46c.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-cf-id
VMBV3vwUXMgfv0lGwYyU4MNnNr4JjA0pOp2pQPKJMuEWOgUStFWQYQ==
x-amz-cf-pop
YTO50-C3
x-cache
Hit from cloudfront
vary
Accept-Encoding
server
cloudflare
content-encoding
br
v1
dmx.districtm.io/b/
0
38 B
XHR
General
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: hb.districtm.io
URL: https://hb.districtm.io/prod/100549/all.postmedia.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 17 Feb 2022 05:09:07 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6dec8073caf73fdf-YYZ
access-control-allow-headers
origin, content-type
v1
dmx.districtm.io/b/
0
227 B
XHR
General
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: hb.districtm.io
URL: https://hb.districtm.io/prod/100549/all.postmedia.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 17 Feb 2022 05:09:07 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6dec8073caf23fdf-YYZ
access-control-allow-headers
origin, content-type
xd.js
d395dw5zk780j2.cloudfront.net/v51.1/ Frame 856F
36 KB
12 KB
Script
General
Full URL
https://d395dw5zk780j2.cloudfront.net/v51.1/xd.js
Requested by
Host: d395dw5zk780j2.cloudfront.net
URL: https://d395dw5zk780j2.cloudfront.net/v51.1/xd.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:be00:8:f216:eb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d984a247beba5abcd72a6b6dd131ae1767b6d0cc76ad1223b33e8e3d5a7e05c0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://d395dw5zk780j2.cloudfront.net/v51.1/xd.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 19:41:14 GMT
content-encoding
gzip
last-modified
Mon, 07 Feb 2022 18:52:49 GMT
server
AmazonS3
age
811674
etag
W/"269a198fcd379487531b391a8641fd8a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 e832d261a0bb86f8ba09ea0550c8e77e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-P1
x-amz-cf-id
BeilEEj1IgwUr19wCTc0a4JQf9ANbmBswD6e0XFB-eKc4exqzy6wjA==
controltag.js.a1705c5ac5f06cf0c202ff70908fc042
cdn.krxd.net/ctjs/
259 KB
83 KB
Script
General
Full URL
https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/uthtxmddg.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Thu, 17 Feb 2022 05:09:07 GMT
content-encoding
gzip
age
17167857
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
2030313
content-length
84509
x-served-by
cache-yul12833-YUL
last-modified
Mon, 02 Aug 2021 12:06:17 GMT
x-timer
S1645074548.814050,VS0,VE0
etag
"a1705c5ac5f06cf0c202ff70908fc042"
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Thu, 31 Jul 2031 12:06:16 GMT
identify
identity.mparticle.com/v1/ Frame
0
0
Preflight
General
Full URL
https://identity.mparticle.com/v1/identify
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-mp-key
Origin
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Kestrel
access-control-allow-headers
content-type,x-mp-key
access-control-allow-methods
POST
access-control-allow-origin
*
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
accept-ranges
bytes
date
Thu, 17 Feb 2022 05:09:07 GMT
via
1.1 varnish
age
2852
x-served-by
cache-yul12833-YUL
x-cache
HIT
x-cache-hits
1079
x-timer
S1645074548.894035,VS0,VE0
strict-transport-security
max-age=900
identify
identity.mparticle.com/v1/
175 B
301 B
XHR
General
Full URL
https://identity.mparticle.com/v1/identify
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-a9588c0ddc27594cabd152e47ffe27ee/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
50b7afc0a14aba39876bc56a16ce26a3275dd27f93f5bd2029f4e06f07ce63b5
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

x-mp-key
us1-a9588c0ddc27594cabd152e47ffe27ee
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 17 Feb 2022 05:09:08 GMT
content-encoding
gzip
server
Kestrel
x-timer
S1645074548.906537,VS0,VE101
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by
cache-yul12833-YUL
vary
Accept-Encoding
x-cache
MISS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
strict-transport-security
max-age=900
accept-ranges
bytes
via
1.1 varnish
x-cache-hits
0
conversion_async.js
www.googleadservices.com/pagead/
39 KB
15 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
cae0ae2d67aac89367108586ebd25e00afc5d0f8110e6eb71b8d274037f7a5d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 05:09:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14884
x-xss-protection
0
server
cafe
etag
16747055602125368176
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 17 Feb 2022 05:09:08 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/
1008 B
794 B
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:82d0 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ef1c55f2165c2e95a1f17def4a8d5e1169931e223eab40857dbe186295cc02db

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 17 Feb 2022 05:09:08 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Feb 2022 23:52:13 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=75555
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
481
fbevents.js
connect.facebook.net/en_US/
99 KB
26 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
26236
x-xss-protection
0
pragma
public
x-fb-debug
KLFr1w128K39hxBZY+xSkzlibIksMQEXn1JoEYcJeZgoGafOoUm973Mb2TarkEARzwpZ8Lh9x8nqcbe9onc7Kw==
x-fb-trip-id
1512268381
x-frame-options
DENY
date
Thu, 17 Feb 2022 05:09:08 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
uwt.js
static.ads-twitter.com/
14 KB
6 KB
Script
General
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.28.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 05:09:08 GMT
content-encoding
gzip
last-modified
Sat, 05 Feb 2022 00:34:56 GMT
etag
"8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache
x-cache
HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
5410
x-served-by
cache-iad-kiad7000046-IAD
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=10276888&ns__t=1645074547950&ns_c=UTF-8&c8=Home%20%7C%20Ontario%20Farmer&c7=https%3A%2F%2Fgcp-bc-784-ontariofarmer.gdev.postmedia.digital%2F&c9=
  • https://sb.scorecardresearch.com/b2?c1=2&c2=10276888&ns__t=1645074547950&ns_c=UTF-8&c8=Home%20%7C%20Ontario%20Farmer&c7=https%3A%2F%2Fgcp-bc-784-ontariofarmer.gdev.postmedia.digital%2F&c9=
0
224 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=10276888&ns__t=1645074547950&ns_c=UTF-8&c8=Home%20%7C%20Ontario%20Farmer&c7=https%3A%2F%2Fgcp-bc-784-ontariofarmer.gdev.postmedia.digital%2F&c9=
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Server
52.85.61.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-125.ewr53.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 05:09:08 GMT
via
1.1 52b969a4ab7956a248b07efba57c92a4.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-P1
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
Rc3r0UWUcVR5gXqO7gpIXAVCagyycO5_kaoiazjJ22XUuZGyxDDV-w==
x-cache
Miss from cloudfront

Redirect headers

date
Thu, 17 Feb 2022 05:09:07 GMT
via
1.1 52b969a4ab7956a248b07efba57c92a4.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-P1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=10276888&ns__t=1645074547950&ns_c=UTF-8&c8=Home%20%7C%20Ontario%20Farmer&c7=https%3A%2F%2Fgcp-bc-784-ontariofarmer.gdev.postmedia.digital%2F&c9=
content-length
210
x-amz-cf-id
xNILLFHp5ekOawtrAdPoWR4BPSzpecZXIB5dL52IOLJ5yAbWX3s6Gw==
gtm.js
www.googletagmanager.com/
172 KB
55 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2008 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
193df62226a16ad5206b693f10102b34e6a9903870d0c5c410afa359676d5fe7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 05:09:08 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55905
x-xss-protection
0
last-modified
Thu, 17 Feb 2022 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 17 Feb 2022 05:09:08 GMT
bid
c.amazon-adsystem.com/e/dtb/
194 B
686 B
XHR
General
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3528&u=https%3A%2F%2Fgcp-bc-784-ontariofarmer.gdev.postmedia.digital%2F&pid=5eDKHAQpXfNLY&cb=0&ws=1600x1200&v=7.73.0&t=2000&slots=%5B%7B%22sd%22%3A%22ad-1%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-2%22%2C%22s%22%3A%5B%226x6%22%2C%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-1%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-3%22%2C%22s%22%3A%5B%227x7%22%2C%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-2%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-4%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-3%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-5%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-4%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-6%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-5%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-7%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-6%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-8%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-7%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-9%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-8%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-10%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.63.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-63-179.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
61a9435112cb68acc5f8da27798416ac4082a71a8ee5d392fb39c30185e4bc73
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 05:09:08 GMT
via
1.1 45abe1833dce03139cbfcdfadefbc17a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR53-P1
x-amz-rid
ZDMM2Y50PKYK3VMJH1F2
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
194
x-amz-cf-id
cga6dgzErmohmcDLskKrl5z5sUDK0GAK3mXSyBHFSUGIJ4RYdDI3IA==
/
gcp-bc-784-ontariofarmer.gdev.postmedia.digital/api-root/weather/current_conditions/ON/London/
697 B
585 B
Fetch
General
Full URL
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/api-root/weather/current_conditions/ON/London/?format=html
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/b47e59e4ac72deb523a01.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
96942ab7078231c4baad7cf6bdeb5e8006a53fcbffd96563df1bf0e7165895f1
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 05:09:08 GMT
content-encoding
gzip
vary
Accept-Encoding, Accept, Cookie, Origin
x-frame-options
SAMEORIGIN
x-pmd-backend
cheetah-nginx
allow
GET
content-type
text/html; charset=utf-8
cache-control
max-age=60
strict-transport-security
max-age=15724800; includeSubDomains
expires
Thu, 17 Feb 2022 05:10:08 GMT
idsync.d5cb6b96.js
cdn.districtm.io/ids/ Frame 6B3A
3 KB
2 KB
Script
General
Full URL
https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/ids/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 05:09:08 GMT
via
1.1 a20436c6d109fe9002d093f519ad4399.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
95593
cf-polished
origSize=3302
x-cache
Hit from cloudfront
cf-bgj
minify
content-encoding
br
last-modified
Thu, 20 May 2021 02:18:27 GMT
server
cloudflare
etag
W/"74ede07ef946dc2316f86b2661cf2dd3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=172800
x-amz-cf-pop
IAD89-C2
cf-ray
6dec80759dfd3fdf-YYZ
x-amz-cf-id
1eRSpWhdVAkBadFJp4F5rFN7MnzWD6LrYuBkp7TuCOeRux1TRVDlcg==
expires
Sat, 19 Feb 2022 05:09:08 GMT
simple
api.sail-personalize.com/v1/personalize/
256 B
474 B
Fetch
General
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Requested by
Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash
b3609f82056620247e1a5cdec4c8f6ace1472ebf1d38921a7109419182a81342

Request headers

x-lib-version
v1.0.1
Accept-Language
en-CA,en;q=0.9
authorization
Bearer b9d3df2fccd108b5eff3c44f573b2cd6
content-type
application/json
accept
application/json
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
x-referring-url
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/

Response headers

pragma
no-cache
date
Thu, 17 Feb 2022 05:09:08 GMT
content-encoding
gzip
allowedorigins
*
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
allowedheaders
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length
173
allowedmethods
GET,OPTIONS
expires
-1
simple
api.sail-personalize.com/v1/personalize/ Frame
0
0
Preflight
General
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-lib-version,x-referring-url
Origin
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 17 Feb 2022 05:09:08 GMT
content-type
text/plain
content-length
18
access-control-allow-origin
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
OPTIONS,GET,POST,PUT,DELETE
access-control-allow-headers
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
allow
HEAD,GET,OPTIONS
proxy.3d2100fd7107262ecb55ce6847f01fa5.html
cdn.krxd.net/partnerjs/xdi/ Frame ECC1
805 B
850 B
Document
General
Full URL
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/

Response headers

last-modified
Tue, 21 Feb 2017 17:50:54 GMT
etag
"3d2100fd7107262ecb55ce6847f01fa5"
cache-control
public, max-age=315360000
expires
Fri, 19 Feb 2027 17:50:50 GMT
content-type
text/html
x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
content-encoding
gzip
accept-ranges
bytes
date
Thu, 17 Feb 2022 05:09:08 GMT
via
1.1 varnish
age
21925068
x-served-by
cache-yul12833-YUL
x-cache
HIT
x-cache-hits
703762
x-timer
S1645074548.181851,VS0,VE0
vary
Accept-Encoding
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length
525
identify
identity.mparticle.com/v1/ Frame
0
0
Preflight
General
Full URL
https://identity.mparticle.com/v1/identify
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-mp-key
Origin
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Kestrel
access-control-allow-headers
content-type,x-mp-key
access-control-allow-methods
POST
access-control-allow-origin
*
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
accept-ranges
bytes
date
Thu, 17 Feb 2022 05:09:08 GMT
via
1.1 varnish
age
2853
x-served-by
cache-yul12833-YUL
x-cache
HIT
x-cache-hits
1080
x-timer
S1645074548.205019,VS0,VE0
strict-transport-security
max-age=900
identify
identity.mparticle.com/v1/
175 B
228 B
XHR
General
Full URL
https://identity.mparticle.com/v1/identify
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-a9588c0ddc27594cabd152e47ffe27ee/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
a75375b415c59fa891ac5f780e4ee7c991fc82002d14d4dcaac9ec1a09879a1c
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

x-mp-key
us1-a9588c0ddc27594cabd152e47ffe27ee
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 17 Feb 2022 05:09:08 GMT
content-encoding
gzip
server
Kestrel
x-timer
S1645074548.217714,VS0,VE37
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by
cache-yul12833-YUL
vary
Accept-Encoding
x-cache
MISS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
strict-transport-security
max-age=900
accept-ranges
bytes
via
1.1 varnish
x-cache-hits
0
1685973801652415
connect.facebook.net/signals/config/
310 KB
88 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1685973801652415?v=2.9.52&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
713336e852532c9e78a01d388b48b16827c7d2c5721f1cbe85b6bfbff1d420a5
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
90181
x-xss-protection
0
pragma
public
x-fb-debug
aJRzo13tFtXyr+wXcH6wZzYD9fMsXcokUkOAOu0+MS0WEXK7nWECWv6RzfoLojxhvmGmGYWq1YNequl79rqHng==
x-frame-options
DENY
date
Thu, 17 Feb 2022 05:09:08 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
insight.beta.min.js
snap.licdn.com/li.lms-analytics/
5 KB
2 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:82d0 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9081938d5c9644dacf6668cb6c1283d208fb92b487b159235a0d92fd0a4f6379

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 17 Feb 2022 05:09:08 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Feb 2022 23:52:14 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=67560
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2214
buyers
dmx.districtm.io/s/v1/ Frame 6B3A
570 B
770 B
XHR
General
Full URL
https://dmx.districtm.io/s/v1/buyers
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c3ca2ca92d0d072a7c58a0e114b4861de9b5205c473cc08b528d2cebc277462
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 05:09:08 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
DELETE, GET, OPTIONS, POST
content-type
application/json
access-control-allow-origin
https://cdn.districtm.io
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6dec80767f463fdf-YYZ
access-control-allow-headers
Origin, Content-Type
42fb57ac-2013-45a6-8dad-332d53e17c1b
consumer.krxd.net/consent/get/
239 B
431 B
Script
General
Full URL
https://consumer.krxd.net/consent/get/42fb57ac-2013-45a6-8dad-332d53e17c1b?idt=device&dt=kxcookie&callback=Krux.ns.postmedia.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8ddf9e8fa96d1bbbeaf292ca94fc082dde61e4a6be90c87f8b2609fd88edbd4d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 05:09:08 GMT
via
1.1 varnish
age
11
x-served-by
consumer-a018-ash-prod.krxd.net, cache-yul12824-YUL
vary
Accept-Encoding
x-cache
MISS, HIT
content-type
text/javascript; charset=UTF-8
content-encoding
gzip
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1645074548.291012,VS0,VE0
content-length
193
x-cache-hits
0, 1
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/990309138/
2 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/990309138/?random=1645074548254&cv=9&fst=1645074548254&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg2g0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgcp-bc-784-ontariofarmer.gdev.postmedia.digital%2F&tiba=Home%20%7C%20Ontario%20Farmer&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65811bd28071b33e3eda6e02b9b90e21b6b6e6b57fcee69f2701b7509f4ef195
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Feb 2022 05:09:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1033
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/580448699/
2 KB
1 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion/580448699/?random=1645074548259&cv=9&fst=1645074548259&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg2g0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgcp-bc-784-ontariofarmer.gdev.postmedia.digital%2F&tiba=Home%20%7C%20Ontario%20Farmer&auid=108795257.1645074548&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
e7ce5ff2da8ec685246c4d7d09d61edb0dda2105bbe426e27fff352b6fd10177
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Feb 2022 05:09:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1238
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsct
analytics.twitter.com/i/
31 B
458 B
Script
General
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o01de&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=c9ed7d41-e1c6-4048-b65a-030fa4f17302&tw_document_href=https%3A%2F%2Fgcp-bc-784-ontariofarmer.gdev.postmedia.digital%2F&tpx_cb=twttr.conversion.loadPixels
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-response-time
6
date
Thu, 17 Feb 2022 05:09:07 GMT
content-encoding
gzip
server
tsa_b
strict-transport-security
max-age=631138519
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0
x-connection-hash
8f73cb88bb7dbda1289d69b2142abb9e9a4c54d37a25bbc99656c29e974a4c09
content-type
application/javascript;charset=utf-8
content-length
57
adsct
t.co/i/
43 B
336 B
Image
General
Full URL
https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o01de&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=c9ed7d41-e1c6-4048-b65a-030fa4f17302&tw_document_href=https%3A%2F%2Fgcp-bc-784-ontariofarmer.gdev.postmedia.digital%2F
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-response-time
5
date
Thu, 17 Feb 2022 05:09:08 GMT
server
tsa_b
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
efdd3cc062ab463210e6e02c098c422082f2bb42c1398a818b1cf157d6d90771
content-length
43
p.js
cdn.parsely.com/keys/undefined/
52 KB
20 KB
Script
General
Full URL
https://cdn.parsely.com/keys/undefined/p.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.242.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-242-59.ewr53.r.cloudfront.net
Software
nginx /
Resource Hash
004873741130c4c0aec4692ddf6ac8f57442ab746004efded91e189228c5daf8

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 01:59:52 GMT
via
1.1 e832d261a0bb86f8ba09ea0550c8e77e.cloudfront.net (CloudFront)
last-modified
Thu, 02 Apr 2020 01:01:04 GMT
server
nginx
age
11356
etag
W/"5e853950-d0b1"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
EWR53-P1
content-encoding
gzip
x-amz-cf-id
LPsGaq4K6jkDEGPKWg15B2yPvx6XvXZltaH5JISn1YzDB_8Z2Zh1kQ==
cnQHT8ghQ_dqj0z63FAP4JU4mbU
dmx.districtm.io/s/10026/ Frame 6B3A
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=132
  • https://dmx.districtm.io/s/10026/cnQHT8ghQ_dqj0z63FAP4JU4mbU
83 B
139 B
Script
General
Full URL
https://dmx.districtm.io/s/10026/cnQHT8ghQ_dqj0z63FAP4JU4mbU
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9c49abb61a49f2494450c62f925e90e4398d0638d9444632b6570f88bf64100
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Thu, 17 Feb 2022 05:09:08 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6dec807819a83fdf-YYZ

Redirect headers

Location
https://dmx.districtm.io/s/10026/cnQHT8ghQ_dqj0z63FAP4JU4mbU
Date
Thu, 17 Feb 2022 05:09:08 GMT
Connection
keep-alive
Content-Length
83
Content-Type
text/html; charset=utf-8
A4OH1k88hu6Ht1EPJ5NN
dmx.districtm.io/s/10027/ Frame 6B3A
Redirect Chain
  • https://us.creativecdn.com/cm-notify?pi=districtm
  • https://us.creativecdn.com/cm-notify?pi=districtm&tc=1
  • https://dmx.districtm.io/s/10027/A4OH1k88hu6Ht1EPJ5NN?pi=districtm&tc=1
76 B
132 B
Script
General
Full URL
https://dmx.districtm.io/s/10027/A4OH1k88hu6Ht1EPJ5NN?pi=districtm&tc=1
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
065829e4f21eecbf5bd46a22625304de02c0e591f68b1dd2b90daac47267c2e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Thu, 17 Feb 2022 05:09:08 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6dec807809a73fdf-YYZ

