urlscan.io logo urlscan.io
SecurityTrails logo

winnipegsun.com Open in urlscan Pro
34.117.147.204  Public Scan

Go To Rescan Add Verdict Report
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Submission: On December 16 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 94 IPs in 7 countries across 62 domains to perform 202 HTTP transactions. The main IP is 34.117.147.204, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is winnipegsun.com.
TLS certificate: Issued by WR3 on October 29th 2024. Valid for: 3 months.
This is the only time winnipegsun.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 34.117.147.204 396982 (GOOGLE-CL...)
5 34.149.157.221 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
3 142.250.186.34 15169 (GOOGLE)
3 108.138.3.93 16509 (AMAZON-02)
1 104.102.34.86 16625 (AKAMAI-AS)
32 34.117.54.29 396982 (GOOGLE-CL...)
1 13.32.27.97 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 13.35.58.38 16509 (AMAZON-02)
1 2a04:fa87:fff... 2635 (AUTOMATTIC)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 13.107.6.158 8068 (MICROSOFT...)
1 172.67.155.215 13335 (CLOUDFLAR...)
1 4 18.244.18.122 16509 (AMAZON-02)
4 142.250.181.227 15169 (GOOGLE)
1 18.66.147.39 16509 (AMAZON-02)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 35.244.174.68 396982 (GOOGLE-CL...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 65.9.66.90 16509 (AMAZON-02)
1 2400:52e0:1e0... 60068 (CDN77 Dat...)
2 18.158.6.234 16509 (AMAZON-02)
1 2a04:4e42::485 54113 (FASTLY)
1 23.215.23.172 16625 (AKAMAI-AS)
1 65.9.66.104 16509 (AMAZON-02)
2 172.64.144.166 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
3 142.250.185.226 15169 (GOOGLE)
1 13.35.57.137 16509 (AMAZON-02)
2 75.2.40.13 16509 (AMAZON-02)
8 52.19.246.65 16509 (AMAZON-02)
1 2a02:2638:3::39 44788 (ASN-CRITE...)
1 35.227.252.103 396982 (GOOGLE-CL...)
2 37.252.171.85 29990 (ASN-APPNEX)
1 104.18.27.193 13335 (CLOUDFLAR...)
1 2602:803:c003... 26667 (RUBICONPR...)
1 34.120.63.153 396982 (GOOGLE-CL...)
1 34.149.50.64 396982 (GOOGLE-CL...)
3 3.78.93.150 16509 (AMAZON-02)
4 162.19.138.120 16276 (OVH OVH SAS)
2 141.95.33.120 16276 (OVH OVH SAS)
1 35.241.9.51 396982 (GOOGLE-CL...)
2 2 172.217.18.98 15169 (GOOGLE)
3 34.107.254.252 396982 (GOOGLE-CL...)
2 51.195.34.255 16276 (OVH OVH SAS)
3 135.125.146.82 16276 (OVH OVH SAS)
1 51.195.34.222 16276 (OVH OVH SAS)
1 51.195.127.115 16276 (OVH OVH SAS)
1 51.195.73.74 16276 (OVH OVH SAS)
1 51.195.73.82 16276 (OVH OVH SAS)
1 135.125.145.78 16276 (OVH OVH SAS)
1 51.195.115.36 16276 (OVH OVH SAS)
1 51.195.127.100 16276 (OVH OVH SAS)
2 135.125.140.162 16276 (OVH OVH SAS)
1 135.125.146.80 16276 (OVH OVH SAS)
1 51.195.126.30 16276 (OVH OVH SAS)
1 2001:4860:480... 15169 (GOOGLE)
1 142.250.74.194 15169 (GOOGLE)
2 2a02:2638:3::3 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
2 54.246.81.101 16509 (AMAZON-02)
1 2a02:2638:3::c 44788 (ASN-CRITE...)
2 2a00:1450:400... 15169 (GOOGLE)
3 104.18.176.126 13335 (CLOUDFLAR...)
2 2600:9000:215... 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42::645 54113 (FASTLY)
2 2a02:26f0:710... 20940 (AKAMAI-AS...)
1 104.16.143.111 13335 (CLOUDFLAR...)
2 2600:1f18:44f... 14618 (AMAZON-AES)
1 104.18.223.248 13335 (CLOUDFLAR...)
3 142.250.185.136 15169 (GOOGLE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:440... 13335 (CLOUDFLAR...)
2 172.67.72.135 13335 (CLOUDFLAR...)
3 2a04:4e42:600... 54113 (FASTLY)
1 2a02:26f0:710... 20940 (AKAMAI-AS...)
1 142.250.186.164 15169 (GOOGLE)
2 172.67.159.162 13335 (CLOUDFLAR...)
1 157.240.252.13 32934 (FACEBOOK)
2 2001:4860:480... ()
2 2a00:1450:400... ()
2 142.250.186.67 ()
2 162.19.56.86 ()
2 2a04:4e42:400... ()
1 35.244.193.51 ()
1 2a00:1288:80:... ()
1 95.101.148.20 ()
1 151.101.129.108 ()
1 104.18.24.18 ()
1 88.221.125.233 ()
1 23.43.60.191 ()
1 35.244.159.8 ()
202 94
1    34.117.147.204 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 204.147.117.34.bc.googleusercontent.com
winnipegsun.com
5    34.149.157.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.157.149.34.bc.googleusercontent.com
smartcdn.gprod.postmedia.digital
1    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
securepubads.g.doubleclick.net
3    108.138.3.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-3-93.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    104.102.34.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-34-86.deploy.static.akamaitechnologies.com
micro.rubiconproject.com
32    34.117.54.29 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 29.54.117.34.bc.googleusercontent.com
dcs-static.gprod.postmedia.digital
fem.gprod.postmedia.digital
1    13.32.27.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-97.fra56.r.cloudfront.net
ak.sail-horizon.com
2    2606:4700:20::681a:13e (United States)

ASN13335 (CLOUDFLARENET, US)
tags.qortex.ai
1    13.35.58.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-58-38.fra60.r.cloudfront.net
cdn-gateflipp.flippback.com
1    2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)
secure.gravatar.com
3    2606:4700::6812:4eb (United States)

ASN13335 (CLOUDFLARENET, US)
auth.lrcontent.com
config.lrcontent.com
2    13.107.6.158 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: bingforbusiness.com
edge-auth.microsoft.com
1    172.67.155.215 (United States)

ASN13335 (CLOUDFLARENET, US)
www.npttech.com
4    18.244.18.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-122.fra56.r.cloudfront.net
sb.scorecardresearch.com
4    142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net
fonts.gstatic.com
1    18.66.147.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-39.fra60.r.cloudfront.net
p.flipp.com
1    2606:4700:4400::ac40:98f3 (United States)

ASN13335 (CLOUDFLARENET, US)
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
1    35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    2606:4700:20::ac43:49b1 (United States)

ASN13335 (CLOUDFLARENET, US)
events.qortex.ai
1    65.9.66.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-90.fra56.r.cloudfront.net
config.aps.amazon-adsystem.com
1    2400:52e0:1e00::1081:1 (Germany)

ASN60068 (CDN77 Datacamp Limited, GB)
cdn.pbxai.com
2    18.158.6.234 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-6-234.eu-central-1.compute.amazonaws.com
floor.pbxai.com
1    2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    23.215.23.172 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-23-172.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    65.9.66.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-104.fra56.r.cloudfront.net
tags.crwdcntrl.net
2    172.64.144.166 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
2    2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
3    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
pagead2.googlesyndication.com
1    13.35.57.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-57-137.fra60.r.cloudfront.net
aax.amazon-adsystem.com
2    75.2.40.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa7557bb34ea5624b.awsglobalaccelerator.com
api.sail-personalize.com
8    52.19.246.65 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-246-65.eu-west-1.compute.amazonaws.com
c2shb.pubgw.yahoo.com
1    2a02:2638:3::39 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)
bidder.criteo.com
1    35.227.252.103 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
2    37.252.171.85 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    104.18.27.193 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
1    2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
1    34.149.50.64 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 64.50.149.34.bc.googleusercontent.com
s.seedtag.com
3    3.78.93.150 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-78-93-150.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
4    162.19.138.120 (Amsterdam, Netherlands)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31533571.ip-162-19-138.eu
id5-sync.com
2    141.95.33.120 (Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ns3203256.ip-141-95-33.eu
lb.eu-1-id5-sync.com
1    35.241.9.51 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.9.241.35.bc.googleusercontent.com
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co
2    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net
cm.g.doubleclick.net
3    34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com
googlesync.permutive.com
api.permutive.com
2    51.195.34.255 (Jordan)

ASN16276 (OVH OVH SAS, FR)
PTR: ip255.ip-51-195-34.eu
d0.eu-3-id5-sync.com
d4.eu-3-id5-sync.com
3    135.125.146.82 (Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ip82.ip-135-125-146.eu
d1.eu-3-id5-sync.com
d3.eu-3-id5-sync.com
d2.eu-4-id5-sync.com
1    51.195.34.222 (Jordan)

ASN16276 (OVH OVH SAS, FR)
PTR: ip222.ip-51-195-34.eu
d2.eu-3-id5-sync.com
1    51.195.127.115 (Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ip115.ip-51-195-127.eu
d5.eu-3-id5-sync.com
1    51.195.73.74 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ip74.ip-51-195-73.eu
d6.eu-3-id5-sync.com
1    51.195.73.82 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ip82.ip-51-195-73.eu
d7.eu-3-id5-sync.com
1    135.125.145.78 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ip78.ip-135-125-145.eu
d0.eu-4-id5-sync.com
1    51.195.115.36 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ip36.ip-51-195-115.eu
d1.eu-4-id5-sync.com
1    51.195.127.100 (Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ip100.ip-51-195-127.eu
d3.eu-4-id5-sync.com
2    135.125.140.162 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ip162.ip-135-125-140.eu
d4.eu-4-id5-sync.com
d6.eu-4-id5-sync.com
1    135.125.146.80 (Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ip80.ip-135-125-146.eu
d5.eu-4-id5-sync.com
1    51.195.126.30 (Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ip30.ip-51-195-126.eu
d7.eu-4-id5-sync.com
1    2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    142.250.74.194 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
ep1.adtrafficquality.google
2    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)
static.criteo.net
1    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
3fe0c431e7d2ae92ddfa97246eb7dd53.safeframe.googlesyndication.com
2    54.246.81.101 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-81-101.eu-west-1.compute.amazonaws.com
postmedia.hub.loginradius.com
1    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)
gum.criteo.com
2    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ep2.adtrafficquality.google
3    104.18.176.126 (None, )

ASN13335 (CLOUDFLARENET, US)
experience.tinypass.com
cdn.tinypass.com
buy.tinypass.com
2    2600:9000:2156:3a00:8:2ae1:d740:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.viafoura.net
4    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a04:4e42::645 (United States)

ASN54113 (FASTLY, US)
jssdkcdns.mparticle.com
2    2a02:26f0:7100:997::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
cdn.cxense.com
1    104.16.143.111 (None, )

ASN13335 (CLOUDFLARENET, US)
c2.piano.io
2    2600:1f18:44f0:4850:e81e:5d55:f330:a6e2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
api.viafoura.co
1    104.18.223.248 (None, )

ASN13335 (CLOUDFLARENET, US)
buy.tinypass.com
3    142.250.185.136 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f8.1e100.net
www.googletagmanager.com
2    2606:4700::6811:f8cb (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
2    2606:4700:4400::6812:2a4f (United States)

ASN13335 (CLOUDFLARENET, US)
assets.ribn.com
2    172.67.72.135 (United States)

ASN13335 (CLOUDFLARENET, US)
static.trueanthem.com
3    2a04:4e42:600::645 (United States)

ASN54113 (FASTLY, US)
identity.mparticle.com
1    2a02:26f0:7100:983::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
cdn.cxense.com
1    142.250.186.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f4.1e100.net
www.google.com
2    172.67.159.162 (United States)

ASN13335 (CLOUDFLARENET, US)
sdk.mrf.io
1    157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net
connect.facebook.net
2    2001:4860:4802:32::36 (None, )

ASN- ()
region1.analytics.google.com
2    2a00:1450:400c:c1f::9a (None, )

ASN- ()
stats.g.doubleclick.net
2    142.250.186.67 (None, )

ASN- ()
www.google.de
2    162.19.56.86 (None, )

ASN- ()
events.newsroom.bi
2    2a04:4e42:400::645 (None, )

ASN- ()
jssdks.mparticle.com
1    35.244.193.51 (None, )

ASN- ()
lexicon.33across.com
1    2a00:1288:80:807::1 (None, )

ASN- ()
ups.analytics.yahoo.com
1    95.101.148.20 (None, )

ASN- ()
contextual.media.net
1    151.101.129.108 (None, )

ASN- ()
acdn.adnxs.com
1    104.18.24.18 (None, )

ASN- ()
js-sec.indexww.com
1    88.221.125.233 (None, )

ASN- ()
eus.rubiconproject.com
1    23.43.60.191 (None, )

ASN- ()
ads.pubmatic.com
1    35.244.159.8 (None, )

ASN- ()
postmedia-d.openx.net
Apex Domain
Subdomains		 Transfer
37 postmedia.digital
smartcdn.gprod.postmedia.digital — Cisco Umbrella Rank: 107750
dcs-static.gprod.postmedia.digital — Cisco Umbrella Rank: 127262
fem.gprod.postmedia.digital — Cisco Umbrella Rank: 150231
243 KB
9 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 2777
ups.analytics.yahoo.com
2 KB
8 eu-4-id5-sync.com
d0.eu-4-id5-sync.com — Cisco Umbrella Rank: 57105
d1.eu-4-id5-sync.com — Cisco Umbrella Rank: 57373
d2.eu-4-id5-sync.com — Cisco Umbrella Rank: 58097
d3.eu-4-id5-sync.com — Cisco Umbrella Rank: 57383
d4.eu-4-id5-sync.com — Cisco Umbrella Rank: 57824
d5.eu-4-id5-sync.com — Cisco Umbrella Rank: 57185
d6.eu-4-id5-sync.com — Cisco Umbrella Rank: 58098
d7.eu-4-id5-sync.com — Cisco Umbrella Rank: 57106
1 KB
8 eu-3-id5-sync.com
d0.eu-3-id5-sync.com — Cisco Umbrella Rank: 57497
d1.eu-3-id5-sync.com — Cisco Umbrella Rank: 57409
d2.eu-3-id5-sync.com — Cisco Umbrella Rank: 57844
d3.eu-3-id5-sync.com — Cisco Umbrella Rank: 56793
d4.eu-3-id5-sync.com — Cisco Umbrella Rank: 56713
d5.eu-3-id5-sync.com — Cisco Umbrella Rank: 57122
d6.eu-3-id5-sync.com — Cisco Umbrella Rank: 57000
d7.eu-3-id5-sync.com — Cisco Umbrella Rank: 57620
1 KB
7 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
710 KB
7 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
cm.g.doubleclick.net — Cisco Umbrella Rank: 284
stats.g.doubleclick.net
211 KB
6 mparticle.com
jssdkcdns.mparticle.com — Cisco Umbrella Rank: 7123
identity.mparticle.com — Cisco Umbrella Rank: 3615
jssdks.mparticle.com
128 KB
6 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1004
id5-sync.com — Cisco Umbrella Rank: 533
57 KB
5 gstatic.com
fonts.gstatic.com
csi.gstatic.com
67 KB
5 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 347
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 687
aax.amazon-adsystem.com — Cisco Umbrella Rank: 468
92 KB
4 tinypass.com
experience.tinypass.com — Cisco Umbrella Rank: 12181
cdn.tinypass.com — Cisco Umbrella Rank: 7749
buy.tinypass.com — Cisco Umbrella Rank: 7928
125 KB
4 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
3fe0c431e7d2ae92ddfa97246eb7dd53.safeframe.googlesyndication.com
44 KB
4 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 186
12 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 3
region1.analytics.google.com
3 cxense.com
cdn.cxense.com — Cisco Umbrella Rank: 6353
id.cxense.com Failed
44 KB
3 adtrafficquality.google
ep1.adtrafficquality.google — Cisco Umbrella Rank: 389
ep2.adtrafficquality.google — Cisco Umbrella Rank: 403
20 KB
3 permutive.com
googlesync.permutive.com — Cisco Umbrella Rank: 11961
api.permutive.com — Cisco Umbrella Rank: 2768
483 B
3 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 985
364 B
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 281
acdn.adnxs.com
1 KB
3 pbxai.com
cdn.pbxai.com — Cisco Umbrella Rank: 11357
floor.pbxai.com — Cisco Umbrella Rank: 10499
9 KB
3 lrcontent.com
auth.lrcontent.com — Cisco Umbrella Rank: 73732
config.lrcontent.com — Cisco Umbrella Rank: 30746
349 KB
3 qortex.ai
tags.qortex.ai — Cisco Umbrella Rank: 41643
events.qortex.ai — Cisco Umbrella Rank: 36065
19 KB
3 rubiconproject.com
micro.rubiconproject.com — Cisco Umbrella Rank: 3385
fastlane.rubiconproject.com — Cisco Umbrella Rank: 505
eus.rubiconproject.com
198 KB
2 newsroom.bi
events.newsroom.bi
1 KB
2 google.de
www.google.de
126 B
2 mrf.io
sdk.mrf.io — Cisco Umbrella Rank: 9039
63 KB
2 trueanthem.com
static.trueanthem.com — Cisco Umbrella Rank: 20947
b.trueanthem.com Failed
12 KB
2 ribn.com
assets.ribn.com — Cisco Umbrella Rank: 135794
8 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 740
5 KB
2 viafoura.co
api.viafoura.co — Cisco Umbrella Rank: 11014
3 KB
2 viafoura.net
cdn.viafoura.net — Cisco Umbrella Rank: 11081
188 KB
2 loginradius.com
postmedia.hub.loginradius.com — Cisco Umbrella Rank: 152397
738 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 793
31 KB
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 946
595 B
2 media.net
prebid.media.net — Cisco Umbrella Rank: 1005
contextual.media.net
1 KB
2 openx.net
rtb.openx.net — Cisco Umbrella Rank: 552
postmedia-d.openx.net
294 B
2 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 949
gum.criteo.com — Cisco Umbrella Rank: 450
222 B
2 sail-personalize.com
api.sail-personalize.com — Cisco Umbrella Rank: 3917
496 B
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1734
157 KB
2 microsoft.com
edge-auth.microsoft.com — Cisco Umbrella Rank: 36307
281 KB
1 indexww.com
js-sec.indexww.com
1 33across.com
lexicon.33across.com
250 B
1 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
61 KB
1 piano.io
c2.piano.io — Cisco Umbrella Rank: 6909
3 KB
1 prmutv.co
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co — Cisco Umbrella Rank: 226295
384 B
1 seedtag.com
s.seedtag.com — Cisco Umbrella Rank: 1893
391 B
1 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 496
571 B
1 pubmatic.com
hbopenbid.pubmatic.com Failed
ads.pubmatic.com
1 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1010
13 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1120
17 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 318
1 KB
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 476
98 B
1 permutive.app
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app — Cisco Umbrella Rank: 166815
151 KB
1 flipp.com
p.flipp.com — Cisco Umbrella Rank: 13081
1 npttech.com
www.npttech.com — Cisco Umbrella Rank: 9114
3 KB
1 gravatar.com
secure.gravatar.com — Cisco Umbrella Rank: 2458
7 KB
1 flippback.com
cdn-gateflipp.flippback.com — Cisco Umbrella Rank: 12664
31 KB
1 sail-horizon.com
ak.sail-horizon.com — Cisco Umbrella Rank: 4115
56 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
1 winnipegsun.com
winnipegsun.com
52 KB
0 parsely.com Failed
cdn.parsely.com Failed
0 fullcontact.com Failed
tags.fullcontact.com Failed
202 62
Domain Requested by
28 dcs-static.gprod.postmedia.digital winnipegsun.com
dcs-static.gprod.postmedia.digital
8 c2shb.pubgw.yahoo.com micro.rubiconproject.com
7 www.googletagmanager.com fem.gprod.postmedia.digital
www.googletagmanager.com
jssdkcdns.mparticle.com
5 smartcdn.gprod.postmedia.digital winnipegsun.com
4 id5-sync.com cdn.id5-sync.com
micro.rubiconproject.com
4 fonts.gstatic.com fonts.googleapis.com
4 sb.scorecardresearch.com 1 redirects winnipegsun.com
fem.gprod.postmedia.digital
4 fem.gprod.postmedia.digital winnipegsun.com
fem.gprod.postmedia.digital
3 identity.mparticle.com jssdkcdns.mparticle.com
3 cdn.cxense.com cdn.tinypass.com
cdn.cxense.com
3 btlr.sharethrough.com micro.rubiconproject.com
3 pagead2.googlesyndication.com securepubads.g.doubleclick.net
3 c.amazon-adsystem.com winnipegsun.com
c.amazon-adsystem.com
3 securepubads.g.doubleclick.net winnipegsun.com
securepubads.g.doubleclick.net
2 jssdks.mparticle.com jssdkcdns.mparticle.com
2 events.newsroom.bi sdk.mrf.io
2 www.google.de
2 stats.g.doubleclick.net www.googletagmanager.com
2 region1.analytics.google.com www.googletagmanager.com
2 sdk.mrf.io winnipegsun.com
sdk.mrf.io
2 static.trueanthem.com www.googletagmanager.com
static.trueanthem.com
2 assets.ribn.com www.googletagmanager.com
winnipegsun.com
2 unpkg.com 1 redirects
2 buy.tinypass.com cdn.tinypass.com
2 api.viafoura.co cdn.viafoura.net
2 cdn.viafoura.net fem.gprod.postmedia.digital
cdn.viafoura.net
2 ep2.adtrafficquality.google securepubads.g.doubleclick.net
ep2.adtrafficquality.google
2 postmedia.hub.loginradius.com fem.gprod.postmedia.digital
2 static.criteo.net micro.rubiconproject.com
static.criteo.net
2 config.lrcontent.com auth.lrcontent.com
2 api.permutive.com 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
2 cm.g.doubleclick.net 2 redirects
2 lb.eu-1-id5-sync.com cdn.id5-sync.com
micro.rubiconproject.com
2 ib.adnxs.com micro.rubiconproject.com
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
2 api.sail-personalize.com ak.sail-horizon.com
2 cdn.id5-sync.com winnipegsun.com
micro.rubiconproject.com
2 cdn.confiant-integrations.net winnipegsun.com
cdn.confiant-integrations.net
2 floor.pbxai.com micro.rubiconproject.com
cdn.pbxai.com
2 edge-auth.microsoft.com winnipegsun.com
edge-auth.microsoft.com
2 tags.qortex.ai winnipegsun.com
tags.qortex.ai
1 postmedia-d.openx.net micro.rubiconproject.com
1 ads.pubmatic.com micro.rubiconproject.com
1 eus.rubiconproject.com micro.rubiconproject.com
1 js-sec.indexww.com micro.rubiconproject.com
1 acdn.adnxs.com micro.rubiconproject.com
1 contextual.media.net micro.rubiconproject.com
1 ups.analytics.yahoo.com micro.rubiconproject.com
1 lexicon.33across.com micro.rubiconproject.com
1 connect.facebook.net winnipegsun.com
connect.facebook.net
1 www.google.com www.googletagmanager.com
1 c2.piano.io cdn.tinypass.com
1 cdn.tinypass.com experience.tinypass.com
1 jssdkcdns.mparticle.com fem.gprod.postmedia.digital
1 experience.tinypass.com fem.gprod.postmedia.digital
1 gum.criteo.com static.criteo.net
1 3fe0c431e7d2ae92ddfa97246eb7dd53.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 ep1.adtrafficquality.google securepubads.g.doubleclick.net
1 csi.gstatic.com pagead2.googlesyndication.com
1 d7.eu-4-id5-sync.com cdn.id5-sync.com
1 d6.eu-4-id5-sync.com cdn.id5-sync.com
1 d5.eu-4-id5-sync.com cdn.id5-sync.com
1 d4.eu-4-id5-sync.com cdn.id5-sync.com
1 d3.eu-4-id5-sync.com cdn.id5-sync.com
1 d2.eu-4-id5-sync.com cdn.id5-sync.com
1 d1.eu-4-id5-sync.com cdn.id5-sync.com
1 d0.eu-4-id5-sync.com cdn.id5-sync.com
1 d7.eu-3-id5-sync.com cdn.id5-sync.com
1 d6.eu-3-id5-sync.com cdn.id5-sync.com
1 d5.eu-3-id5-sync.com cdn.id5-sync.com
1 d4.eu-3-id5-sync.com cdn.id5-sync.com
1 d3.eu-3-id5-sync.com cdn.id5-sync.com
1 d2.eu-3-id5-sync.com cdn.id5-sync.com
1 d1.eu-3-id5-sync.com cdn.id5-sync.com
1 d0.eu-3-id5-sync.com cdn.id5-sync.com
1 googlesync.permutive.com
1 23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
1 s.seedtag.com micro.rubiconproject.com
1 prebid.media.net micro.rubiconproject.com
1 fastlane.rubiconproject.com micro.rubiconproject.com
1 htlb.casalemedia.com micro.rubiconproject.com
1 rtb.openx.net micro.rubiconproject.com
1 bidder.criteo.com micro.rubiconproject.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 tags.crwdcntrl.net winnipegsun.com
1 secure.cdn.fastclick.net winnipegsun.com
1 cdn.jsdelivr.net micro.rubiconproject.com
1 cdn.pbxai.com micro.rubiconproject.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 events.qortex.ai tags.qortex.ai
1 idsync.rlcdn.com winnipegsun.com
1 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app fem.gprod.postmedia.digital
1 p.flipp.com cdn-gateflipp.flippback.com
1 www.npttech.com winnipegsun.com
1 auth.lrcontent.com winnipegsun.com
1 secure.gravatar.com winnipegsun.com
1 cdn-gateflipp.flippback.com winnipegsun.com
1 ak.sail-horizon.com winnipegsun.com
1 micro.rubiconproject.com winnipegsun.com
1 fonts.googleapis.com winnipegsun.com
1 winnipegsun.com
0 id.cxense.com Failed cdn.cxense.com
0 cdn.parsely.com Failed www.googletagmanager.com
0 b.trueanthem.com Failed static.trueanthem.com
0 tags.fullcontact.com Failed fem.gprod.postmedia.digital
0 hbopenbid.pubmatic.com Failed micro.rubiconproject.com
202 105
Subject Issuer Validity Valid
winnipegsun.com
WR3		 2024-10-29 -
2025-01-27		 3 months crt.sh
gprod.postmedia.digital
WR3		 2024-10-27 -
2025-01-25		 3 months crt.sh
upload.video.google.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M03		 2024-11-19 -
2025-12-18		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-07-30 -
2025-04-03		 8 months crt.sh
ak.sail-horizon.com
Amazon RSA 2048 M02		 2024-12-12 -
2026-01-10		 a year crt.sh
qortex.ai
WE1		 2024-12-08 -
2025-03-08		 3 months crt.sh
flippback.com
Amazon RSA 2048 M02		 2024-08-18 -
2025-09-16		 a year crt.sh
*.gravatar.com
Sectigo ECC Domain Validation Secure Server CA		 2023-12-05 -
2025-01-04		 a year crt.sh
lrcontent.com
WE1		 2024-11-20 -
2025-02-18		 3 months crt.sh
edge-auth.microsoft.com
Microsoft Azure RSA TLS Issuing CA 04		 2024-11-15 -
2025-05-14		 6 months crt.sh
npttech.com
WE1		 2024-10-18 -
2025-01-16		 3 months crt.sh
*.gstatic.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
flipp.com
Amazon RSA 2048 M02		 2024-06-30 -
2025-07-28		 a year crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA		 2024-02-15 -
2025-02-14		 a year crt.sh
permutive.app
WE1		 2024-11-25 -
2025-02-23		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2024-02-06 -
2025-03-05		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2024-01-21 -
2025-02-19		 a year crt.sh
cdn.pbxai.com
R11		 2024-11-27 -
2025-02-25		 3 months crt.sh
floor.pbxai.com
Amazon RSA 2048 M03		 2024-07-07 -
2025-08-06		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3		 2024-07-30 -
2025-08-31		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2024-08-07 -
2025-08-07		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M02		 2024-09-07 -
2025-10-07		 a year crt.sh
confiant-integrations.net
WE1		 2024-11-07 -
2025-02-05		 3 months crt.sh
id5-sync.com
WE1		 2024-11-28 -
2025-02-26		 3 months crt.sh
alt1-3ps.amazon-adsystem.com
Amazon RSA 2048 M02		 2024-12-06 -
2026-01-04		 a year crt.sh
api.sail-personalize.com
Amazon RSA 2048 M02		 2024-03-25 -
2025-04-22		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2024-09-06 -
2025-03-05		 6 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-12-03 -
2025-03-03		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2024-08-14 -
2025-08-18		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2024-02-14 -
2025-03-16		 a year crt.sh
casalemedia.com
E5		 2024-12-11 -
2025-03-11		 3 months crt.sh
prebid.media.net
WR3		 2024-12-02 -
2025-03-02		 3 months crt.sh
*.seedtag.com
Sectigo RSA Domain Validation Secure Server CA		 2024-03-22 -
2025-04-22		 a year crt.sh
*.sharethrough.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2024-07-15 -
2025-08-15		 a year crt.sh
eu-1-id5-sync.com
R11		 2024-11-11 -
2025-02-09		 3 months crt.sh
*.prmutv.co
E5		 2024-11-13 -
2025-02-11		 3 months crt.sh
api.permutive.com
R11		 2024-10-19 -
2025-01-17		 3 months crt.sh
eu-3-id5-sync.com
E6		 2024-11-11 -
2025-02-09		 3 months crt.sh
eu-4-id5-sync.com
E5		 2024-11-11 -
2025-02-09		 3 months crt.sh
adtrafficquality.google
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-11-29 -
2025-02-25		 3 months crt.sh
*.loginradius.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-10-13 -
2025-11-13		 a year crt.sh
tinypass.com
WE1		 2024-11-08 -
2025-02-06		 3 months crt.sh
viafoura.com
Amazon RSA 2048 M03		 2024-07-09 -
2025-08-07		 a year crt.sh
*.google-analytics.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
jssdkcdns.mparticle.com
Go Daddy Secure Certificate Authority - G2		 2024-05-02 -
2025-06-03		 a year crt.sh
*.cxense.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-02-14 -
2025-02-14		 a year crt.sh
piano.io
WE1		 2024-11-25 -
2025-02-23		 3 months crt.sh
ribn.com
WE1		 2024-12-10 -
2025-03-10		 3 months crt.sh
trueanthem.com
WE1		 2024-11-10 -
2025-02-08		 3 months crt.sh
identity.mparticle.com
Go Daddy Secure Certificate Authority - G2		 2024-05-08 -
2025-06-09		 a year crt.sh
*.google.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
sdk.mrf.io
WE1		 2024-11-18 -
2025-02-16		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-09-24 -
2024-12-23		 3 months crt.sh
*.google.de
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
ssl03.cert.cl13.k8s.mrf.io
E5		 2024-11-25 -
2025-02-23		 3 months crt.sh
jssdks.mparticle.com
Go Daddy Secure Certificate Authority - G2		 2024-09-15 -
2025-10-17		 a year crt.sh
lexicon.33across.com
WR3		 2024-11-02 -
2025-01-31		 3 months crt.sh
sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2024-11-22 -
2025-05-21		 6 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2024-10-23 -
2025-10-22		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2024-04-08 -
2025-05-09		 a year crt.sh
indexww.com
WE1		 2024-11-30 -
2025-02-28		 3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-11-27 -
2025-11-30		 a year crt.sh