Redirect headers

location
https://dmx.districtm.io/s/10027/A4OH1k88hu6Ht1EPJ5NN?pi=districtm&tc=1
pragma
no-cache
date
Thu, 17 Feb 2022 05:09:08 GMT, Thu, 17 Feb 2022 05:09:08 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
AAAGZMIGL6OoRwMys_10AAAAAAA&expiration=1645160948&nuid=25DvcHLEs95bmyzizY2Hake2SeC&is_secure=true
dmx.us-east-31.districtm.io/s/10007/ Frame 6B3A
Redirect Chain
  • https://districtm-match.dotomi.com/match/bounce/current?version=1&networkId=33921&nuid=25DvcHLEs95bmyzizY2Hake2SeC&rurl=//dmx.us-east-31.districtm.io/s/10007/
  • https://districtm-match.dotomi.com/match/bounce/current?DotomiTest=164461534bee11fe&is_secure=true&version=1&networkId=33921&nuid=25DvcHLEs95bmyzizY2Hake2SeC&rurl=%2F%2Fdmx.us-east-31.districtm.io%...
  • https://dmx.us-east-31.districtm.io/s/10007/AAAGZMIGL6OoRwMys_10AAAAAAA&expiration=1645160948&nuid=25DvcHLEs95bmyzizY2Hake2SeC&is_secure=true
153 B
291 B
Script
General
Full URL
https://dmx.us-east-31.districtm.io/s/10007/AAAGZMIGL6OoRwMys_10AAAAAAA&expiration=1645160948&nuid=25DvcHLEs95bmyzizY2Hake2SeC&is_secure=true
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Server
34.75.117.5 North Charleston, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
5.117.75.34.bc.googleusercontent.com
Software
/
Resource Hash
fe767c747a6851d2b1ded447dcf7b6bb053fc6acf5f7a4ca78b7b1da2ded17aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 05:09:08 GMT
content-length
153
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8

Redirect headers

pragma
no-cache
date
Thu, 17 Feb 2022 05:09:08 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
//dmx.us-east-31.districtm.io/s/10007/AAAGZMIGL6OoRwMys_10AAAAAAA&expiration=1645160948&nuid=25DvcHLEs95bmyzizY2Hake2SeC&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
647778910327
dmx.districtm.io/s/10022/ Frame 6B3A
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=137&rurl=https%3A%2F%2Fdmx.districtm.io%2Fs%2F10022%2F___AUID___
  • https://dmx.districtm.io/s/10022/647778910327
68 B
134 B
Script
General
Full URL
https://dmx.districtm.io/s/10022/647778910327
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a20612d194494fed2ff28697179a88569d7193b4fe9ff7631c22937aee6dfe7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Thu, 17 Feb 2022 05:09:08 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6dec807809a53fdf-YYZ

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://dmx.districtm.io/s/10022/647778910327
91b7ffb9-173e-4d3a-80d6-baa9ea5bbbb0
dmx.districtm.io/s/10059/ Frame 6B3A
Redirect Chain
  • https://match.sharethrough.com/1PQ8qgv7/v1/
  • https://dmx.districtm.io/s/10059/91b7ffb9-173e-4d3a-80d6-baa9ea5bbbb0
92 B
178 B
Script
General
Full URL
https://dmx.districtm.io/s/10059/91b7ffb9-173e-4d3a-80d6-baa9ea5bbbb0
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5adf5f99410f5cda46c603f7278580a9a6a3610f8b6f6684f2c6c888b4a4d1ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Thu, 17 Feb 2022 05:09:08 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6dec8077c93c3fdf-YYZ

Redirect headers

location
https://dmx.districtm.io/s/10059/91b7ffb9-173e-4d3a-80d6-baa9ea5bbbb0
date
Thu, 17 Feb 2022 05:09:08 GMT
content-length
0
uthtxmddg.js
cdn.krxd.net/controltag/ Frame ECC1
29 KB
7 KB
Script
General
Full URL
https://cdn.krxd.net/controltag/uthtxmddg.js
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
76a237b880fbfc8ac655e91dcf5c9af3b44ccc506c69328409b4047d72519eea

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Thu, 17 Feb 2022 05:09:08 GMT
via
1.1 varnish, 1.1 varnish
age
1048
x-cache
MISS, HIT, HIT
x-app-cache
HIT
x-age
0
content-encoding
gzip
content-length
6471
x-served-by
config-service-a002-ash-prod.krxd.net, cache-iad-kiad7000022-IAD, cache-yul12833-YUL
x-response-time
1
x-do-esi
esi
x-timer
S1645074548.346019,VS0,VE0
etag
"8d8408c6b02eb41f93710c678ece74490c4f6485"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 1, 15
/
www.facebook.com/tr/
44 B
408 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1685973801652415&ev=PageView&dl=https%3A%2F%2Fgcp-bc-784-ontariofarmer.gdev.postmedia.digital%2F&rl=&if=false&ts=1645074548367&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22514537319740368%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22CAD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22503487844400487%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22CAD%22%7D%7D%7D&par[2]=%7B%22extractorID%22%3A%221042784969583558%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22CAD%22%7D%7D%7D&par[3]=%7B%22extractorID%22%3A%22858678751523779%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[4]=%7B%22extractorID%22%3A%221127243281129742%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[5]=%7B%22extractorID%22%3A%22497819211464386%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1645074548365.298543738&it=1645074548214&coo=false&exp=p1&rqm=GET
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 05:09:08 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Thu, 17 Feb 2022 05:09:08 GMT
iu3
s.amazon-adsystem.com/ Frame AA4C
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&dcc=t
275 B
1 KB
Document
General
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
5bfee1a430ede5828fcb00547e58f4121e6758b35517b4ee1b5387067a2e65e9
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/

Response headers

Server
Server
Date
Thu, 17 Feb 2022 05:09:08 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
275
Connection
keep-alive
x-amz-rid
HQK7ZRTEGDVSMHSKVND2
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

Server
Server
Date
Thu, 17 Feb 2022 05:09:08 GMT
Content-Length
0
Connection
keep-alive
x-amz-rid
W8G7JSSYRZ2R58E80V01
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&dcc=t
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()
integrator.js
adservice.google.ca/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=gcp-bc-784-ontariofarmer.gdev.postmedia.digital
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Feb 2022 05:09:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=gcp-bc-784-ontariofarmer.gdev.postmedia.digital
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Feb 2022 05:09:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
/
www.google.ca/pagead/1p-conversion/580448699/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/580448699/?random=43574426&cv=9&fst=1645074548259&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u...
  • https://www.google.com/pagead/1p-conversion/580448699/?random=43574426&cv=9&fst=1645074548259&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah...
  • https://www.google.ca/pagead/1p-conversion/580448699/?random=43574426&cv=9&fst=1645074548259&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=...
42 B
64 B
Image
General
Full URL
https://www.google.ca/pagead/1p-conversion/580448699/?random=43574426&cv=9&fst=1645074548259&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg2g0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgcp-bc-784-ontariofarmer.gdev.postmedia.digital%2F&tiba=Home%20%7C%20Ontario%20Farmer&auid=108795257.1645074548&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=dNgNYtaBFK6MoPMP7quTwAo&cid=CAQSKQCNIrLM5Lm6x_xy3S5lidkMCosszUD0SNwUPi1Sjk-piYDZvWSCRbwD&eitems=ChAIgN6ykAYQsKClzo649cImEh0AY0P93KLyJKUOFXGryVeBgkmrvFTGOHs2HMzH8w&random=1304662963&resp=GooglemKTybQhCsO&ipr=y&prhg=0
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H3
Server
2607:f8b0:4006:809::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Feb 2022 05:09:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 17 Feb 2022 05:09:08 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.ca/pagead/1p-conversion/580448699/?random=43574426&cv=9&fst=1645074548259&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg2g0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgcp-bc-784-ontariofarmer.gdev.postmedia.digital%2F&tiba=Home%20%7C%20Ontario%20Farmer&auid=108795257.1645074548&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=dNgNYtaBFK6MoPMP7quTwAo&cid=CAQSKQCNIrLM5Lm6x_xy3S5lidkMCosszUD0SNwUPi1Sjk-piYDZvWSCRbwD&eitems=ChAIgN6ykAYQsKClzo649cImEh0AY0P93KLyJKUOFXGryVeBgkmrvFTGOHs2HMzH8w&random=1304662963&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
controltag.js.a1705c5ac5f06cf0c202ff70908fc042
cdn.krxd.net/ctjs/ Frame ECC1
259 KB
83 KB
Script
General
Full URL
https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/uthtxmddg.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Thu, 17 Feb 2022 05:09:08 GMT
content-encoding
gzip
age
17167858
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
2030315
content-length
84509
x-served-by
cache-yul12833-YUL
last-modified
Mon, 02 Aug 2021 12:06:17 GMT
x-timer
S1645074548.426381,VS0,VE0
etag
"a1705c5ac5f06cf0c202ff70908fc042"
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Thu, 31 Jul 2031 12:06:16 GMT
/
www.google.com/pagead/1p-user-list/990309138/
42 B
548 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/990309138/?random=1645074548254&cv=9&fst=1645074000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg2g0&sendb=1&frm=0&url=https%3A%2F%2Fgcp-bc-784-ontariofarmer.gdev.postmedia.digital%2F&tiba=Home%20%7C%20Ontario%20Farmer&async=1&fmt=3&is_vtc=1&random=3923553231&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Feb 2022 05:09:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ca/pagead/1p-user-list/990309138/
42 B
548 B
Image
General
Full URL
https://www.google.ca/pagead/1p-user-list/990309138/?random=1645074548254&cv=9&fst=1645074000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg2g0&sendb=1&frm=0&url=https%3A%2F%2Fgcp-bc-784-ontariofarmer.gdev.postmedia.digital%2F&tiba=Home%20%7C%20Ontario%20Farmer&async=1&fmt=3&is_vtc=1&random=3923553231&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Feb 2022 05:09:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
559 KB
48 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1092456695898951&correlator=491655520811682&eid=31064905%2C44756432%2C31064019&output=ldjh&gdfp_req=1&vrg=2022021401&ptt=17&impl=fifs&sc=1&sfv=1-0-38&ecs=20220217&iu_parts=3081%2CSMCO_ENCO_MAGOnFarmer_EN_WEB%2Cindex&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C6x6%7C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C7x7%7C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250&ppid=00000000ppidp8567425304588866645&prev_scp=loc%3D1%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Dbc0649a8-8faf-11ec-8885-02858871ae57%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%7Cloc%3D2%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Dbc0649a9-8faf-11ec-8885-02858871ae57%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%26pub%3D40%7Cloc%3D1%26amznbid%3D2%26amznp%3D2%26id%3Dbc0649aa-8faf-11ec-8885-02858871ae57%7Cloc%3D3%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Dbc0649ab-8faf-11ec-8885-02858871ae57%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%7Cloc%3D2%26amznbid%3D2%26amznp%3D2%26id%3Dbc0649ac-8faf-11ec-8885-02858871ae57%7Cloc%3D4%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Dbc0649ad-8faf-11ec-8885-02858871ae57%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%26pub%3D40%7Cloc%3D3%26amznbid%3D2%26amznp%3D2%26id%3Dbc0649ae-8faf-11ec-8885-02858871ae57%7Cloc%3D5%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Dbc0649af-8faf-11ec-8885-02858871ae57%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%7Cloc%3D4%26amznbid%3D2%26amznp%3D2%26id%3Dbc0649b0-8faf-11ec-8885-02858871ae57%7Cloc%3D6%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Dbc0649b1-8faf-11ec-8885-02858871ae57%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%26pub%3D40%7Cloc%3D5%26amznbid%3D2%26amznp%3D2%26id%3Dbc0649b2-8faf-11ec-8885-02858871ae57%7Cloc%3D7%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Dbc0649b3-8faf-11ec-8885-02858871ae57%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%26pub%3D40%7Cloc%3D6%26amznbid%3D2%26amznp%3D2%26id%3Dbc0649b4-8faf-11ec-8885-02858871ae57%7Cloc%3D8%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Dbc0649b5-8faf-11ec-8885-02858871ae57%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%26pub%3D40%7Cloc%3D7%26amznbid%3D2%26amznp%3D2%26id%3Dbc0649b6-8faf-11ec-8885-02858871ae57%7Cloc%3D9%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Dbc0649b7-8faf-11ec-8885-02858871ae57%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%26pub%3D40%7Cloc%3D8%26amznbid%3D2%26amznp%3D2%26id%3Dbc0649b8-8faf-11ec-8885-02858871ae57%7Cloc%3D10%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Dbc0649b9-8faf-11ec-8885-02858871ae57%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%26pub%3D40&eri=1&cust_params=no_pol%3Dtrue%26page%3Dindex%26pr%3Donf%26sensitive%3Dn%26negative%3Dn%26ck%3Dindex%26imp%3Dindex%26kuid%3D%26amznbid%3D0%26amznp%3D0%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3Dlow%26ias-kw%3DIAS_UNSCORED_PG&cookie_enabled=1&bc=31&abxe=1&dt=1645074548440&lmt=1645074548&dlt=1645074547241&idt=748&frm=20&biw=1600&bih=1200&oid=2&adxs=200%2C797%2C765%2C797%2C765%2C200%2C765%2C200%2C765%2C200%2C765%2C200%2C765%2C200%2C765%2C200%2C765%2C200&adys=233%2C566%2C1108%2C1847%2C2674%2C3413%2C3955%2C3754%2C4296%2C4095%2C4637%2C4436%2C4978%2C4777%2C5319%2C5118%2C5660%2C5459&adks=625928897%2C1960150758%2C1840685615%2C346298458%2C1840685612%2C625928910%2C1840685613%2C625928909%2C1840685586%2C625928908%2C1840685587%2C625928907%2C1840685584%2C625928906%2C1840685585%2C625928905%2C1840685590%2C2524969409&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg%7Ch%7Ci&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fgcp-bc-784-ontariofarmer.gdev.postmedia.digital%2F&vis=1&scr_x=0&scr_y=0&psz=1600x250%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250&msz=1600x250%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250&ga_vid=932842661.1645074548&ga_sid=1645074548&ga_hid=1322225625&ga_fc=false&fws=4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4&ohw=1600%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600&btvi=0%7C0%7C0%7C1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7C10%7C11%7C12%7C13%7C14%7C15&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
4654a3c95c736b2bce10fed21b6573696d40a1052ea25e10a73e6c6a52b42bfd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 05:09:09 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49145
x-xss-protection
0
google-lineitem-id
-1,-1,5900230719,-1,5900230719,-1,-2,-1,-2,-1,-2,-1,-2,-1,-2,-1,-2,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,138379291044,-1,138379268081,-1,-2,-1,-2,-1,-2,-1,-2,-1,-2,-1,-2,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
6b00730def75e20ba1a0d041587698a9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 60DF
6 KB
4 KB
Document
General
Full URL
https://6b00730def75e20ba1a0d041587698a9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Thu, 17 Feb 2022 05:09:08 GMT
expires
Fri, 17 Feb 2023 05:09:08 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
srv-2022-02-17-05.pixel.parsely.com/plogger/
43 B
259 B
Image
General
Full URL
https://srv-2022-02-17-05.pixel.parsely.com/plogger/?rand=1645074548511&plid=56587661&idsite=genericconfigfree&url=https%3A%2F%2Fgcp-bc-784-ontariofarmer.gdev.postmedia.digital%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fgcp-bc-784-ontariofarmer.gdev.postmedia.digital%2F&sref=&sts=1645074548490&slts=0&title=Home+%7C+Ontario+Farmer&date=Thu+Feb+17+2022+05%3A09%3A08+GMT%2B0000+(GMT)&action=pageview&metadata=%7B%22authors%22%3A%5B%5D%2C%22name%22%3A%22Ontario+Farmer%22%2C%22title%22%3A%22Home+%7C+Ontario+Farmer%22%2C%22link%22%3A%22https%3A%2F%2Fgcp-bc-784-ontariofarmer.gdev.postmedia.digital%2F%22%2C%22potentialAction%22%3A%7B%22%40type%22%3A%22SearchAction%22%2C%22target%22%3A%22https%3A%2F%2Fontariofarmer.com%2Fsearch%2F%3Fsearch_text%3D%7Bsearch_term%7D%22%2C%22query-input%22%3A%22required+name%3Dsearch_term%22%7D%2C%22page_type%22%3A%22index%22%7D&pvid=62747204&u=pid%3D5b16ed6ec08d50213be4b72fdcbcbdae
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.102.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-102-47.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 17 Feb 2022 05:09:08 GMT
Cache-Control
no-cache
Last-Modified
Thursday, 17-Feb-2022 05:09:08 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
42fb57ac-2013-45a6-8dad-332d53e17c1b
consumer.krxd.net/consent/get/ Frame ECC1
224 B
305 B
Script
General
Full URL
https://consumer.krxd.net/consent/get/42fb57ac-2013-45a6-8dad-332d53e17c1b?idt=device&dt=kxcookie&callback=Krux.ns.postmedia.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
41c264db2ccf6ee7df5f787b4fab9cd2c7bf6807e4c7197de9f0166e66e379ce

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 05:09:08 GMT
via
1.1 varnish
age
0
x-served-by
consumer-a010-ash-prod.krxd.net, cache-yul12824-YUL
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
content-encoding
gzip
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1645074549.563741,VS0,VE21
content-length
187
x-cache-hits
0, 0
pr
s.amazon-adsystem.com/v3/ Frame 26E1
2 KB
3 KB
Document
General
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
bed79e22634d48c6e53d084c7dc1ac8e7ed34377df61478f7020d89248124ea1
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&dcc=t

Response headers

Server
Server
Date
Thu, 17 Feb 2022 05:09:08 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
2044
Connection
keep-alive
x-amz-rid
53VKKQ8MCR539Q0H4KCR
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()
usermatch.gif
beacon.krxd.net/ Frame ECC1
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=google
  • https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=T3F0UDdwU1M
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESEI0Bw69BjhWGowyk_GbWNPQ&google_cver=1
0
337 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEI0Bw69BjhWGowyk_GbWNPQ&google_cver=1
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Server
34.204.255.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-204-255-47.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 05:09:08 GMT
cache-control
private, no-cache, no-store
x-request-time
D=27 t=1645074548
x-served-by
beacon-n024-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 17 Feb 2022 05:09:08 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEI0Bw69BjhWGowyk_GbWNPQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
291
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame ECC1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=T3F0UDdwU1M
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESEI0Bw69BjhWGowyk_GbWNPQ&google_cver=1
0
338 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEI0Bw69BjhWGowyk_GbWNPQ&google_cver=1
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Server
34.204.255.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-204-255-47.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 05:09:08 GMT
cache-control
private, no-cache, no-store
x-request-time
D=48 t=1645074548
x-served-by
beacon-n034-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 17 Feb 2022 05:09:08 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEI0Bw69BjhWGowyk_GbWNPQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
291
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
379708.gif
idsync.rlcdn.com/ Frame ECC1
42 B
450 B
Image
General
Full URL
https://idsync.rlcdn.com/379708.gif?partner_uid=OqtP7pSS
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Feb 2022 05:09:08 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
usermatch.gif
beacon.krxd.net/ Frame ECC1
Redirect Chain
  • https://stags.bluekai.com/site/26357?id=OqtP7pSS&redir=https://beacon.krxd.net/usermatch.gif?_kuid%3DOqtP7pSS%26partner%3Dbluekai%26bk_uuid%3D%24_BK_UUID
  • https://beacon.krxd.net/usermatch.gif?_kuid=OqtP7pSS&partner=bluekai&bk_uuid=$_BK_UUID
0
337 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?_kuid=OqtP7pSS&partner=bluekai&bk_uuid=$_BK_UUID
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Server
34.204.255.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-204-255-47.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 05:09:08 GMT
cache-control
private, no-cache, no-store
x-request-time
D=30 t=1645074548
x-served-by
beacon-n021-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://beacon.krxd.net/usermatch.gif?_kuid=OqtP7pSS&partner=bluekai&bk_uuid=$_BK_UUID
Date
Thu, 17 Feb 2022 05:09:08 GMT
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
p
sb.scorecardresearch.com/ Frame ECC1
64 B
442 B
Image
General
Full URL
https://sb.scorecardresearch.com/p?c1=9&c2=8188709&cs_xi=OqtP7pSS&rn=1645074549
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-125.ewr53.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 05:09:08 GMT
via
1.1 52b969a4ab7956a248b07efba57c92a4.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-P1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
x-6WEykJEUOwU7V6b5-ny6ZNQ_J9ZhGVkai4wUzbaNyjsATpyQEIAA==
usermatch.gif
beacon.krxd.net/ Frame ECC1
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/NC4WTmcy?redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner_id%3Dcb276571-e0d9-4438-9fd4-80a1ff034b01%26puid%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/NC4WTmcy?redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner_id%3Dcb276571-e0d9-4438-9fd4-80a1ff034b01%26puid%3D%24%7BTM_USER_ID%7D&_test=Yg3YdA...
  • https://beacon.krxd.net/usermatch.gif?partner_id=cb276571-e0d9-4438-9fd4-80a1ff034b01&puid=Yg3YdAAG1RV6CABH&_test=Yg3YdAAG1RV6CABH
0
337 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?partner_id=cb276571-e0d9-4438-9fd4-80a1ff034b01&puid=Yg3YdAAG1RV6CABH&_test=Yg3YdAAG1RV6CABH
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Server
34.204.255.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-204-255-47.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 05:09:08 GMT
cache-control
private, no-cache, no-store
x-request-time
D=69 t=1645074548
x-served-by
beacon-n015-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 17 Feb 2022 05:09:08 GMT
via
1.1 varnish
server
Varnish
x-timer
S1645074549.690019,VS0,VE0
x-served-by
cache-yul12828-YUL
x-cache
HIT
location
https://beacon.krxd.net/usermatch.gif?partner_id=cb276571-e0d9-4438-9fd4-80a1ff034b01&puid=Yg3YdAAG1RV6CABH&_test=Yg3YdAAG1RV6CABH
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
usermatch.gif
beacon.krxd.net/ Frame ECC1
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=beeswax
  • https://match.prod.bidr.io/cookie-sync/krux?partner_user_id=OqtP7pSS
  • https://match.prod.bidr.io/cookie-sync/krux?partner_user_id=OqtP7pSS&_bee_ppp=1
  • https://beacon.krxd.net/usermatch.gif?partner=beeswax&partner_uid=AACoA07EG7EAAHNu_qSMdA
0
337 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?partner=beeswax&partner_uid=AACoA07EG7EAAHNu_qSMdA
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Server
34.204.255.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-204-255-47.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 05:09:08 GMT
cache-control
private, no-cache, no-store
x-request-time
D=22 t=1645074548
x-served-by
beacon-n010-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=beeswax&partner_uid=AACoA07EG7EAAHNu_qSMdA
Date
Thu, 17 Feb 2022 05:09:08 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
usermatch.gif
beacon.krxd.net/ Frame ECC1
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=mediamath
  • https://sync.mathtag.com/sync/img?mt_exid=10031&mt_exuid=OqtP7pSS&redirect=https://beacon.krxd.net/usermatch.gif?partner%3Dmediamath%26partner_id%3D%5BMM_UUID%5D
  • https://beacon.krxd.net/usermatch.gif?partner=mediamath&partner_id=c96e620d-d875-4000-b105-ca4d790b2560
0
337 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?partner=mediamath&partner_id=c96e620d-d875-4000-b105-ca4d790b2560
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Server
34.204.255.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-204-255-47.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 05:09:09 GMT
cache-control
private, no-cache, no-store
x-request-time
D=30 t=1645074548
x-served-by
beacon-n038-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Thu, 17 Feb 2022 05:09:09 GMT
Server
MT3 4133 baa842e master cdg-pixel-x11 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://beacon.krxd.net/usermatch.gif?partner=mediamath&partner_id=c96e620d-d875-4000-b105-ca4d790b2560
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 17 Feb 2022 05:09:08 GMT
tag.aspx
ml314.com/ Frame ECC1
27 KB
12 KB
Script
General
Full URL
https://ml314.com/tag.aspx?1712022
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.235.23.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-23-231.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
300b9ba11e041384aafe746b81adbac891f04890e6d71728d572df9073610076

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 17 Feb 2022 05:09:07 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=86400
transfer-encoding
chunked
Connection
keep-alive
g.js
aa.agkn.com/adscores/ Frame ECC1
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=neustar
  • https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=OqtP7pSS
43 B
680 B
Image
General
Full URL
https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=OqtP7pSS
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
HTTP/1.1
Server
156.154.202.36 , United States, ASN19907 (NEUSTAR-AS6, US),
Reverse DNS
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Feb 2022 05:09:09 GMT
Server
AAWebServer
Access-Control-Allow-Methods
GET, POST, OPTIONS
P3P
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
close
Content-Type
image/gif
Access-Control-Allow-Headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
Content-Length
43
Expires
0

Redirect headers

location
https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=OqtP7pSS
date
Thu, 17 Feb 2022 05:09:08 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a002-ash-prod.krxd.net
usermatch.gif
beacon.krxd.net/ Frame ECC1
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=183716&cb=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcasale%26partner_uid%3D__UID__
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcasale%26partner_uid%3D__UID__&s=183716&C=1
  • https://beacon.krxd.net/usermatch.gif?partner=casale&partner_uid=Yg3YdHjLBAU6rtOYMfvLqgAA%26037
0
337 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?partner=casale&partner_uid=Yg3YdHjLBAU6rtOYMfvLqgAA%26037
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Server
34.204.255.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-204-255-47.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 05:09:08 GMT
cache-control
private, no-cache, no-store
x-request-time
D=29 t=1645074548
x-served-by
beacon-n039-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Thu, 17 Feb 2022 05:09:08 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://beacon.krxd.net/usermatch.gif?partner=casale&partner_uid=Yg3YdHjLBAU6rtOYMfvLqgAA%26037
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
283
Expires
Thu, 17 Feb 2022 05:09:08 GMT
usermatch.gif
beacon.krxd.net/ Frame ECC1
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=salesforce
  • https://beacon.krxd.net/usermatch.gif?partner=stackadapt&partner_uid=cnQHT8ghQ_dqj0z63FAP4JU4mbU
0
337 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?partner=stackadapt&partner_uid=cnQHT8ghQ_dqj0z63FAP4JU4mbU
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Server
34.204.255.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-204-255-47.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 05:09:08 GMT
cache-control
private, no-cache, no-store
x-request-time
D=28 t=1645074548
x-served-by
beacon-n023-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://beacon.krxd.net/usermatch.gif?partner=stackadapt&partner_uid=cnQHT8ghQ_dqj0z63FAP4JU4mbU
Date
Thu, 17 Feb 2022 05:09:08 GMT
Connection
keep-alive
Content-Length
123
Content-Type
text/html; charset=utf-8
usermatch.gif
beacon.krxd.net/ Frame ECC1
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=triplelift&gdpr=0&cmp_cs=&us_privacy=undefined
  • https://eb2.3lift.com/xuid?mid=3587&xuid=OqtP7pSS&dongle=13b2&rdir=https://beacon.krxd.net/usermatch.gif?partner%3Dtriplelift%26partner_uid%3D$UID&gdpr=0&cmp_cs=&us_privacy=undefined
  • https://eb2.3lift.com/xuid?ld=1&mid=3587&xuid=OqtP7pSS&dongle=13b2&gdpr=0&cmp_cs=&us_privacy=undefined&rdir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dtriplelift%26partner_uid%3D%24UID
  • https://beacon.krxd.net/usermatch.gif?partner=triplelift&partner_uid=2058278953832408679159
0
337 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?partner=triplelift&partner_uid=2058278953832408679159
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Server
34.204.255.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-204-255-47.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 05:09:08 GMT
cache-control
private, no-cache, no-store
x-request-time
D=31 t=1645074548
x-served-by
beacon-n011-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=triplelift&partner_uid=2058278953832408679159
date
Thu, 17 Feb 2022 05:09:08 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
match.sharethrough.com/jwumXNuB/v1/ Frame 9AA0
427 B
529 B
Document
General
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.48.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-48-117.compute-1.amazonaws.com
Software
/
Resource Hash
5e80c963be99992cd6d591ebc79ab0149eb6131aad9a78787c64afa28ee0624d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

date
Thu, 17 Feb 2022 05:09:08 GMT
content-length
427
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0A2A
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=39966
expires
Thu, 17 Feb 2022 16:15:14 GMT
date
Thu, 17 Feb 2022 05:09:08 GMT
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 8EC1
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.64.109.237 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-109-237.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 17 Feb 2022 05:09:08 GMT
Connection
keep-alive
Vary
Accept-Encoding
cm
u.openx.net/w/1.0/ Frame 5E96
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX...
722 B
481 B
Document
General
Full URL
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
6af975259d8ffef398b1ef8d3cc92cd946a8cc1b2dd6b6e88ee6537be25d43bc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.1.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Thu, 17 Feb 2022 05:09:08 GMT
content-type
text/html
content-length
462
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Redirect headers

server
OXGW/17.1.0
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
date
Thu, 17 Feb 2022 05:09:08 GMT
content-length
0
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ecm3
s.amazon-adsystem.com/ Frame B03D
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=districtm
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Ddistrictm
  • https://s.amazon-adsystem.com/ecm3?id=565191321469147478&ex=districtm
43 B
556 B
Document
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=565191321469147478&ex=districtm
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Server
Server
Date
Thu, 17 Feb 2022 05:09:08 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
9VBSMX3ECJS82WJR22T4
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

Server
nginx/1.17.9
Date
Thu, 17 Feb 2022 05:09:08 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=565191321469147478&ex=districtm
AN-X-Request-Uuid
259197ce-7665-4a50-82f1-410eae5d2011
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 579.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
ecm3
s.amazon-adsystem.com/ Frame A960
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=565191321469147478&ex=appnexus.com
43 B
556 B
Document
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=565191321469147478&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Server
Server
Date
Thu, 17 Feb 2022 05:09:08 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
KF1VHKN74XD1CVYG3BBC
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

Server
nginx/1.17.9
Date
Thu, 17 Feb 2022 05:09:08 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=565191321469147478&ex=appnexus.com
AN-X-Request-Uuid
b5bab6b8-d767-48cd-bcb1-1cba606e99f3
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 579.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
amazon
ap.lijit.com/beacon/ Frame 2716
Redirect Chain
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
1 KB
1 KB
Document
General
Full URL
https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.182 , United States, ASN12181 (INTERNAP-2BLK, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
3ac08884924e4e8f88a3d91f6d1171ac1f517a75af1d649f74bcd3372bfb5e90

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Server
nginx
Date
Thu, 17 Feb 2022 05:09:08 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Vary
Accept-Encoding
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
Content-Encoding
gzip
X-Sovrn-Pod
ad_ap7ewr1

Redirect headers

Server
nginx
Date
Thu, 17 Feb 2022 05:09:08 GMT
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap7ewr1
index.html
cdn.districtm.io/ids/ Frame 86E3
Redirect Chain
  • https://cdn.districtm.io/ids/?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
  • https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
116 B
252 B
Document
General
Full URL
https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

date
Thu, 17 Feb 2022 05:09:08 GMT
content-type
text/html
cf-ray
6dec80797bd13fdf-YYZ
age
61253
last-modified
Thu, 20 May 2021 02:18:27 GMT
via
1.1 c70a767a1186502261b821449623037a.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-cf-id
lkApT1JDy3g9489P5tNvl-0obFBgdDZNY1L0lgEUENakzdjZgdVycQ==
x-amz-cf-pop
YTO50-C3
x-cache
Hit from cloudfront
vary
Accept-Encoding
server
cloudflare
content-encoding
br

Redirect headers

date
Thu, 17 Feb 2022 05:09:08 GMT
location
https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
cf-ray
6dec80793b4f3fdf-YYZ
cache-control
max-age=3600
expires
Thu, 17 Feb 2022 06:09:08 GMT
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
ecm3
s.amazon-adsystem.com/ Frame 3A12
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2058278953832408679159
43 B
556 B
Document
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2058278953832408679159
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Server
Server
Date
Thu, 17 Feb 2022 05:09:08 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
70NYRK4FSD4FVKRYXDJ6
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

date
Thu, 17 Feb 2022 05:09:08 GMT
content-length
0
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2058278953832408679159
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
users
dmx.districtm.io/s/v1/ Frame 6B3A
0
513 B
XHR
General
Full URL
https://dmx.districtm.io/s/v1/users
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://cdn.districtm.io/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 17 Feb 2022 05:09:08 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-allow-origin
https://cdn.districtm.io
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6dec8079fcc73fdf-YYZ
access-control-allow-headers
Origin, Content-Type
users
dmx.districtm.io/s/v1/ Frame
0
0
Preflight
General
Full URL
https://dmx.districtm.io/s/v1/users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://cdn.districtm.io
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 17 Feb 2022 05:09:08 GMT
cf-ray
6dec80798d53543d-YYZ
access-control-allow-origin
https://cdn.districtm.io
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-max-age
14400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
ecm3
s.amazon-adsystem.com/ Frame 9AA0
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=91b7ffb9-173e-4d3a-80d6-baa9ea5bbbb0
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Feb 2022 05:09:08 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
MYXM4CQ240JRGEQ5G8F1
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 9AA0
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1
  • https://sync.srv.stackadapt.com/sync?nid=15
  • https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-7274074f-c821-43f7-6a8f-4cfadc500fe0$ip$149.56.153.181
68 B
262 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-7274074f-c821-43f7-6a8f-4cfadc500fe0$ip$149.56.153.181
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
35.169.48.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-48-117.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 05:09:08 GMT
content-length
68
content-type
image/png

Redirect headers

Location
https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-7274074f-c821-43f7-6a8f-4cfadc500fe0$ip$149.56.153.181
Date
Thu, 17 Feb 2022 05:09:08 GMT
Connection
keep-alive
Content-Length
172
Content-Type
text/html; charset=utf-8
v1
match.sharethrough.com/sync/ Frame 9AA0
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2
  • https://ssum.casalemedia.com/usermatchredir?s=186046&cb=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DGM7HYz3VFjuymbiqnJLyjuPy%26source_user_id%3D__UID__
  • https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=Yg3YdHjLBAU6rtOYMfvLqgAA%26037
68 B
262 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=Yg3YdHjLBAU6rtOYMfvLqgAA%26037
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
35.169.48.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-48-117.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 05:09:08 GMT
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Thu, 17 Feb 2022 05:09:08 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=Yg3YdHjLBAU6rtOYMfvLqgAA%26037
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
307
Expires
Thu, 17 Feb 2022 05:09:08 GMT
v1
match.sharethrough.com/sync/ Frame 9AA0
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3
  • https://ssum.casalemedia.com/usermatchredir?s=186046&cb=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DGM7HYz3VFjuymbiqnJLyjuPy%26source_user_id%3D__UID__
  • https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=Yg3YdHjLBAU6rtOYMfvLqgAA%26037
68 B
262 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=Yg3YdHjLBAU6rtOYMfvLqgAA%26037
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
35.169.48.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-48-117.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 05:09:08 GMT
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Thu, 17 Feb 2022 05:09:08 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=Yg3YdHjLBAU6rtOYMfvLqgAA%26037
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
307
Expires
Thu, 17 Feb 2022 05:09:08 GMT
v1
match.sharethrough.com/sync/ Frame 9AA0
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4
  • https://b1sync.zemanta.com/usersync/sharethrough/
  • https://stags.bluekai.com/site/23178?id=5CssYB7_TZQrcfZZbsR_&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS63LBORRWQLTTNBQXEZLUNBZG65LHNAXGG33NF5ZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS63LBORRWQLTTNBQXEZLUNBZG65LHNAXGG33NF5ZXS3TDF53DCP3FPBRWQYLOM5ST243IMFZGK5DIOJXXKZ3IEZZW65LSMNSV62LEHVQTOOJTGUZTANJYGE2GMODDGVSTE...
  • https://match.sharethrough.com/sync/v1?source_id=a7935305814f8c5e2a34ba54&source_user_id=5CssYB7_TZQrcfZZbsR_
68 B
262 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=a7935305814f8c5e2a34ba54&source_user_id=5CssYB7_TZQrcfZZbsR_
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
35.169.48.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-48-117.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 05:09:09 GMT
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Thu, 17 Feb 2022 05:09:09 GMT
P3p
CP="We do not support P3P header."
Location
https://match.sharethrough.com/sync/v1?source_id=a7935305814f8c5e2a34ba54&source_user_id=5CssYB7_TZQrcfZZbsR_
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
136
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 8EC1
33 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.64.109.237 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-109-237.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
d096d22dc5d3acff598c866340e64f5994e700801472e146537a1feb147bf7ee

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 17 Feb 2022 05:09:08 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Feb 2022 22:21:11 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=84998
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9756
Expires
Fri, 18 Feb 2022 04:45:46 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 0A2A
2 KB
2 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=3918038&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
66547548f3877a69d31f43fe994a1a164b6909d5baeb6e4d1229b583eaa66893

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 05:09:08 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
1569
content-type
text/html; charset=UTF-8
hp_w_ion_l.svg
gcp-bc-784-ontariofarmer.gdev.postmedia.digital/9.5.0/weather/images/
39 KB
15 KB
Image
General
Full URL
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/9.5.0/weather/images/hp_w_ion_l.svg
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
29184c416fa3c5ffcbc4baf96ffe14c8d5fe2a0ff451da9d40b7109960ba3c2f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Thu, 17 Feb 2022 05:09:08 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 16:21:23 GMT
etag
W/"620d2483-9ab0"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Sun, 12 Feb 2023 05:09:08 GMT
utsync.ashx
ml314.com/ Frame ECC1
769 B
2 KB
Script
General
Full URL
https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=748&ct=js&pi=&fp=&clid=&if=1&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fcdn.krxd.net%2Fpartnerjs%2Fxdi%2Fproxy.3d2100fd7107262ecb55ce6847f01fa5.html%23!kxcid%3Duthtxmddg%26kxt%3Dhttps%253A%252F%252Fgcp-bc-784-ontariofarmer.gdev.postmedia.digital%26kxcl%3Dcdn%26kxp%3D&pv=1645074548794_nshwpq2p5&bl=en-us&cb=366576&return=https%3A%2F%2Fml314.com%2Fcsync.ashx%3Ffp%3DOqtP7pSS%26person_id%3D%5BPersonID%5D%26eid%3D748%26return%3Dhttps%253A%252F%252Fbeacon.krxd.net%252Fusermatch.gif%253Fpartner%253Dmadisonlogic%2526partner_uid%253D%5BPersonID%5D&ht=&d=&dc=&si=1645074548794_nshwpq2p5&cid=&s=1600x1200&rp=https%3A%2F%2Fgcp-bc-784-ontariofarmer.gdev.postmedia.digital%2F
Requested by
Host: ml314.com
URL: https://ml314.com/tag.aspx?1712022
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.235.23.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-23-231.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0bc3b053ee51b375e6d9ff787c579012da09179e4ceb7589fb32457b7bbd9370

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Feb 2022 05:09:08 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
p3P
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control
private
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
537
Expires
0
idsync.d5cb6b96.js
cdn.districtm.io/ids/ Frame 86E3
3 KB
2 KB
Script
General
Full URL
https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 05:09:08 GMT
via
1.1 a20436c6d109fe9002d093f519ad4399.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
95593
cf-polished
origSize=3302
x-cache
Hit from cloudfront
cf-bgj
minify
content-encoding
br
last-modified
Thu, 20 May 2021 02:18:27 GMT
server
cloudflare
etag
W/"74ede07ef946dc2316f86b2661cf2dd3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=172800
x-amz-cf-pop
IAD89-C2
cf-ray
6dec807a2d1b3fdf-YYZ
x-amz-cf-id
1eRSpWhdVAkBadFJp4F5rFN7MnzWD6LrYuBkp7TuCOeRux1TRVDlcg==
expires
Sat, 19 Feb 2022 05:09:08 GMT
ecm3
s.amazon-adsystem.com/ Frame 2716
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=96e3a32e4b5469f6e69f47f9&ex=sovrn.com&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Feb 2022 05:09:08 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
17M02Z82WZ185XM04ZGJ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
epx.gif
px.owneriq.net/fr/ Frame 2716
Redirect Chain
  • https://px.owneriq.net/eucm/p/sv?gdpr=0&gdpr_consent=
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fpx.owneriq.net%2ffr%2fepx.gif&uid=Q6983609491834525044&ref=%2Feucm%2Fp%2Fsv
  • https://px.owneriq.net/fr/epx.gif
43 B
402 B
Image
General
Full URL
https://px.owneriq.net/fr/epx.gif
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
23.36.85.188 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-85-188.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 17 Feb 2022 05:09:09 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
max-age=183229
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 19 Feb 2022 08:02:58 GMT