This page contains 15 frames:

Primary Page: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Frame ID: C1C506440552FB8260C386F801663C0A
Requests: 179 HTTP requests in this frame

Frame: https://fem.gprod.postmedia.digital/v115.0/xd.html
Frame ID: 2A97EA0CA145AE7055CC8C034FE220AA
Requests: 1 HTTP requests in this frame

Frame: https://3fe0c431e7d2ae92ddfa97246eb7dd53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A19BC082D791DDE570E7C3A485F3AEC8
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=winnipegsun.com
Frame ID: 266DAC3E0172BE3A24960EEF8BD47AD8
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: EA479FB6C47C7A59D82878DE259343D9
Requests: 1 HTTP requests in this frame

Frame: https://edge-auth.microsoft.com/v0.5/signinprompt?uuid=4eecd7f9-38d5-4e10-be71-0883f5130c09&send_session_started=true&client_id=a2f5b229-db73-4076-8a05-f85b0fd8a6e8&locale=en-US&context=signin
Frame ID: 1C968B4F52238893948CC5CC1C220D1C
Requests: 1 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/cacheableShow?aid=RpxZ9l1H1l&templateId=OTEHRB8JJDBG&offerId=fakeOfferId&experienceId=EXZS44KN41XP&iframeId=offer_23447bbcdaa3f7fe692c-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwinnipegsun.com
Frame ID: 5F2F7A98F701A299D18DEB8589038710
Requests: 1 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: 7E834D38D40D69F44BBE8A4B3AC14CB0
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fwinnipegsun.com
Frame ID: 6A16B0D2E7FE081D63F92CDC18CD8583
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUKB9454&prvid=2012%2C2034%2C2033%2C2055%2C172%2C2030%2C3020%2C251%2C233%2C2027%2C236%2C313%2C237%2C70%2C319%2C97%2C55%2C77%2C20000%2C2023%2C2022%2C3012%2C460%2C462%2C244%2C201%2C2039%2C246%2C126%2C203%2C326%2C108%2C508&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 876C4965BE19B60408093E951D2722C9
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 3D3655F11F282EF97B1D85696AB3BA3D
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 0574B22D9C3FDD0C0A3E92383BE5F45B
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 952020F16A7066CF06EB3F578C794D17
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Frame ID: 284A2C1CFE544355904B64BB7290D68B
Requests: 1 HTTP requests in this frame

Frame: https://postmedia-d.openx.net/w/1.0/pd
Frame ID: 88DE5A5CB6135B2FB98C7E62D82A33BC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

UN human rights office in Venezuela partially resumes work months after government shut it down | Winnipeg Sun

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

202
Requests

93 %
HTTPS

31 %
IPv6

62
Domains

105
Subdomains

94
IPs

7
Countries

3484 kB
Transfer

11329 kB
Size

40
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://sb.scorecardresearch.com/cs/10276888/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Request Chain 99
  • https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=a7ffb3b1-d076-4032-b1c9-3c6f1cde9f6a&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=a7ffb3b1-d076-4032-b1c9-3c6f1cde9f6a&gdpr=0&google_tc= HTTP 302
  • https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEHb6Hl8GZWWgxXBsVbuvF1U&error=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=a7ffb3b1-d076-4032-b1c9-3c6f1cde9f6a&gdpr=0&google_cver=1
Request Chain 154
  • https://unpkg.com/web-vitals@3/dist/web-vitals.attribution.iife.js HTTP 302
  • https://unpkg.com/web-vitals@3.5.2/dist/web-vitals.attribution.iife.js

202 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
winnipegsun.com/pmn/ 		267 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.147.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
204.147.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ed13a91625b1d605490239eadb39dbedaaf56c273de30e3298be6e6e98a768d9
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=180
content-encoding
gzip
content-language
en
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
content-type
text/html; charset=utf-8
date
Mon, 16 Dec 2024 08:26:45 GMT
expires
Mon, 16 Dec 2024 08:04:15 GMT
last-modified
Mon, 16 Dec 2024 07:59:54 GMT
permissions-policy
autoplay=(*), camera=(*), display-capture=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), microphone=(*), payment=(*)
referrer-policy
strict-origin-when-cross-origin
server
istio-envoy
strict-transport-security
max-age=31536000
vary
Accept-Encoding,Accept-Language
via
1.1 google
x-content-type-options
nosniff
x-dcs-cache-page
HIT
x-envoy-decorator-operation
pmd-nginx-proxy.nginx-proxy.svc.cluster.local:80/*
x-envoy-upstream-service-time
10
x-frame-options
SAMEORIGIN
x-pmd-backend
pmd-nginx-proxy-5bf9dc8ffc-hbmxn
x-pmd-cache
STALE
xlm501-the-associated-press-1.jpg
smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2024/12/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2024/12/xlm501-the-associated-press-1.jpg?quality=90&strip=all&w=564&h=423&type=webp&sig=emac6Y01Eohjc--l0RxKNQ
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
225d824297f9136dc522d211061ccba4e5a14b0f38741d0a776e3d070a7ba276

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

cache-control
max-age=31536000,public
etag
"0b9269fc67eabef50feec32ae87352d6a40f40ff"
via
1.1 google
x-pmd-smart-cdn-proxy
thumbor-proxy-675b9bbb75-dnsl5
x-cache-hit
miss
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49878
date
Mon, 16 Dec 2024 08:26:45 GMT
content-type
image/webp
vary
Accept
server
nginx/1.18.0
x-pmd-smartcdn-requester
winnipegsun
css
fonts.googleapis.com/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fb0991d4e66eae446ee6d6f76bf77e42139f6d58e00bd84687b0d323c8425430
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 16 Dec 2024 08:26:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 16 Dec 2024 08:26:45 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Mon, 16 Dec 2024 08:26:45 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		104 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
7dcd5e02ed952e12295eba3f40e69a57ea650d275ef3ca94b1e151c5714c1ab9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

content-encoding
br
etag
911 / 20073 / m202412090101 / config-hash: 16775640167977932469
x-content-type-options
nosniff
expires
Mon, 16 Dec 2024 08:26:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 16 Dec 2024 08:26:45 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33850
x-xss-protection
0
server
cafe
apstag.js
c.amazon-adsystem.com/aax2/ 		345 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.3.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-3-93.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b69ad8b1266df233a00c8ceb99f3271488f4d383741a21981b8ce50e32e3be07

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

vary
Accept-Encoding
cache-control
max-age=3600
content-encoding
gzip
etag
W/"f4218dbb17ff2c3421282ef9135e5375"
age
2487
via
1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront), 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
W_BRqvZN2bNQzUCAbmYpIXI37GfrMxn_4Nj549I9nVvaK-NR2JpTBw==
date
Mon, 16 Dec 2024 07:45:19 GMT
content-type
application/javascript
last-modified
Wed, 06 Nov 2024 22:51:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
x-amz-server-side-encryption
AES256
14648.js
micro.rubiconproject.com/prebid/dynamic/ 		635 KB
193 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://micro.rubiconproject.com/prebid/dynamic/14648.js
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.34.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-34-86.deploy.static.akamaitechnologies.com
Software
Apache/2.4.62 (Debian) PHP/8.3.13 OpenSSL/3.0.15 /
Resource Hash
b0dcf5adcbe60d3aaf19a7ae91d019e6803c5b8e852699a91082487458368080

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

edge-cache-tag
prod-prebid-14648_The_Winnipeg_Sun.js
cache-control
public, must-revalidate, max-age=14400
content-encoding
gzip
expires
Tue, 17 Dec 2024 01:42:00 GMT
content-length
197101
date
Mon, 16 Dec 2024 08:26:45 GMT
content-type
text/javascript;charset=UTF-8
vary
accept-encoding, referer
server
Apache/2.4.62 (Debian) PHP/8.3.13 OpenSSL/3.0.15
output.6e1442a4ed58.css
dcs-static.gprod.postmedia.digital/17.5.4/CACHE/css/ 		29 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/17.5.4/CACHE/css/output.6e1442a4ed58.css
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
6e1442a4ed58986cc47bc718ab9b6b434c367cf0e8f900309318b0bb78412076

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

x-goog-metageneration
1
x-goog-meta-goog-reserved-file-mtime
1733424324
x-goog-hash
crc32c=0StZFg==, md5=t6ZH0zqUL2aqGsE5kjZ0Bw==
content-encoding
br
etag
W/"b7a647d33a942f66aa1ac13992367407"
age
905249
x-goog-stored-content-encoding
identity
x-cache-hit
hit
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
29822
date
Thu, 05 Dec 2024 20:59:16 GMT
last-modified
Thu, 05 Dec 2024 20:45:36 GMT
content-type
text/css
vary
Accept-Encoding
x-guploader-uploadid
AFiumC5uJTg6KO5KMt-mSPEDVBcIKVI_CUw5dTJYf4hq7NKO85c2NYqj0JVYTip-oH6ae8UUESrekYZt8g
cache-control
public,max-age=31622400
x-goog-storage-class
STANDARD
accept-ranges
none
access-control-allow-origin
*
x-goog-generation
1733431536541750
content-length
2535
server
UploadServer
output.817e0dc631d4.css
dcs-static.gprod.postmedia.digital/17.5.4/CACHE/css/ 		102 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/17.5.4/CACHE/css/output.817e0dc631d4.css
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e4a149fa31aba2b0b15d24d1eb1403cc76cee5338af364ab1956f11b97f38a17

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

x-goog-metageneration
1
x-goog-meta-goog-reserved-file-mtime
1733424324
x-goog-hash
crc32c=+wGlgw==, md5=BggW0jyAjgcvUc/0slwjtg==
content-encoding
br
etag
W/"060816d23c808e072f51cff4b25c23b6"
age
905076
x-goog-stored-content-encoding
identity
x-cache-hit
hit
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
104105
date
Thu, 05 Dec 2024 21:02:09 GMT
last-modified
Thu, 05 Dec 2024 20:45:37 GMT
content-type
text/css
vary
Accept-Encoding
x-guploader-uploadid
AFiumC61eyc2acNfOLbiPJl7-vTpXXigltkmvW9naV7VLVc8kZBSuJqXjzfIUjq9XxIiC56yNK3itZ8gfg
cache-control
public,max-age=31622400
x-goog-storage-class
STANDARD
accept-ranges
none
access-control-allow-origin
*
x-goog-generation
1733431537242975
content-length
16613
server
UploadServer
output.531dac709a15.css
dcs-static.gprod.postmedia.digital/17.5.4/CACHE/css/ 		76 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/17.5.4/CACHE/css/output.531dac709a15.css
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
9a426226261fd2e19408e89e1f85cfffaaf46480e824a667488b3a79f84bf44e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

x-goog-metageneration
1
x-goog-meta-goog-reserved-file-mtime
1733424324
x-goog-hash
crc32c=m8ShhA==, md5=FBLQUkdXU20rXZIkfJMBZA==
content-encoding
br
etag
W/"1412d0524757536d2b5d92247c930164"
age
905076
x-goog-stored-content-encoding
identity
x-cache-hit
hit
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
77360
date
Thu, 05 Dec 2024 21:02:09 GMT
last-modified
Thu, 05 Dec 2024 20:45:35 GMT
content-type
text/css
vary
Accept-Encoding
x-guploader-uploadid
AFiumC6YWqXDHXJopEY-oaQMaqWkpsC718k1ykGLWOz0mpgn1N2ZvgnRGwftS8XiYU8wqxxtVR2Sl5NLLw
cache-control
public,max-age=31622400
x-goog-storage-class
STANDARD
accept-ranges
none
access-control-allow-origin
*
x-goog-generation
1733431535279062
content-length
8254
server
UploadServer
output.d51d55f52f65.css
dcs-static.gprod.postmedia.digital/17.5.4/CACHE/css/ 		110 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/17.5.4/CACHE/css/output.d51d55f52f65.css
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
bbdaabb630e360c9f424b9a5479c3936e69008e3d162b55ae341cf12b449b6f4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

x-goog-metageneration
1
x-goog-meta-goog-reserved-file-mtime
1733424324
x-goog-hash
crc32c=VQ24WA==, md5=QHlLl1SWg1T9x0HPdlDN3Q==
content-encoding
br
etag
W/"40794b9754968354fdc741cf7650cddd"
age
903202
x-goog-stored-content-encoding
identity
x-cache-hit
hit
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
112971
date
Thu, 05 Dec 2024 21:33:23 GMT
last-modified
Thu, 05 Dec 2024 20:45:39 GMT
content-type
text/css
vary
Accept-Encoding
x-guploader-uploadid
AFiumC7DY-d8wAVDy9npIpofqUZbe6l3KVf0hDd3RDcCpXqAUa7ZCH_vYQWpe0qEd_YYU12AoKCbzDhDfg
cache-control
public,max-age=31622400
x-goog-storage-class
STANDARD
accept-ranges
none
access-control-allow-origin
*
x-goog-generation
1733431539897854
content-length
16456
server
UploadServer
spm.v1.min.js
ak.sail-horizon.com/spm/ 		173 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-97.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d4ef66da786aac7a6ae7d165b5a6d9f7456ec786ddc04100449d53ab5cf796db

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

vary
Accept-Encoding
cache-control
max-age=600; must-revalidate
content-encoding
gzip
etag
W/"baf420a4fb632cc24e50dcdb1d7e984d"
age
240
via
1.1 2e4a0520ad8fe16707823b20e9441e08.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
XTx5UMus04CBNURZMfn-kEa9NvuBeNExQQK4W9d_YZL7gatkKluU4A==
date
Mon, 16 Dec 2024 08:22:46 GMT
content-type
application/javascript
last-modified
Wed, 11 Dec 2024 09:49:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
fem.js
fem.gprod.postmedia.digital/v115.0/ 		350 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v115.0/fem.js
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
6be124880445738af07e274e6bd8d8e436bb0d133a580d22c94d5e336f32d13d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://winnipegsun.com
Referer
https://winnipegsun.com/

Response headers

x-goog-metageneration
1
x-goog-meta-goog-reserved-file-mtime
1731957428
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=gG0sog==, md5=fwjMu6FWmq4BzTDCz93wvg==
content-encoding
br
etag
W/"7f08ccbba1569aae01cd30c2cfddf0be"
age
1691154
x-goog-stored-content-encoding
identity
x-cache-hit
hit
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
358011
date
Tue, 26 Nov 2024 18:40:51 GMT
last-modified
Mon, 18 Nov 2024 19:17:30 GMT
content-type
text/javascript
vary
Accept-Encoding
x-guploader-uploadid
AFiumC7PtjFgXtlYzjV8ylZVeLYINI1PjEV0Ce5VnXdhpgecJ1y-c6-wztniIwDpDuMm2ldGQZw73n-HnA
cache-control
public,max-age=31622400
x-goog-storage-class
STANDARD
accept-ranges
none
access-control-allow-origin
*
x-goog-generation
1731957450096544
content-length
84041
server
UploadServer
bootstrapper
tags.qortex.ai/ 		29 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.qortex.ai/bootstrapper?group-id=mWG1MKwnUqyMj5mnvTfg&video-container=.jw-wrapper&continuous-load=true
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:13e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
9554b211b59cb46d8a4f37906b897d96928c4d591bbad5e7b37928a81155a964

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"145"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KupVabjzrcGDHT0%2FymR778jIbmSfH9oulUmEUyxlVtIB7%2FOf4Vs0djGEn1y7G0Z7YIS4VM1x7RqY7N2TlQz6KCXd%2BjmzXHBWm21vE10Xm%2F3hJRz1Y8%2Fcto7hRrrV7mIH2s25mbvMPpe%2FaqhS"}],"group":"cf-nel","max_age":604800}
cf-ray
8f2d4a555cd31c9d-FRA
access-control-allow-origin
*
server-timing
cfL4;desc="?proto=TCP&rtt=7578&min_rtt=5833&rtt_var=2918&sent=8&recv=13&lost=0&retrans=0&sent_bytes=4030&recv_bytes=2289&delivery_rate=621366&cwnd=255&unsent_bytes=0&cid=ef0faaba31c620bf&ts=308&x=0"
date
Mon, 16 Dec 2024 08:26:46 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Mon, 09 Dec 2024 15:25:15 GMT
x-powered-by
Express
server
cloudflare
vary
Accept-Encoding
flipptag.js
cdn-gateflipp.flippback.com/tag/js/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=%201179443
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-38.fra60.r.cloudfront.net
Software
envoy /
Resource Hash
034d4607e9ac8dfc957062617960801b2b50a49facfe5db938618333c9e9821c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

cache-control
no-store
content-encoding
gzip
x-envoy-upstream-service-time
5
via
1.1 80b00aa2dcc58ca61b2465a37c89fc92.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-amz-cf-id
mFAqDcYFFcAkC-DTiXBEufXdlj5VGGiCDf3FQx6t23DMtFcYXyPTZg==
date
Mon, 16 Dec 2024 08:26:46 GMT
content-type
application/javascript
vary
Origin,Origin, Accept-Encoding
server
envoy
x-amz-cf-pop
FRA60-P10
a78256cb32a2d8681dc2df9afa609931
secure.gravatar.com/avatar/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/a78256cb32a2d8681dc2df9afa609931?s=70&d=mp
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7355909b93826a1a3d800d808f635650c7f7a364c6125e922152eca64d747cf3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

link
<https://gravatar.com/avatar/a78256cb32a2d8681dc2df9afa609931?s=70&d=mp>; rel="canonical"
cache-control
max-age=300
x-nc
HIT hhn 2
expires
Mon, 16 Dec 2024 08:31:45 GMT
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
6880
date
Mon, 16 Dec 2024 08:26:45 GMT
content-type
image/png
last-modified
Thu, 30 Nov 2017 18:24:08 GMT
server
nginx
content-disposition
inline; filename="a78256cb32a2d8681dc2df9afa609931.png"
icon-close-black.svg
dcs-static.gprod.postmedia.digital/17.5.4/websites/images/common-icon/ 		378 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/17.5.4/websites/images/common-icon/icon-close-black.svg
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
15b54a90686829d59ef0c2bc6a9e2e82b6a11536be56acf2b4ff414b081c891d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

x-goog-metageneration
1
x-goog-meta-goog-reserved-file-mtime
1733424320
x-goog-hash
crc32c=wbQwCg==, md5=a1F2R7db6sfO3k5jTqUQlA==
etag
"6b517647b75beac7cede4e634ea51094"
age
905137
x-goog-stored-content-encoding
identity
x-cache-hit
hit
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
378
date
Thu, 05 Dec 2024 21:01:08 GMT
last-modified
Thu, 05 Dec 2024 20:46:26 GMT
content-type
image/svg+xml
x-guploader-uploadid
AFiumC6qsqg1p-1xnGYatYzORatOW8Cz77nHLx7tdQUe6h54855SDsR8zlGeMMsm59v3zAmT34trFaixppzgXw4
cache-control
public,max-age=31622400
x-goog-storage-class
STANDARD
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1733431586775342
content-length
378
server
UploadServer
LoginRadiusV2.js
auth.lrcontent.com/v2/js/ 		1 MB
348 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.lrcontent.com/v2/js/LoginRadiusV2.js
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5a6516ab26a25b1d7cbdb352bf3e79aa7816bee9a4fa98ab0fbd5ec2825202b
Security Headers
Name Value
Strict-Transport-Security max-age= 63072000; includeSubdomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"6cf0b594cb77b6371185fc243f94710d"
age
2776
expires
Mon, 16 Dec 2024 12:26:45 GMT
x-cache
Miss from cloudfront
x-amz-cf-id
Gz_wkU4cHP9AL55s5DD6UopY6LGReixz_FbE-eu91yiaMWYY5UAzQQ==
date
Mon, 16 Dec 2024 08:26:45 GMT
content-type
text/javascript
last-modified
Wed, 11 Dec 2024 09:28:21 GMT
vary
Origin, Accept-Encoding
strict-transport-security
max-age= 63072000; includeSubdomains; preload
cache-control
public, max-age=14400
via
1.1 a4079c0a5989b4b7af98433fdd07f680.cloudfront.net (CloudFront)
cf-ray
8f2d4a53b9498fd6-FRA
x-amz-cf-pop
FRA56-P8
server
cloudflare
x-amz-server-side-encryption
AES256
ms_auth_client.min.js
edge-auth.microsoft.com/js/ 		280 KB
281 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge-auth.microsoft.com/js/ms_auth_client.min.js
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.6.158 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
bingforbusiness.com
Software
/
Resource Hash
33cc6e61cbb1addafa75cc8ed40216823ee7e50631bb8d2b71eda77ca81a77f3
Security Headers
Name Value
Content-Security-Policy script-src 'strict-dynamic' 'nonce-F8bwr+OO+VJb5E/AvjD84lJKDYiTBFzJXTB/DETt0mYWHttodGEL4mt/rPBDtJ1L591Lob8DQ6HeuXFc23gJzuEONKbv+nRG88Mv+JjM8w4Rms4rSudmP1BbPhCI8Hia0IqOKeZM+Usmk2oeA+iziq+fxDmak2H8ZoUOkPPtckY=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

content-security-policy
script-src 'strict-dynamic' 'nonce-F8bwr+OO+VJb5E/AvjD84lJKDYiTBFzJXTB/DETt0mYWHttodGEL4mt/rPBDtJ1L591Lob8DQ6HeuXFc23gJzuEONKbv+nRG88Mv+JjM8w4Rms4rSudmP1BbPhCI8Hia0IqOKeZM+Usmk2oeA+iziq+fxDmak2H8ZoUOkPPtckY=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';
cache-control
max-age=0, no-cache, no-store, must-revalidate
etag
"1db3b81182960c4"
x-msedge-ref
Ref A: E3A6551E49234FEDA337839F16090FAC Ref B: AMS231032605011 Ref C: 2024-12-16T08:26:46Z
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
286660
date
Mon, 16 Dec 2024 08:26:45 GMT
content-type
text/javascript
last-modified
Wed, 20 Nov 2024 19:19:18 GMT
main.42bc9a78aa0a.js
dcs-static.gprod.postmedia.digital/17.5.4/CACHE/js/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/17.5.4/CACHE/js/main.42bc9a78aa0a.js
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
1e97e8f4f823e5834cc1a26bc74e86046dd36b1a825ca8f3cc1ec72213f2350f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://winnipegsun.com
Referer
https://winnipegsun.com/

Response headers

x-goog-metageneration
1
x-goog-meta-goog-reserved-file-mtime
1733424323
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=ZoY2Bw==, md5=asW4kgc4nRxPqE1OBCHHTA==
content-encoding
br
etag
W/"6ac5b89207389d1c4fa84d4e0421c74c"
age
905037
x-goog-stored-content-encoding
identity
x-cache-hit
hit
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
38352
date
Thu, 05 Dec 2024 21:02:48 GMT
last-modified
Thu, 05 Dec 2024 20:45:41 GMT
content-type
text/javascript
vary
Accept-Encoding
x-guploader-uploadid
AFiumC7n1rzHzwXhmGb6lzcGTucjdoSa-DnQ7-J2ERGxoya42fBK_VwxLUyaKmZ0GRCgJkE53egYbrqDeA
cache-control
public,max-age=31622400
x-goog-storage-class
STANDARD
accept-ranges
none
access-control-allow-origin
*
x-goog-generation
1733431541238124
content-length
12635
server
UploadServer
advertising.js
www.npttech.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.npttech.com/advertising.js
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.155.215 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"df0e1827cd8f289a645f38d8fecaf6e0"
x-amz-version-id
AqISHxpKTQvORh8RqBdMoHK.Vq6tURDV
age
2194
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W%2BtN0%2BQeN5bugxL3gUNb2aQCbdpBK%2BewfeiP5xI6qjE3O9rBrDYzO3jDKK6jfDdvybcVhvOVtrvF88u6b5Z1u%2BMsBvolvNem3hDwx1t4BXmX6zJj%2B%2BxvlSO%2FrFkF7RQx7hY%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=8242&min_rtt=8029&rtt_var=3437&sent=13&recv=8&lost=0&retrans=0&sent_bytes=4219&recv_bytes=4285&delivery_rate=315339&cwnd=12000&unsent_bytes=0&cid=8ae7d7a146ed76a4&ts=55&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 16 Dec 2024 08:26:45 GMT
content-type
application/javascript
last-modified
Tue, 18 Oct 2022 13:20:01 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-amz-id-2
g829wq+JEAYJwdRN8mBk1at+jZb9Ck5M3bPR/IVTwsJiu/tF1698ATVwRK0qKHO7ioyK6Fhd0nA=
cache-control
max-age=28800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
3WTD37MV2CQA84J4
cf-ray
8f2d4a54d978d2b7-FRA
server
cloudflare
beacon.js
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/10276888/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol
H2
Server
18.244.18.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-122.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
04de103e0254b5ac670faee52a061486bfbcf2f97946776f6917ce261b18f7c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

vary
accept-encoding
cache-control
max-age=86400
content-encoding
gzip
etag
W/"f938e5cf59280e13f9597c828fb3b891"
age
23337
via
1.1 354c49ee216d1b8ed995ee7b94d96f10.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
_IN46JiK7h2l8urwEiLcAL_7f93ite-oYKzs6BJExIgKZod03mFuCw==
date
Mon, 16 Dec 2024 01:57:50 GMT
content-type
text/javascript
last-modified
Mon, 09 Dec 2024 15:15:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P11
x-amz-server-side-encryption
AES256

Redirect headers

location
/internal-cs/default/beacon.js
accept-ch
UA, Platform, Arch, Model, Mobile
via
1.1 354c49ee216d1b8ed995ee7b94d96f10.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
i4meFSI1L3ACKSlBrHTtbkNV0QZrrupJkyavxkL74ouDhMwtLXpuvQ==
date
Mon, 16 Dec 2024 08:26:45 GMT
x-amz-cf-pop
FRA56-P11
carousel-previous.svg
dcs-static.gprod.postmedia.digital/17.5.4/websites/images/common-icon/ 		1 KB
791 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/17.5.4/websites/images/common-icon/carousel-previous.svg
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/17.5.4/CACHE/css/output.531dac709a15.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e5bab9427ec1d36c811e3ca40b2a1014b330dea0fc48b787041c572e1fdc4f28

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dcs-static.gprod.postmedia.digital/17.5.4/CACHE/css/output.531dac709a15.css

Response headers

x-goog-metageneration
1
x-goog-meta-goog-reserved-file-mtime
1733424320
x-goog-hash
crc32c=RxdKhw==, md5=I/vXzTESeaK262jY9gWQRw==
content-encoding
br
etag
W/"23fbd7cd311279a2b6eb68d8f6059047"
age
905248
x-goog-stored-content-encoding
identity
x-cache-hit
hit
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
1204
date
Thu, 05 Dec 2024 20:59:17 GMT
last-modified
Thu, 05 Dec 2024 20:46:26 GMT
content-type
image/svg+xml
vary
Accept-Encoding
x-guploader-uploadid
AFiumC57ThdY59ca8Qh_ja1rS_ir6JjbfF_hoEh7F_LMzziCNNzv-NJKqg-AbgxbbOOf03SycyUsixK9Ow
cache-control
public,max-age=31622400
x-goog-storage-class
STANDARD
accept-ranges
none
access-control-allow-origin
*
x-goog-generation
1733431586370532
content-length
519
server
UploadServer
carousel-next.svg
dcs-static.gprod.postmedia.digital/17.5.4/websites/images/common-icon/ 		1 KB
742 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/17.5.4/websites/images/common-icon/carousel-next.svg
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/17.5.4/CACHE/css/output.531dac709a15.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b510ee91066f77f938f78422378a73f44818d0ee661c0ccb5ad398cc7dd6b080

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dcs-static.gprod.postmedia.digital/17.5.4/CACHE/css/output.531dac709a15.css

Response headers

x-goog-metageneration
1
x-goog-meta-goog-reserved-file-mtime
1733424320
x-goog-hash
crc32c=8FG2nQ==, md5=c1/bperW/ON3fpG/P+6N1g==
content-encoding
br
etag
W/"735fdba5ead6fce3777e91bf3fee8dd6"
age
905248
x-goog-stored-content-encoding
identity
x-cache-hit
hit
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
1204
date
Thu, 05 Dec 2024 20:59:17 GMT
last-modified
Thu, 05 Dec 2024 20:46:26 GMT
content-type
image/svg+xml
vary
Accept-Encoding
x-guploader-uploadid
AFiumC5sR382tdTb8TU_P_JdIDnf5O2-5EpOL4i0hNYNDoKuFlfo3cGo7Ha4Zj0B_Zrxn6fLPxqMsQFihw
cache-control
public,max-age=31622400
x-goog-storage-class
STANDARD
accept-ranges
none
access-control-allow-origin
*
x-goog-generation
1733431586347829
content-length
520
server
UploadServer
save-article-button--default.svg
dcs-static.gprod.postmedia.digital/17.5.4/websites/images/save-article-buttons/ 		239 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/17.5.4/websites/images/save-article-buttons/save-article-button--default.svg
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/17.5.4/CACHE/css/output.817e0dc631d4.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
497f053df078e16fc3614f2d1f04630846b2c7a9efe4ef5ce273baddc814415b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dcs-static.gprod.postmedia.digital/17.5.4/CACHE/css/output.817e0dc631d4.css

Response headers

x-goog-metageneration
1
x-goog-meta-goog-reserved-file-mtime
1733424318
x-goog-hash
crc32c=UejarA==, md5=j2W/cpjskpE/ahUC1VSfmg==
etag
"8f65bf7298ec92913f6a1502d5549f9a"
age
905248
x-goog-stored-content-encoding
identity
x-cache-hit
hit
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
239
date
Thu, 05 Dec 2024 20:59:17 GMT
last-modified
Thu, 05 Dec 2024 20:46:44 GMT
content-type
image/svg+xml
x-guploader-uploadid
AFiumC5mV1fp8kv2CPi2naQWikEYmfEZBKFcsYBGf7uBjqXFqQLjeEBVeFUuX7OiQEOLEk7u4PgYi9jHHg
cache-control
public,max-age=31622400
x-goog-storage-class
STANDARD
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1733431604548261
content-length
239
server
UploadServer
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://winnipegsun.com
Referer
https://fonts.googleapis.com/

Response headers

age
161198
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 14 Dec 2025 11:40:08 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 14 Dec 2024 11:40:08 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://winnipegsun.com
Referer
https://fonts.googleapis.com/

Response headers

age
542641
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 01:42:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 01:42:45 GMT
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18596
x-xss-protection
0
server
sffe
PN_xRfK9oXHga0XdZsg_.woff2
fonts.gstatic.com/s/martel/v11/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/martel/v11/PN_xRfK9oXHga0XdZsg_.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
b52af4f6849257bb609f2078d51dc45ad49c0f9b5ff217cf6f9c1c8afcb9a8df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://winnipegsun.com
Referer
https://fonts.googleapis.com/

Response headers

age
553139
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 09 Dec 2025 22:47:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 09 Dec 2024 22:47:47 GMT
last-modified
Thu, 11 Apr 2024 18:31:43 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18860
x-xss-protection
0
server
sffe
NGSpv5_NC0k9P_v6ZUCbLRAHxK1EbiusdUmm.woff2
fonts.gstatic.com/s/heebo/v26/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/heebo/v26/NGSpv5_NC0k9P_v6ZUCbLRAHxK1EbiusdUmm.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
5b740b764c32da039868fb07780caa7d55401fb92c17adfff3e07e31f74e9464
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://winnipegsun.com
Referer
https://fonts.googleapis.com/

Response headers

age
514960
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 09:24:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 09:24:06 GMT
last-modified
Wed, 31 Jan 2024 23:11:54 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
12228
x-xss-protection
0
server
sffe
truncated
/ 		2 B
2 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
text/plain;charset=US-ASCII
icon-circle-email.svg
dcs-static.gprod.postmedia.digital/17.5.4/websites/images/share-icons/ 		976 B
1005 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/17.5.4/websites/images/share-icons/icon-circle-email.svg
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
2a647bbfb5c6723ca10f9833ae08d3381b0061f982959571e56a55d7768cb7a5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

x-goog-metageneration
1
x-goog-meta-goog-reserved-file-mtime
1733424320
x-goog-hash
crc32c=ZVCajw==, md5=vvAq2LHxN7uzA87+hhS2nw==
etag
"bef02ad8b1f137bbb303cefe8614b69f"
age
905248
x-goog-stored-content-encoding
identity
x-cache-hit
hit
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
976
date
Thu, 05 Dec 2024 20:59:17 GMT
last-modified
Thu, 05 Dec 2024 20:46:45 GMT
content-type
image/svg+xml
x-guploader-uploadid
AFiumC4Z3AELlLs0obT9AHZfroURWbisY1QHesElp7MGnNOhwxRLXVSsKS8CB7nTrdnKnx_xQPy7YKz-Rw
cache-control
public,max-age=31622400
x-goog-storage-class
STANDARD
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1733431605313074
content-length
976
server
UploadServer
icon-soc-rdit.svg
dcs-static.gprod.postmedia.digital/17.5.4/websites/images/share-icons/ 		2 KB
834 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/17.5.4/websites/images/share-icons/icon-soc-rdit.svg
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
1fb82c9bb456f6d5336430ebb3d5b1e596ceb303ee99690f0c9187aa13a0cd43

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

x-goog-metageneration
1
x-goog-meta-goog-reserved-file-mtime
1733424320
x-goog-hash
crc32c=GJubKw==, md5=AwS404cMwfT4iFdKFAItpA==
content-encoding
br
etag
W/"0304b8d3870cc1f4f888574a14022da4"
age
905248
x-goog-stored-content-encoding
identity
x-cache-hit
hit
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
2135
date
Thu, 05 Dec 2024 20:59:17 GMT
last-modified
Thu, 05 Dec 2024 20:46:45 GMT
content-type
image/svg+xml
vary
Accept-Encoding
x-guploader-uploadid
AFiumC4dtM5iW240JalJXcJz2T-64ALJmdUkQoN21THhKLOvjZ-1PFf5cA-reGj9XIs3mP-f4ad5Z90BXw
cache-control
public,max-age=31622400
x-goog-storage-class
STANDARD
accept-ranges
none
access-control-allow-origin
*
x-goog-generation
1733431605496618
content-length
803
server
UploadServer
icon-soc-tw.svg
dcs-static.gprod.postmedia.digital/17.5.4/websites/images/share-icons/ 		552 B
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/17.5.4/websites/images/share-icons/icon-soc-tw.svg
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
bc9a2e7ebc802c54bae45191afd2da677c4b00d5b87ca635cfb267f322c2f2d9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

x-goog-metageneration
1
x-goog-meta-goog-reserved-file-mtime
1733424320
x-goog-hash
crc32c=S/UR6Q==, md5=TL1HJw3IXQd4/TQ2Tod1Mg==
etag
"4cbd47270dc85d0778fd34364e877532"
age
905248
x-goog-stored-content-encoding
identity
x-cache-hit
hit
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
552
date
Thu, 05 Dec 2024 20:59:17 GMT
last-modified
Thu, 05 Dec 2024 20:46:45 GMT
content-type
image/svg+xml
x-guploader-uploadid
AFiumC6nJdzwtBikOgXxWoP42XQHkXG-wVnq384FVcjixRxb1lllyFCoMP4l23y95NJfGlcuuS5SdwaAIw
cache-control
public,max-age=31622400
x-goog-storage-class
STANDARD
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1733431605678743
content-length
552
server
UploadServer
icon-soc-li.svg
dcs-static.gprod.postmedia.digital/17.5.4/websites/images/share-icons/ 		739 B
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/17.5.4/websites/images/share-icons/icon-soc-li.svg
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
73f5cb8f7a137847e41aeb849588174535651b6e140d8b13575f46fff0c496a2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

x-goog-metageneration
1
x-goog-meta-goog-reserved-file-mtime
1733424320
x-goog-hash
crc32c=PfZM8A==, md5=Bx5cfy3189wrhWsldnUvHA==
etag
"071e5c7f2df5f3dc2b856b2576752f1c"
age
905248
x-goog-stored-content-encoding
identity
x-cache-hit
hit
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
739
date
Thu, 05 Dec 2024 20:59:17 GMT
last-modified
Thu, 05 Dec 2024 20:46:45 GMT
content-type
image/svg+xml
x-guploader-uploadid
AFiumC4N-RmT1-sbeJQ2dgDX2sFc4938NqvNdRH5n57hSl-SWHmubkXgRX-IFegDq6evTB_QGcJGsiLfQg
cache-control
public,max-age=31622400
x-goog-storage-class
STANDARD
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1733431605484417
content-length
739
server
UploadServer
icon-circle-share.svg
dcs-static.gprod.postmedia.digital/17.5.4/websites/images/share-icons/ 		518 B
547 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/17.5.4/websites/images/share-icons/icon-circle-share.svg
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
9ecefd4787ce6dc9b10a91779b92a5e468220a9f4176ff08c48babf7a15b0ab8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

x-goog-metageneration
1
x-goog-meta-goog-reserved-file-mtime
1733424320
x-goog-hash
crc32c=Q2Sdgw==, md5=SnrUWsJlNFv6VrkVJCs41w==
etag
"4a7ad45ac265345bfa56b915242b38d7"
age
905248
x-goog-stored-content-encoding
identity
x-cache-hit
hit
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
518
date
Thu, 05 Dec 2024 20:59:17 GMT
last-modified
Thu, 05 Dec 2024 20:46:45 GMT
content-type
image/svg+xml
x-guploader-uploadid
AFiumC7qguUYRwjm9HhyrPUPo18BQlxQ7cteEY2ad6ifENwMSCJJALIHH0VWI6WlgKJfgZTMVOGYe7XCTA
cache-control
public,max-age=31622400
x-goog-storage-class
STANDARD
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1733431605319919
content-length
518
server
UploadServer
icon-spinner-animated.svg
dcs-static.gprod.postmedia.digital/17.5.4/websites/images/common/ 		549 B
578 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/17.5.4/websites/images/common/icon-spinner-animated.svg
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
efc22a4037d8a6a9ac365825a869a4c68374ab697e36d3f9728969a712fbf058