Redirect headers

Date
Thu, 17 Feb 2022 05:09:09 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://px.owneriq.net/fr/epx.gif
Cache-Control
max-age=57140
Connection
keep-alive
Content-Type
text/html
Content-Length
154
pixel
cm.g.doubleclick.net/ Frame 2716
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=OTZlM2EzMmU0YjU0NjlmNmU2OWY0N2Y5&gdpr=0
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=OTZlM2EzMmU0YjU0NjlmNmU2OWY0N2Y5&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
H3
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Feb 2022 05:09:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 17 Feb 2022 05:09:08 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=OTZlM2EzMmU0YjU0NjlmNmU2OWY0N2Y5&gdpr=0
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap7ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
merge
ce.lijit.com/ Frame 2716
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=49&3pid=URGjRyg863Kd&ev=1&pid=558511&gdpr_consent=&gdpr=0
43 B
872 B
Image
General
Full URL
https://ce.lijit.com/merge?pid=49&3pid=URGjRyg863Kd&ev=1&pid=558511&gdpr_consent=&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Feb 2022 05:09:09 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3dca1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-CA
location
https://ce.lijit.com/merge?pid=49&3pid=URGjRyg863Kd&ev=1&pid=558511&gdpr_consent=&gdpr=0
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-56659f45bd-jk47f
expires
-1
merge
ce.lijit.com/ Frame 2716
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=1827&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=10&3pid=997336229462069891
43 B
878 B
Image
General
Full URL
https://ce.lijit.com/merge?pid=10&3pid=997336229462069891
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Feb 2022 05:09:09 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3dca1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
https://ce.lijit.com/merge?pid=10&3pid=997336229462069891
Date
Thu, 17 Feb 2022 05:09:09 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
merge
ce.lijit.com/ Frame 2716
Redirect Chain
  • https://sync.1rx.io/usersync2/sovrn?gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/sovrn?zcc=1&cb=1645074549291
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1973604982
  • https://sync.1rx.io/usersync/tradedesk/6ec115a6-b8c6-4d04-b7cf-011668d723f5
  • https://sync.targeting.unrulymedia.com/csync/RX-059baaf5-995d-4f85-9abe-1b67a194b8d0-005?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D56%263pid%3DRX-059baaf5-995d-4f85-9abe-1b67a194b8d0-005
  • https://ce.lijit.com/merge?pid=56&3pid=RX-059baaf5-995d-4f85-9abe-1b67a194b8d0-005
43 B
1 KB
Image
General
Full URL
https://ce.lijit.com/merge?pid=56&3pid=RX-059baaf5-995d-4f85-9abe-1b67a194b8d0-005
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Feb 2022 05:09:09 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3dca1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Thu, 17 Feb 2022 05:09:09 GMT
Server
Tengine
ETag
RX059baaf5995d4f859abe1b67a194b8d0005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://ce.lijit.com/merge?pid=56&3pid=RX-059baaf5-995d-4f85-9abe-1b67a194b8d0-005
Connection
keep-alive
Content-Type
text/html
khaos.jpg
token.rubiconproject.com/ Frame 8EC1
284 B
921 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
b3266a43228eaeab48f59934ee9159da
Content-Type
image/jpg
demconf.jpg
dpm.demdex.net/ Frame ECC1
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3625196176948068415&redir=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3625196176948068415&redir=
42 B
945 B
Image
General
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3625196176948068415&redir=
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
HTTP/1.1
Server
34.210.160.53 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-210-160-53.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v025-0c811cf4d.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
pZJPnpgIQxA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-usw2-2-v025-04777a23e.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
trBbKnaTRug=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3625196176948068415&redir=
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
utsync.ashx
ml314.com/ Frame ECC1
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=d0tro1j&ttd_tpi=1
  • https://ml314.com/utsync.ashx?eid=53819&et=0&fp=7c3db795-87bc-407a-a70f-27243940d7c4&gdpr=0&gdpr_consent=
43 B
517 B
Image
General
Full URL
https://ml314.com/utsync.ashx?eid=53819&et=0&fp=7c3db795-87bc-407a-a70f-27243940d7c4&gdpr=0&gdpr_consent=
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
HTTP/1.1
Server
34.235.23.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-23-231.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Feb 2022 05:09:08 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
p3P
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control
private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0,Fri, 18 Feb 2022 00:09:09 GMT

Redirect headers

pragma
no-cache
date
Thu, 17 Feb 2022 05:09:09 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ml314.com/utsync.ashx?eid=53819&et=0&fp=7c3db795-87bc-407a-a70f-27243940d7c4&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
241
csync.ashx
ml314.com/ Frame ECC1
Redirect Chain
  • https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3625196176948068415
  • https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3625196176948068415
  • https://ml314.com/csync.ashx?fp=3adb5b806e5680cd270c0279f7a98553&eid=50146&person_id=3625196176948068415
43 B
312 B
Image
General
Full URL
https://ml314.com/csync.ashx?fp=3adb5b806e5680cd270c0279f7a98553&eid=50146&person_id=3625196176948068415
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
HTTP/1.1
Server
34.235.23.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-23-231.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 17 Feb 2022 05:09:08 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
private
Connection
keep-alive
Content-Length
43
Expires
Fri, 18 Feb 2022 00:09:09 GMT

Redirect headers

pragma
no-cache
date
Thu, 17 Feb 2022 05:09:09 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://ml314.com/csync.ashx?fp=3adb5b806e5680cd270c0279f7a98553&eid=50146&person_id=3625196176948068415
cache-control
no-cache
x-server
10.40.14.212
content-length
0
expires
0
match
ps.eyeota.net/ Frame ECC1
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif
  • https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif
  • https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2CIA8wru2QP48_ux8OjlDpPGim8SP_XT5Rbkbz-NnWPg&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26referrer_p...
  • https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
70 B
440 B
Image
General
Full URL
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
HTTP/1.1
Server
52.55.144.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-144-0.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 17 Feb 2022 05:09:09 GMT
Content-Type
image/gif
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Pragma
no-cache
Date
Thu, 17 Feb 2022 05:09:08 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
p3P
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Location
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
Cache-Control
private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
193
Expires
0,Fri, 18 Feb 2022 00:09:09 GMT
usermatch.gif
beacon.krxd.net/ Frame ECC1
Redirect Chain
  • https://ml314.com/csync.ashx?fp=OqtP7pSS&person_id=3625196176948068415&eid=748&return=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dmadisonlogic%26partner_uid%3D3625196176948068415
  • https://beacon.krxd.net/usermatch.gif?partner=madisonlogic&partner_uid=3625196176948068415
0
337 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?partner=madisonlogic&partner_uid=3625196176948068415
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Server
34.204.255.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-204-255-47.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 05:09:08 GMT
cache-control
private, no-cache, no-store
x-request-time
D=55 t=1645074548
x-served-by
beacon-n016-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Thu, 17 Feb 2022 05:09:08 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/html; charset=utf-8
Location
https://beacon.krxd.net/usermatch.gif?partner=madisonlogic&partner_uid=3625196176948068415
Cache-Control
private
Connection
keep-alive
Content-Length
211
Expires
Fri, 18 Feb 2022 00:09:08 GMT
/
www.facebook.com/tr/ Frame D60B
0
18 B
Document
General
Full URL
https://www.facebook.com/tr/
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
Origin
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/

Response headers

content-type
text/plain
access-control-allow-origin
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=0
date
Thu, 17 Feb 2022 05:09:09 GMT
ecm3
s.amazon-adsystem.com/ Frame 5E96
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=1444e67c-1bab-8b88-889d-530754b49687
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Feb 2022 05:09:09 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
JV0WW7SFDB1RE0AQEVBA
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 5E96
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yg3YdAAG1RV6CABH
43 B
180 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yg3YdAAG1RV6CABH
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Feb 2022 05:09:09 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 17 Feb 2022 05:09:09 GMT
via
1.1 varnish
server
Varnish
x-timer
S1645074549.249546,VS0,VE0
x-served-by
cache-yul12828-YUL
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yg3YdAAG1RV6CABH
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
d855fc45-97ad-a23b-7944-c765c3d0902e
pr-bh.ybp.yahoo.com/sync/openx/ Frame 5E96
43 B
991 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/d855fc45-97ad-a23b-7944-c765c3d0902e?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:efb6:c060:3207:6cbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 05:09:09 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
sd
us-u.openx.net/w/1.0/ Frame 5E96
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=4c929a01-0701-3072-4893-d1903c875d67&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=4c929a01-0701-3072-4893-d1903c875d67&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=6ec115a6-b8c6-4d04-b7cf-011668d723f5&ttd_puid=4c929a01-0701-3072-4893-d1903c875d67
43 B
62 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=6ec115a6-b8c6-4d04-b7cf-011668d723f5&ttd_puid=4c929a01-0701-3072-4893-d1903c875d67
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Feb 2022 05:09:09 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 17 Feb 2022 05:09:09 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=6ec115a6-b8c6-4d04-b7cf-011668d723f5&ttd_puid=4c929a01-0701-3072-4893-d1903c875d67
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
293
pixel
cm.g.doubleclick.net/ Frame 5E96
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjBmZDQ5Y2ItY2U3Ni02ZWQ2LTVkNzMtOGIyOWY2NjU5MzA3
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Feb 2022 05:09:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 5E96
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDx00nhRFOhu7c08doAztIg&google_cver=1
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDx00nhRFOhu7c08doAztIg&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Feb 2022 05:09:09 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 17 Feb 2022 05:09:09 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDx00nhRFOhu7c08doAztIg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 86E3
Redirect Chain
  • https://dmx.districtm.io/s/v1/users/10002
  • https://s.amazon-adsystem.com/ecm3?ex=dmx.com&id=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAyLCJ1c3IiOiJxZ1llc2dZYk1qVkVkbU5JVEVWek9UVmliWGw2YVhwWk1raGhhMlV5VTJWRCJ9.Q2jMHc0O2-oguVUwcqYvTG...
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=dmx.com&id=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAyLCJ1c3IiOiJxZ1llc2dZYk1qVkVkbU5JVEVWek9UVmliWGw2YVhwWk1raGhhMlV5VTJWRCJ9.Q2jMHc0O2-oguVUwcqYvTGNVun_WoVNXwuhKlVBk3SZuosDsXUCKE-0Eoipk0a2nEZCCvXs-HEEnpY8GA9c-Fg
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
Protocol
HTTP/1.1
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Feb 2022 05:09:09 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
CXWW7AGDQ2P7Z8KBEZV4
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Thu, 17 Feb 2022 05:09:09 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://s.amazon-adsystem.com/ecm3?ex=dmx.com&id=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAyLCJ1c3IiOiJxZ1llc2dZYk1qVkVkbU5JVEVWek9UVmliWGw2YVhwWk1raGhhMlV5VTJWRCJ9.Q2jMHc0O2-oguVUwcqYvTGNVun_WoVNXwuhKlVBk3SZuosDsXUCKE-0Eoipk0a2nEZCCvXs-HEEnpY8GA9c-Fg
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-allow-origin
https://cdn.districtm.io
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6dec807cf9713fdf-YYZ
access-control-allow-headers
Origin, Content-Type
content-length
0
match
c1.adform.net/serving/cookie/ Frame 0D8F
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=7FA3C964-8A29-4CB7-927F-A9B0E818EA92
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=7FA3C964-8A29-4CB7-927F-A9B0E818EA92
35 B
467 B
Document
General
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=7FA3C964-8A29-4CB7-927F-A9B0E818EA92
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 17 Feb 2022 05:09:09 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Thu, 17 Feb 2022 05:09:09 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=7FA3C964-8A29-4CB7-927F-A9B0E818EA92
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 0E51
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yg3YdAAG1RV6CABH&gdpr=0&gdpr_consent=
1 B
547 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yg3YdAAG1RV6CABH&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 16 Feb 2022 21:48:54 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
va2pug004:0:398
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Varnish
retry-after
0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yg3YdAAG1RV6CABH&gdpr=0&gdpr_consent=
accept-ranges
bytes
date
Thu, 17 Feb 2022 05:09:09 GMT
via
1.1 varnish
x-served-by
cache-yul12828-YUL
x-cache
HIT
x-cache-hits
0
x-timer
S1645074549.289536,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 5AB6
43 B
556 B
Document
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=7FA3C964-8A29-4CB7-927F-A9B0E818EA92&ex=pubmatic.com
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Server
Server
Date
Thu, 17 Feb 2022 05:09:09 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
RD102ZHNNMTB0QFZHVHG
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0A2A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=f6PJZIopTLeSf6mw6Bjqkg%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB
Image
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 05:09:09 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=39965
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Thu, 17 Feb 2022 16:15:14 GMT

Redirect headers

pragma
no-cache
date
Thu, 17 Feb 2022 05:09:09 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
458249.gif
idsync.rlcdn.com/ Frame 0A2A
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=7FA3C964-8A29-4CB7-927F-A9B0E818EA92
  • https://pippio.com/api/sync?pid=5324&it=1&iv=d3b4dac02aa471cd9dfd3e8df903f46257e5aa51260522509f1fa3be156f67d4791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBkM2I0ZGFjMDJhYTQ3MWNkOWRmZDNlOGRmOTAzZjQ2MjU3ZTVhYTUxMjYwNTIyNTA5ZjFmYTNiZTE1NmY2N2Q0NzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBkM2I0ZGFjMDJhYTQ3MWNkOWRmZDNlOGRmOTAzZjQ2MjU3ZTVhYTUxMjYwNTIyNTA5ZjFmYTNiZTE1NmY2N2Q0NzkxNDI2YjU0MTdkY2UyMRAAGgwI9bC3kAYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=c66f3f1a-d27a-48af-8eee-5f9eb3f6b38a
42 B
60 B
Image
General
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=c66f3f1a-d27a-48af-8eee-5f9eb3f6b38a
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Feb 2022 05:09:09 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=c66f3f1a-d27a-48af-8eee-5f9eb3f6b38a
date
Thu, 17 Feb 2022 05:09:09 GMT
via
1.1 google
x-samesite
secure
alt-svc
clear
content-length
111
content-type
text/html; charset=utf-8
SPug
image4.pubmatic.com/AdServer/ Frame 0A2A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=9c31620d-d875-4700-8aaa-f4be4888411e
0
260 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=9c31620d-d875-4700-8aaa-f4be4888411e
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 05:09:09 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 17 Feb 2022 05:09:09 GMT
Server
MT3 4133 baa842e master cdg-pixel-x24 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=9c31620d-d875-4700-8aaa-f4be4888411e
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 17 Feb 2022 05:09:08 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 0A2A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=N0ZBM0M5NjQtOEEyOS00Q0I3LTkyN0YtQTlCMEU4MThFQTky&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
341 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 05:09:09 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug019:0:420
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 17 Feb 2022 05:09:09 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 0A2A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELf0le0gClPWlGY5stwrSLU&google_cver=1
42 B
361 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELf0le0gClPWlGY5stwrSLU&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 05:09:09 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug018:0:482
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 17 Feb 2022 05:09:09 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELf0le0gClPWlGY5stwrSLU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 0A2A
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:1B55EB1C413341B7B075D7432670536F
42 B
225 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:1B55EB1C413341B7B075D7432670536F
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 05:09:09 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug004:0:643
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Thu, 17 Feb 2022 05:09:09 GMT
x-content-type-options
nosniff
server
nginx
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:1B55EB1C413341B7B075D7432670536F
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Wed, 16 Feb 2022 05:09:09 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 0A2A
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2790509209170058835&gdpr=0&gdpr_consent=&us_privacy=
1 B
323 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2790509209170058835&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 05:09:09 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug017:0:444
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2790509209170058835&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 17 Feb 2022 05:09:08 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 0A2A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7c3db795-87bc-407a-a70f-27243940d7c4
42 B
469 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7c3db795-87bc-407a-a70f-27243940d7c4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 21:56:18 GMT
cache-control
no-store, no-cache, private
x-lat
va2pug010:0:465
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 17 Feb 2022 05:09:09 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7c3db795-87bc-407a-a70f-27243940d7c4
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
ecm3
s.amazon-adsystem.com/ Frame 8EC1
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=KZQIWU27-X-84BV
  • https://s.amazon-adsystem.com/ecm3?id=KZQIWU27-X-84BV&ex=d-rubiconproject.com&status=ok
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=KZQIWU27-X-84BV&ex=d-rubiconproject.com&status=ok
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Feb 2022 05:09:09 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
CYSJAW5CYRHM4A2FCAD6
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://s.amazon-adsystem.com/ecm3?id=KZQIWU27-X-84BV&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
ad49a0f18e050afeb6359164ab3bd56e
Expires
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012202072236000/ Frame 6440
220 KB
61 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012202072236000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
332dd9d8872171a7ce122129c088ef587eb876ee04f178f5e62310dff3747514
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
213759
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61519
x-xss-protection
0
server
sffe
date
Mon, 14 Feb 2022 17:46:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"609f9f524fc23ab6"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 14 Feb 2023 17:46:30 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 6440
16 KB
6 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012202072236000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
372ddb86deaa3e11e5a4b1eec16924bcd6e6232bc8bab79338426b2faff7e7dd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
213759
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5708
x-xss-protection
0
server
sffe
date
Mon, 14 Feb 2022 17:46:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4c9170e21c83610c"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 14 Feb 2023 17:46:30 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 6440
96 KB
29 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012202072236000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af42f8a986eefec222a68474cc9c9591028b07b082157631d810ecbbf4a652fe
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
213759
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29623
x-xss-protection
0
server
sffe
date
Mon, 14 Feb 2022 17:46:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"f660f99fdfd5d6c6"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 14 Feb 2023 17:46:30 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 6440
5 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012202072236000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3ef00ccf0d1329768a9546012c96ecb5ac031695b0418da9ae3297979ad60bb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
213759
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1844
x-xss-protection
0
server
sffe
date
Mon, 14 Feb 2022 17:46:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"b0f41eb8e6d0a727"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 14 Feb 2023 17:46:30 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 6440
42 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012202072236000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93b1f78578f169d4f472ecda3c79d72e81fa9e199bdb979d13139f5ddbe5a06d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
213759
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13623
x-xss-protection
0
server
sffe
date
Mon, 14 Feb 2022 17:46:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"14164defe327400f"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 14 Feb 2023 17:46:30 GMT
truncated
/ Frame 6440
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
27b5f4065ae5a23819d6b774a51cde9d6cf95abad8c14b42e54983376ecc1dd9