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

x-goog-metageneration
1
x-goog-meta-goog-reserved-file-mtime
1733424319
x-goog-hash
crc32c=Qkr99Q==, md5=jr5LqxbcuuBhbEF8AplZyg==
etag
"8ebe4bab16dcbae0616c417c029959ca"
age
905248
x-goog-stored-content-encoding
identity
x-cache-hit
hit
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
549
date
Thu, 05 Dec 2024 20:59:17 GMT
last-modified
Thu, 05 Dec 2024 20:46:25 GMT
content-type
image/svg+xml
x-guploader-uploadid
AFiumC6XjYjZd7sTz68zQLMydMJiA4jRMAsVPeHN0f9Gg6Kc4-7FOUQjaWJsw7qMsq7yz3PlgoKSIyePuVaE0FQ
cache-control
public,max-age=31622400
x-goog-storage-class
STANDARD
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1733431585402986
content-length
549
server
UploadServer
icon-arrow-down-black.svg
dcs-static.gprod.postmedia.digital/17.5.4/websites/images/common-icon/ 		277 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/17.5.4/websites/images/common-icon/icon-arrow-down-black.svg
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/17.5.4/CACHE/css/output.817e0dc631d4.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
36260e9cb231e00f7334eacc8a181329ba4c622cb50312342edb9e8512812cf7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dcs-static.gprod.postmedia.digital/17.5.4/CACHE/css/output.817e0dc631d4.css

Response headers

x-goog-metageneration
1
x-goog-meta-goog-reserved-file-mtime
1733424320
x-goog-hash
crc32c=BEI86Q==, md5=pd0wt4OdM3jVLvFFJaWqXw==
etag
"a5dd30b7839d3378d52ef14525a5aa5f"
age
905098
x-goog-stored-content-encoding
identity
x-cache-hit
hit
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
277
date
Thu, 05 Dec 2024 21:01:48 GMT
last-modified
Thu, 05 Dec 2024 20:46:26 GMT
content-type
image/svg+xml
x-guploader-uploadid
AFiumC4DbpgF2rfuItXPpiD7pkm0IW_hE4GpXwaoG40C1wRqJeHKkyoK5yOUxVuesQ3iDhGHRmmNOUQ1HLkiQCA
cache-control
public,max-age=31622400
x-goog-storage-class
STANDARD
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1733431586425735
content-length
277
server
UploadServer
icon-fire.svg
dcs-static.gprod.postmedia.digital/17.5.4/websites/images/common-icon/ 		835 B
866 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/17.5.4/websites/images/common-icon/icon-fire.svg
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/17.5.4/CACHE/css/output.531dac709a15.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a345a18e5d3f6c07451cb14dd480bfad123f03663912b581265d617d4725fe9a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dcs-static.gprod.postmedia.digital/17.5.4/CACHE/css/output.531dac709a15.css

Response headers

x-goog-metageneration
1
x-goog-meta-goog-reserved-file-mtime
1733424320
x-goog-hash
crc32c=0k5Zig==, md5=nG6ZMGpnHRltiUUnOyi/6A==
etag
"9c6e99306a671d196d8945273b28bfe8"
age
905249
x-goog-stored-content-encoding
identity
x-cache-hit
hit
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
835
date
Thu, 05 Dec 2024 20:59:17 GMT
last-modified
Thu, 05 Dec 2024 20:46:26 GMT
content-type
image/svg+xml
x-guploader-uploadid
AFiumC7l6RFpH5-j19_M6wVzCvh8EMAwaDChXz63Ab8u7x9kPL7B2chRGWL-yRgC0O-5DqaD8Otm1HAgfA
cache-control
public,max-age=31622400
x-goog-storage-class
STANDARD
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1733431586954787
content-length
835
server
UploadServer
beacons
p.flipp.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p.flipp.com/beacons
Requested by
Host: cdn-gateflipp.flippback.com
URL: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=%201179443
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-39.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain; charset=UTF-8
Referer
https://winnipegsun.com/

Response headers

x-envoy-upstream-service-time
1
access-control-allow-credentials
true
via
1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
access-control-allow-origin
https://winnipegsun.com
x-cache
Miss from cloudfront
x-amz-cf-id
daclsmRqqO6lrIVOsHiixXXGJJIeuOausYRaAx4LZLSCkNbRJv_CcQ==
date
Mon, 16 Dec 2024 08:26:46 GMT
x-amz-cf-pop
FRA60-P4
vary
Origin
server
istio-envoy
b
sb.scorecardresearch.com/ 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=10276888&cs_fpcu=4c9005d5af9d407bb82e1ba51ba2c997&cs_it=b9&cv=4.11.0%2B2412060957&ns__t=1734337606180&ns_c=UTF-8&cs_cfg=1111110&cs_ucfr=&c7=https%3A%2F%2Fwinnipegsun.com%2Fpmn%2Fun-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down&c8=UN%20human%20rights%20office%20in%20Venezuela%20partially%20resumes%20work%20months%20after%20government%20shut%20it%20down%20%7C%20Winnipeg%20Sun&c9=
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-122.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

via
1.1 354c49ee216d1b8ed995ee7b94d96f10.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-amz-cf-id
vkHwWvfMTqnCR5dsfaJSH3L6G2AL4dac9X7XD2_Zjlpjey4Gn5WeTQ==
date
Mon, 16 Dec 2024 08:26:46 GMT
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA56-P11
xd.html
fem.gprod.postmedia.digital/v115.0/ Frame 2A97 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v115.0/xd.html
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v115.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash

Request headers

Referer
https://winnipegsun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1690996
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=31622400
content-length
166
content-type
text/html
date
Tue, 26 Nov 2024 18:43:30 GMT
etag
"10b7732c3b8861ddbb24c5c8070b23d5"
last-modified
Mon, 18 Nov 2024 19:17:31 GMT
server
UploadServer
x-cache-hit
hit
x-goog-generation
1731957451110267
x-goog-hash
crc32c=lrLWeg== md5=ELdzLDuIYd27JMXIBwsj1Q==
x-goog-meta-goog-reserved-file-mtime
1731957428
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
166
x-guploader-uploadid
AFiumC4sgi0Nk_BZBM1VBuIFxkS4aBrxBkgzuUeMkIMYmM8XGPznmBezT0IaL9In3z6PWYBvDEvZ2HXXEw
23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/ 		636 KB
151 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v115.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:98f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be2951bc33ee970af625fd99d3b07e9fcbe2caf63d38c20bd8378bb5bfcfd008

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

x-goog-metageneration
1
content-encoding
br
x-goog-hash
crc32c=hZxtcA==, md5=pa85qCwEqKQLhF6aD+CP7A==
etag
"a5af39a82c04a8a40b845e9a0fe08fec"
x-goog-meta-oid
23dc09d6-b664-425a-a76e-0eed6a6cc102
cf-cache-status
HIT
age
0
x-goog-stored-content-encoding
br
expires
Mon, 16 Dec 2024 08:41:46 GMT
x-goog-stored-content-length
153800
date
Mon, 16 Dec 2024 08:26:46 GMT
content-type
application/javascript
last-modified
Thu, 12 Dec 2024 14:24:41 GMT
vary
Accept-Encoding
x-guploader-uploadid
AFiumC7Ry1IB1xgMBTNxNIRrykT3l7CBtLXAbo4OZkdwqcTZbM5EURof68gwfYsW-KiXcXzxoc4
cache-control
public, max-age=900
timing-allow-origin
*
x-goog-storage-class
REGIONAL
cf-ray
8f2d4a596e3d7188-FRA
accept-ranges
bytes
x-goog-generation
1734013481395515
content-length
153800
server
cloudflare
712559.gif
idsync.rlcdn.com/ 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/712559.gif?partner_uid=f6a00f1d-750c-47d9-94bb-cf58decf5f9a
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 16 Dec 2024 08:26:46 GMT
player-event
events.qortex.ai/api/v1/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Requested by
Host: tags.qortex.ai
URL: https://tags.qortex.ai/bootstrapper?group-id=mWG1MKwnUqyMj5mnvTfg&video-container=.jw-wrapper&continuous-load=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://winnipegsun.com/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ejJEXKaTXoRm9pR0E50J9imCUW%2Fo4Hr%2B%2F3XiUq5FZTHgB48RryHk75uExFxTDQ9bc4gjHreuAdGc1%2F%2F1ovvBXvpD%2FPxt%2BK7KLCk%2FyqcMDlx3FVKtSeWdAlPS0rbQ9fP0p5kaEUY8f6pses9yle0%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f2d4a598b19dc91-FRA
access-control-allow-origin
*
server-timing
cfL4;desc="?proto=TCP&rtt=6526&min_rtt=6045&rtt_var=1157&sent=9&recv=14&lost=0&retrans=0&sent_bytes=4031&recv_bytes=3149&delivery_rate=615956&cwnd=255&unsent_bytes=0&cid=d6553d1b22bee4a1&ts=470&x=0"
content-length
0
date
Mon, 16 Dec 2024 08:26:46 GMT
server
cloudflare
cx-bootstrapper-init
tags.qortex.ai/cxo/ 		71 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.qortex.ai/cxo/cx-bootstrapper-init
Requested by
Host: tags.qortex.ai
URL: https://tags.qortex.ai/bootstrapper?group-id=mWG1MKwnUqyMj5mnvTfg&video-container=.jw-wrapper&continuous-load=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:13e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ee7c52f0029a6dc2e912c877609e2cbd0b4412b900316c24b65fbc4a453e9bcb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"145"
age
11
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9Q9KVmld%2B907JTZFytwvBScaD01QOLOSkyPSUfWP5X1DGgmXv0K8c9lGF7Y9qzE2BgBE%2Blhumolretl3iDnhrhEVKjkG7RUrGtw1KGnzE%2Bql8ppztYxdyu1iaRVVS1mM6n6s9RwH1O7Ld5P%2B"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=7103&min_rtt=5833&rtt_var=762&sent=15&recv=21&lost=0&retrans=0&sent_bytes=10145&recv_bytes=2356&delivery_rate=1298855&cwnd=258&unsent_bytes=0&cid=ef0faaba31c620bf&ts=395&x=0"
date
Mon, 16 Dec 2024 08:26:46 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Mon, 09 Dec 2024 15:25:15 GMT
vary
Accept-Encoding
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f2d4a571eb71c9d-FRA
access-control-allow-origin
*
x-powered-by
Express
server
cloudflare
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/ 		492 KB
153 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
04d85fdaa240e9c6964c1b3afe75b8802720a8d9a98e6c35f346f599b1113af4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

content-encoding
br
etag
5395541545685299795
age
11056
x-content-type-options
nosniff
expires
Tue, 16 Dec 2025 05:22:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 16 Dec 2024 05:22:30 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
156760
x-xss-protection
0
server
cafe
3528
config.aps.amazon-adsystem.com/configs/ 		531 B
798 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/3528
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-90.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
fdeaf00018129fff56ddcb03d2c1c43a1893cdc5d12bdbae125a0bf71dfd6761

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

cache-control
max-age=3600
age
2409
via
1.1 b3dc72c60418e8887de31f772538f118.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
531
x-amz-cf-id
0kGjDCcuNJNt9aFL-OIXaAqBaqBjQDU59hBzAoE0Cc5orIZdB7alpw==
date
Mon, 16 Dec 2024 07:46:37 GMT
content-type
application/javascript
x-amz-cf-pop
FRA56-C1
server
CloudFront
config
c.amazon-adsystem.com/cdn/prod/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3528&u=https%3A%2F%2Fwinnipegsun.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.3.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-3-93.fra56.r.cloudfront.net
Software
Server /
Resource Hash
43430345ff39208aded96d7d9afeb2f6563e70af6d912226d5ec467158cb3d29

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

cache-control
max-age=21550, s-maxage=21600
age
6034
access-control-allow-credentials
true
via
1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
access-control-allow-origin
https://winnipegsun.com
x-cache
Hit from cloudfront
content-length
2163
x-amz-cf-id
CYQ2b97uVqWq3G_g6oJF8zhpki7zQdasBXznhb9GuGhSTecJmEB0tQ==
date
Mon, 16 Dec 2024 06:46:12 GMT
content-type
application/json;charset=UTF-8
x-amz-cf-pop
FRA56-P6
server
Server
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.3.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-3-93.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
etag
W/"a4d296427fc806b21335359e398c025c"
age
26737
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
X_u0XqiDMSstFbp-sBPhuPQmxzxNe9xgPB14QyZ57gRLB6lfvWu-ng==
date
Mon, 16 Dec 2024 01:01:10 GMT
content-type
application/javascript
vary
Origin,accept-encoding
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
cache-control
public, max-age=86400
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
6805e7de-4f8f-46af-a2fc-5299f6b25680.js
cdn.pbxai.com/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pbxai.com/6805e7de-4f8f-46af-a2fc-5299f6b25680.js
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
3873e5114afbc6d6098ec9b76fbc7ca5960eb6947284a71ba27ea5101a4d4e61

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

cdn-status
200
content-encoding
br
etag
W/"ec41c861860b1d62753813806f81943a"
age
15156
x-amz-version-id
f.k6tX3XCM5GHs3khtPR6sdILUlLgUFT
x-cache
Hit from cloudfront
x-amz-cf-id
ocn40-5BaBTcpOryZXQ6cxXVoMejSN-ohIEklIem6pB9yR6HvCkbXQ==
date
Mon, 16 Dec 2024 08:26:46 GMT
last-modified
Mon, 30 Sep 2024 17:34:46 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
cdn-requestpullcode
200
cdn-cachedat
12/16/2024 06:46:12
cache-control
max-age=3600
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
4a85839a-607a-4d8b-a11a-d8c0c2f0f828
cdn-requestid
a2c49149d52fd22929f3115cc588c3a3
cdn-pullzone
2227704
via
1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
cdn-proxyver
1.06
cdn-edgestorageid
1082
x-amz-cf-pop
FRA56-P6
server
BunnyCDN-DE1-1081
cdn-requestcountrycode
DE
x-amz-server-side-encryption
AES256
/
floor.pbxai.com/ 		313 B
401 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://floor.pbxai.com/?pubxId=6805e7de-4f8f-46af-a2fc-5299f6b25680&page=https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.6.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-6-234.eu-central-1.compute.amazonaws.com
Software
uvicorn /
Resource Hash
c7fb2e2146d627253f1e04641a3d88df3e98be65357fb6ebffee320c242ae213

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://winnipegsun.com/

Response headers

cache-control
public, max-age=60
content-encoding
gzip
access-control-allow-origin
*
content-length
233
date
Mon, 16 Dec 2024 08:26:46 GMT
content-type
application/json
vary
Accept-Encoding
server
uvicorn
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20241216
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f791a923f7e9c7fd362dd9ee4e755e2ab41a48f596d90537f80fbed47860b814
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://winnipegsun.com/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"638-z9bnpjb5QJFZCBmUPfY0nEl540E"
age
15951
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Mon, 16 Dec 2024 08:26:46 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-fra-eddf8230103-FRA, cache-mad2200105-MAD
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
829
x-jsd-version
1.0.2271
ws20230925kk05-wp.jpg
smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2024/03/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2024/03/ws20230925kk05-wp.jpg?quality=90&strip=all&w=150&type=webp&sig=CLMnf35V6Jpz0cio3lQPLA
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
94987ef7424268c64a4161eb6d39a3f7e2c21144b213ba51e95681651f9f85ba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

cache-control
max-age=31536000,public
etag
"0589278499fefb0d61c6b200b7a5d67afc2eb42b"
age
67971
via
1.1 google
x-pmd-smart-cdn-proxy
thumbor-proxy-675b9bbb75-pldhf
x-cache-hit
hit
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5226
date
Sun, 15 Dec 2024 13:33:55 GMT
content-type
image/webp
x-pmd-smartcdn-requester
winnipegsun
server
nginx/1.18.0
vary
Accept
CP13201632-e1734220179324.jpg
smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2024/12/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2024/12/CP13201632-e1734220179324.jpg?quality=90&strip=all&w=150&type=webp&sig=oRLbcaeLRzJ_EWsoqlpp-g
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
fde0d811ebb22e6995222bf0c7df657b3c352b4a805f6dc3c1823d94fd1197ef

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

cache-control
max-age=31536000,public
etag
"352207024af89532fe8f5b3e9e0298b2bc4fb21e"
age
113016
via
1.1 google
x-pmd-smart-cdn-proxy
thumbor-proxy-675b9bbb75-pldhf
x-cache-hit
hit
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6614
date
Sun, 15 Dec 2024 01:03:10 GMT
content-type
image/webp
x-pmd-smartcdn-requester
winnipegsun
server
nginx/1.18.0
vary
Accept
police-vehicle-lights-blurred-getty-july2-scaled-e1656778145320.jpg
smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2023/06/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2023/06/police-vehicle-lights-blurred-getty-july2-scaled-e1656778145320.jpg?quality=90&strip=all&w=150&type=webp&sig=t1TMgytNpQTSWMQ70yzSUg
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
e3cd891a5c350fe9f6564ab148be19b80e9165128352ef29c8f2e68b25c34819

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

cache-control
max-age=31536000,public
etag
"0ce2318209c86014625e69b3ab6232bacdde941e"
age
40751
via
1.1 google
x-pmd-smart-cdn-proxy
thumbor-proxy-675b9bbb75-pldhf
x-cache-hit
hit
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4546
date
Sun, 15 Dec 2024 21:07:35 GMT
content-type
image/webp
x-pmd-smartcdn-requester
winnipegsun
server
nginx/1.18.0
vary
Accept
canada-post-strike-121424-gya-10.jpg
smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2024/12/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2024/12/canada-post-strike-121424-gya-10.jpg?quality=90&strip=all&w=150&type=webp&sig=cK3ongyHbzGV-OBgbuRhBw
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
22e126d65f16aabac31dc85a45e988ffe283608308577b30765b0d9d1278952f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

cache-control
max-age=31536000,public
etag
"2af46d453c1e0cd7d4fc5090eec1f0cf236fba0f"
age
29636
via
1.1 google
x-pmd-smart-cdn-proxy
thumbor-proxy-675b9bbb75-btj9q
x-cache-hit
hit
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6444
date
Mon, 16 Dec 2024 00:12:50 GMT
content-type
image/webp
x-pmd-smartcdn-requester
winnipegsun
server
nginx/1.18.0
vary
Accept
d145ff41f231b820d91c37.js
dcs-static.gprod.postmedia.digital/17.5.4/websites/js/ 		1 KB
714 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/17.5.4/websites/js/d145ff41f231b820d91c37.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/17.5.4/CACHE/js/main.42bc9a78aa0a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e1bd6ad2c28e99b5a6749053a2c31a1e1b5db76b401345eedc3eb723de0f6494

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

x-goog-metageneration
1
x-goog-meta-goog-reserved-file-mtime
1733424321
x-goog-hash
crc32c=sPjARA==, md5=vo4p6WK5rIH8DL20P0AKvA==
content-encoding
br
etag
W/"be8e29e962b9ac81fc0cbdb43f400abc"
age
905247
x-goog-stored-content-encoding
identity
x-cache-hit
hit
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
1466
date
Thu, 05 Dec 2024 20:59:19 GMT
last-modified
Thu, 05 Dec 2024 20:46:49 GMT
content-type
text/javascript
vary
Accept-Encoding
x-guploader-uploadid
AFiumC7EEIzrHK-5o54gN5LBsykcP6zhz8ZLu0YbwDviDy_c1_sIFeNLN4ruecm1Iw0xY0Bi21qQKrii-Q
cache-control
public,max-age=31622400
x-goog-storage-class
STANDARD
accept-ranges
none
access-control-allow-origin
*
x-goog-generation
1733431609821591
content-length
676
server
UploadServer
c8cfd9e98a93b789aa8617.js
dcs-static.gprod.postmedia.digital/17.5.4/websites/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/17.5.4/websites/js/c8cfd9e98a93b789aa8617.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/17.5.4/CACHE/js/main.42bc9a78aa0a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
bedafe4415f6abb6dfa8c6c63335c65422bb883ada266557b90421e63fbb8d0b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

x-goog-metageneration
1
x-goog-meta-goog-reserved-file-mtime
1733424321
x-goog-hash
crc32c=t6bfvg==, md5=exFJp09OlAizetvWlWVlrQ==
content-encoding
br
etag
W/"7b1149a74f4e9408b37adbd6956565ad"
age
905247
x-goog-stored-content-encoding
identity
x-cache-hit
hit
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
3008
date
Thu, 05 Dec 2024 20:59:19 GMT
last-modified
Thu, 05 Dec 2024 20:46:49 GMT
content-type
text/javascript
vary
Accept-Encoding
x-guploader-uploadid
AFiumC6ohBGXz6Td8VX9k9fJrvNs-kZVEx7Cp-dZWfxzSg_f3akfuIST-OP-3Wp3vqN2qyU0-C-LDyn-ag
cache-control
public,max-age=31622400
x-goog-storage-class
STANDARD
accept-ranges
none
access-control-allow-origin
*
x-goog-generation
1733431609801361
content-length
1009
server
UploadServer
41ef077657681c52c6372.js
dcs-static.gprod.postmedia.digital/17.5.4/websites/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/17.5.4/websites/js/41ef077657681c52c6372.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/17.5.4/CACHE/js/main.42bc9a78aa0a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
1413cc79bcd47b4af0fe4fe72237f906e31ca8d335314ff0ddb1ffca3c1b7afe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

x-goog-metageneration
1
x-goog-meta-goog-reserved-file-mtime
1733424321
x-goog-hash
crc32c=70FT1g==, md5=zlZVFMCKgOteB8Lp0RHiwg==
content-encoding
br
etag
W/"ce565514c08a80eb5e07c2e9d111e2c2"
age
905247
x-goog-stored-content-encoding
identity
x-cache-hit
hit
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
14165
date
Thu, 05 Dec 2024 20:59:19 GMT
last-modified
Thu, 05 Dec 2024 20:46:48 GMT
content-type
text/javascript
vary
Accept-Encoding
x-guploader-uploadid
AFiumC6oyuYQRNeGUSnvmgDO6SwdMpKc5q_JZ0e9cwLEmm_szovfTlqGfhaZ_XK2sflZ3BnBl97El9zb_1BLj7k
cache-control
public,max-age=31622400
x-goog-storage-class
STANDARD
accept-ranges
none
access-control-allow-origin
*
x-goog-generation
1733431608243719
content-length
3797
server
UploadServer
585e239022717fdd579459.js
dcs-static.gprod.postmedia.digital/17.5.4/websites/js/ 		222 B
258 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/17.5.4/websites/js/585e239022717fdd579459.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/17.5.4/CACHE/js/main.42bc9a78aa0a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
9e712a9100f1b3ed17e6e229d06dd6fbe2ffb94b1e4b5cf4e6ac47efe9851d07

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

x-goog-metageneration
1
x-goog-meta-goog-reserved-file-mtime
1733424321
x-goog-hash
crc32c=q+zWYg==, md5=taIFKiWz783xmb2zqrBdQw==
etag
"b5a2052a25b3efcdf199bdb3aab05d43"
age
905247
x-goog-stored-content-encoding
identity
x-cache-hit
hit
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
222
date
Thu, 05 Dec 2024 20:59:19 GMT
last-modified
Thu, 05 Dec 2024 20:46:48 GMT
content-type
text/javascript
x-guploader-uploadid
AFiumC5vi-58f5ARKp4eIigCcXG9d964wSlGizbbTXh4zxtPJSidNVVcQ776FOB5IQFD7A82mVJ_dxs3ww
cache-control
public,max-age=31622400
x-goog-storage-class
STANDARD
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1733431608471137
content-length
222
server
UploadServer
2b0fb0685d62a627685844.js
dcs-static.gprod.postmedia.digital/17.5.4/websites/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/17.5.4/websites/js/2b0fb0685d62a627685844.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/17.5.4/CACHE/js/main.42bc9a78aa0a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
89eee127c0767cb52b9c4b3213a1e4afc0fa296aa045008d3252cfd4052c1306

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

x-goog-metageneration
1
x-goog-meta-goog-reserved-file-mtime
1733424321
x-goog-hash
crc32c=+n3hoQ==, md5=55KITC+RWwxwtjzAQBn8AA==
content-encoding
br
etag
W/"e792884c2f915b0c70b63cc04019fc00"
age
905247
x-goog-stored-content-encoding
identity
x-cache-hit
hit
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
6248
date
Thu, 05 Dec 2024 20:59:19 GMT
last-modified
Thu, 05 Dec 2024 20:46:47 GMT
content-type
text/javascript
vary
Accept-Encoding
x-guploader-uploadid
AFiumC7XBlMXZT7OM2RnwUqLbAQchA3PkmiKrrt-rXyiYwvROFFoJKatdEj6XEeZdVo8Bxt1TA6q7Hyz5g
cache-control
public,max-age=31622400
x-goog-storage-class
STANDARD
accept-ranges
none
access-control-allow-origin
*
x-goog-generation
1733431607990197
content-length
2121
server
UploadServer
d6979342ee56c56e77d711.js
dcs-static.gprod.postmedia.digital/17.5.4/websites/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/17.5.4/websites/js/d6979342ee56c56e77d711.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/17.5.4/CACHE/js/main.42bc9a78aa0a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
87a3b03ac7eeb0d3a15535c4430219e50dedb287de7d746e93d97b561649a1d2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

x-goog-metageneration
1
x-goog-meta-goog-reserved-file-mtime
1733424321
x-goog-hash
crc32c=g8jIJg==, md5=LpJzqmgiqf3pwfqGo68WBg==
content-encoding
br
etag
W/"2e9273aa6822a9fde9c1fa86a3af1606"
age
905247
x-goog-stored-content-encoding
identity
x-cache-hit
hit
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
2239
date
Thu, 05 Dec 2024 20:59:19 GMT
last-modified
Thu, 05 Dec 2024 20:46:49 GMT
content-type
text/javascript
vary
Accept-Encoding
x-guploader-uploadid
AFiumC7Mbu7Xx6XH5lB-mleyfdkZ2WjK0KJmUrv7pYHPJRscCwIRdBrmMfdLchqLOZCniEJ-XeD6Yu6FSw
cache-control
public,max-age=31622400
x-goog-storage-class
STANDARD
accept-ranges
none
access-control-allow-origin
*
x-goog-generation
1733431609995756
content-length
984
server
UploadServer
b39ce5664d264d0e3e9c14.js
dcs-static.gprod.postmedia.digital/17.5.4/websites/js/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/17.5.4/websites/js/b39ce5664d264d0e3e9c14.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/17.5.4/CACHE/js/main.42bc9a78aa0a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
c1544db2a2f5cdfa75336a02ad5a64b5f56ea06643afdbbebba79d01847b3eca

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

x-goog-metageneration
1
x-goog-meta-goog-reserved-file-mtime
1733424321
x-goog-hash
crc32c=d2chFA==, md5=FGze/aNexbL7qBCCvVqzgw==
content-encoding
br
etag
W/"146cdefda35ec5b2fba81082bd5ab383"
age
904701
x-goog-stored-content-encoding
identity
x-cache-hit
hit
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
8870
date
Thu, 05 Dec 2024 21:08:25 GMT
last-modified
Thu, 05 Dec 2024 20:46:49 GMT
content-type
text/javascript
vary
Accept-Encoding
x-guploader-uploadid
AFiumC5SJpMbAKcnEho2LUMCtaSOjD3dtUdnjFvVuNVLUN8KROuyX36ZmjT6ZpoJXXZ9eb7IjFoKYPvcPCTcxqo
cache-control
public,max-age=31622400
x-goog-storage-class
STANDARD
accept-ranges
none
access-control-allow-origin
*
x-goog-generation
1733431609447533
content-length
2246
server
UploadServer
78e8c61ccfd4c489596343.js
dcs-static.gprod.postmedia.digital/17.5.4/websites/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/17.5.4/websites/js/78e8c61ccfd4c489596343.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/17.5.4/CACHE/js/main.42bc9a78aa0a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
63c9ad44e1d61d106c6663164d76bc49269c5b989df3b22128de89d1d32bc3f1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

x-goog-metageneration
1
x-goog-meta-goog-reserved-file-mtime
1733424321
x-goog-hash
crc32c=flY9MA==, md5=1YUCUyQA14cTi4+ZlR+NgQ==
content-encoding
br
etag
W/"d58502532400d787138b8f99951f8d81"
age
905247
x-goog-stored-content-encoding
identity
x-cache-hit
hit
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
9442
date
Thu, 05 Dec 2024 20:59:19 GMT
last-modified
Thu, 05 Dec 2024 20:46:48 GMT
content-type
text/javascript
vary
Accept-Encoding
x-guploader-uploadid
AFiumC6O8G1OK4bCqvrOwba-UjJr2l4kn4vt7B-FZTxFDHwWvnNKQ9vp5e27_DFDNVAJnQ_rPoWq3NDifg
cache-control
public,max-age=31622400
x-goog-storage-class
STANDARD
accept-ranges
none
access-control-allow-origin
*
x-goog-generation
1733431608824996
content-length
3225
server
UploadServer
16cac8d0c6e3af8bead742.js
dcs-static.gprod.postmedia.digital/17.5.4/websites/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/17.5.4/websites/js/16cac8d0c6e3af8bead742.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/17.5.4/CACHE/js/main.42bc9a78aa0a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
7dfb6e81dde0d6731c88c239c923978c88f599036551e361ba1f8976f7ca3862

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

x-goog-metageneration
1
x-goog-meta-goog-reserved-file-mtime
1733424321
x-goog-hash
crc32c=uINatQ==, md5=ChI7VegBym0gh0iyCF691w==
content-encoding
br
etag
W/"0a123b55e801ca6d208748b2085ebdd7"
age
905247
x-goog-stored-content-encoding
identity
x-cache-hit
hit
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
6931
date
Thu, 05 Dec 2024 20:59:19 GMT
last-modified
Thu, 05 Dec 2024 20:46:47 GMT
content-type
text/javascript
vary
Accept-Encoding
x-guploader-uploadid
AFiumC6ys07Ggk5v6UMzIwYHyv2i1jWrjG3QP8K4oLOO4yPpaUWfb7hfDq7nhfTm3mlYYA4RsgblH_CrtA
cache-control
public,max-age=31622400
x-goog-storage-class
STANDARD
accept-ranges
none
access-control-allow-origin
*
x-goog-generation
1733431607683372
content-length
2372
server
UploadServer
098cc1234fa67e2df6ad33.js
dcs-static.gprod.postmedia.digital/17.5.4/websites/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/17.5.4/websites/js/098cc1234fa67e2df6ad33.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/17.5.4/CACHE/js/main.42bc9a78aa0a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
24930a966af2518c00990759d25fa7c8e4fc9d7e5545975b35126a189f9424fc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

x-goog-metageneration
1
x-goog-meta-goog-reserved-file-mtime
1733424321
x-goog-hash
crc32c=4kMPDQ==, md5=Yp26671Xmx6HmGAROpCV3w==
content-encoding
br
etag
W/"629dbaebbd579b1e879860113a9095df"
age
905247
x-goog-stored-content-encoding
identity
x-cache-hit
hit
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
5537
date
Thu, 05 Dec 2024 20:59:19 GMT
last-modified
Thu, 05 Dec 2024 20:46:47 GMT
content-type
text/javascript
vary
Accept-Encoding
x-guploader-uploadid
AFiumC7v8oWyUeCBHTbYhceXTPTm-VPJI6mz1e-xdb-8AthOyQ7-uBDBeX_9TE1lrDe1pi-G09dr_MiT2g
cache-control
public,max-age=31622400
x-goog-storage-class
STANDARD
accept-ranges
none
access-control-allow-origin
*
x-goog-generation
1733431607563439
content-length
1791
server
UploadServer
gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/ 		63 KB
22 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/gpt
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
4443559573512225521
age
27958
x-content-type-options
nosniff
expires
Tue, 17 Dec 2024 00:40:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 16 Dec 2024 00:40:48 GMT
content-type
text/plain; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=86400, stale-while-revalidate=7200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
22952
x-xss-protection
0
server
cafe
use-as-dictionary
match="/gampad/ads", id="m202412050101"
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.215.23.172 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-23-172.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

cache-control
max-age=900
content-encoding
gzip
etag
"d734-5f2f3919e751f-gzip"
expires
Mon, 16 Dec 2024 08:41:46 GMT
accept-ranges
bytes
content-length
17407
date
Mon, 16 Dec 2024 08:26:46 GMT
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
content-type
application/javascript
server
Apache
vary
Accept-Encoding
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-104.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5fdea6bcb7b7dc4aabe9e409df609b922dde30401ccf5c25f0f384f7e8c43b5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

vary
Accept-Encoding
cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"6016bf24a16f4d1d8384c5f7f11c49fb"
age
15171
via
1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
MRdqH1BL_VcT3raONNArkqyzAWFh5cQkXJ6ZmHDalchBMxcL5nqHOA==
date
Mon, 16 Dec 2024 04:13:56 GMT
content-type
text/javascript
last-modified
Tue, 20 Aug 2024 18:47:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
config.js
cdn.confiant-integrations.net/dqzP001U6CvfmEQNxKTyCMgOlPA/gpt_and_prebid/ 		238 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/dqzP001U6CvfmEQNxKTyCMgOlPA/gpt_and_prebid/config.js
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.144.166 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af22a25904001bfb76c53efb628e25c580da4506b7188f45084d4e90d5495765

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"51c1ba761d9fb1ee317c3db832576239"
age
667
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 16 Dec 2024 08:26:46 GMT
content-type
text/javascript
last-modified
Mon, 16 Dec 2024 07:56:50 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-amz-id-2
Td1Kx2w95sRCzGnjg+tZvLbfjSSG/6c6K4fmr0jcXr9GmZVYlYWxtr2mHMgd4TT4w4L5rLT/Qrs=
cache-control
public, max-age=900, stale-while-revalidate=3600
x-amz-request-id
1Y0DP0S623J6C9F0
cf-ray
8f2d4a59f93f5d67-FRA
accept-ranges
bytes
content-length
49830
server
cloudflare
x-amz-server-side-encryption
AES256
id5-api.js
cdn.id5-sync.com/api/1.0/ 		100 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04c7f536471e1a16bb37c13fb4959de30d7e897ba4f6d66335b3c25d26289616
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

x-amz-id-2
qcl8qkMr2asDo+u2986p5XIzzxFMk9heSSn+iebFxNJt8iiHRycdo0shbxkz7/qnFwvCO5JGeMkKr5yV/ufLLw==
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=3600
content-encoding
br
cf-cache-status
HIT
etag
W/"4d852428cba0ba1a5108520745060d6e"
age
2324
x-amz-request-id
ZKBD3CPQ6P271SX3
cf-ray
8f2d4a5a1bb74d32-FRA
date
Mon, 16 Dec 2024 08:26:46 GMT
content-type
text/javascript;charset=utf-8
last-modified
Wed, 04 Dec 2024 13:37:28 GMT
vary
Accept-Encoding
server
cloudflare
x-amz-server-side-encryption
AES256
rum.js
pagead2.googlesyndication.com/pagead/js/ 		70 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/rum.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
cf93db5f15fb6b90864ea934827bca87f92e75ad6a3aab83881b1f6777ee8929
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

content-encoding
br
etag
82456162888936996
age
2780
x-content-type-options
nosniff
expires
Mon, 16 Dec 2024 08:40:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 16 Dec 2024 07:40:26 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
26167
x-xss-protection
0
server
cafe
bid
aax.amazon-adsystem.com/e/dtb/ 		64 B
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3528&u=https%3A%2F%2Fwinnipegsun.com%2Fpmn%2Fun-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down&pid=bmusU7u5Qx4H8&cb=0&ws=1600x1200&v=24.1105.2150&t=2000&slots=%5B%7B%22sd%22%3A%22ad-1%22%2C%22s%22%3A%5B%221200x90%22%2C%22970x90%22%2C%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22ad-2%22%2C%22s%22%3A%5B%226x6%22%2C%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-3%22%2C%22s%22%3A%5B%227x7%22%2C%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-4%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.57.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-57-137.fra60.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 c630c028c0123d2a5e8fa36e68049386.cloudfront.net (CloudFront)
access-control-allow-origin
https://winnipegsun.com
x-cache
Miss from cloudfront
content-length
84
x-amz-cf-id
afWPVOaowcdzPL7SFpbJjzsFcBttkPtUP3RZ1Cge4xvD7m0_P_FKGg==
date
Mon, 16 Dec 2024 08:26:45 GMT
content-type
text/javascript;charset=UTF-8
x-amz-cf-pop
FRA60-P10
server
Server
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202410301053/ 		301 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202410301053/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/dqzP001U6CvfmEQNxKTyCMgOlPA/gpt_and_prebid/config.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.144.166 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f619cf57dca7918f00dc75994dd6895895b7b5b03487754ac3beaf6b929bdd10

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"d0b0bc4f725f8e2c71589dc3208c484d"
age
953192
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 16 Dec 2024 08:26:46 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 30 Oct 2024 14:54:35 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-amz-id-2
ENQTZ5tbl78UXdPUXLO/3qs2F+xkbjLbcTlbP7VS4vk1b75pn3g7/g86SNvVAGOkV1nirJW7u3Q=
cache-control
public, max-age=31536000
x-amz-request-id
A0A2PVYE6TYWYYV3
cf-ray
8f2d4a5baa9d5d67-FRA
accept-ranges
bytes
content-length
110098
server
cloudflare
x-amz-server-side-encryption
AES256
simple
api.sail-personalize.com/v1/personalize/ 		288 B
496 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Requested by
Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.40.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash
bbc2cfe0cf275370ac684b551760a829af72e07c2575145dcc9673f4c2d5d794

Request headers

x-lib-version
v1.0.1
authorization
Bearer b9d3df2fccd108b5eff3c44f573b2cd6
Referer
https://winnipegsun.com/
x-referring-url
https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
accept
application/json
content-type
application/json
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
no-store
content-encoding
gzip
pragma
no-cache
allowedheaders
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
access-control-allow-credentials
true
allowedorigins
*
expires
-1
access-control-allow-origin
*
allowedmethods
GET,OPTIONS
content-length
195
date
Mon, 16 Dec 2024 08:26:47 GMT
content-type
application/json
vary
Accept-Encoding
simple
api.sail-personalize.com/v1/personalize/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.40.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-lib-version,x-referring-url
Access-Control-Request-Method
GET
Origin
https://winnipegsun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
access-control-allow-methods
OPTIONS,GET,POST,PUT,DELETE
access-control-allow-origin
https://winnipegsun.com
access-control-max-age
1800
allow
HEAD,GET,OPTIONS
content-length
18
content-type
text/plain
date
Mon, 16 Dec 2024 08:26:47 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.246.65 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-246-65.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://winnipegsun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version,Content-Type
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
https://winnipegsun.com
access-control-max-age
3600
allow
OPTIONS,POST
content-length
0
date
Mon, 16 Dec 2024 08:26:47 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.246.65 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-246-65.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://winnipegsun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version,Content-Type
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
https://winnipegsun.com
access-control-max-age
3600
allow
OPTIONS,POST
content-length
0
date
Mon, 16 Dec 2024 08:26:47 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.246.65 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-246-65.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://winnipegsun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version,Content-Type
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
https://winnipegsun.com
access-control-max-age
3600
allow
OPTIONS,POST
content-length
0
date
Mon, 16 Dec 2024 08:26:47 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.246.65 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-246-65.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://winnipegsun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version,Content-Type
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
https://winnipegsun.com
access-control-max-age
3600
allow
OPTIONS,POST
content-length
0
date
Mon, 16 Dec 2024 08:26:47 GMT
translator
hbopenbid.pubmatic.com/ 		0
0
cdb
bidder.criteo.com/ 		0
222 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.46.0&cb=19928259132&lsavail=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::39 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://winnipegsun.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
observe-browsing-topics
?1
access-control-allow-origin
https://winnipegsun.com
date
Mon, 16 Dec 2024 08:26:47 GMT
vary
Origin
server
Kestrel
prebidjs
rtb.openx.net/openrtbb/ 		53 B
294 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
b7ed30d665e26669f25bd17712f44cfd377ff37829e89593a40f28286f030578

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://winnipegsun.com/

Response headers

content-encoding
gzip
x-forwarded-for
78.159.108.27
access-control-allow-credentials
true
observe-browsing-topics
?1
via
1.1 google
access-control-allow-origin
https://winnipegsun.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
date
Mon, 16 Dec 2024 08:26:47 GMT
content-type
text/plain
vary
Origin
prebid
ib.adnxs.com/ut/v3/ 		19 B
709 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://winnipegsun.com/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
78.159.108.27; 78.159.108.27; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
https://winnipegsun.com
an-x-request-uuid
ea63c530-8bdf-4fa7-b20b-8f58a9cb0971
content-length
19
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Mon, 16 Dec 2024 08:26:47 GMT
x-xss-protection
0
content-type
application/json; charset=utf-8
server
nginx/1.23.4
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
571 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=613271
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ade68aab9ee152e49cc7ae1aa2950aa09c25d5c0c43c1f91fa797d7d3e8d53a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://winnipegsun.com/

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=naUrJzGxHduWbs5ojq6pSrVvMsrcchcF%2BBd8O6QBrWZiWOKp%2ByjN5g1DuklLmoX79FKtLMtETj30KrPTcj4fMe5uhurc3lJHCYpKnCS6eFqcj9yX7kKuDEXVfUEwWGK5OBENkm2O"}],"group":"cf-nel","max_age":604800}
observe-browsing-topics
?1
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 16 Dec 2024 08:26:47 GMT
content-type
application/json
vary
Accept-Encoding
priority
u=1,i
cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
access-control-allow-credentials
true
cf-ray
8f2d4a5d299f2c61-FRA
access-control-allow-origin
https://winnipegsun.com
content-length
37
server
cloudflare
fastlane.json
fastlane.rubiconproject.com/a/api/ 		11 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14648&site_id=359816&zone_id=1939094&size_id=2%3B15%3B15%3B15&alt_size_ids=55%3B2%2C55%2C57%3B2%2C55%2C57%3B2%2C55%2C57&eid_pubcid.org=1fd07e2a-8e19-4e56-bcb6-10467b8494f5%5E1&rf=https%3A%2F%2Fwinnipegsun.com%2Fpmn%2Fun-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down&kw=AP&tg_i.domain=winnipegsun.com&tg_i.page=https%3A%2F%2Fwinnipegsun.com%2Fpmn%2Fun-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down&tg_i.aupname=%2F3081%2FSMCO_ENUR_WSUN_EN_WEB%2Fpmn&tg_i.pbadslot=%2F3081%2FSMCO_ENUR_WSUN_EN_WEB%2Fpmn%2Fstory%23ad-1%3B%2F3081%2FSMCO_ENUR_WSUN_EN_WEB%2Fpmn%2Fstory%23ad-2%3B%2F3081%2FSMCO_ENUR_WSUN_EN_WEB%2Fpmn%2Fstory%23ad-3%3B%2F3081%2FSMCO_ENUR_WSUN_EN_WEB%2Fpmn%2Fstory%23ad-4&tk_flint=dmpbjs_v8.46.0&x_source.tid=21e624f3-d8b2-4b31-841b-b4c25ffa9760&l_pb_bid_id=5183aed0e616e2b%3B52154f097e9304f%3B53454c7ba75bd29%3B5432c2ccc5832c1&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=f8674617-a68c-408d-9194-e3ea6b51d741%3Bb877ce2a-1703-418d-9ec2-e5b55aded38f%3Bc3b47fa8-e4ac-4d9f-ad5f-ee59a5bdbc4f%3Bfb798e53-8776-4230-bc0d-deb5344f344d&rp_hard_floor=0.0071&rp_maxbids=1&p_gpid=%2F3081%2FSMCO_ENUR_WSUN_EN_WEB%2Fpmn%2Fstory%23ad-1%3B%2F3081%2FSMCO_ENUR_WSUN_EN_WEB%2Fpmn%2Fstory%23ad-2%3B%2F3081%2FSMCO_ENUR_WSUN_EN_WEB%2Fpmn%2Fstory%23ad-3%3B%2F3081%2FSMCO_ENUR_WSUN_EN_WEB%2Fpmn%2Fstory%23ad-4&m_ch_mobile=%3F0&dnt=0&slots=4&rand=0.5161001971927308
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.27.2 /
Resource Hash
38a11452e6756d1a40a0eea0c36687c531fe06c4bc7aa226164af19a64913114

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://winnipegsun.com/

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://winnipegsun.com
date
Mon, 16 Dec 2024 08:26:47 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx/1.27.2
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
399 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.246.65 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-246-65.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7e5b74882c94c0a66c1272554bbe302fed4802398ab0687989e23c852f7ee16f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

x-openrtb-version
2.5
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json

Response headers

x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
access-control-max-age
3600
access-control-allow-credentials
true
access-control-allow-methods
OPTIONS,POST
allow
OPTIONS,POST
x-content-type-options
nosniff
access-control-allow-origin
https://winnipegsun.com
content-length
66
date
Mon, 16 Dec 2024 08:26:47 GMT
content-type
application/json
access-control-allow-headers
x-openrtb-version,Content-Type
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
399 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.246.65 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-246-65.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7d4673717bf833cb9c6e621fce14cf7bde7318e8ee88256a3c184d6118f9eb01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

x-openrtb-version
2.5
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json

Response headers

x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
access-control-max-age
3600
access-control-allow-credentials
true
access-control-allow-methods
OPTIONS,POST
allow
OPTIONS,POST
x-content-type-options
nosniff
access-control-allow-origin
https://winnipegsun.com
content-length
66
date
Mon, 16 Dec 2024 08:26:47 GMT
content-type
application/json
access-control-allow-headers
x-openrtb-version,Content-Type
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
399 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.246.65 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-246-65.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
05e89bb53a6d6c4d0d2a2f0fe8f40f3ee2cf515b5c67b4e3a9ff902934e14648
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

x-openrtb-version
2.5
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json

Response headers

x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
access-control-max-age
3600
access-control-allow-credentials
true
access-control-allow-methods
OPTIONS,POST
allow
OPTIONS,POST
x-content-type-options
nosniff
access-control-allow-origin
https://winnipegsun.com
content-length
66
date
Mon, 16 Dec 2024 08:26:47 GMT
content-type
application/json
access-control-allow-headers
x-openrtb-version,Content-Type
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
400 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.246.65 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-246-65.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ec18f6490f532139b2dca673ba0f8e9436279088b816b165ef3769c4eca51796
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

x-openrtb-version
2.5
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json

Response headers

x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
access-control-max-age
3600
access-control-allow-credentials
true
access-control-allow-methods
OPTIONS,POST
allow
OPTIONS,POST
x-content-type-options
nosniff
access-control-allow-origin
https://winnipegsun.com
content-length
66
date
Mon, 16 Dec 2024 08:26:47 GMT
content-type
application/json
access-control-allow-headers
x-openrtb-version,Content-Type
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUKB9454
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
e9c754564fd8f989d1b1ddd98947aea39ed929b469459e4d5c55559612a7c5e0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://winnipegsun.com/

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
x-envoy-upstream-service-time
31
access-control-allow-credentials
true
via
1.1 google
expires
Mon, 16 Dec 2024 08:26:47 GMT
access-control-allow-origin
https://winnipegsun.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
638
date
Mon, 16 Dec 2024 08:26:47 GMT
content-type
application/json;charset=utf-8
server
envoy
bid
s.seedtag.com/c/hb/ 		11 B
391 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/c/hb/bid
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://winnipegsun.com/