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
16840534357766838891
tpc.googlesyndication.com/daca_images/simgad/ Frame 6440
109 KB
109 KB
Image
General
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/16840534357766838891
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ae23e29c8932182a6fd6d7e2718a19fcba33519a4f9a87c28ab53c1d87feb05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 13:04:37 GMT
x-content-type-options
nosniff
age
230672
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
111746
x-xss-protection
0
last-modified
Fri, 31 Dec 2021 20:11:44 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 14 Feb 2023 13:04:37 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6440
2 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:24:30 GMT
x-content-type-options
nosniff
server
cafe
age
42279
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Thu, 17 Feb 2022 17:24:30 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6440
295 B
399 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 00:17:40 GMT
x-content-type-options
nosniff
server
cafe
age
17489
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 18 Feb 2022 00:17:40 GMT
B10474315.325077534;dc_pre=CMvJl6H8hfYCFQRCDQod0pkHjw;dc_trk_aid=517454269;dc_trk_cid=164133779;ord=3948357834;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N349404.134426GOOGLEDISPLAYNETWO/ Frame 6440
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N349404.134426GOOGLEDISPLAYNETWO/B10474315.325077534;dc_trk_aid=517454269;dc_trk_cid=164133779;ord=3948357834;dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
  • https://ad.doubleclick.net/ddm/trackimp/N349404.134426GOOGLEDISPLAYNETWO/B10474315.325077534;dc_pre=CMvJl6H8hfYCFQRCDQod0pkHjw;dc_trk_aid=517454269;dc_trk_cid=164133779;ord=3948357834;dc_lat=;dc_rd...
42 B
63 B
Image
General
Full URL
https://ad.doubleclick.net/ddm/trackimp/N349404.134426GOOGLEDISPLAYNETWO/B10474315.325077534;dc_pre=CMvJl6H8hfYCFQRCDQod0pkHjw;dc_trk_aid=517454269;dc_trk_cid=164133779;ord=3948357834;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H3
Server
142.250.64.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Feb 2022 05:09:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 17 Feb 2022 05:09:09 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N349404.134426GOOGLEDISPLAYNETWO/B10474315.325077534;dc_pre=CMvJl6H8hfYCFQRCDQod0pkHjw;dc_trk_aid=517454269;dc_trk_cid=164133779;ord=3948357834;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 6440
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C_R5VdNgNYsqTJ8WQxAPgxIr4CZ_p_bloyZu56sMPn8e9mKQaEAEg4pn9D2B9oAHw8JX6A8gBAuACAKgDAcgDCKoEkgJP0DutietdqYfHAv7VzeiV1dJ7qxUbQ8OGMFgFxQsDVSzdOgEu-0LslYAvvZD5_7Xmt9qAmkjWcJs2Cad-8U4QoVb-GMhoNwMkLwTeJP9RtbvGp5lAYJ0MURGavpl5LvmcBFAJhlk63bv3GyZiQoYrhapUW2nBIBcyKcUtUvxqmOD9AQ4cYhpcMuGCZ0p272wSYD86e743Knb5L1WvLl2FzH-QNhanDgitGEe0NPpvVqIxHQZ2qB-kdx0DcMk5Be6b6R2bdlnjSu64McfFwt84l6X63z3d-NA4zweZwmlCzuoR4o73tOmiq9aFulQRZxsf5XcU1G3fZouwtrW5r1LKpVzvkdBeObicstbbjB1YmCIBwASauJbd9QPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHk8OjbqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEOGUCtIIBwiAYRABGF2ACgPICwHYEw3QFQGAFwGyFx4KHAgAEhRwdWItNTYxMTA1MzY2MjYxMzM5MBjN9RE&sigh=PIVzR4rXDVE&uach_m=[UACH]
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

amp4ads-v0.mjs
cdn.ampproject.org/rtv/012202072236000/ Frame 5513
220 KB
60 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012202072236000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
332dd9d8872171a7ce122129c088ef587eb876ee04f178f5e62310dff3747514
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
213759
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61519
x-xss-protection
0
server
sffe
date
Mon, 14 Feb 2022 17:46:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"609f9f524fc23ab6"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 14 Feb 2023 17:46:30 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 5513
16 KB
6 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012202072236000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
372ddb86deaa3e11e5a4b1eec16924bcd6e6232bc8bab79338426b2faff7e7dd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
213759
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5708
x-xss-protection
0
server
sffe
date
Mon, 14 Feb 2022 17:46:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4c9170e21c83610c"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 14 Feb 2023 17:46:30 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 5513
96 KB
29 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012202072236000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af42f8a986eefec222a68474cc9c9591028b07b082157631d810ecbbf4a652fe
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
213759
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29623
x-xss-protection
0
server
sffe
date
Mon, 14 Feb 2022 17:46:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"f660f99fdfd5d6c6"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 14 Feb 2023 17:46:30 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 5513
5 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012202072236000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3ef00ccf0d1329768a9546012c96ecb5ac031695b0418da9ae3297979ad60bb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
213759
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1844
x-xss-protection
0
server
sffe
date
Mon, 14 Feb 2022 17:46:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"b0f41eb8e6d0a727"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 14 Feb 2023 17:46:30 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 5513
42 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012202072236000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93b1f78578f169d4f472ecda3c79d72e81fa9e199bdb979d13139f5ddbe5a06d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
213759
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13623
x-xss-protection
0
server
sffe
date
Mon, 14 Feb 2022 17:46:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"14164defe327400f"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 14 Feb 2023 17:46:30 GMT
css
fonts.googleapis.com/ Frame 5513
6 KB
669 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=en
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2ddefcdc9f260c5ffeb93fed110fe9d929028226f9a2d8a4934ea52b546e9640
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 17 Feb 2022 04:51:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 17 Feb 2022 05:09:09 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 17 Feb 2022 05:09:09 GMT
css
fonts.googleapis.com/ Frame 5513
4 KB
618 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500&text=
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 17 Feb 2022 04:47:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 17 Feb 2022 05:09:09 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 17 Feb 2022 05:09:09 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5513
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:24:30 GMT
x-content-type-options
nosniff
server
cafe
age
42279
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Thu, 17 Feb 2022 17:24:30 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5513
295 B
319 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 00:17:40 GMT
x-content-type-options
nosniff
server
cafe
age
17489
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 18 Feb 2022 00:17:40 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/4124671293962853802/ Frame 5513
22 KB
22 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/4124671293962853802/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIqgIQnAEYASABLQAAAD8wqgI4nAFFAACAPw&rs=AOga4qlEwhhDTlXHEBG4F2FEHxcT3odpCw
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4720813879c72dc166e13c4ed47fe347f3ed62eed212480aa26ccb04c99778f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 05:09:09 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22228
x-xss-protection
0
last-modified
Mon, 26 Oct 2020 13:28:18 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 17 Feb 2023 05:09:09 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/7388400811802555172/ Frame 5513
22 KB
22 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/7388400811802555172/downsize_200k_v1?sqp=4sqPyQSLAUKIAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-Mg8I2AQQ2AQYASABLQAAAD8&rs=AOga4qluoEYdlss23obYqbHgXyqJTadAuA
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0ccf2c64e69cb1e4f78e484f9c5282a53d69688eae73e9113605b1470b77a7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 21:56:15 GMT
x-content-type-options
nosniff
age
285174
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22270
x-xss-protection
0
last-modified
Fri, 23 Oct 2020 20:39:51 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 13 Feb 2023 21:56:15 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 5513
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C333-dNgNYsuTJ8WQxAPgxIr4Ccmk285gwsWmtNII8YPi4dMaEAEg4pn9D2B9oAHP8-3GA8gBBuACAKgDAcgDCqoEqAJP0MtjW1XHoD7nchOlGab4JUifHEAHgiBBlt4-uF2YbPAzaFSVHmp3LiSgipwb_abyGGmVMZBLC4W-3gAqFOl3SNma44EcrEgdIwpOpyDWjOO8BX8xqErzHP6wI8szA3ZlPXAzWZWQQNM5z6dPVOSurl39_GStnVD7fTOfYGOqTO1iGCs4gBfRdjzhovyXNoaF4SGJTvniR2r4QYm0_eTCvfc9BZZ43893r4Hwq9SpoX5-4p9RdHZVMpCgIDTncKvXCGZCKNiurrxELgOKI3jmgLlFBLNzYMXL0M_el9Pclfa7Lrf9TWHyA1EPVTyj-H8VH4jYaEcCt6QRaehOUD7EyECMGnztggFRkbJ7T1ChISB3Nwja5SVNYsyMee-QETurCOc_XPBEBsAE5KuItIUC4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBjeAB5mMkjmoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDhlArSCAcIgGEQARhdgAoDyAsB2BMNiBQK0BUBgBcBshceChwIABIUcHViLTU2MTEwNTM2NjI2MTMzOTAYzfUR&sigh=fmE-QoTf-LE&uach_m=[UACH]&template_id=492
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

jload
pixel.adsafeprotected.com/ Frame 9DB2
47 KB
13 KB
Script
General
Full URL
https://pixel.adsafeprotected.com/jload?anId=928934&campId=5x5&pubId=4811995650&chanId=21809871911&placementId=5900230719&pubCreative=138379291044&pubOrder=2975178441&cb=782100468&custom=index&custom2=1&adsafe_par&impId=bc0649aa-8faf-11ec-8885-02858871ae57
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.87.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-87-232.compute-1.amazonaws.com
Software
/
Resource Hash
2e0167dcb40268ac75cd27dc5037079ba7a81a262a4e659840fe840a00ebdf1f

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Feb 2022 05:09:09 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C5E6
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvEr9wwBnups9omI9sbc7tLQyh7bsgw7g3cLcT9mpJ-FxXf50aXfGzBCZrxAcoEu53upmu7fDg-Bl5ssP9dmwRGF2Rj_0jqvLGHiUhoDCOz7dl4JhZQNikTagIJ7Mw2G2inA8Qruz3Y1n9GmkURlfIOh5vFQQUIvzSG3DxB2V3xwppaJ_UrVnQEW7Pr7ahy8vlAiuHY6n9kscLcQfPWqT2H_Yif-4XopuKzMqK1tC9rs-_NNrnIdoBSxNtjQ2DbwYVbTeBm6S1CM4JL3hH9tezXcoZBgfusALu7WoIwoduFVN8SNsCvvl-mncLnULu7LxjYPsLNEs_sezGDTJ7T34UdQwNZuhv41tmJdhaLCMo2w2grhjHoKFTM&sai=AMfl-YQJBv-ZtEvpD6gQjrQQrXaQDWCUYfK2K5hrckq121jiQRS5bjR1IZ0bsC4PoxZzlHEjl3NaEecrMk9n4Nq9r9yRCoKsmfApqwIZWXJmKywnAPE3wlLrpujOKTl7g4R_9iLqMW74Z0JC7n3EcX4v&sig=Cg0ArKJSzO7JZi5xljdFEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Feb 2022 05:09:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
11059141
ib.3lift.com/dtj/Promoted_By_Desktop/ Frame C5E6
6 KB
3 KB
Script
General
Full URL
https://ib.3lift.com/dtj/Promoted_By_Desktop/11059141?ct=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjss0jaG0vhRB37XMpMRv1m71se7p9pEhMnrUhzSowE4Fnxk02qbO3n_2kcqbjTrSQDHiG2g35PO5h1SaDQB4slSytbVqc9QJiZhz-fDP6bAlKQTQ-Jd-ql5YDjqizUcFLNmqFd0f5c7YIEmNR49u5QTqWP8OAS3Oz2AlBWRW5gfufQy7Uq7WD_B80wVibbn0TPAxnXDsWoQ2DrYGcEkazZj3ocKYvaoNRDZXvrGe27O9tnIOe7t7q6ff2grmUYEZSUOdCJMyM3AK7xIiaoVPcm86GV_YagSr3IDdoEsZUHexDUCqKd03K0dZyLcmrKKgS9u5mR76Bf_jgmlaz_ycRhRZAogukNMskn9rQr0iX-9GKvDv-Xje%2526sai%253DAMfl-YQul3-npy-sgPpFTraoJj6JpIFFsvT7NflhmryQjHbIg56FaSfWpEOAhFepIzhMPH79Ngmpcdhq_cQveaDXOisROIdhWnTo0lfr44-nRyMdMlfnAzC0QCtJX2HPIWarE0PwM7R4SafUfbGnx8Qi%2526sig%253DCg0ArKJSzJrr6wee8BuqEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-22.ewr53.r.cloudfront.net
Software
/
Resource Hash
28ccdeaf1c5104e943728d922b8734153f7e57bd6762b4c7b28eec454cccd86b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 05:09:09 GMT
via
1.1 79455aeea26d3c071fd96c3c1432669a.cloudfront.net (CloudFront)
age
705
etag
"0fcb964ba406624ed46b17b8540833c8"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=900
x-amz-cf-pop
EWR53-P1
content-encoding
gzip
content-length
2676
x-amz-cf-id
9WNKuhmZCvRJvK9QOUznOLMXAhlXOUim6rwBw4UhcTan9nzKvVzR1g==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C5E6
124 KB
38 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 05:09:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38723
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645015031201889"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 17 Feb 2022 05:09:09 GMT
tap.php
pixel.rubiconproject.com/ Frame 8EC1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHJQz7Yw81MXLW6aTJr0FN0&google_cver=1
42 B
678 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHJQz7Yw81MXLW6aTJr0FN0&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
10af108baa8103fb427a2cc0433d74a0
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 17 Feb 2022 05:09:09 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHJQz7Yw81MXLW6aTJr0FN0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
ads.yahoo.com/cms/ Frame 8EC1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZQIWU27-X-84BV&sigv=1&esig=2~1b3c1f4c3fe81139eb35ef6c211342da2ceb3c65
0
194 B
Image
General
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZQIWU27-X-84BV&sigv=1&esig=2~1b3c1f4c3fe81139eb35ef6c211342da2ceb3c65
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H2
Server
2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 05:09:09 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZQIWU27-X-84BV&sigv=1&esig=2~1b3c1f4c3fe81139eb35ef6c211342da2ceb3c65
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b3266a43228eaeab48f59934ee9159da
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 8EC1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmQ5OWU0YjU2YmUzNDkyNmExMTQ0ZDMwNmVlN2NiODQ0NjNjOThkYw
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmQ5OWU0YjU2YmUzNDkyNmExMTQ0ZDMwNmVlN2NiODQ0NjNjOThkYw
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Feb 2022 05:09:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmQ5OWU0YjU2YmUzNDkyNmExMTQ0ZDMwNmVlN2NiODQ0NjNjOThkYw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b3266a43228eaeab48f59934ee9159da
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 8EC1
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=9c31620d-d875-4700-8aaa-f4be4888411e&expires=28
42 B
678 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=9c31620d-d875-4700-8aaa-f4be4888411e&expires=28
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
ad49a0f18e050afeb6359164ab3bd56e
Content-Type
image/gif

Redirect headers

Date
Thu, 17 Feb 2022 05:09:09 GMT
Server
MT3 4133 baa842e master cdg-pixel-x3 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=9c31620d-d875-4700-8aaa-f4be4888411e&expires=28
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 17 Feb 2022 05:09:08 GMT
709414.gif
id.rlcdn.com/ Frame 8EC1
42 B
301 B
Image
General
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Feb 2022 05:09:09 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
tap.php
pixel.rubiconproject.com/ Frame 8EC1
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=Yg3YdAAG1RV6CABH
42 B
678 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=Yg3YdAAG1RV6CABH
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
ad49a0f18e050afeb6359164ab3bd56e
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 17 Feb 2022 05:09:09 GMT
via
1.1 varnish
server
Varnish
x-timer
S1645074550.512025,VS0,VE0
x-served-by
cache-yul12828-YUL
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=Yg3YdAAG1RV6CABH
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tap.php
pixel.rubiconproject.com/ Frame 8EC1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/Y4frTM95XenQJUuhX7AoCA?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3123417347365743647
42 B
678 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3123417347365743647
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
ad49a0f18e050afeb6359164ab3bd56e
Content-Type
image/gif

Redirect headers

date
Thu, 17 Feb 2022 05:09:09 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3123417347365743647
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame 8EC1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pRSVdVMjctWC04NEJW
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pRSVdVMjctWC04NEJW
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Feb 2022 05:09:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pRSVdVMjctWC04NEJW
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ab995a74221271a8dc253760ec78ee1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
si
googleads.g.doubleclick.net/pagead/drt/ Frame 6440
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H3
Server
2607:f8b0:4006:816::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

date
Thu, 17 Feb 2022 05:09:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
truncated
/ Frame 5513
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f1978a52716afa22c51987b900182d2ab31bc35ce910c0565c4e7ed66642d0fa

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 5513
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 16:23:56 GMT
x-content-type-options
nosniff
age
132313
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 15 Feb 2023 16:23:56 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 5513
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 00:09:49 GMT
x-content-type-options
nosniff
age
363560
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Mon, 13 Feb 2023 00:09:49 GMT
main.gr.19.8.289.js
static.adsafeprotected.com/ Frame 9DB2
189 KB
60 KB
Script
General
Full URL
https://static.adsafeprotected.com/main.gr.19.8.289.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=928934&campId=5x5&pubId=4811995650&chanId=21809871911&placementId=5900230719&pubCreative=138379291044&pubOrder=2975178441&cb=782100468&custom=index&custom2=1&adsafe_par&impId=bc0649aa-8faf-11ec-8885-02858871ae57
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:4400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b048e01655cdf47f739c288fc4195c26de3883db4ebc4368242fa38b0ca0062d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 17:07:08 GMT
content-encoding
gzip
age
129722
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 15 Feb 2022 16:52:16 GMT
server
AmazonS3
etag
W/"e894d9dd87d5e06b21396e04a0c29127"
vary
Accept-Encoding
x-amz-version-id
QoliWv7Zm09sOtt_1ftKxG1EPIuNscaU
via
1.1 560ae23eb11e8a754d4876989783ad5e.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
EWR53-P1
content-type
application/javascript
x-amz-cf-id
bDsRNPDul1usR59MXht-trxmRRB69LXrDSgdW9DKEj9Bi2CVJWZg6g==
si
googleads.g.doubleclick.net/pagead/drt/ Frame 5513
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H3
Server
2607:f8b0:4006:816::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

date
Thu, 17 Feb 2022 05:09:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
bundle.js
ib.3lift.com/rev/e0fe24527bfcc9eed4763b29ecf9b752e4f172b0/dist/ Frame C5E6
246 KB
79 KB
Script
General
Full URL
https://ib.3lift.com/rev/e0fe24527bfcc9eed4763b29ecf9b752e4f172b0/dist/bundle.js
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/dtj/Promoted_By_Desktop/11059141?ct=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjss0jaG0vhRB37XMpMRv1m71se7p9pEhMnrUhzSowE4Fnxk02qbO3n_2kcqbjTrSQDHiG2g35PO5h1SaDQB4slSytbVqc9QJiZhz-fDP6bAlKQTQ-Jd-ql5YDjqizUcFLNmqFd0f5c7YIEmNR49u5QTqWP8OAS3Oz2AlBWRW5gfufQy7Uq7WD_B80wVibbn0TPAxnXDsWoQ2DrYGcEkazZj3ocKYvaoNRDZXvrGe27O9tnIOe7t7q6ff2grmUYEZSUOdCJMyM3AK7xIiaoVPcm86GV_YagSr3IDdoEsZUHexDUCqKd03K0dZyLcmrKKgS9u5mR76Bf_jgmlaz_ycRhRZAogukNMskn9rQr0iX-9GKvDv-Xje%2526sai%253DAMfl-YQul3-npy-sgPpFTraoJj6JpIFFsvT7NflhmryQjHbIg56FaSfWpEOAhFepIzhMPH79Ngmpcdhq_cQveaDXOisROIdhWnTo0lfr44-nRyMdMlfnAzC0QCtJX2HPIWarE0PwM7R4SafUfbGnx8Qi%2526sig%253DCg0ArKJSzJrr6wee8BuqEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-22.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e2ed6f4144d1c12483676cbd0bbb32aa7b23d7b7f54709176c16c782ca668dfe

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 17:46:49 GMT
content-encoding
gzip
last-modified
Tue, 18 Jan 2022 20:27:26 GMT
server
AmazonS3
age
472941
etag
"5c3d88435f7bf18aebb1be8c86371794"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 79455aeea26d3c071fd96c3c1432669a.cloudfront.net (CloudFront)
cache-control
max-age=31536000, immutable
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-length
80392
x-amz-cf-id
npbsD7dAhGHq1Lcj1bXrc4MZYpcmVFxIlsxaVKufVtZPIvt5cHCnZg==
truncated
/ Frame C5E6
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a4cb0a0d555575e54f843cc6e3a52d9eb1db6c9f0b4f3c7ad4e9fbd4ed4ca569