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
observe-browsing-topics
?1
via
1.1 google
access-control-allow-origin
https://winnipegsun.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11
date
Mon, 16 Dec 2024 08:26:47 GMT
content-type
application/json; charset=utf-8
vary
X-HTTP-Method-Override
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
v1
btlr.sharethrough.com/universal/ 		0
121 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.78.93.150 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-78-93-150.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://winnipegsun.com/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
access-control-allow-origin
https://winnipegsun.com
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/ 		0
121 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.78.93.150 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-78-93-150.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://winnipegsun.com/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
access-control-allow-origin
https://winnipegsun.com
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/ 		0
122 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.78.93.150 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-78-93-150.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://winnipegsun.com/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
access-control-allow-origin
https://winnipegsun.com
access-control-allow-credentials
true
4b368944-3715-4d02-ba91-e134c276793b
https://winnipegsun.com/ Frame 		0
0
bounce
id5-sync.com/ 		29 B
453 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/bounce
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
aca701811d62eb608d12b174231be1ceae3449fe0f4bc847469ff22aab8ca9a5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin
https://winnipegsun.com
p3p
CP="CAO PSA OUR"
date
Mon, 16 Dec 2024 08:26:47 GMT
content-type
text/plain;charset=utf-8
vary
Origin
v1
lb.eu-1-id5-sync.com/lb/ 		56 B
298 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
6930d38f6f7ead76abe7bc384185f12e8a3c12f0975fd14e7d80257396d5fcc0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://winnipegsun.com
date
Mon, 16 Dec 2024 08:26:46 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
pxid
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/v2.0/ 		46 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/v2.0/pxid?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.9.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.9.241.35.bc.googleusercontent.com
Software
Permutive /
Resource Hash
3fda18890bfb730d2aa2ea2286a96738e2115c49984ac2b37ba24affa16dde5f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://winnipegsun.com/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://winnipegsun.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66
date
Mon, 16 Dec 2024 08:26:47 GMT
content-type
application/json
vary
Origin
server
Permutive
getuidj
ib.adnxs.com/ 		11 B
699 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://winnipegsun.com/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
78.159.108.27; 78.159.108.27; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
https://winnipegsun.com
an-x-request-uuid
292029de-6cb6-4320-b2ea-357c7a712e75
content-length
11
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Mon, 16 Dec 2024 08:26:47 GMT
x-xss-protection
0
content-type
application/json; charset=utf-8
server
nginx/1.23.4
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&su=winnipegsun.com&doc=complete&pg_h=6182&pg_w=1600&pg_hs=6182&c=4&aa_c=0&av_h=210&av_w=1600&av_a=336000&s=570&all_s=570&b=2068.734&all_b=2068.734&d=0.136&all_d=0.136&ard=0.136&all_ard=0.136&dt=d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 16 Dec 2024 08:26:47 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
sync
googlesync.permutive.com/v2.0/px/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=a7ffb3b1-d076-4032-b1c9-3c6f1cde9f6a&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=a7ffb3b1-d076-4032-b1c9-3c6f1cde9f6a&gdpr=0&google_tc=
  • https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEHb6Hl8GZWWgxXBsVbuvF1U&error=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=a7ffb3b1-d076-4032-b1c9-3c6f1cde9f6a&gdpr=0&google_cver=1
35 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEHb6Hl8GZWWgxXBsVbuvF1U&error=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=a7ffb3b1-d076-4032-b1c9-3c6f1cde9f6a&gdpr=0&google_cver=1
Protocol
H2
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
date
Mon, 16 Dec 2024 08:26:47 GMT
content-type
image/gif
vary
Origin
server
Permutive

Redirect headers

cache-control
no-cache, must-revalidate
location
https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEHb6Hl8GZWWgxXBsVbuvF1U&error=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=a7ffb3b1-d076-4032-b1c9-3c6f1cde9f6a&gdpr=0&google_cver=1
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
415
date
Mon, 16 Dec 2024 08:26:47 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
favicon-wsun-new.ico
dcs-static.gprod.postmedia.digital/17.5.4/websites/images/suns/ 		9 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/17.5.4/websites/images/suns/favicon-wsun-new.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b5f528cc0db682001457da87158b80a948cf4d2134743ee6cdf823fa8401ca75

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

x-goog-metageneration
1
x-goog-meta-goog-reserved-file-mtime
1733424320
x-goog-hash
crc32c=e4Ik+A==, md5=KFYRM78agHJy6GiUOZCSFQ==
content-encoding
br
etag
W/"28561133bf1a807272e8689439909215"
age
1388
x-goog-stored-content-encoding
identity
x-cache-hit
hit
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
9662
date
Mon, 16 Dec 2024 08:03:39 GMT
last-modified
Thu, 05 Dec 2024 20:46:45 GMT
content-type
image/vnd.microsoft.icon
vary
Accept-Encoding
x-guploader-uploadid
AFiumC5Mt9XpV_jCnM7PZvZe39c5s4SVa9lT_DVdf9Y5zha1N53-IWTkOqQNkrCAK2rJA0zVd3J5
cache-control
public,max-age=31622400
x-goog-storage-class
STANDARD
accept-ranges
none
access-control-allow-origin
*
x-goog-generation
1733431605952044
content-length
3902
server
UploadServer
identify
api.permutive.com/v2.0/ 		50 B
255 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
d273d624b5d80af7ebc04239570da886c63da6ab124e52c9ff59cc42af9cc651

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://winnipegsun.com/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://winnipegsun.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
date
Mon, 16 Dec 2024 08:26:47 GMT
content-type
application/json
vary
Origin
server
Permutive
/
d0.eu-3-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d0.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.195.34.255 , Jordan, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip255.ip-51-195-34.eu
Software
/
Resource Hash
6b23c0d5f35d1b11f9b683f0b0a617355deb11277d91ae091d399c655b87940d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d1.eu-3-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d1.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
135.125.146.82 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip82.ip-135-125-146.eu
Software
/
Resource Hash
2c624232cdd221771294dfbb310aca000a0df6ac8b66b696d90ef06fdefb64a3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d2.eu-3-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d2.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.195.34.222 , Jordan, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip222.ip-51-195-34.eu
Software
/
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d3.eu-3-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d3.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
135.125.146.82 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip82.ip-135-125-146.eu
Software
/
Resource Hash
2c624232cdd221771294dfbb310aca000a0df6ac8b66b696d90ef06fdefb64a3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d4.eu-3-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d4.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.195.34.255 , Jordan, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip255.ip-51-195-34.eu
Software
/
Resource Hash
6b23c0d5f35d1b11f9b683f0b0a617355deb11277d91ae091d399c655b87940d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d5.eu-3-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d5.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.195.127.115 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip115.ip-51-195-127.eu
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d6.eu-3-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d6.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.195.73.74 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip74.ip-51-195-73.eu
Software
/
Resource Hash
d4735e3a265e16eee03f59718b9b5d03019c07d8b6c51f90da3a666eec13ab35

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d7.eu-3-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d7.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.195.73.82 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip82.ip-51-195-73.eu
Software
/
Resource Hash
e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d0.eu-4-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d0.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
135.125.145.78 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip78.ip-135-125-145.eu
Software
/
Resource Hash
ef2d127de37b942baad06145e54b0c619a1f22327b2ebbcfbec78f5564afe39d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d1.eu-4-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d1.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.195.115.36 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip36.ip-51-195-115.eu
Software
/
Resource Hash
4b227777d4dd1fc61c6f884f48641d02b4d121d3fd328cb08b5531fcacdabf8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d2.eu-4-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d2.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
135.125.146.82 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip82.ip-135-125-146.eu
Software
/
Resource Hash
2c624232cdd221771294dfbb310aca000a0df6ac8b66b696d90ef06fdefb64a3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d3.eu-4-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d3.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.195.127.100 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip100.ip-51-195-127.eu
Software
/
Resource Hash
f67ab10ad4e4c53121b6a5fe4da9c10ddee905b978d3788d2723d7bfacbe28a9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d4.eu-4-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d4.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
135.125.140.162 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip162.ip-135-125-140.eu
Software
/
Resource Hash
3f39d5c348e5b79d06e842c114e6cc571583bbf44e4b0ebfda1a01ec05745d43

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d5.eu-4-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d5.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
135.125.146.80 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip80.ip-135-125-146.eu
Software
/
Resource Hash
df7e70e5021544f4834bbee64a9e3789febc4be81470df629cad6ddb03320a5c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d6.eu-4-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d6.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
135.125.140.162 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip162.ip-135-125-140.eu
Software
/
Resource Hash
3f39d5c348e5b79d06e842c114e6cc571583bbf44e4b0ebfda1a01ec05745d43

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d7.eu-4-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d7.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.195.126.30 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip30.ip-51-195-126.eu
Software
/
Resource Hash
7902699be42c8a8e46fbbb4501726517e86b22c56a189f7625a6da49081b2451

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
v3
id5-sync.com/gm/ 		319 B
514 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
7d3c52ed2a927dbf5be62429842d32160a3cc951bfa7d259f4c9c5ba5b467668
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://winnipegsun.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://winnipegsun.com
date
Mon, 16 Dec 2024 08:26:48 GMT
content-type
application/json
vary
Origin
access-control-allow-credentials
true
csi
csi.gstatic.com/ 		0
532 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~m4qrty6c&c=4214763941072025&e=31089348%2C31061691%2C31061692&ctx=1&met.9=1.ti~2.13w&met.10=1_4.CIC1GBAAGICYdSC6DCgA~1_1.CIDlCBCA5QgYgJh1ILoMKAE~1_2.CIC1GBAAGICYdSC6DCgA~1_3.CIC1GBAAGICYdSC6DCgA&met.3=112.1cj_t~113.1xk_3&met.1=1.m4qrtwtt~6.0~7.1~8.y~9.z~10.28~11.1i~12.28~13.69~14.ad~15.ar~16.qd~17.s4~18.s5~19.1x4~20.1x5~21.1x6~22.lu~23.lu
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 16 Dec 2024 08:26:48 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
content-type
image/gif
server
Golfe2
events
api.permutive.com/v2.0/batch/ 		101 B
129 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
b2af5028df2e1240e9cbb3f1637008bdab2b42f49214866f736acee350ed20e3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://winnipegsun.com/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://winnipegsun.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
date
Mon, 16 Dec 2024 08:26:49 GMT
content-type
application/json
vary
Origin
server
Permutive
/
floor.pbxai.com/ 		313 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://floor.pbxai.com/?pubxId=6805e7de-4f8f-46af-a2fc-5299f6b25680&page=https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Requested by
Host: cdn.pbxai.com
URL: https://cdn.pbxai.com/6805e7de-4f8f-46af-a2fc-5299f6b25680.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.6.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-6-234.eu-central-1.compute.amazonaws.com
Software
uvicorn /
Resource Hash
c7fb2e2146d627253f1e04641a3d88df3e98be65357fb6ebffee320c242ae213

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

cache-control
public, max-age=60
content-encoding
gzip
access-control-allow-origin
*
content-length
233
date
Mon, 16 Dec 2024 08:26:46 GMT
content-type
application/json
vary
Accept-Encoding
server
uvicorn
appInfo
config.lrcontent.com/ciam/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://config.lrcontent.com/ciam/appInfo?apikey=1a9a7ccf-c3f1-4ec9-a65f-2c3e8d9510a5
Requested by
Host: auth.lrcontent.com
URL: https://auth.lrcontent.com/v2/js/LoginRadiusV2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e70c4ca9d435e42a0401220dffc2ee0ab7f0ae5a4a019e83ec0b394445c9101

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/
X-Requested-With
XMLHttpRequest

Response headers

cache-control
max-age=86400
content-encoding
gzip
cf-cache-status
DYNAMIC
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
cf-ray
8f2d4a6b6e4b9b4b-FRA
access-control-allow-origin
https://winnipegsun.com
date
Mon, 16 Dec 2024 08:26:49 GMT
content-type
application/json
vary
Origin
server
cloudflare
c3ab324c1607ea2900c3.js
fem.gprod.postmedia.digital/v115.0/chunks/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v115.0/chunks/c3ab324c1607ea2900c3.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v115.0/fem.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
51e1536475859c28a616c56f420bdd7ed68f10c5903c26136e1734d5aca9c7fb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

x-goog-metageneration
1
x-goog-meta-goog-reserved-file-mtime
1731957428
x-goog-hash
crc32c=G+v9Ew==, md5=rJ101PKJDdQdFxRXnVgB3Q==
content-encoding
br
etag
W/"ac9d74d4f2890dd41d1714579d5801dd"
age
1691074
x-goog-stored-content-encoding
identity
x-cache-hit
hit
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
3187
date
Tue, 26 Nov 2024 18:42:15 GMT
last-modified
Mon, 18 Nov 2024 19:17:29 GMT
content-type
text/javascript
vary
Accept-Encoding
x-guploader-uploadid
AFiumC5rsJCtpDVQMuzctcMXGNHora0DEzEdtcSbUJzmtiSS9s2gn2BjHlaqHgGaWzrjU1g3ldM5dpTfEQ
cache-control
public,max-age=31622400
x-goog-storage-class
STANDARD
accept-ranges
none
access-control-allow-origin
*
x-goog-generation
1731957449592185
content-length
1102
server
UploadServer
sodar
ep1.adtrafficquality.google/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202412090101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
b5893f3d6dd6f6d02368ae843846c96a117964be20f37f89ebbadf46b6792bbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
13299
date
Mon, 16 Dec 2024 08:26:49 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
publishertag.prebid.144.js
static.criteo.net/js/ld/ 		96 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.144.js
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
nginx /
Resource Hash
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=86400, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"653b5c0e-1811e"
cross-origin-resource-policy
cross-origin
expires
Tue, 17 Dec 2024 08:26:49 GMT
access-control-allow-origin
*
date
Mon, 16 Dec 2024 08:26:49 GMT
content-type
text/javascript
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
ads
pagead2.googlesyndication.com/gampad/ 		128 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=4214763941072025&correlator=435757414787436&eid=31089348%2C31089253%2C31061691%2C31061692&output=ldjh&gdfp_req=1&vrg=202412090101&ptt=17&impl=fifs&iu_parts=3081%2CSMCO_ENUR_WSUN_EN_WEB%2Cpmn%2Cstory&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=1200x90%7C970x90%7C728x90%2C6x6%7C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C7x7%7C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250&ifi=1&sfv=1-0-40&eri=1&sc=1&lrm=25&abxe=1&dt=1734337609255&lmt=1734335994&adxs=200%2C797%2C797%2C200&adys=154%2C1548%2C3168%2C3988&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C2%7C3&ucis=1%7C2%7C3%7C4&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwinnipegsun.com%2Fpmn%2Fun-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down&rumc=4214763941072025&rume=1&vis=1&psz=1600x90%7C1600x250%7C1600x250%7C1600x250&msz=1600x-1%7C1600x-1%7C1600x-1%7C1600x-1&fws=0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0&topics=5&tps=5&htps=5&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1734337605620&idt=1049&prev_scp=loc%3D1%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26pubx-a%3Don%26pubx-floor%3Dpbx_a0d_n%26pubx-m_v%3Dz%26pubx-floor-mv%3Dpbx_a0d_n-z%7Cloc%3D2%252Cinterscroller%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.11%26hb_adid%3D74db53b7f34695%26hb_bidder%3Drubicon%26pubx-a%3Don%26pubx-floor%3Dpbx_a3d_w%26pubx-m_v%3Dz%26pubx-floor-mv%3Dpbx_a3d_w-z%7Cloc%3D3%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.10%26hb_adid%3D7505c531033c1ba%26hb_bidder%3Drubicon%26pubx-a%3Don%26pubx-floor%3Dpbx_a3d_w%26pubx-m_v%3Dz%26pubx-floor-mv%3Dpbx_a3d_w-z%7Cloc%3D4%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.08%26hb_adid%3D76f5676657e31fd%26hb_bidder%3Drubicon%26pubx-a%3Don%26pubx-floor%3Dpbx_a2d_w%26pubx-m_v%3Dz%26pubx-floor-mv%3Dpbx_a2d_w-z&cust_params=permutive%3D105543%252C96400%252Cadv%252Crts%26prmtvvid%3Db985627b-ac8d-4902-9b45-2364a0591325%26prmtvwid%3D23dc09d6-b664-425a-a76e-0eed6a6cc102%26aid%3D5d02763c-de84-431d-8b2b-66ff429b0ecf%252C831658%26author%3DAssociated%2520Press%26no_pol%3Dtrue%26page%3Dstory%26pr%3Dwsun%26sensitive%3Dy%26sct%3Dprovoking_murder_injury%252Cpolitics_global%26topics%3Dpmn%26negative%3Dy%26nkb%3DGM%252COntarioSecuritiesCommission%252CLandRover%252CCIBC%252CBRP%252CCartier%252CJPMORGAN%252CQuestTradePositive%252CQuestTradeNegative%252CHyundaiNegative%252CSamsung%252CBLM%252CJLR%252CStarbucks%26asrc%3Dwsun%26et%3Dsm%26ck%3Dpmn%26prmtvsdk%3Dweb&adks=2189315267%2C2018098756%2C2951124467%2C8629029&frm=20&eoidce=1&td=1&egid=35852&tan=70b7d56b-3965-4335-94ba-5c2e923ddb28%2C70b7d56b-3965-4335-94ba-5c2e923ddb29%2C70b7d56b-3965-4335-94ba-5c2e923ddb2a%2C70b7d56b-3965-4335-94ba-5c2e923ddb2b&tdf=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
06f7475a6484661441948ea34c709996a4b623d173d4b88567e05ae146fb7f0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

access-control-expose-headers
x-google-amp-ad-validated-version
content-encoding
br
google-lineitem-id
-2,-1,-1,-2
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2,-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 16 Dec 2024 08:26:49 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-2,-1,-1,-2
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://winnipegsun.com
content-length
18754
x-xss-protection
0
server
cafe
container.html
3fe0c431e7d2ae92ddfa97246eb7dd53.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A19B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://3fe0c431e7d2ae92ddfa97246eb7dd53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://winnipegsun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 16 Dec 2024 08:26:49 GMT
expires
Mon, 16 Dec 2024 08:26:49 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
appInfo
config.lrcontent.com/ciam/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://config.lrcontent.com/ciam/appInfo?apikey=1a9a7ccf-c3f1-4ec9-a65f-2c3e8d9510a5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
https://winnipegsun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
x-requested-with
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://winnipegsun.com
allow
GET, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8f2d4a6addf99b4b-FRA
date
Mon, 16 Dec 2024 08:26:49 GMT
server
cloudflare
vary
Origin
login
postmedia.hub.loginradius.com/ssologin/ 		38 B
738 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v115.0/fem.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.246.81.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-81-101.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
Referer
https://winnipegsun.com/

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Cache-Control
no-cache
X-LoginRadius-Server
EU-West, Primary - IDX - AWS
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS, POST, GET, PUT, OPTIONS, DELETE
Expires
-1
Access-Control-Allow-Origin
https://winnipegsun.com
Requestid
60f11469-de32-4c42-86b2-81870aae6480
Content-Length
38
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date
Mon, 16 Dec 2024 08:26:49 GMT
Content-Type
application/json
Server
nginx
X-Server
ms_idx_primary
login
postmedia.hub.loginradius.com/ssologin/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.246.81.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-81-101.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://winnipegsun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS POST, GET, PUT, OPTIONS, DELETE
Access-Control-Allow-Origin
https://winnipegsun.com
Cache-Control
no-cache
Connection
keep-alive
Date
Mon, 16 Dec 2024 08:26:49 GMT
Expires
-1
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Requestid
ee5933f6-c775-4057-a801-cd73f32e4c68
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-LoginRadius-Server
EU-West Primary - IDX - AWS
X-Server
ms_idx_primary
syncframe
gum.criteo.com/ Frame 266D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=winnipegsun.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://winnipegsun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 16 Dec 2024 08:26:49 GMT
server
Kestrel
server-processing-duration-in-ticks
351497
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
publishertag.prebid.144.js
static.criteo.net/js/ld/ 		96 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.144.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
nginx /
Resource Hash
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

cache-control
max-age=86400, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"653b5c0e-1811e"
cross-origin-resource-policy
cross-origin
expires
Tue, 17 Dec 2024 08:26:49 GMT
access-control-allow-origin
*
date
Mon, 16 Dec 2024 08:26:49 GMT
content-type
text/javascript
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
sodar2.js
ep2.adtrafficquality.google/sodar/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Mon, 16 Dec 2024 08:26:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 16 Dec 2024 08:26:49 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame EA47 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://winnipegsun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
689
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 16 Dec 2024 08:15:20 GMT
expires
Mon, 16 Dec 2024 09:05:20 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
signinprompt
edge-auth.microsoft.com/v0.5/ Frame 1C96 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://edge-auth.microsoft.com/v0.5/signinprompt?uuid=4eecd7f9-38d5-4e10-be71-0883f5130c09&send_session_started=true&client_id=a2f5b229-db73-4076-8a05-f85b0fd8a6e8&locale=en-US&context=signin
Requested by
Host: edge-auth.microsoft.com
URL: https://edge-auth.microsoft.com/js/ms_auth_client.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.6.158 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
bingforbusiness.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'strict-dynamic' 'nonce-juElU09ngteSIBxnE7itVtu7Grk3Rnv+dydmDUwSR04pH7QZ8x9ZGXW21CcYoAkZtVdaUgpSgMiYKXrPBxE4HAsgmJNM7GzKq/uwREvGZ//hD+Qf3NbdDc/Q+TP7sI/ztMCcAsNjmAmyzkv4XHOZB+YlO/SfwSnnwJ7MYrkiNh4=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';

Request headers

Referer
https://winnipegsun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
content-security-policy
script-src 'strict-dynamic' 'nonce-juElU09ngteSIBxnE7itVtu7Grk3Rnv+dydmDUwSR04pH7QZ8x9ZGXW21CcYoAkZtVdaUgpSgMiYKXrPBxE4HAsgmJNM7GzKq/uwREvGZ//hD+Qf3NbdDc/Q+TP7sI/ztMCcAsNjmAmyzkv4XHOZB+YlO/SfwSnnwJ7MYrkiNh4=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';
content-type
text/html; charset=utf-8
date
Mon, 16 Dec 2024 08:26:49 GMT
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: D02BACD894F046EE8E7648F7441AF5BA Ref B: AMS231032604035 Ref C: 2024-12-16T08:26:50Z
load
experience.tinypass.com/xbuilder/experience/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://experience.tinypass.com/xbuilder/experience/load?aid=RpxZ9l1H1l
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v115.0/fem.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.176.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53074eb539662d6dd23262b633cb65fbaaacfe73306052110039e1ff3f6b5b57
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

x-request-id
qsc9fass0x
content-encoding
gzip
cf-cache-status
HIT
age
2241
expires
Mon, 16 Dec 2024 07:28:01 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 16 Dec 2024 08:26:50 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding, Origin
last-modified
Mon, 16 Dec 2024 06:58:01 GMT
priority
u=3,i=?0
strict-transport-security
max-age=86400; includeSubDomains
cache-control
public, max-age=1800, s-maxage=1800
pragma
cf-ray
8f2d4a700f35d236-FRA
server
cloudflare
vf-v2.js
cdn.viafoura.net/ 		623 KB
176 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/vf-v2.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v115.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:3a00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
168cde2bf1eff6c6fb697b0c474a052e62fa509086b52aec4e3c9fb7fb2bd331