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
adserving
tlx.3lift.com/web/ Frame 8D24
1 KB
1 KB
Script
General
Full URL
https://tlx.3lift.com/web/adserving?inv_code=Promoted_By_Desktop&referrer=https%3A%2F%2Fgcp-bc-784-ontariofarmer.gdev.postmedia.digital%2F&rev=e0fe245&fe=0&ft=1&cb=9761425052&tid=11059141&n=1
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/e0fe24527bfcc9eed4763b29ecf9b752e4f172b0/dist/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.225.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-225-169.compute-1.amazonaws.com
Software
/
Resource Hash
d54976fac967bda7d356a067c6da1a7eda333db09dadde273be99f5309bc3dac
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Feb 2022 05:09:10 GMT
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate
content-type
application/javascript; charset=utf-8
content-length
635
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C5E6
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss9uZduOFVPvOUVOGnfDGA6BVcGLMoY5lxFAEV2wFI8yDIJwKMmMA0aHI7ec58fggF_9qGncOKftIzlBnLjguI4zo0DMc9kcueR-dTmXrLJISWKEkA-mxd-RmwpUCJIrCNZJrrdpf9UaegdBM_C3SJPCPaTv63wTlk_X44i6dCJd3Sca9HHTOJW4-b7fB574j5_6zugRkPUQwPeI8yDjENFQ0bif9Q84NZF-E-bm9fiXSz2NWvGB3IAcZBLM-crMF6gtQNe75f2bepyjM3fv24geLfV-yib8TbAgo5ONu4c7W_mB6may6OZz_wXo2F81EzsEZse2b6OPtxpJp49O1FZprcuDPgguEuLYFqDcTusBfBU9kRbKhexkPc&sai=AMfl-YRkRDDVnJMiqsbpsxya7zpOu8QQjdmYqxoHT57nmisISbo_Y2CILOXLfbW8ADHE6YJynW1qI3OXegKX18wG9YtUzKpErBST0LdQHV8wv6uyuIUHny9vTETnVS5kKFx9No-0n0hIyGyUr-et-cDV&sig=Cg0ArKJSzHbsyl3y1b6EEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Feb 2022 05:09:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 17 Feb 2022 05:09:09 GMT
sca.17.5.12.js
static.adsafeprotected.com/ Frame A469
80 KB
21 KB
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:4400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 03:16:10 GMT
content-encoding
gzip
age
7091580
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 560ae23eb11e8a754d4876989783ad5e.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
EWR53-P1
content-type
application/javascript
x-amz-cf-id
ra9BbcksGAxa0jk3vz4dPMOL-hkGE7CR6Nx83idzJAHent4IQ-naKQ==
mon
pixel.adsafeprotected.com/
43 B
216 B
Image
General
Full URL
https://pixel.adsafeprotected.com/mon?anId=928934&campId=5x5&pubId=4811995650&chanId=21809871911&placementId=5900230719&pubCreative=138379291044&pubOrder=2975178441&cb=782100468&custom=index&custom2=1&adsafe_par&impId=bc0649aa-8faf-11ec-8885-02858871ae57&adsafe_url=https%3A%2F%2Fgcp-bc-784-ontariofarmer.gdev.postmedia.digital%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:77346cfd-c4ae-3027-f293-e475d98eb657,c:4s4xgQ,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-6555bd7bd4-srx4q,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:765.1112.5.5,am:i,cc:765.1112.5.5,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,mtim:215,fm:sXFH9Z7+11%7C12%7C13%7C1411%7C14121%7C14122%7C14123%7C1413%7C1414%7C1415%7C1416%7C1417%7C1418%7C1419%7C15%7C16%7C17%7C18*.928934%7C181%7C182,idMap:18*,pl:,rmeas:1,rend:0,renddet:DIV.us.sn,es:0,sc:1,ha:1,fgad:0,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:240,oid:bd0eb917-8faf-11ec-bab2-263aff238860,v:19.8.289,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.87.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-87-232.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Feb 2022 05:09:10 GMT
x-server-name
app14.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/
43 B
216 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=77346cfd-c4ae-3027-f293-e475d98eb657&tv=%7Bc:4s4xil,pingTime:-2,time:332,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:221,beZ:223,mfA:436,cmA:438,inA:438,inZ:445,prA:445,prZ:451,si:461,poA:462,poZ:495,cmZ:495,mfZ:495,loA:537,loZ:540,ltA:553,ltZ:553%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:5,h:5,t:239%7D%5D,es:0,sc:1,ha:1,fgad:0,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:332,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:238,wc:0.0.1600.1200,ac:765.1112.5.5,am:i,cc:765.1112.5.5,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B111~0%5D,as:%5B111~5.5%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sXFH9Z7+11%7C12%7C13%7C1411%7C14121%7C14122%7C14123%7C1413%7C1414%7C1415%7C1416%7C1417%7C1418%7C1419%7C15%7C16%7C17%7C18*.928934%7C181%7C182,idMap:18*,rmeas:1,rend:0,renddet:DIV.us.sn,slid:%5Bgoogle_ads_iframe_/3081/SMCO_ENCO_MAGOnFarmer_EN_WEB/index_2,google_ads_iframe_/3081/SMCO_ENCO_MAGOnFarmer_EN_WEB/index_2__container__,ad-native-1,ad__inner-native-1,a3dee0667133faf730c6f42011e658a2,main-content%5D,sinceFw:90,readyFired:true%7D&br=u
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.222.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-222-75.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Feb 2022 05:09:10 GMT
x-server-name
dt08.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
r
eb2.3lift.com/
37 B
139 B
Image
General
Full URL
https://eb2.3lift.com/r?inv_code=Promoted_By_Desktop&aid=5415635618879389673600&rev=e0fe245&ss=0&bc=0.0&pr=un&brid=1&bmid=0&advid=46559&clid=10660788&biid=0&tid=11059141&adid=&bcud=0&ts=1645074550&caid=11014948&unid=0&domain=gcp-bc-784-ontariofarmer.gdev.postmedia.digital&ref=https%253A%252F%252Fgcp-bc-784-ontariofarmer.gdev.postmedia.digital%252F&rr=creative&fid=1&rb=0&g=0&cb=92253
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 05:09:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
lp
img.3lift.com/ Frame 0933
120 B
413 B
Script
General
Full URL
https://img.3lift.com/lp?width=334&height=258&url=%2F%2Fimages.3lift.com%2F15221614.jpg&logo_exclude=&v=15
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/e0fe24527bfcc9eed4763b29ecf9b752e4f172b0/dist/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.143.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-143-123.ewr52.r.cloudfront.net
Software
/
Resource Hash
e64a35469e5e943866d38eececaf67dc98d02af2786076a33bbac5aa15f173f3

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 11:07:40 GMT
via
1.1 983a291908f1fa8f6ee8dc2761eb6b2c.cloudfront.net (CloudFront)
last-modified
Wed, 16 Feb 2022 11:07:40 GMT
age
64890
x-cache
Hit from cloudfront
content-type
text/plain; charset=utf-8
cache-control
public, max-age=86400
x-amz-cf-pop
EWR52-C2
content-length
120
x-amz-cf-id
vus2iJ-eXNXS938cSrbpiEoKf4iCkD9dyCgGnvtM98Um_5D8sIXwbQ==
/
img.3lift.com/ Frame C5E6
27 KB
27 KB
Image
General
Full URL
https://img.3lift.com/?width=334&height=258&url=%2F%2Fimages.3lift.com%2F15221614.jpg&logo_exclude=&v=15
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.143.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-143-123.ewr52.r.cloudfront.net
Software
/
Resource Hash
c19f104f71391238db367f28c1fde806e07b3c3674367f8c0511559fdd5c23cc

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 08:49:13 GMT
via
1.1 983a291908f1fa8f6ee8dc2761eb6b2c.cloudfront.net (CloudFront)
age
73197
etag
"ea829b94f12d1b15c0a6e429973e2b41"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=86400
x-amz-cf-pop
EWR52-C2
content-length
27387
x-amz-cf-id
PMr6w3n2_zZIfOaMHsdW9IsCgN9YitpdF9qUqoCDX-HvTnYJfeWixg==
OBA_TRANS.png
ib.3lift.com/static/buttons/edaa/ Frame C5E6
3 KB
3 KB
Image
General
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-22.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 17:46:49 GMT
via
1.1 79455aeea26d3c071fd96c3c1432669a.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:36 GMT
server
AmazonS3
age
472941
etag
"ddf020e069f1706b72b7698b28fede09"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-length
3125
x-amz-cf-id
A-GEuawKfXmg71mvWOON2TwymUlM7S8Lrl57ragMAeOToEDgNQ-vjg==
OBA_UK.png
ib.3lift.com/static/buttons/edaa/ Frame C5E6
3 KB
4 KB
Image
General
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_UK.png
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-22.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 17:46:49 GMT
via
1.1 79455aeea26d3c071fd96c3c1432669a.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:31 GMT
server
AmazonS3
age
472941
etag
"7ceab27af00fa466072a3c3360041755"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-length
3518
x-amz-cf-id
qm5E8iXA99ss3hv_fNgFnaC6fWFhRXx9iySALo0jAwtQTOf91em6kg==
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=77346cfd-c4ae-3027-f293-e475d98eb657&tv=%7Bc:4s4xjC,time:411,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:0,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:412,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:238,wc:0.0.1600.1200,ac:765.1112.5.5,am:i,cc:765.1112.5.5,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B191~0%5D,as:%5B191~5.5%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sXFH9Z7+11%7C12%7C13%7C1411%7C14121%7C14122%7C14123%7C1413%7C1414%7C1415%7C1416%7C1417%7C1418%7C1419%7C15%7C16%7C17%7C18*.928934%7C181%7C182,idMap:18*,rmeas:1,rend:0,renddet:DIV.us.sn%7D&br=u
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.222.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-222-75.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Feb 2022 05:09:10 GMT
x-server-name
dt11.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
optout_check
beacon.krxd.net/
82 B
241 B
Script
General
Full URL
https://beacon.krxd.net/optout_check?callback=Krux.ns.postmedia.kxjsonp_optOutCheck
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.204.255.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-204-255-47.compute-1.amazonaws.com
Software
/
Resource Hash
58ea61d73979188a8b0c9f96ba23b29f1cc88fe7e3d4f9bbf874a06ac3ab005f

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 05:09:10 GMT
cache-control
private, max-age=0, s-max-age=0
x-request-time
D=30 t=1645074550
x-served-by
beacon-n015-ash-prod.krxd.net
content-type
text/javascript
get
cdn.krxd.net/userdata/
364 B
510 B
Script
General
Full URL
https://cdn.krxd.net/userdata/get?pub=42fb57ac-2013-45a6-8dad-332d53e17c1b&technographics=1&callback=Krux.ns.postmedia.kxjsonp_userdata
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
589dd97ce9a8e5bd5bb1c5237ddf7c80f15c8faf2c557bc96e9b3ada06e49768

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_userdata_ash_prod_krxd_net___UserData_Service_V2
date
Thu, 17 Feb 2022 05:09:10 GMT
content-encoding
gzip
age
0
x-served-by
userdata-a011-ash-prod.krxd.net, cache-yul12833-YUL
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript
via
1.1 varnish
cache-control
private, max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1645074550.189628,VS0,VE18
content-length
282
x-cache-hits
0, 0
sodar
pagead2.googlesyndication.com/getconfig/
13 KB
10 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022021401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f00c05629967b8cc244bc5c5d0718d295b793448bdfa564620b1d4c84c53c580
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Feb 2022 05:09:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9891
x-xss-protection
0
ribn-postmedia.min.js
assets.ribn.com/v2/production/
13 KB
4 KB
Script
General
Full URL
https://assets.ribn.com/v2/production/ribn-postmedia.min.js
Requested by
Host: gcp-bc-784-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:a800:7:75d4:e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c81cab8c63d469329c0e0724770c6c8622f0d5d1fb8b6f919b6d7dddfadba190

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 23:11:23 GMT
content-encoding
gzip
last-modified
Wed, 01 Sep 2021 18:06:03 GMT
server
AmazonS3
age
21480
etag
W/"baaa6497dd2dea88d8fdb6d6cca08cf2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a034e5b3e703810e3023d56d31897ebc.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-P1
x-amz-cf-id
qR4E_e5XrL0qDCEfLXuHq5CCRCMdR0OMHDj-atRhv0LMobUaBPkCxA==
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/10276888/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
350 B
Script
General
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol
H2
Server
52.85.61.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-125.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 04:45:23 GMT
via
1.1 52b969a4ab7956a248b07efba57c92a4.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
last-modified
Mon, 01 Mar 2021 20:42:20 GMT
server
AmazonS3
age
1428
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-length
0
x-amz-cf-id
50JPn6ncZjIh5cxOZTQbz4IR8qONVakkZsvNIfCTrteSA8jiR8leEQ==

Redirect headers

date
Thu, 17 Feb 2022 05:09:10 GMT
via
1.1 52b969a4ab7956a248b07efba57c92a4.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-P1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
/internal-c2/default/cs.js
content-length
48
x-amz-cf-id
Mfdzrm0phSvzpwPfFBYSbWxAuUcN3Jk8kfPDL7XfaJ_daXSX8koFtQ==
/
img.3lift.com/
27 KB
27 KB
Image
General
Full URL
https://img.3lift.com/?width=334&height=258&url=%2F%2Fimages.3lift.com%2F15221614.jpg&logo_exclude=&v=15
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/e0fe24527bfcc9eed4763b29ecf9b752e4f172b0/dist/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.143.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-143-123.ewr52.r.cloudfront.net
Software
/
Resource Hash
c19f104f71391238db367f28c1fde806e07b3c3674367f8c0511559fdd5c23cc

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 08:49:13 GMT
via
1.1 983a291908f1fa8f6ee8dc2761eb6b2c.cloudfront.net (CloudFront)
age
73197
etag
"ea829b94f12d1b15c0a6e429973e2b41"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=86400
x-amz-cf-pop
EWR52-C2
content-length
27387
x-amz-cf-id
csMdKjPIofNoV8BD-ME2BqFzBGJ-fKnDLKyKHmlBaH1eoTSd61tNQg==
aop
eb2.3lift.com/
37 B
139 B
Image
General
Full URL
https://eb2.3lift.com/aop?inv_code=Promoted_By_Desktop&aid=5415635618879389673600&rev=e0fe245&ss=0&bc=0.0&pr=un&brid=1&bmid=0&advid=46559&clid=10660788&biid=0&tid=11059141&adid=&bcud=0&ts=1645074550&caid=11014948&unid=0&domain=gcp-bc-784-ontariofarmer.gdev.postmedia.digital&ref=https%253A%252F%252Fgcp-bc-784-ontariofarmer.gdev.postmedia.digital%252F&rr=creative&fid=1&rb=0&g=0&cb=56300
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 05:09:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
OBA_TRANS.png
ib.3lift.com/static/buttons/edaa/
3 KB
3 KB
Image
General
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/e0fe24527bfcc9eed4763b29ecf9b752e4f172b0/dist/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-22.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 17:46:49 GMT
via
1.1 79455aeea26d3c071fd96c3c1432669a.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:36 GMT
server
AmazonS3
age
472941
etag
"ddf020e069f1706b72b7698b28fede09"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-length
3125
x-amz-cf-id
D71Hx0HrcVhE31yKkr0mpzQYvbEi33PIKPlDSxeDskSUKcQUxQB6PA==
OBA_UK.png
ib.3lift.com/static/buttons/edaa/
3 KB
4 KB
Image
General
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_UK.png
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/e0fe24527bfcc9eed4763b29ecf9b752e4f172b0/dist/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-22.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 17:46:49 GMT
via
1.1 79455aeea26d3c071fd96c3c1432669a.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:31 GMT
server
AmazonS3
age
472941
etag
"7ceab27af00fa466072a3c3360041755"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-length
3518
x-amz-cf-id
bgCHsauPo9TR1mF9FY6jsp4QYZkJf7eLjOMOA52fDQl-nkSHx4z3kQ==
42fb57ac-2013-45a6-8dad-332d53e17c1b
consumer.krxd.net/consent/get/
224 B
310 B
Script
General
Full URL
https://consumer.krxd.net/consent/get/42fb57ac-2013-45a6-8dad-332d53e17c1b?idt=device&dt=kxcookie&callback=Krux.ns.postmedia.kxjsonp_consent_get_1
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1438fe7b5afc39a74b7fb73907bc08ff2c31792f0f11aa29812736484523e434