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

content-encoding
br
x-amz-version-id
eruG_FOpwAszuUqCO4P8zv.8gyIt.5ow
etag
W/"c4642ad7d8b7876ea4cfc9f62dcd75f7"
age
214
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
qjdd-RQkBm0of38vRHEmHk7sTvtSHeit1iYzr34W5MfQ9sSdSE7Wvw==
date
Mon, 16 Dec 2024 08:23:16 GMT
content-type
application/javascript; charset=utf-8
vary
accept-encoding, Origin
last-modified
Thu, 12 Dec 2024 19:43:43 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=300
via
1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
server
AmazonS3
x-amz-server-side-encryption
AES256
6bd63a8d665922db35b3.js
fem.gprod.postmedia.digital/v115.0/chunks/ 		1 KB
547 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v115.0/chunks/6bd63a8d665922db35b3.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v115.0/fem.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
2614f69f1941ba6c764aa1ef37758143d584c6d999627588671be7fb86b2c6ad

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

x-goog-metageneration
1
x-goog-meta-goog-reserved-file-mtime
1731957428
x-goog-hash
crc32c=VoEMWQ==, md5=KNnC4wa6Oqb4fHAoyT3fSw==
content-encoding
br
etag
W/"28d9c2e306ba3aa6f87c7028c93ddf4b"
age
1691073
x-goog-stored-content-encoding
identity
x-cache-hit
hit
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
1212
date
Tue, 26 Nov 2024 18:42:16 GMT
last-modified
Mon, 18 Nov 2024 19:17:29 GMT
content-type
text/javascript
vary
Accept-Encoding
x-guploader-uploadid
AFiumC6zIwAQBnxLebK32ZCoxW6o8MlcLXA0X2_kldprDvGTSiPprIQ6mXVXyJ7nCg4A4Qw7CfK7jwGk-w
cache-control
public,max-age=31622400
x-goog-storage-class
STANDARD
accept-ranges
none
access-control-allow-origin
*
x-goog-generation
1731957449304999
content-length
506
server
UploadServer
gtm.js
www.googletagmanager.com/ 		524 KB
151 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v115.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a57a163dac84cdd8c36e15669c6bfb06b238896dddcc7331908dbb1947dcb7d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

content-encoding
gzip
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Mon, 16 Dec 2024 08:26:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 16 Dec 2024 08:26:50 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 16 Dec 2024 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
154069
x-xss-protection
0
server
Google Tag Manager
beacon.js
sb.scorecardresearch.com/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v115.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-122.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
04de103e0254b5ac670faee52a061486bfbcf2f97946776f6917ce261b18f7c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

vary
accept-encoding
cache-control
max-age=86400
content-encoding
gzip
etag
W/"f938e5cf59280e13f9597c828fb3b891"
age
25031
via
1.1 354c49ee216d1b8ed995ee7b94d96f10.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
pIZ9WcA8ClGDW46oZrQv6nkJ-MluiuL3d1v4IDHfV4H8SVLTJutptg==
date
Mon, 16 Dec 2024 05:01:40 GMT
content-type
text/javascript
last-modified
Mon, 09 Dec 2024 15:01:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P11
x-amz-server-side-encryption
AES256
fullcontact.js
tags.fullcontact.com/anon/ 		0
0
mparticle.js
jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/ 		359 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v115.0/fem.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
c933501263a2ab39dae9d5f9a321c9c1fc2bb50b97bf179ccbf768fd67760ed3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

cache-control
public, max-age=3600
content-encoding
gzip
x-timer
S1734337611.541021,VS0,VE1
age
118
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
x-origin-name
fastlyshield--shield_ssl_cache_iad_kcgs7200117_IAD
x-cache
HIT, HIT
content-length
129704
date
Mon, 16 Dec 2024 08:26:50 GMT
content-type
application/javascript
x-served-by
cache-iad-kcgs7200117-IAD, cache-mad22060-MAD
server
Kestrel
x-cache-hits
31, 1
vary
Accept, Accept-Encoding
gtm.js
www.googletagmanager.com/ 		233 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v115.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5a8b83e579d3752ef279c107ea7cdf854538ed54fbeab238d8fa504096b87d8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Mon, 16 Dec 2024 08:26:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 16 Dec 2024 08:26:50 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 16 Dec 2024 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
76652
x-xss-protection
0
server
Google Tag Manager
tinypass.min.js
cdn.tinypass.com/api/ 		414 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tinypass.com/api/tinypass.min.js?version=2
Requested by
Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=RpxZ9l1H1l
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.176.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b87183b2e26d8ce2a9b0e9fd934c7b034277b46fcb89d9a47aad11f91e3dbc1
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"bb34196ec9f7ccbd354e1a34a4ec1112"
x-amz-version-id
h7jrlZIAcmJERRI9UaR_SPifqVBP.G2i
age
5794
expires
Mon, 16 Dec 2024 12:26:50 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 16 Dec 2024 08:26:50 GMT
content-type
application/javascript
last-modified
Fri, 13 Dec 2024 10:02:39 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-amz-id-2
Yr8/AapB9GDSrF506kRnqxO279INm/E0Nve0wgb/IsCl9RZaQAk98PQRI/JDCtbtUC34pCAE18j3Pll2Av6Ca7OJDgyppabagI9cVebA5l0=
strict-transport-security
max-age=86400; includeSubDomains
x-amz-replication-status
REPLICA
cache-control
public, max-age=14400
x-amz-request-id
TH6S2AXABWR7E4RN
cf-ray
8f2d4a709f9ad236-FRA
server
cloudflare
x-amz-server-side-encryption
AES256
cx.cce.js
cdn.cxense.com/ 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.cce.js
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js?version=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:997::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
bf0c89a6d466325e7481eca13bbecf43daa80644400723d47e43457bc14985f2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

Cache-Control
max-age=3600
Content-Encoding
gzip
Connection
keep-alive
Expires
Mon, 16 Dec 2024 09:26:50 GMT
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
6352
Date
Mon, 16 Dec 2024 08:26:50 GMT
Last-Modified
Mon, 08 Apr 2024 13:13:58 GMT
Content-Type
application/x-javascript
Server
AkamaiNetStorage
Vary
Accept-Encoding
execute
c2.piano.io/xbuilder/experience/ 		9 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2.piano.io/xbuilder/experience/execute?aid=RpxZ9l1H1l
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js?version=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.143.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea6b93c529508cc8f9167a5d19eb446f2ce617efb53cb2682d1685dd07bb8be1
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/x-www-form-urlencoded

Response headers

x-request-id
fs9lngmja0
access-control-expose-headers
Composer-Request-Control-Policy
content-encoding
gzip
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 16 Dec 2024 08:26:50 GMT
content-type
application/json
vary
Accept-Encoding, Origin
priority
u=1,i
strict-transport-security
max-age=86400; includeSubDomains
cache-control
no-cache, no-store
pragma
no-cache
access-control-allow-credentials
true
cf-ray
8f2d4a733cfcd344-FRA
access-control-allow-origin
https://winnipegsun.com
server
cloudflare
v2
api.viafoura.co/v2/winnipegsun.com/bootstrap/ 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/winnipegsun.com/bootstrap/v2
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4850:e81e:5d55:f330:a6e2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
cb27a336683cba22685365c62785a69d3efc6a9fcb648419743943d52f267006

Request headers

Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json;charset=UTF-8

Response headers

access-control-max-age
86400
cache-control
max-age=0
content-encoding
gzip
pragma
no-cache
x-instance-id
i-0b4ba2c450ae2b5fb
access-control-allow-credentials
true
expires
Mon, 16 Dec 2024 08:26:51 GMT
access-control-allow-origin
https://winnipegsun.com
date
Mon, 16 Dec 2024 08:26:51 GMT
content-type
application/json;charset=UTF-8
vary
Accept-Encoding
server
nginx/1.18.0 (Ubuntu)
v2
api.viafoura.co/v2/winnipegsun.com/bootstrap/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/winnipegsun.com/bootstrap/v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4850:e81e:5d55:f330:a6e2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://winnipegsun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
https://winnipegsun.com
access-control-max-age
86400
cache-control
max-age=0
date
Mon, 16 Dec 2024 08:26:51 GMT
expires
Mon, 16 Dec 2024 08:26:51 GMT
pragma
no-cache
server
nginx/1.18.0 (Ubuntu)
x-instance-id
i-0a045e25316d4e5d3
loadTemplateContext
buy.tinypass.com/api/v3/anon/template/ 		671 B
673 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=RpxZ9l1H1l
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js?version=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.176.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ba1f0aab4de1260aa8203c7ef5af671e41b8941f7e5158fff765b5bfa1728f7
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/x-www-form-urlencoded

Response headers

x-request-id
MrgvkosH7Ll
content-encoding
gzip
cf-cache-status
DYNAMIC
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 16 Dec 2024 08:26:51 GMT
content-type
application/json
vary
Accept-Encoding
priority
u=1,i
strict-transport-security
max-age=86400; includeSubDomains
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cf-ray
8f2d4a754cdd9268-FRA
access-control-allow-origin
*
server
cloudflare
cacheableShow
buy.tinypass.com/checkout/template/ Frame 5F2F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/checkout/template/cacheableShow?aid=RpxZ9l1H1l&templateId=OTEHRB8JJDBG&offerId=fakeOfferId&experienceId=EXZS44KN41XP&iframeId=offer_23447bbcdaa3f7fe692c-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwinnipegsun.com
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js?version=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.223.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://winnipegsun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-methods
*
access-control-allow-origin
https://dashboard.piano.io
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=900
cf-cache-status
MISS
cf-ray
8f2d4a7569c4d3bc-FRA
content-encoding
gzip
content-length
2856
content-type
text/html;charset=UTF-8
date
Mon, 16 Dec 2024 08:26:51 GMT
expires
Mon, 16 Dec 2024 08:41:51 GMT
last-modified
Mon, 16 Dec 2024 08:26:51 GMT
p3p
CP="NON DSP COR OUR IND"
pragma
priority
u=0,i
server
cloudflare
server-time
0.012
server-timing
cfExtPri
strict-transport-security
max-age=86400; includeSubDomains
vary
accept-encoding
wn
prod-dash-10-0-94-37
x-forwarded-https
on
x-request-id
MrgvkosBn6D
x-xss-protection
0
gtm.js
www.googletagmanager.com/ 		268 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MDBQXCK&l=gtm_data_layer&gtm=45He4cc1v854392465za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1c98a84adf8057582eb14cb1492c47817902052f8bc287b133173f334cf60399
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Mon, 16 Dec 2024 08:26:51 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 16 Dec 2024 08:26:51 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 16 Dec 2024 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
97357
x-xss-protection
0
server
Google Tag Manager
gtm.js
www.googletagmanager.com/ 		322 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer&gtm=45He4cc1v854392465za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f9e10418c6b3506080189f8fe72b48c6b9d0d9e116c2fb89b71e9adc3968a8eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Mon, 16 Dec 2024 08:26:51 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 16 Dec 2024 08:26:51 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 16 Dec 2024 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
98980
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		314 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-72QH41ZTMR&l=dataLayer&cx=c&gtm=45He4cc1v79194588za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
ffebf3ed679cceb07d6da55bd428f84b39ba1f881cb2b00fd60badd310a58105
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 16 Dec 2024 08:26:51 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 16 Dec 2024 08:26:51 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
107936
x-xss-protection
0
server
Google Tag Manager
web-vitals.attribution.iife.js
unpkg.com/web-vitals@3.5.2/dist/
Redirect Chain
  • https://unpkg.com/web-vitals@3/dist/web-vitals.attribution.iife.js
  • https://unpkg.com/web-vitals@3.5.2/dist/web-vitals.attribution.iife.js
10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/web-vitals@3.5.2/dist/web-vitals.attribution.iife.js
Protocol
H2
Server
2606:4700::6811:f8cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
834855b0c8387a3ba457811b0e664777e79fa712722c962f12efb129b60c47b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
"28bb-wwZ82D9Sng4EXAJwcNpWRMvXVbg"
age
1560412
x-content-type-options
nosniff
date
Mon, 16 Dec 2024 08:26:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01JDRS3HBW2P7WYH79AEC8ZQY5-fra
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
8f2d4a76dd5c4d74-FRA
access-control-allow-origin
*
server
cloudflare

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, s-maxage=600, max-age=60
location
/web-vitals@3.5.2/dist/web-vitals.attribution.iife.js
content-encoding
br
cf-cache-status
HIT
age
142
x-content-type-options
nosniff
via
1.1 fly.io
cf-ray
8f2d4a761ca74d74-FRA
access-control-allow-origin
*
date
Mon, 16 Dec 2024 08:26:51 GMT
content-type
text/plain; charset=utf-8
vary
Accept, Accept-Encoding
fly-request-id
01JF7936Q310SV3SZ6J1S78JVW-fra
server
cloudflare
ribn.min.js
assets.ribn.com/production/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.ribn.com/production/ribn.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2a4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d22c2b457592d1f744afe93fdca6657e1985e47f0fade89674ae45ebce1d6428
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"6b213f30955b664fd78dc9e388b17e54"
age
6136
x-content-type-options
nosniff
expires
Mon, 16 Dec 2024 12:26:51 GMT
x-cache
Miss from cloudfront
x-amz-cf-id
ldaSRapCbkhl1Aj07e44Fy2IjifMmGCXScJn0YJAVGreHsifU7OUtA==
date
Mon, 16 Dec 2024 08:26:51 GMT
content-type
application/javascript
last-modified
Wed, 28 Oct 2020 14:49:59 GMT
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
cache-control
public, max-age=14400
referrer-policy
strict-origin-when-cross-origin
via
1.1 9a6cbd81b92c16e925bba794eeb59248.cloudfront.net (CloudFront)
cf-ray
8f2d4a7748a84db4-FRA
x-xss-protection
1; mode=block
x-amz-cf-pop
BUD50-P2
server
cloudflare
ribn-postmedia.min.js
assets.ribn.com/v2/production/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.ribn.com/v2/production/ribn-postmedia.min.js
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2a4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c81cab8c63d469329c0e0724770c6c8622f0d5d1fb8b6f919b6d7dddfadba190
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"baaa6497dd2dea88d8fdb6d6cca08cf2"
age
6791
x-content-type-options
nosniff
expires
Mon, 16 Dec 2024 12:26:51 GMT
x-cache
Miss from cloudfront
x-amz-cf-id
4rgzcJ4w4CIvG1-rmNfym0o5vA7RW3scFMquyiD0p2wTNgPL1PkacA==
date
Mon, 16 Dec 2024 08:26:51 GMT
content-type
application/javascript
last-modified
Wed, 01 Sep 2021 18:06:03 GMT
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
cache-control
public, max-age=14400
referrer-policy
strict-origin-when-cross-origin
via
1.1 d5bd9c82cbbad6f05501bb737b3688dc.cloudfront.net (CloudFront)
cf-ray
8f2d4a7748aa4db4-FRA
x-xss-protection
1; mode=block
x-amz-cf-pop
WAW51-P3
server
cloudflare
ta.js
static.trueanthem.com/scripts/ 		731 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.trueanthem.com/scripts/ta.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89bd39b2a848d8ef9910066b7c39e9742cc47bd2cf700c273e026c3f60d213d2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=cFyq6Q==, md5=LVEAlqx4oP86QO2uXZwMkg==
cf-cache-status
HIT
etag
W/"2d510096ac78a0ff3a40edae5d9c0c92"
age
3012
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vZoo1L9JEVByBfxPBsdJSJuLEyAriH0bgIgERPKU1YR2ftwlMFPcJ9x332UbneLsavJo4s%2B3l%2Bb5mFaKAdqNiurJHx8JIWMy7TheEV1y9eyhKI7aV2gZ85Bp2Dbq%2BCpis2UMhsG%2Big%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-goog-stored-content-encoding
identity
expires
Mon, 16 Dec 2024 08:11:19 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
731
server-timing
cfL4;desc="?proto=QUIC&rtt=8514&min_rtt=7937&rtt_var=2563&sent=13&recv=9&lost=0&retrans=0&sent_bytes=4298&recv_bytes=4327&delivery_rate=61818&cwnd=12000&unsent_bytes=0&cid=885029747314c378&ts=33&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 16 Dec 2024 08:26:51 GMT
content-type
text/javascript
last-modified
Mon, 03 Apr 2023 04:25:23 GMT
vary
Origin, Accept-Encoding
priority
u=3,i=?0
x-guploader-uploadid
AFiumC7FFwWQgKK_QxL2M-RSsz3q6NtNH-s42aJIzP_Iw_HnKAb3BrRNSD6MPVvrqUv8A92RbKk
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
STANDARD
cf-ray
8f2d4a761a87d2ea-FRA
x-goog-generation
1680495923461532
server
cloudflare
gtm.js
www.googletagmanager.com/ 		278 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5KMC8ND&l=dl_mparticle
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
d2be28a4b7d9a9ec5ae8ea70d1f0af2e72a083f2adcca45445e8703d29919f4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Mon, 16 Dec 2024 08:26:51 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 16 Dec 2024 08:26:51 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 16 Dec 2024 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
83108
x-xss-protection
0
server
Google Tag Manager
identify
identity.mparticle.com/v1/ 		175 B
340 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
25ac26aadc09be84db851e081d10ceae576ff1f7959aae3b722dd0a77ef3af63
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

x-mp-key
us1-99b65fde89a1a145894d2d51d283cc83
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
text/plain;charset=UTF-8
Content-Type
application/json

Response headers

access-control-expose-headers
X-MP-Max-Age
content-encoding
gzip
x-fastly-trace-id
171697890
x-cache
MISS
date
Mon, 16 Dec 2024 08:26:51 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-mad2200115-MAD
x-cache-hits
0
vary
Accept-Encoding
x-mp-max-age
86400
strict-transport-security
max-age=900
x-timer
S1734337611.481801,VS0,VE99
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
server
Kestrel
cx.js
cdn.cxense.com/ 		114 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.cce.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:997::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
459145908fcd4374a85bed15907b1f471c25107c604eca7f946ce5d3c7aa8aef

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

Cache-Control
max-age=3600
Content-Encoding
gzip
Connection
keep-alive
Expires
Mon, 16 Dec 2024 09:26:51 GMT
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
37915
Date
Mon, 16 Dec 2024 08:26:51 GMT
Last-Modified
Mon, 02 Dec 2024 12:20:09 GMT
Content-Type
application/x-javascript
Server
AkamaiNetStorage
Vary
Accept-Encoding
identify
identity.mparticle.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-mp-key
Access-Control-Request-Method
POST
Origin
https://winnipegsun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type,x-mp-key
access-control-allow-methods
POST
access-control-allow-origin
*
age
1654
date
Mon, 16 Dec 2024 08:26:51 GMT
server
Kestrel
strict-transport-security
max-age=900
via
1.1 varnish
x-cache
HIT
x-cache-hits
287
x-fastly-trace-id
171697535
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by
cache-mad2200115-MAD
x-timer
S1734337611.417753,VS0,VE0
sodar
ep1.adtrafficquality.google/pagead/ 		0
0
ta.c34341.js
static.trueanthem.com/scripts/ 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.trueanthem.com/scripts/ta.c34341.js
Requested by
Host: static.trueanthem.com
URL: https://static.trueanthem.com/scripts/ta.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
469c3c3ebe581ecb1a3c893d20b642bbc014912693d13cc2bfd54de246e12c1d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=rvRlhw==, md5=KLLb2wPwlpmKOB9hJt2sTA==
cf-cache-status
HIT
etag
W/"28b2dbdb03f096998a381f6126ddac4c"
age
372
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b4Z1A61geMhA7FyE2qZ%2BdAW7EyJ1OlF6w2RX2bUSGyHKpFdXyFX6Ggz0AE93RnivkWQsflYMa3uwJVIaBU7XYpnoQpwOxz67MPx%2Bsn075rycrjrl1vaNkL%2BvUhCb4aoub843xkETSw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-goog-stored-content-encoding
identity
expires
Mon, 16 Dec 2024 09:01:10 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
27234
server-timing
cfL4;desc="?proto=QUIC&rtt=13959&min_rtt=7937&rtt_var=10615&sent=17&recv=13&lost=0&retrans=1&sent_bytes=6214&recv_bytes=4731&delivery_rate=7107&cwnd=12000&unsent_bytes=0&cid=885029747314c378&ts=317&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 16 Dec 2024 08:26:51 GMT
content-type
text/javascript
last-modified
Mon, 03 Apr 2023 04:25:20 GMT
vary
Origin, Accept-Encoding
priority
u=3,i=?0
x-guploader-uploadid
AFiumC5EsTRuGLU_cvv7uC7SicVFhVbF3L2KcPqbrssT9EfHFFGkza54wAyseuqz4lyG4NrRXj8c8r5XTw
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
STANDARD
cf-ray
8f2d4a77decad2ea-FRA
x-goog-generation
1680495920536276
server
cloudflare
sp1.html
cdn.cxense.com/ Frame 7E83 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/sp1.html
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:983::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash

Request headers

Referer
https://winnipegsun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Cache-Control
max-age=864000
Connection
keep-alive
Content-Encoding
gzip
Content-Length
289
Content-Type
text/html
Date
Mon, 16 Dec 2024 08:26:51 GMT
Expires
Thu, 26 Dec 2024 08:26:51 GMT
Last-Modified
Thu, 30 Nov 2023 11:55:50 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
collect
www.google.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwinnipegsun.com%2Fpmn%2Fun-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down&scrsrc=www.googletagmanager.com&frm=0&rnd=1487876458.1734337612&dt=UN%20human%20rights%20office%20in%20Venezuela%20partially%20resumes%20work%20months%20after%20government%20shut%20it%20down%20%7C%20Winnipeg%20Sun&auid=838034372.1734337612&navt=n&npa=1&gtm=45He4cc1v854747130za200zb854392465&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&tft=1734337611641&tfd=6409&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MDBQXCK&l=gtm_data_layer&gtm=45He4cc1v854392465za200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers
js
www.googletagmanager.com/gtag/ 		312 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-H792QCFZPV&l=gtm_data_layer&cx=c&gtm=45He4cc1v854753396za200zb854392465
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer&gtm=45He4cc1v854392465za200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
89d35ac745843e299e5a72d38e2583b8859c33c6ece6d33cd6a8be6c23a32845
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 16 Dec 2024 08:26:51 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 16 Dec 2024 08:26:51 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
107420
x-xss-protection
0
server
Google Tag Manager
marfeel-sdk.js
sdk.mrf.io/statics/ 		168 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ccc5bce4ed4dc706b916db3f824ccd9e15291a974b2ae99170e4c7084469eca

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://winnipegsun.com
Referer
https://winnipegsun.com/