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 05:09:10 GMT
via
1.1 varnish
age
0
x-served-by
consumer-a011-ash-prod.krxd.net, cache-yul12824-YUL
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
content-encoding
gzip
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1645074550.221912,VS0,VE19
content-length
187
x-cache-hits
0, 0
ev1
eb2.3lift.com/
37 B
139 B
Image
General
Full URL
https://eb2.3lift.com/ev1?inv_code=Promoted_By_Desktop&aid=5415635618879389673600&rev=e0fe245&ss=0&bc=0.0&pr=%24%7BAUCTION_PRICE%7D&brid=1&bmid=0&advid=46559&clid=10660788&biid=0&tid=11059141&adid=&bcud=0&ts=1645074550&caid=11014948&unid=0&cepos=0&ceid=15221614&cb=88510
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 05:09:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 05:09:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 17 Feb 2022 05:09:10 GMT
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=77346cfd-c4ae-3027-f293-e475d98eb657&tv=%7Bc:4s4xnC,pingTime:-10,time:659,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85OC4wLjQ3NTguODAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1645074550364%7C%7Cd02ce0516654df9db6f00ad2eb646707%7C%7C920bd99aa4265c459f442b819dba176b%7C%7C46ce947ae93d8449404c44a66d1cb263%7C%7C8dac16397e2fd7695fa12e0bdb863523%7C%7C171d129a4b5ea09a03e941012c77dcf3%7C%7C176e9664e2f596ea36949c94ec9c241e%7C%7C2d9851d5a731737b0a11bcb1d2b0af2a%7C%7C1629390669%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.222.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-222-75.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Feb 2022 05:09:10 GMT
x-server-name
dt10.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 726A
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 16 Feb 2022 08:39:37 GMT
expires
Thu, 16 Feb 2023 08:39:37 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
73773
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame E649
783 B
535 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
baacccfbf34216d408cacd40630ffe274eb14b1286e1bdc05a065741977a5757
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Px2rRuOGol6LeSY70a3DEQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Thu, 17 Feb 2022 05:09:10 GMT
date
Thu, 17 Feb 2022 05:09:10 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-Px2rRuOGol6LeSY70a3DEQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel.gif
beacon.krxd.net/
0
337 B
Image
General
Full URL
https://beacon.krxd.net/pixel.gif?source=smarttag&fired=report&confid=uthtxmddg&_kpid=42fb57ac-2013-45a6-8dad-332d53e17c1b&_kcp_s=communities&_kcp_d=postmedia.digital&_knifr=10&_kua_kx_tz=0&geo_country=ca&geo_region=qc&geo_dma=124462&_kua_kx_lang=en-us&_kua_kx_tech_browser_language=en-us&_kua_mpid=8567425304588866645&_kua_ad_light_user=false&_kua_kx_tech_browser=Chrome%209&_kua_kx_tech_manufacturer=Microsoft%20Corporation&_kua_kx_tech_device=Computer&_kua_kx_tech_os=Windows%2010&_kua_kx_geo_country=ca&_kua_kx_geo_region=qc&_kua_kx_geo_dma=124462&_kua_kx_whistle=0&_kpa_domain=postmedia.digital&_kpa_page_type=index&_kpa_communities_page_type=index&_kpa_main_category=index&_kpa_env=test&_kpa_view_type=HTML&_kpa_paywall_whitelist=false&t_navigation_type=0&t_dns=0&t_tcp=28&t_http_request=-1&t_http_response=42&t_content_ready=10908&t_window_load=13590&t_redirect=0&interchange_ran=false&userdata_was_requested=true&userdata_did_respond=true&store_user_after=w5glnde6s&userdata_user=OqtP7pSS%2Cw5glnde6s&sview=1&kplt0=41818&kplt1=42920&kplt2=42921&kplt3=42922&kplt4=44981&kplt5=45977&kplt6=46302&jsonp_requests=https%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2F42fb57ac-2013-45a6-8dad-332d53e17c1b%2C120%2Chttps%3A%2F%2Fbeacon.krxd.net%2Foptout_check%2C75%2Chttps%3A%2F%2Fcdn.krxd.net%2Fuserdata%2Fget%2C75%2Chttps%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2F42fb57ac-2013-45a6-8dad-332d53e17c1b%2C46
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.204.255.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-204-255-47.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 05:09:10 GMT
cache-control
private, no-cache, no-store
x-request-time
D=57 t=1645074550
x-served-by
beacon-n021-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
k5pT0KbHUu3hEt9efW2jJzl2Td-_ix6W4xkPXjNBIu0.js
pagead2.googlesyndication.com/bg/ Frame 726A
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/k5pT0KbHUu3hEt9efW2jJzl2Td-_ix6W4xkPXjNBIu0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
939a53d0a6c752ede112df5e7d6da32739764ddfbf8b1e96e3190f5e334122ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 01:44:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
185108
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13550
x-xss-protection
0
last-modified
Mon, 14 Feb 2022 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Feb 2023 01:44:02 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame E649
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022021401&jk=1092456695898951&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame 726A
0
9 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?elZu0g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 05:09:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 6440
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvj_uY1u6tdV9A_SeYnfFG-UkeRTuUCyZpLqy8Ijv6KTNoXacntdgMIus2u_DT8lG5wTxjGfU7LLqozQdrfrl8Nqlj4bAx5SdGMb4NuESbwg5KvvDI&sai=AMfl-YQM8cfm7pRbHXsJtPwqieDqZdqYTDDUa_BHjPBPnu_uaBEOo0PTYRJ4EKxeFiNKFfGxRIr_feLfvRp0TK_Wnx5Olf79kXHesJe-FjoSggc8Hh4DAkR0-TYmiHp2pIfAJqR2sI_Rc6P0SsX84lfY&sig=Cg0ArKJSzMUpgU36WJiWEAE&cid=CAASFeRol-TuzJidhTl1TWAXTfWAJ7VBDA&id=ampim&o=315,108&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,0,1001,1001&tos=0,0,0,1001,0&tfs=428&tls=1429&g=100&h=100&tt=1429&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=625928897
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Feb 2022 05:09:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5513
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsskr2uBUmzmZ-PccrILPR9LlqY8JJmm1oHBIMIqxi0joSwrYnPi9TUqizClxWaALQ7XoH-TJRYJiCCNnzyeAs5FhryDoKDDFn1lW6E6pWmZNBNtEFA&sai=AMfl-YQFRcJYz0xqtaM9xyFgXmlclbwjSvz04HupUtIEaT326u9aLIXV5DmvdwOaQ2b927I5ilha5hc8kgoCHoJC1oxMVRNXyc5kS3rRzZvEDy9O4z9Yo5qDCNS5M7HA7SP_QGWV4oiwCF3QsVojA5DW&sig=Cg0ArKJSzNEQuVZWnxxhEAE&cid=CAASFeRoCpMR3WI5yxwEofhNNlrQMZ5Kwg&id=ampim&o=650,441&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=444&tls=1445&g=100&h=100&tt=1445&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=1960150758
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Feb 2022 05:09:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C5E6
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu_64GByZWczxs3kYYgCC7R1Ni-a17VLhxPnbxqLm15_rKxizl8HXLC-xqWh6728SooON8ZHwPfXZc6BfAatT9XmVE9CmsC1gv4D16MLZ3OU3S1Gpmj&sig=Cg0ArKJSzC3PAjeX_nX9EAE&id=lidar2&mcvt=1005&p=1112,765,1117,770&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20220216&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=1840685615&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1645074549476&rpt=437&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Feb 2022 05:09:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=77346cfd-c4ae-3027-f293-e475d98eb657&tv=%7Bc:4s4xAG,time:1469,type:e,env:%7Bnr_p:1,nr_publ1:1,nr_grpm1:1%7D,es:0,sc:1,ha:1,fgad:0,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1469,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:238,wc:0.0.1600.1200,ac:454.1088.5.5,am:i,cc:454.1088.5.5,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1248~0%5D,as:%5B1248~5.5%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:31,fm:sXFH9Z7+11%7C12%7C13%7C1411%7C14121%7C14122%7C14123%7C1413%7C1414%7C1415%7C1416%7C1417%7C1418%7C1419%7C15%7C16%7C17%7C18*.928934%7C181%7C182,idMap:18*,rmeas:1,rend:0,renddet:DIV.us.sn%7D&br=u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.222.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-222-75.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Feb 2022 05:09:11 GMT
x-server-name
dt10.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
pmd
eb2.3lift.com/
37 B
139 B
Image
General
Full URL
https://eb2.3lift.com/pmd?inv_code=Promoted_By_Desktop&aid=5415635618879389673600&rev=e0fe245&ad_w=629&ad_h=143&img_w=185&img_h=143&render_time=1645074550808&ft=1&plid=178804&client_w=1600&client_h=1200&pos_left=454&pos_top=1088&cb=62648
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 05:09:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
ev
eb2.3lift.com/
37 B
139 B
Image
General
Full URL
https://eb2.3lift.com/ev?inv_code=Promoted_By_Desktop&aid=5415635618879389673600&rev=e0fe245&ss=0&bc=0.0&pr=%24%7BAUCTION_PRICE%7D&brid=1&bmid=0&advid=46559&clid=10660788&biid=0&tid=11059141&adid=&bcud=0&ts=1645074550&caid=11014948&unid=0&cepos=0&ceid=15221614&cb=21484
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 05:09:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
SPug
simage4.pubmatic.com/AdServer/ Frame 0A2A
0
260 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 05:09:11 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022021401&jk=1092456695898951&bg=!ExClEFTNAAbf-5Dq3_s7ACkAdvg8WtV72UjTTGs_yGTg_9dySOrf9hiCFVwdJCYERnJf75UugoGpTQIAAACpUgAAAANoAQcKALepGY30grVndbMDebdh7r2HrQZY7y0hLwPtFckPnfYL9zz9bOkylTtMWUxonycibtI0SKeQAdACGhjnZOLcP0T-gm2mM08kysJjIPyhBS9-zA3Mia6SaRU86EZQ8sV9ZeCPl4Snnl_3dI-yDq2jeFgsYootkDSDhrTbt73dcr4pTxdw0N9fjTBbSo5yVapIG2PSN69J9ElUpBQ1z0VkGoNFBRSRB60mDTkLAuM_cEP4tfBEQzeN0M6ZAtXUhvNvfsgvj4BLFp6sllIwQ9-dcrF13t7xgNNuwxMDWFiAtnujkCoeisZI44lZW34VeqsIkQDQmLVKTyY-_jihg-5BEgrcfBHAucNthpOkrpcQXV0Lu5WjI310FemJYnXG0KOn6sXlUxpgtAPU8WHk6KCzs0DlEbeXkwd70bL0NYzKLxbXwBae5oYBJ3eN1zr_eOgmvXQ9S25UhlfmCVOdjSg-zEdUBCmaJnkloqUcfWzL788mTqKtrTdRT03aoWnFD1Vb-2Rr-EXa1q_yD2qUwf2Mm1dcjnM3Y8fXr2IfTpHPgo8uvvmA-yPYvf9OMr5qV-FL81K1jn-QLLvaxstftXdcROuXIhvgTTVCYMgcxIHojnPATP5Qq3XsvYJr6DiGR8qCRy32LKpjHP4tsuqxlJcuF0p3ri83Q62pcn8hv8hgEyYxw4KPkk95rNh29sLtEta90CGpGbmRTTb8R4ebT78Y2chnJWZ7QVqB1RwGgGCKl6tLMWL1n5llJqRTlLUqQyTChIAmh1fTyHWxV3rZHxBinjPuwC2eRk2gNkQbdAF5YEdhQPVu5VsMkOTqgBukA2Gtqn1ypPkEHFg3ao1h6Ia22aZEi-Y_P2tHYwEaBW6nwSQuyzQIgWVE7DLFADUQzfMI8kNobiIb-XEnG8ajiQIg2uxQ1vdR6P7o4EkuofoVJon5IbCgJIjiGDXS2kQhZJ5_SM8eYy7CC_XkI4CB3uhIf8idPIBPQNcXo0guZ_K306443pV9WTj5udTszWppRp6941WLucdawZ8KTJLCT5WxgMIclv6_l168QvWQJNExEI89V1AqqASpn1yTzX4azVv2zEP46y11CP9C9nh0azh-4uleGQXUZAcfDPbOfEVVNTm_LIj6fSHPPu0ytTW5ZV1R4UnzSk1JzJamkWXMcNsY1C6oPDdK9RpCa6mn2xkJufzvJYtBo5s9-tQph2adr9kjqQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Feb 2022 05:09:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
jssdks.mparticle.com/v3/JS/us1-a9588c0ddc27594cabd152e47ffe27ee/
41 B
295 B
Fetch
General
Full URL
https://jssdks.mparticle.com/v3/JS/us1-a9588c0ddc27594cabd152e47ffe27ee/events
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-a9588c0ddc27594cabd152e47ffe27ee/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
bdca2b3011b9ba3d32c62d1a741860a21811eb673ab11da8fda2aa268edcfe65

Request headers

Accept
text/plain;charset=UTF-8
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 17 Feb 2022 05:09:13 GMT
content-encoding
gzip
server
Kestrel
x-timer
S1645074553.112673,VS0,VE14
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-served-by
cache-yul12831-YUL
vary
Accept-Encoding
x-cache
MISS
content-type
application/json
access-control-allow-origin
*
accept-ranges
bytes
via
1.1 varnish
x-cache-hits
0
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=77346cfd-c4ae-3027-f293-e475d98eb657&tv=%7Bc:4s4yD3,time:5460,type:e,env:%7Bnr_p:5%7D,es:0,sc:1,ha:1,fgad:0,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:5460,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:238,wc:0.0.1600.1200,ac:454.1088.5.5,am:i,cc:454.1088.5.5,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B5239~0%5D,as:%5B5239~5.5%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:45,fm:sXFH9Z7+11%7C12%7C13%7C1411%7C14121%7C14122%7C14123%7C1413%7C1414%7C1415%7C1416%7C1417%7C1418%7C1419%7C15%7C16%7C17%7C18*.928934%7C181%7C182,idMap:18*,rmeas:1,rend:0,renddet:DIV.us.sn%7D&br=u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.222.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-222-75.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Feb 2022 05:09:15 GMT
x-server-name
dt04.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 function| structuredClone function| setNptTechAdblockerCookie object| script object| LRNameSpace object| LoginRadiusDefaults function| LoginRadiusUtility function| LoginRadiusApiFramework function| setLoginRadiusDefaultSchema function| setLoginRadiusModuleFunctions function| LoginRadiusHooksModel function| SetLoginRadiusCommonFunctions function| LoginRadiusControllers function| LoginRadiusV2 function| FormValidator object| hash object| modern_script_elem object| legacy_script_elem object| ytAdTargetingLoadEvent function| script_onload string| locSrc object| ytVideoAdTargetingConfig function| BlockAdBlock object| blockAdBlock object| webpackJsonpFrontEndModules object| tp object| FrontEndModules object| googletag object| aax object| apstag function| Krux object| dataLayer object| KruxDataLayer object| __iasPET object| mParticle object| gtm_data_layer object| webpackChunkdjango_content_services object| ggeac object| google_js_reporting_queue boolean| apstagLOADED object| districtmHeader object| diagPixSentCodes object| __iasAdRefreshConfig function| udm_ object| _comscore object| COMSCORE object| google_tag_manager function| postscribe object| google_tag_manager_external object| regeneratorRuntime string| iasScores object| google_tag_data string| _linkedin_data_partner_id function| fbq function| _fbq function| twq function| onYouTubeIframeAPIReady undefined| google_measure_js_timing object| Sailthru object| twttr function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| PARSELY object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| __IntegralASExec object| Ribn object| GoogleGcLKhOms object| google_image_requests

100 Cookies

Domain/Path Name / Value
gcp-bc-784-ontariofarmer.gdev.postmedia.digital/ Name: x-id
Value: {"data":{"id":"r2hgwbvzhjk9czc7dthele3094dy5d2gq","updated":1645074547624},"exp":604800000,"ts":1645074547650,"mac":-366668128}
.postmedia.digital/ Name: _gcl_au
Value: 1.1.108795257.1645074548
.scorecardresearch.com/ Name: UID
Value: 1ED6f371ee21539e567388b1645074547
gcp-bc-784-ontariofarmer.gdev.postmedia.digital/ Name: __adblocker
Value: false
gcp-bc-784-ontariofarmer.gdev.postmedia.digital/ Name: sailthru_pageviews
Value: 1
d395dw5zk780j2.cloudfront.net/ Name: x-id
Value: {"data":{"id":"r2hgwbvzhjk9czc7dthele3094dy5d2gq","updated":1645074547624},"exp":604800000,"ts":1645074548144,"mac":-365894399}
gcp-bc-784-ontariofarmer.gdev.postmedia.digital/ Name: political-ad-opt-out
Value: {"data":false,"exp":604800000,"ts":1645074548188,"mac":1847687736}
.postmedia.digital/ Name: mprtcl-v4_767FC2FC
Value: {'gs':{'ie':1|'dt':'us1-a9588c0ddc27594cabd152e47ffe27ee'|'av':'1.0.0'|'cgid':'8ee6d5dd-1df7-40c0-bf47-fe6343c1d4aa'|'das':'a5d7eb40-3dce-4e31-a6a9-1d5576fc9730'|'csm':'WyI4NTY3NDI1MzA0NTg4ODY2NjQ1Il0='|'sid':'C4FD3DEC-2802-433D-9511-998ECD28A037'|'les':1645074548202|'ssd':1645074547860}|'l':1|'8567425304588866645':{'fst':1645074548053|'ui':'eyIwIjoicjJoZ3didnpoams5Y3pjN2R0aGVsZTMwOTRkeTVkMmdxIn0='}|'cu':'8567425304588866645'}
gcp-bc-784-ontariofarmer.gdev.postmedia.digital/ Name: sailthru_visitor
Value: 34b3bccd-7d79-453d-bbf0-1cca0037bb70
.postmedia.digital/ Name: _fbp
Value: fb.1.1645074548365.298543738
.twitter.com/ Name: personalization_id
Value: "v1_ZJTM6sLSe4vnRzIJ9vSUaA=="
.sharethrough.com/ Name: stx_user_id
Value: 91b7ffb9-173e-4d3a-80d6-baa9ea5bbbb0
.creativecdn.com/ Name: u
Value: A4OH1k88hu6Ht1EPJ5NN
.creativecdn.com/ Name: ts
Value: 1645074548
.facebook.com/ Name: fr
Value: 0GvNEfCV8mbSrLshC..BiDdh0...1.0.BiDdh0.
.t.co/ Name: muc_ads
Value: d8d29b5c-f31f-4875-841b-15bf6a873ce2
.dotomi.com/ Name: DotomiTest
Value: 164461534bee11fe
.acuityplatform.com/ Name: auid
Value: 647778910327
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqCMTM3+o11c2VyTWF0Y2hpbmdJZCQEkpFsYXN0RHJvcFRpbWVNaWxsaXMlAT9BQlg2tphsYXN0U3VjY2Vzc2Z1bE1hdGNoTWlsbGlzJQE/QUJYNraPdGhpcmRQYXJ0eVVzZXJJZCH7+4Z2ZXJzaW9uwvs="
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-7274074f-c821-43f7-6a8f-4cfadc500fe0.EFuh3wjUdFmgkxiAJGW88srDeUB3KHys3WM4T9LPgek
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AcnQHT8ghQ_dqj0z63FAP4JU4mbU.32aFXi0OyWStI5simc1AL5U4qCSK1uv3Mq%2BKaCatdmk
.postmedia.digital/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://gcp-bc-784-ontariofarmer.gdev.postmedia.digital/%22%2C%22sref%22:%22%22%2C%22sts%22:1645074548490%2C%22slts%22:0}
.postmedia.digital/ Name: _parsely_visitor
Value: {%22id%22:%22pid=5b16ed6ec08d50213be4b72fdcbcbdae%22%2C%22session_count%22:1%2C%22last_session_ts%22:1645074548490}
.amazon-adsystem.com/ Name: ad-id
Value: AxrNjVpBbEuOmCrk8WvYUs0
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.krxd.net/ Name: _kuid_
Value: OqtP7pSS
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Yg3YdAAG1RV6CABH
.openx.net/ Name: i
Value: 9f3ea558-ae86-0f85-1245-197858a06e9a|1645074548
.lijit.com/ Name: ljt_reader
Value: 96e3a32e4b5469f6e69f47f9
.casalemedia.com/ Name: CMID
Value: Yg3YdHjLBAU6rtOYMfvLqgAA
.casalemedia.com/ Name: CMPS
Value: 463
.adnxs.com/ Name: uuid2
Value: 565191321469147478
.lijit.com/ Name: ljtrtbexp
Value: eJyrVjKxVLIyNDMxM7IwMTSx0FEyMkblm5qh8i3Q1BsaIPNrAZ3IEGo%3D
.3lift.com/ Name: tluid
Value: 2058278953832408679159
.openx.net/ Name: pd
Value: v2|1645074548|vMgakWgyiK
.casalemedia.com/ Name: CMPRO
Value: 037
.casalemedia.com/ Name: CMST
Value: Yg3YdGIN2HQA
.ml314.com/ Name: u
Value: aHR0cHM6Ly9jZG4ua3J4ZC5uZXQvcGFydG5lcmpzL3hkaS9wcm94eS4zZDIxMDBmZDcxMDcyNjJlY2I1NWNlNjg0N2YwMWZhNS5odG1sIyFreGNpZD11dGh0eG1kZGcma3h0PWh0dHBzJTNBJTJGJTJGZ2NwLWJjLTc4NC1vbnRhcmlvZmFybWVyLmdkZXYucG9zdG1lZGlhLmRpZ2l0YWwma3hjbD1jZG4ma3hwPQ==
.ml314.com/ Name: pi
Value: 3625196176948068415
.ml314.com/ Name: tp
Value: 4%3b2%2f17%2f2022+12%3a09%3a08+AM%3b0
.districtm.io/ Name: _dm_uid
Value: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAwLCJ1c3IiOiJxZ2FnQWJJR0d6STFSSFpqU0V4RmN6azFZbTE1ZW1sNldUSklZV3RsTWxObFE3b0dJQWlYVGhJYlFVRkJSMXBOU1VkTU5rOXZVbmROZVhOZk1UQkJRVUZCUVVGQnVnWVJDS1pPRWd3Mk5EYzNOemc1TVRBek1qZTZCaUFJcWs0U0cyTnVVVWhVT0dkb1VWOWtjV293ZWpZelJrRlFORXBWTkcxaVZib0dHUWlyVGhJVVFUUlBTREZyT0Rob2RUWklkREZGVUVvMVRrNjZCZ01Jcms2NkJnTUlzRTQ9IiwiaWF0IjoxNjQ1MDc0NTQ4fQ.27QfhSkZWYNo6IIXFeslE8xil4s5nB1NxsmA0tXR7tQT223tvTVJ-OUBe2iPtDakcwt_wGJkIlENRDCpo3gOKg
.bidr.io/ Name: bito
Value: AACoA07EG7EAAHNu_qSMdA
.bidr.io/ Name: bitoIsSecure
Value: ok
.contextweb.com/ Name: V
Value: URGjRyg863Kd
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1c80|7dW.0.1
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 81b2af7b2323a41e
.owneriq.net/ Name: si
Value: Q6983609491834525044
.owneriq.net/ Name: p2
Value: sv
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 7FA3C964-8A29-4CB7-927F-A9B0E818EA92
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 156011:2
.pubmatic.com/ Name: DPSync3
Value: 1646265600%3A201_197%7C1645660800%3A164%7C1645142400%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1646265600%3A220_21_13_22_54%7C1645660800%3A2
.crwdcntrl.net/ Name: _cc_cc
Value: ctst
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSsrQ0NzY2MzKyNDEzMjCztLA0FOIz1HX2dLQMcQvVLTPJTgQA6v6ZkCQAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAADvEyGtoZmJqYG5iamJpZGEJAK4pXj8QAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSsrQ0NzY2MzKyNDEzMjCztLA0FOIz1HX2dLQMcQvVLTPJTpTiNTQzMTUwNzE1sTSysAQAkKyVXTMAAAA
.eyeota.net/ Name: mako_uid
Value: 17f06158a29-15c60000010a5ea6
.eyeota.net/ Name: SERVERID
Value: 24230~DM
.doubleclick.net/ Name: IDE
Value: AHWqTUl_7g6gGvGZqzbsXKOH_WQZdWDHTzc09LuvRXQoucxHGDRvRrehhlCR5v332qc
.rubiconproject.com/ Name: khaos
Value: KZQIWU27-X-84BV
.postmedia.digital/ Name: __gads
Value: ID=d7c890e25cbb1d3b:T=1645074548:S=ALNI_Mbv9lKwXL8HPnLBMqj6HZ8FP4hSag
.zemanta.com/ Name: zuid
Value: 5CssYB7_TZQrcfZZbsR_
.adsrvr.org/ Name: TDID
Value: 6ec115a6-b8c6-4d04-b7cf-011668d723f5
.adform.net/ Name: C
Value: 1
.rlcdn.com/ Name: rlas3
Value: 9YpyQLDy3pxOkZHxUPbvMNkCZKB9WB4mQefk1yycr+Y=
.rlcdn.com/ Name: pxrc
Value: CPWwt5AGEgUI6EcQAA==
.agkn.com/ Name: ab
Value: 0001%3AUVWHRAPa8dSVzoIPCP7uEjaKLJR4zDcU
.yahoo.com/ Name: A3
Value: d=AQABBHXYDWICEHO1inypE-iNekPfKkjhhHoFEgEBAQEpD2IXYgAAAAAA_eMAAA&S=AQAAAuG8RvxLe5WM_wleGNvmHUo
.lijit.com/ Name: _ljtrtb_49
Value: URGjRyg863Kd
.adform.net/ Name: uid
Value: 5599853182198290229
.openx.net/ Name: univ_id
Value: 537072971|6ec115a6-b8c6-4d04-b7cf-011668d723f5|1645074549361900
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-Yg3YdAAG1RV6CABH&KRTB&22978-Yg3YdAAG1RV6CABH&KRTB&23194-Yg3YdAAG1RV6CABH&KRTB&23209-Yg3YdAAG1RV6CABH
.pubmatic.com/ Name: PUBMDCID
Value: 2
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-7c3db795-87bc-407a-a70f-27243940d7c4&KRTB&22918-7c3db795-87bc-407a-a70f-27243940d7c4&KRTB&23031-7c3db795-87bc-407a-a70f-27243940d7c4
.adsrvr.org/ Name: TDCPM
Value: CAESFAoFb3BlbngSCwii-r2Wtfe4OhAFGAEgASgCMgsIpImExMv3uDoQBTgBWgthZGNvbmR1Y3RvcmAC
.lijit.com/ Name: _ljtrtb_10
Value: 997336229462069891
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-059baaf5-995d-4f85-9abe-1b67a194b8d0-005%22%2C%22nxtrdr%22%3Afalse%7D
.demdex.net/ Name: demdex
Value: 82536466212608583834289973186902436349
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESELf0le0gClPWlGY5stwrSLU&KRTB&16514-CAESELf0le0gClPWlGY5stwrSLU&KRTB&23025-CAESELf0le0gClPWlGY5stwrSLU
.pubmatic.com/ Name: PugT
Value: 1645074549
.turn.com/ Name: uid
Value: 2790509209170058835
.simpli.fi/ Name: suid
Value: 1B55EB1C413341B7B075D7432670536F
.pippio.com/ Name: did
Value: IXve5e0Tyj_cmgVF
.pippio.com/ Name: didts
Value: 1645074549
.pippio.com/ Name: nnls
Value:
.mathtag.com/ Name: uuid
Value: 9c31620d-d875-4700-8aaa-f4be4888411e
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-2790509209170058835
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:1B55EB1C413341B7B075D7432670536F
.dpm.demdex.net/ Name: dpm
Value: 82536466212608583834289973186902436349
.mathtag.com/ Name: mt_mop
Value: 9:1645074549
.pippio.com/ Name: pxrc
Value: CPWwt5AGEgQIAhAAEgYI7OsBEAA=
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-059baaf5-995d-4f85-9abe-1b67a194b8d0-005%22%7D
.lijit.com/ Name: ljtrtb
Value: eJyrVjKxVLJSCg1yzwqqTLcwM%2FZOUdJRMjQAillamhsbmxkZWZqYGRmYWVpYGirVAgAWFAsQ
.lijit.com/ Name: _ljtrtb_56
Value: RX-059baaf5-995d-4f85-9abe-1b67a194b8d0-005
.doubleclick.net/ Name: DSID
Value: NO_DATA
.linksynergy.com/ Name: rmuid
Value: c66f3f1a-d27a-48af-8eee-5f9eb3f6b38a
.linksynergy.com/ Name: icts
Value: 2022-02-17T05:09:09Z
.rubiconproject.com/ Name: audit
Value: 1|A70S/uYDECfnWdZplgDZ3DGAUuw2vGIuoermovCTTk7WaDs14xzbSKzHjpyknTgdfSlTlx25exoiZ07GJqnMno4BjqNRGrmz
.pubmatic.com/ Name: SPugT
Value: 1645074551

9 Console Messages

Source Level URL
Text
other warning URL: https://www.googleadservices.com/pagead/conversion_async.js(Line 71)
Message:
Unrecognized feature: 'attribution-reporting'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
other warning URL: https://cdn.ampproject.org/rtv/012202072236000/v0/amp-ad-exit-0.1.mjs
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012202072236000/v0/amp-ad-exit-0.1.mjs
Message:
Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6b00730def75e20ba1a0d041587698a9.safeframe.googlesyndication.com
aa.agkn.com
ad.doubleclick.net
ad.turn.com
ads.pubmatic.com
ads.yahoo.com
adservice.google.ca
adservice.google.com
ak.sail-horizon.com
analytics.twitter.com
ap.lijit.com
api.sail-personalize.com
assets.ribn.com
auth.lrcontent.com
b1sync.zemanta.com
beacon.krxd.net
bh.contextweb.com
c.amazon-adsystem.com
c1.adform.net
cdn.adsafeprotected.com
cdn.ampproject.org
cdn.districtm.io
cdn.krxd.net
cdn.parsely.com
ce.lijit.com
cm.g.doubleclick.net
connect.facebook.net
consumer.krxd.net
d395dw5zk780j2.cloudfront.net
districtm-match.dotomi.com
dmx.districtm.io
dmx.us-east-31.districtm.io
dpm.demdex.net
dt.adsafeprotected.com
eb2.3lift.com
eus.rubiconproject.com
fem.prod.postmedia.digital
fonts.googleapis.com
fonts.gstatic.com
gcp-bc-784-ontariofarmer.gdev.postmedia.digital
googleads.g.doubleclick.net
hb.districtm.io
ib.3lift.com
ib.adnxs.com
id.rlcdn.com
identity.mparticle.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
img.3lift.com
jssdkcdns.mparticle.com
jssdks.mparticle.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
ml314.com
p.rfihub.com
pagead2.googlesyndication.com
pippio.com
pixel-us-east.rubiconproject.com
pixel.adsafeprotected.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
ps.eyeota.net
px.owneriq.net
s.amazon-adsystem.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
smartcdn.gprod.postmedia.digital
smartcdn.prod.postmedia.digital
snap.licdn.com
srv-2022-02-17-05.pixel.parsely.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static.ads-twitter.com
static.adsafeprotected.com
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
t.co
tags.rd.linksynergy.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
um.simpli.fi
ums.acuityplatform.com
us-u.openx.net
us.creativecdn.com
usermatch.krxd.net
www.facebook.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.npttech.com
104.16.190.66
104.244.42.197
104.244.42.3
104.36.115.109
104.36.115.113
104.36.115.114
107.178.254.65
142.250.64.102
142.250.65.194
142.250.72.98
142.251.40.98
143.204.143.123
146.75.28.157
15.197.193.217
151.101.130.133
151.101.2.49
151.101.66.133
156.154.202.36
185.167.164.49
185.184.10.30
185.29.134.248
198.148.27.140
199.127.204.142
199.38.167.129
2001:4998:14:800::1000
209.54.176.128
23.209.184.224
23.36.85.188
23.52.161.180
23.52.162.21
23.64.109.237
2600:141b:13::17d7:82d0
2600:1f18:4e9:5a02:efb6:c060:3207:6cbc
2600:9000:2209:4400:8:48e:53c0:93a1
2600:9000:2209:a800:7:75d4:e40:93a1
2600:9000:2209:be00:8:f216:eb80:93a1
2606:4700:10::6816:48e8
2606:4700:3037::6815:3c3f
2606:ae80:1451:12::1690
2607:f8b0:4006:809::2003
2607:f8b0:4006:80b::2001
2607:f8b0:4006:80c::2001
2607:f8b0:4006:80d::2002
2607:f8b0:4006:80d::2004
2607:f8b0:4006:80e::2002
2607:f8b0:4006:816::2002
2607:f8b0:4006:81e::2002
2607:f8b0:4006:820::2002
2607:f8b0:4006:822::200a
2607:f8b0:4006:823::2003
2607:f8b0:4006:824::2008
2620:112:f002:bbbb::21
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42:200::645
2a04:4e42:400::645
2a04:4e42::645
3.211.225.169
3.227.87.232
34.149.157.221
34.204.255.47
34.210.160.53
34.235.23.231
34.75.117.5
34.95.11.30
34.98.64.218
34.98.67.3
35.169.48.117
35.173.74.115
35.190.60.146
35.71.139.29
52.116.221.248
52.200.181.105
52.203.157.37
52.55.144.0
52.73.222.75
52.85.61.125
52.85.61.22
52.85.61.25
52.85.61.36
52.85.61.78
52.85.61.89
52.85.63.179
54.224.102.47
54.230.242.59
54.236.214.209
63.251.114.182
63.251.86.51
64.74.236.159
68.67.179.155
69.90.254.78
8.28.7.83
8.28.7.84
8.43.72.97
8.43.72.98
99.83.154.140
004873741130c4c0aec4692ddf6ac8f57442ab746004efded91e189228c5daf8
065829e4f21eecbf5bd46a22625304de02c0e591f68b1dd2b90daac47267c2e3
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9
0a055b94dddc24c4d91c386d3eb855fc8eb2e973346a021eafb4e625398b60da
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bc3b053ee51b375e6d9ff787c579012da09179e4ceb7589fb32457b7bbd9370
0c3ca2ca92d0d072a7c58a0e114b4861de9b5205c473cc08b528d2cebc277462
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1438fe7b5afc39a74b7fb73907bc08ff2c31792f0f11aa29812736484523e434
166b32472bd35ab18cf94e37efd5055f293406d30ffac183474318140b45ebf2
193df62226a16ad5206b693f10102b34e6a9903870d0c5c410afa359676d5fe7
1aefec411441da454a39e812f8300125bfd117abc33f50f98c124419314da704
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
238a7b88a5b7237a3fde744d5b7a0d8deafbe118e52453771e9e1872cac1b41f
23d00276404c2322c5d3bb27f5e930b67f81bc964189b36b028ab1521a5929db
27b5f4065ae5a23819d6b774a51cde9d6cf95abad8c14b42e54983376ecc1dd9
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
28ccdeaf1c5104e943728d922b8734153f7e57bd6762b4c7b28eec454cccd86b
28ebe438c9cebbf8b49baf284b7c0624f1a1e52c823572afe5dba64d858ebb09
29184c416fa3c5ffcbc4baf96ffe14c8d5fe2a0ff451da9d40b7109960ba3c2f
2987df61c80f5e13507666bcb5e2805b7c766a6e3e4f664d4bd557848839e60c
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2d4728a50c85f15c59630aa9eed0a333bed2826df78841417504901274d148ea
2ddefcdc9f260c5ffeb93fed110fe9d929028226f9a2d8a4934ea52b546e9640
2e0167dcb40268ac75cd27dc5037079ba7a81a262a4e659840fe840a00ebdf1f
2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6
300b9ba11e041384aafe746b81adbac891f04890e6d71728d572df9073610076
332dd9d8872171a7ce122129c088ef587eb876ee04f178f5e62310dff3747514
34a66062ea7e90197e657b08409549b35fd639a2f5fd894a276f72c9f60053bd
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
372ddb86deaa3e11e5a4b1eec16924bcd6e6232bc8bab79338426b2faff7e7dd
39874e19af66fa05a8e943e773c81187cb7437bb3cb0076df6defb9381d32911
3ac08884924e4e8f88a3d91f6d1171ac1f517a75af1d649f74bcd3372bfb5e90
3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
403147f6e8ff70cb72ddd13b981b9368f0264f5dc5c79f93bea6407d593967bc
40e562e806ce113ae7879d0dd76db82797b5c274794751c260381f2c8b283641
41c264db2ccf6ee7df5f787b4fab9cd2c7bf6807e4c7197de9f0166e66e379ce
42cb48fcecb9f09d629e736d1ca8a7eb9c37c8e493b140d071fa92396897b333
4654a3c95c736b2bce10fed21b6573696d40a1052ea25e10a73e6c6a52b42bfd
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49c4ff5327d8a44e14ed42511af5b03abaabd68a0e0620b2fee7a05e40fe58c3
4ae23e29c8932182a6fd6d7e2718a19fcba33519a4f9a87c28ab53c1d87feb05
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50b7afc0a14aba39876bc56a16ce26a3275dd27f93f5bd2029f4e06f07ce63b5
5122c98605367c14582885aacdfd443bc832001303f137203ca6ceddc96ceb94
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5702be858374d0c1b9cfa6164335204df766faceb85311b0311cc81b77041708
5853621d02d975fba45c91907a09fec43c635c608a30f31ecd9b85342693b41d
589dd97ce9a8e5bd5bb1c5237ddf7c80f15c8faf2c557bc96e9b3ada06e49768
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4
58ea61d73979188a8b0c9f96ba23b29f1cc88fe7e3d4f9bbf874a06ac3ab005f
5adf5f99410f5cda46c603f7278580a9a6a3610f8b6f6684f2c6c888b4a4d1ff
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
5bfee1a430ede5828fcb00547e58f4121e6758b35517b4ee1b5387067a2e65e9
5e2aab555cbfbe4f398bc031f658fd37c078428446a48154a9e9301fe01b72d9
5e80c963be99992cd6d591ebc79ab0149eb6131aad9a78787c64afa28ee0624d
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
61a9435112cb68acc5f8da27798416ac4082a71a8ee5d392fb39c30185e4bc73
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64877850f9e838b0e76c3cf59b45760f44598fae0a8d2b14ba491b682c0ad92e
65811bd28071b33e3eda6e02b9b90e21b6b6e6b57fcee69f2701b7509f4ef195
66547548f3877a69d31f43fe994a1a164b6909d5baeb6e4d1229b583eaa66893
68a335c0d87dce935fee1811892070e78c514828d50bfe2ae21fde739ec1002c
6af975259d8ffef398b1ef8d3cc92cd946a8cc1b2dd6b6e88ee6537be25d43bc
6f33bb6fb3ab3ed9893e8cf1ad0bda09b99a535be0a54c7a8f1dd1c3a688c4ee
713336e852532c9e78a01d388b48b16827c7d2c5721f1cbe85b6bfbff1d420a5
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b
76a237b880fbfc8ac655e91dcf5c9af3b44ccc506c69328409b4047d72519eea
7720a0f40d088f144d749c07f075b8dfdc84afd25900a59045fe6c29d0fc5090
79c381d0b010da04e31a1da615ecb7b142984a8fa33f080485a2c109ce064f15
7fb15552a88b764ca42963e71136255cecf99c6bccc6fdc68fbe0f930a516cb7
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8ddf9e8fa96d1bbbeaf292ca94fc082dde61e4a6be90c87f8b2609fd88edbd4d
8e2dcb9912e96ad6472e010d4e66d67c647dfc385f09d652c1ff8d4d752baf14
8efbcfc1488414976756588dc8fb8abd48092a7135d3322a6c7b643689184305
9008ac843d4735e349bdde45c352caeb6d5c1517622730fa602d6b56cf5e4b3a
9081938d5c9644dacf6668cb6c1283d208fb92b487b159235a0d92fd0a4f6379
939a53d0a6c752ede112df5e7d6da32739764ddfbf8b1e96e3190f5e334122ed
93b1f78578f169d4f472ecda3c79d72e81fa9e199bdb979d13139f5ddbe5a06d
96942ab7078231c4baad7cf6bdeb5e8006a53fcbffd96563df1bf0e7165895f1
975a64dc9bbc5e1884ba8ca2e76d9b2791d16d5c9f3619bf30477cd21a8636d2
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99ae2ba5123f8c557e29bc5d5e5ebe1f737e315b5a90e5c8af77b61ff24e2fa2
a1f4086973dc8059c20b2a680c1e4cfae4069ff3a4a063a297bbcd9281115dab
a20612d194494fed2ff28697179a88569d7193b4fe9ff7631c22937aee6dfe7c
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2999aa2aff07ed8528366d8ef153a35afd7d792a746bd0347496a28f3ceaf38
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4cb0a0d555575e54f843cc6e3a52d9eb1db6c9f0b4f3c7ad4e9fbd4ed4ca569
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a75375b415c59fa891ac5f780e4ee7c991fc82002d14d4dcaac9ec1a09879a1c
a9c49abb61a49f2494450c62f925e90e4398d0638d9444632b6570f88bf64100
aa8c4f5924fd06cbaf5c65fac729f0c3207d1f70534b07fc0915948c41b29d6e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50
af42f8a986eefec222a68474cc9c9591028b07b082157631d810ecbbf4a652fe
b048e01655cdf47f739c288fc4195c26de3883db4ebc4368242fa38b0ca0062d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3609f82056620247e1a5cdec4c8f6ace1472ebf1d38921a7109419182a81342
baacccfbf34216d408cacd40630ffe274eb14b1286e1bdc05a065741977a5757
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bdca2b3011b9ba3d32c62d1a741860a21811eb673ab11da8fda2aa268edcfe65
bed79e22634d48c6e53d084c7dc1ac8e7ed34377df61478f7020d89248124ea1
c19f104f71391238db367f28c1fde806e07b3c3674367f8c0511559fdd5c23cc
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4cf4079ec71eea0051719d77dad827e876accf52dff47dbb7822f06d628fed4
c6d4675d324e5b40ed5fe0f15dfc55855a7d6389232ce7c981062d99b80d366c
c81cab8c63d469329c0e0724770c6c8622f0d5d1fb8b6f919b6d7dddfadba190
ca157b8a9c98a19c0446a974ea642d13e3b3398f328d312fd474df9f63c45fe9
ca503f7837f4130e64c59682e91077d01318cc1ed83ad43b5ffddf31ca8c5b0a
caac5c71c9d790e8cd32ed97b5a978c08c5543b7f25ace068aa767d1f4987488
cae0ae2d67aac89367108586ebd25e00afc5d0f8110e6eb71b8d274037f7a5d8
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d06ae5e97e495832fc4526c3e93d7e9440f1faf5f77669b41678c9d564a25faf
d096d22dc5d3acff598c866340e64f5994e700801472e146537a1feb147bf7ee
d0ccf2c64e69cb1e4f78e484f9c5282a53d69688eae73e9113605b1470b77a7f
d3ef00ccf0d1329768a9546012c96ecb5ac031695b0418da9ae3297979ad60bb
d54976fac967bda7d356a067c6da1a7eda333db09dadde273be99f5309bc3dac
d5f7c1c0cbec2c27d4165db4cd06b7780f477fc9161008bde67c7a9d62b223aa
d984a247beba5abcd72a6b6dd131ae1767b6d0cc76ad1223b33e8e3d5a7e05c0
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
dea759394a532f5d3ca25e8697fd2077dac60131e9eb3bd1ab3d6aee3a86ec47
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e2ed6f4144d1c12483676cbd0bbb32aa7b23d7b7f54709176c16c782ca668dfe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64a35469e5e943866d38eececaf67dc98d02af2786076a33bbac5aa15f173f3
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
e7ce5ff2da8ec685246c4d7d09d61edb0dda2105bbe426e27fff352b6fd10177
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef1c55f2165c2e95a1f17def4a8d5e1169931e223eab40857dbe186295cc02db
efbcf9736443f6712f739180d23323034ad12e490a1aebeb54336e68957d0943
f00c05629967b8cc244bc5c5d0718d295b793448bdfa564620b1d4c84c53c580
f1978a52716afa22c51987b900182d2ab31bc35ce910c0565c4e7ed66642d0fa
f4720813879c72dc166e13c4ed47fe347f3ed62eed212480aa26ccb04c99778f
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e
f7914b4836b5815c4b3dcd79c44fa3390dedf00785d79f90dc7f6c6f38c947c5
fe767c747a6851d2b1ded447dcf7b6bb053fc6acf5f7a4ca78b7b1da2ded17aa