Response headers

content-encoding
gzip
cf-cache-status
EXPIRED
x-response-time
7ms
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 16 Dec 2024 08:26:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 16 Dec 2024 08:26:51 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
max-age=1800
x-envoy-upstream-service-time
20
cf-ray
8f2d4a793c3c036e-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
46632
server
cloudflare
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
240355f4e85792fb5c1e46a942e6d797a078d39f8717dfbab666e4e80cb4dd8d
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-klrB9y5E' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 16 Dec 2024 08:26:51 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-klrB9y5E' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=7, rtx=0, c=23, mss=1232, tbw=4472, tp=9, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
LhXLh2Te5L8koXO+hsxyh/4wVEnb9q0V4Qq+vjgmFg0xlTVRwljSBHFJdzgq+9BNcE05oE4chUTup+VgHOv0nQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62283
x-xss-protection
0
origin-agent-cluster
?1
beacon
b.trueanthem.com/ 		0
0
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-72QH41ZTMR&gtm=45je4cc1v880952817z879194588za200zb79194588&_p=1734337610241&_gaz=1&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1291122515.1734337612&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1734337611&sct=1&seg=0&dl=https%3A%2F%2Fwinnipegsun.com%2Fpmn%2Fun-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down&dt=UN%20human%20rights%20office%20in%20Venezuela%20partially%20resumes%20work%20months%20after%20government%20shut%20it%20down%20%7C%20Winnipeg%20Sun&en=FCP&_fv=1&_nsi=1&_ss=1&ep.web_vitals_measurement_name=FCP&ep.web_vitals_measurement_id=v3-1734337611399-7531161939365&epn.web_vitals_measurement_value=785.5&epn.value=785.5&tfd=6655
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-72QH41ZTMR&l=dataLayer&cx=c&gtm=45He4cc1v79194588za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://winnipegsun.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 16 Dec 2024 08:26:52 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
545 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-72QH41ZTMR&cid=1291122515.1734337612&gtm=45je4cc1v880952817z879194588za200zb79194588&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-72QH41ZTMR&l=dataLayer&cx=c&gtm=45He4cc1v79194588za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1f::9a -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://winnipegsun.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 16 Dec 2024 08:26:52 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-72QH41ZTMR&cid=1291122515.1734337612&gtm=45je4cc1v880952817z879194588za200zb79194588&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tag_exp=101925629~102067555~102067808~102081485~102198178&z=1529496413
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 16 Dec 2024 08:26:52 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
52.fe516ab6620ef754efa3.js
cdn.viafoura.net/chunks/ 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/52.fe516ab6620ef754efa3.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:3a00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e8348f85019c4116a8898d2ddadd8413d47b43983e15efe33544759ae707e58e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

content-encoding
br
x-amz-version-id
ugSpPyqsZppuU.6GyVOIwHlsKGsl4ogS
etag
W/"5a0010502dc798b204c962c39fbcf6f4"
age
304970
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
3wWkNKvOAY9xo1zITJqrnXyccP6dG6HOqAsLLlQ8sZtAMD7jOm7hzQ==
date
Thu, 12 Dec 2024 19:44:02 GMT
content-type
application/javascript; charset=utf-8
vary
accept-encoding, Origin
last-modified
Thu, 12 Dec 2024 19:43:38 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
via
1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
server
AmazonS3
x-amz-server-side-encryption
AES256
56.9ee985023cb450e3f33d.js
cdn.viafoura.net/chunks/ 		0
0
sw_iframe.html
www.googletagmanager.com/static/service_worker/4cc0/ Frame 6A16 		0
0
p.js
cdn.parsely.com/keys/winnipegsun.com/ 		0
0
id
id.cxense.com/public/user/ 		0
0
js
www.googletagmanager.com/gtag/ 		0
0
events
api.permutive.com/v2.0/batch/ 		0
0
1685973801652415
connect.facebook.net/signals/config/ 		0
0
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-H792QCFZPV&gtm=45je4cc1v880952819z8854753396za200zb854753396&_p=1734337610288&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1291122515.1734337612&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&dl=https%3A%2F%2Fwinnipegsun.com%2Fpmn%2Fun-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down&sid=1734337612&sct=1&seg=0&dt=UN%20human%20rights%20office%20in%20Venezuela%20partially%20resumes%20work%20months%20after%20government%20shut%20it%20down%20%7C%20Winnipeg%20Sun&en=page_view&_fv=1&_ss=1&ep.debug_mode=false&ep.gtm_version=65&ep.gtm_container_id=GTM-P3Q4QHW&ep.ad_blocker_enabled=false&ep.user_status=anonymous&ep.project_type=Wired&ep.page_type=story&ep.platform=Cheetah&ep.platform_version=17.5.4&ep.fem_version=v115.0&ep.brand=Winnipeg%20Sun&ep.timestamp=2024-12-16T09%3A26%3A52.201%2B01%3A00&ep.ga_client_id=1291122515.1734337612&ep.article_authors=Associated%20Press&ep.publish_timestamp=1734105508&ep.article_title=UN%20human%20rights%20office%20in%20Venezuela%20partially%20resumes%20work%20months%20after%20government%20shut%20it%20down&ep.originating_property=true&ep.nlp_category=Politics&ep.nlp_topic=U.N.%20office%2C1%7Cauthorities%2C1%7CMaduro%27s%20government%2C0.8345%7CVenezuela%2C0.7248%7CVolker%20Turk%2C0.6927&ep.nlp_entity=Associations%20%26%20groups%2CPolitical%20NGO%2FAssociation%2CU.N.%2C0.9648%7CPeople%2Cperson%2CNicolas%20Maduro%2C0.94%7CCountries%2Clocation%2CVenezuela%2C0.9236%7CPeople%2Cperson%20name%2CVolker%20Turk%2C0.9078%7CAssociations%20%26%20groups%2Cgroup%2CHuman%20Rights%20Council%2C0.2938&ep.main_category=pmn&ep.article_tags=ap&epn.word_count=405&epn.character_count=2269&ep.article_id=5d02763c-de84-431d-8b2b-66ff429b0ecf&ep.wire_content=true&ep.metered_content=true&up.client_id=1291122515.1734337612&tfd=6982
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H792QCFZPV&l=gtm_data_layer&cx=c&gtm=45He4cc1v854753396za200zb854392465
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://winnipegsun.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 16 Dec 2024 08:26:52 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
57 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-H792QCFZPV&cid=1291122515.1734337612&gtm=45je4cc1v880952819z8854753396za200zb854753396&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H792QCFZPV&l=gtm_data_layer&cx=c&gtm=45He4cc1v854753396za200zb854392465
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1f::9a -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://winnipegsun.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 16 Dec 2024 08:26:52 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-H792QCFZPV&cid=1291122515.1734337612&gtm=45je4cc1v880952819z8854753396za200zb854753396&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tag_exp=101925629~102067555~102067808~102081485~102198178&z=490990314
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 16 Dec 2024 08:26:52 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
ingest.php
events.newsroom.bi/ 		89 B
884 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.19.56.86 -, , ASN (),
Reverse DNS
Software
istio-envoy /
Resource Hash
16c6db2264fc4692b56c6684fc47601ab5f09dd4110f3f8e1497fb223e1e1240

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://winnipegsun.com/

Response headers

access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
content-encoding
gzip
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://winnipegsun.com
content-length
99
date
Mon, 16 Dec 2024 08:26:52 GMT
content-type
application/json
server
istio-envoy
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
867ff8b704b470fcdc8c.js
sdk.mrf.io/statics/ 		70 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.mrf.io/statics/867ff8b704b470fcdc8c.js
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af458a3896c6b4019d7ddb9f6e999cf9d5bffc777389945f4615116d1d5d3702

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://winnipegsun.com
Referer
https://winnipegsun.com/

Response headers

access-control-max-age
3600
content-encoding
br
cf-cache-status
HIT
etag
W/"75e021809b9e0a9ca401e3be81cf5895"
age
741
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
x-cache
RefreshHit from cloudfront
x-amz-cf-id
AGrvOwFhVC3SDcjpjZI952hVQD4MOS1Vwp7SHVMvRUqIXuV9WGkoCQ==
date
Mon, 16 Dec 2024 08:26:52 GMT
content-type
application/javascript;charset=UTF-8
last-modified
Mon, 09 Dec 2024 09:09:24 GMT
vary
accept-encoding
priority
u=1,i=?0
server-timing
cfExtPri
cache-control
max-age=3600
timing-allow-origin
*
x-envoy-upstream-service-time
154
via
1.1 c2c44e18165da827386e0ed36aeea344.cloudfront.net (CloudFront)
cf-ray
8f2d4a7caf02036e-FRA
access-control-allow-origin
*
x-amz-cf-pop
AMS58-P3
server
cloudflare
x-amz-server-side-encryption
AES256
identify
identity.mparticle.com/v1/ 		175 B
272 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
25ac26aadc09be84db851e081d10ceae576ff1f7959aae3b722dd0a77ef3af63
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

x-mp-key
us1-99b65fde89a1a145894d2d51d283cc83
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
text/plain;charset=UTF-8
Content-Type
application/json

Response headers

access-control-expose-headers
X-MP-Max-Age
content-encoding
gzip
x-fastly-trace-id
171702572
x-cache
MISS
date
Mon, 16 Dec 2024 08:26:52 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-mad2200115-MAD
x-cache-hits
0
vary
Accept-Encoding
x-mp-max-age
86400
strict-transport-security
max-age=900
x-timer
S1734337612.326725,VS0,VE120
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
server
Kestrel
Forwarding
jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/Forwarding
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::645 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash

Request headers

Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
text/plain;charset=UTF-8
Content-Type
text/plain;charset=UTF-8

Response headers

x-timer
S1734337612.482075,VS0,VE32
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
content-length
0
date
Mon, 16 Dec 2024 08:26:52 GMT
x-served-by
cache-mad2200124-MAD
server
Kestrel
x-cache-hits
0
envelope
lexicon.33across.com/v1/ 		49 B
250 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a0000344KfnAAE&gdpr=0&src=pbjs&ver=8.46.0&coppa=0
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.193.51 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://winnipegsun.com/

Response headers

cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://winnipegsun.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
date
Mon, 16 Dec 2024 08:26:52 GMT
content-type
application/json
vary
origin
fed
ups.analytics.yahoo.com/ups/58877/ 		2 B
238 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58877/fed?v=1&1p=0&gdpr=0&gdpr_consent=&us_privacy=&url=https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down&pixelId=58877
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://winnipegsun.com/

Response headers

strict-transport-security
max-age=31536000
age
0
access-control-allow-credentials
true
referrer-policy
no-referrer-when-downgrade
access-control-allow-origin
https://winnipegsun.com
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date
Mon, 16 Dec 2024 08:26:52 GMT
content-type
application/json
vary
Origin
server
ATS
prebid
id5-sync.com/api/config/ 		168 B
449 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
3e9efb85ab321f1ba103f865b477202ebe5875930fdefbd2df34c8314c91ed4a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://winnipegsun.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://winnipegsun.com
date
Mon, 16 Dec 2024 08:26:51 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials
true
id5PrebidModule.js
cdn.id5-sync.com/api/1.0/ 		88 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5PrebidModule.js
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4401aae4b15569fbacfc877c1004bbd8ac7c168343e1a82c60b58af392d8b37
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

x-amz-id-2
pDKuqsXJpcnyDxZk7AfNWKMBzM58JvRxZLxCMyEgXCSQmkkkiNCWecMqpB37abqQ42K6+5RQx3sFMB9YQcAHPZt2/tX1eLjJ
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=3600
content-encoding
br
cf-cache-status
HIT
etag
W/"903277a5e756877c659058d6ce6ce5ab"
age
479
x-amz-request-id
957QGNSGSFDNK9YS
cf-ray
8f2d4a7d3a774d32-FRA
date
Mon, 16 Dec 2024 08:26:52 GMT
content-type
text/javascript;charset=utf-8
last-modified
Wed, 04 Dec 2024 13:37:28 GMT
vary
Accept-Encoding
server
cloudflare
x-amz-server-side-encryption
AES256
checksync.php
contextual.media.net/ Frame 876C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUKB9454&prvid=2012%2C2034%2C2033%2C2055%2C172%2C2030%2C3020%2C251%2C233%2C2027%2C236%2C313%2C237%2C70%2C319%2C97%2C55%2C77%2C20000%2C2023%2C2022%2C3012%2C460%2C462%2C244%2C201%2C2039%2C246%2C126%2C203%2C326%2C108%2C508&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://winnipegsun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=172800
content-encoding
gzip
content-length
9188
content-type
text/html; charset=UTF-8
date
Mon, 16 Dec 2024 08:26:52 GMT
expires
Wed, 18 Dec 2024 08:26:52 GMT
server
Apache
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
x-mnet-hl2
E
async_usersync.html
acdn.adnxs.com/dmp/ Frame 3D36 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://winnipegsun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
60982
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 16 Dec 2024 08:26:52 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 05 Dec 2024 15:30:10 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1532033, 173098
X-Served-By
cache-lga21982-LGA, cache-mad22032-MAD
X-Timer
S1734337613.543075,VS0,VE0
ixmatch.html
js-sec.indexww.com/um/ Frame 0574 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.18 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://winnipegsun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
176
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
8f2d4a7df9bca06d-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 16 Dec 2024 08:26:52 GMT
expires
Mon, 16 Dec 2024 12:26:52 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 9520 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.125.233 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer
https://winnipegsun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
224
content-type
text/html; charset=UTF-8
date
Mon, 16 Dec 2024 08:26:52 GMT
etag
"28052a-10d-6142d69a886c0"
last-modified
Thu, 21 Mar 2024 15:32:19 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 284A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.43.60.191 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Referer
https://winnipegsun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=114486
content-encoding
gzip
content-length
6694
content-type
text/html
date
Mon, 16 Dec 2024 08:26:52 GMT
expires
Tue, 17 Dec 2024 16:14:58 GMT
last-modified
Wed, 13 Nov 2024 05:14:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
pd
postmedia-d.openx.net/w/1.0/ Frame 88DE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://postmedia-d.openx.net/w/1.0/pd
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 -, , ASN (),
Reverse DNS
Software
OXGW/0.0.0 /
Resource Hash

Request headers

Referer
https://winnipegsun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
151
content-type
text/html
date
Mon, 16 Dec 2024 08:26:52 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
events
jssdks.mparticle.com/v3/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 		41 B
148 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v3/JS/us1-99b65fde89a1a145894d2d51d283cc83/events
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::645 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
b055b9d39c6b1142af7c5df0f92d9fa12df9b064d46af2f3c48cb51395b9c92e

Request headers

Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
text/plain;charset=UTF-8
Content-Type
text/plain;charset=UTF-8

Response headers

content-encoding
gzip
x-timer
S1734337613.608319,VS0,VE34
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
date
Mon, 16 Dec 2024 08:26:52 GMT
content-type
application/json
x-served-by
cache-mad2200124-MAD
server
Kestrel
x-cache-hits
0
vary
Accept-Encoding
rfv.php
events.newsroom.bi/data/ 		27 B
470 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/data/rfv.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.19.56.86 -, , ASN (),
Reverse DNS
Software
istio-envoy /
Resource Hash
79df73fd1377483384f7b7565e98c4a430889f0388db05634271f9f302faeac7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://winnipegsun.com/

Response headers

access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
content-encoding
gzip
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://winnipegsun.com
content-length
42
date
Mon, 16 Dec 2024 08:26:52 GMT
content-type
application/json
server
istio-envoy
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
v1
lb.eu-1-id5-sync.com/lb/ 		56 B
297 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
b0118c2db7330f9772d04a324f2321dd0abc54f100471a4fa89780baef6c6f59
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winnipegsun.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://winnipegsun.com
date
Mon, 16 Dec 2024 08:26:52 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
1674.json
id5-sync.com/g/v2/ 		251 B
446 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/1674.json
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
deff765ba1fe89e0c571103166fa5d81af46c051b96b0cad7476d1071c28ac49
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://winnipegsun.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://winnipegsun.com
date
Mon, 16 Dec 2024 08:26:52 GMT
content-type
application/json
vary
Origin
access-control-allow-credentials
true

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
winnipegsun.com
URL
blob:https://winnipegsun.com/4b368944-3715-4d02-ba91-e134c276793b
Domain
tags.fullcontact.com
URL
https://tags.fullcontact.com/anon/fullcontact.js
Domain
ep1.adtrafficquality.google
URL
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gpt_m202412090101&jk=4214763941072025&bg=!v7ylvPPNAAbtGp3CzRo7ADQBe5WfOLgcTgqRbl21aYui949yav6W4p1gNZZAaXNQiuWcJEH-CNir0J4YiwFWY19jJSY5AgAAAQlSAAAABGgBB34ANiFX2OrS7S8_ejEzW72iMuyKhCBeAtdR45XZs6JFHHrooO2JH9XHjrH5PKvRppzDicm3Ng6QwQoAs1iFWPGnXo7mj2c_bXYJh71CO4TiF7pkkaaI8lOEbAAmL4jYAqkNyioQMfjh1SaUFqaljkWHelHSMU5DUVcJPMYQKMKtTrIti2xvEJi4R8dRTEaqC9plwM_yJCrNNZ0twLi1WrEuTSr4DeP2vcQOO-kLFOQh3ieFBmzhm9KGfFZ8dvEg0-vYsIxIFQtfMs5LnHO1iSCiHYk7RRTwbiTLwC_URJkhsbcihuxPN5GfbynRbKIkmQKYslHU-ra8V7lkDf3u6oK5OFXRMvODSw6fNGFLH026hCtUBrHzhKxuLmniwlrTHBRzwvWMpYqslTsRJvg85urJW_dtbwQmiXRvHrwlw_EJZhFZB_j17anw9aHbzj0R7CygZDcb7QnrTHGs-4nQpQbbhPCgSFN1HiNmaxPe0vIaWQXhUxMlWqZB7S_iOeTMV6k__Q8GtGWsSvc1vsbibLn4tJ1L8v4CS-lXSwrreYZQGjwC5gLmX0sfJ9QXS3ivjs1E7CRtQ-q-CNC0s8mntu8kPs6t5WmNcRInfThTQyjI1H1hpbYtiq2SNquTcDenQWxUHaFKBapvKVUJ3EEruAERHOoQB8R_6IBBXP_anUw6JlvyICBeIyj6rj6hSUHaWzkri_r-MsnsyLAnOYKDk0iUFDhLVSbm-KbE32fy4bmPvb6zHWsHxPljkQ3jdDgi5lj6p4VmSIKHpWoi1oyTRu6qf8T-JNHx50UgvUNXfoi4BvSami9wyxEOS21c-9YOPUZp5dIyXcd0sQ5m3mxj6e5xjxr3rQI04FPSrVkcw2e9EI1pxcKi0P9xB59gvDFW114_CPlR5NoaUgah5TzJkfgYrRb4kp7TgdRizUqAGOBd-YvjB-rm4Ja9xBgMnLfdk9HWA2jU5_el9KuELNg04xPzJZuBCu8t24wRMZBvG-4ncykjJM872P19DIPMKYOLDXxZhOgQ0A4pTErfbJptFSd5JwtWweRxZ6-ew9BAqEdeG0u76N8HWzIVeii3eUaHQ0_TJIElYvWeuDEHKIJGEMpMoYrTa5r_Wcdt4Y_WUyMDNKe-yh7YCl2XEYAIOCJ117Wo49O3LfnZUwZsgvpHEU1nyFQJCDBAoRI7dNxJu4u7MOS-qVMrBNOw1w
Domain
b.trueanthem.com
URL
https://b.trueanthem.com/beacon
Domain
cdn.viafoura.net
URL
https://cdn.viafoura.net/chunks/56.9ee985023cb450e3f33d.js
Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fwinnipegsun.com
Domain
cdn.parsely.com
URL
https://cdn.parsely.com/keys/winnipegsun.com/p.js
Domain
id.cxense.com
URL
https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22m4qru0ylzbcg9cgm%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%221j5loruidhchi320npnykgvj9t%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%221j5loruidhchi320npnykgvj9t%22%7D%5D%7D&callback=cXJsonpCB1
Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtag/js?id=G-RT9GKF97XT&l=dl_mparticle&cx=c&gtm=45He4cc1v9134303430za200
Domain
api.permutive.com
URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Domain
connect.facebook.net
URL
https://connect.facebook.net/signals/config/1685973801652415?v=2.9.179&r=stable&domain=winnipegsun.com&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Verdicts & Comments Add Verdict or Comment

261 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 function| setNptTechAdblockerCookie object| script function| getFemOverrideFromURLParams object| modern_script_elem object| ytAdTargetingLoadEvent function| script_onload string| locSrc object| ytVideoAdTargetingConfig object| flippxp object| _comscore object| BlockAdBlock object| blockAdBlock object| LRNameSpace object| LoginRadiusDefaults function| LoginRadiusUtility function| LoginRadiusApiFramework function| setLoginRadiusDefaultSchema function| setLoginRadiusModuleFunctions function| LoginRadiusHooksModel function| SetLoginRadiusCommonFunctions function| LoginRadiusControllers function| LoginRadiusV2 function| FormValidator object| hash function| handleLiveTapResponse function| handleMessageFromNative object| COMSCORE object| ns_p object| webpackJsonpFrontEndModules object| tp object| FrontEndModules object| googletag object| permutive object| apstag object| pbjs object| page function| __spreadArray function| CXBootstrapLoader function| identifyRootURL function| generateDebugLog object| webpackChunkdjango_content_services object| ggeac object| google_tag_data object| google_js_reporting_queue object| _aps boolean| apstagLOADED object| apscustom object| pbjsChunk object| _pbjsGlobals object| regeneratorRuntime object| mnet object| ms object| lotame_sync_16576 boolean| creativeVendorLibraryLoaded function| CXBootstrapper boolean| google_measure_js_timing object| google_rum_config object| google_reactive_ads_global_state object| __pubxFloors__ object| __pmacCpmHistory__ number| __loadTime__ number| __loadTimestamp__ object| __pubx__ object| __pubxGamQue__ function| lotameIsCompatible function| sync16576_aa function| sync16576_c function| sync16576_f object| sync16576_h function| sync16576_ca function| sync16576_j function| sync16576_da object| sync16576_ object| sync16576_ia object| sync16576_ja object| sync16576_s object| sync16576_B object| sync16576_wa function| sync16576_a function| sync16576_b function| sync16576_g function| sync16576_i function| sync16576_k function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_o function| sync16576_p function| sync16576_q function| sync16576_r function| sync16576_fa function| sync16576_ea function| sync16576_ga function| sync16576_ha function| sync16576_t function| sync16576_v function| sync16576_w function| sync16576_x function| sync16576_ka function| sync16576_la function| sync16576_y function| sync16576_ma function| sync16576_z function| sync16576_A function| sync16576_u function| sync16576_C function| sync16576_na function| sync16576_oa function| sync16576_pa function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_qa function| sync16576_G function| sync16576_H function| sync16576_I function| sync16576_K function| sync16576_M function| sync16576_L function| sync16576_N function| sync16576_O function| sync16576_J function| sync16576_ra function| sync16576_sa function| sync16576_ta function| sync16576_ua function| sync16576_va function| sync16576_P function| sync16576_Q function| sync16576_xa function| sync16576_R function| sync16576_ya function| sync16576_za function| sync16576_Aa function| sync16576_S function| sync16576_Ba function| sync16576_Ca function| sync16576_Da function| sync16576_Ea function| sync16576_T function| sync16576_Fa function| sync16576_U function| sync16576_V function| sync16576_W function| sync16576_X function| sync16576_Ga function| sync16576_Y function| sync16576_Z function| sync16576__ function| sync16576_0 function| sync16576_1 function| sync16576_2 function| sync16576_Ha function| sync16576_3 function| sync16576_Ja function| sync16576_Ia function| sync16576_4 function| sync16576_La function| sync16576_Ma function| sync16576_Ka function| sync16576_Na function| sync16576_Qa function| sync16576_Pa function| sync16576_Oa function| sync16576_Sa function| sync16576_Ua function| sync16576_Ra function| sync16576_6 function| sync16576_Ta function| sync16576_Xa function| sync16576_Wa function| sync16576_Va function| sync16576_7 function| sync16576_5 function| sync16576_8 function| sync16576_Ya function| sync16576_Za function| sync16576__a function| sync16576_0a function| sync16576_9 function| sync16576_1a function| sync16576_$ function| sync16576_2a function| sync16576_3a function| sync16576_4a object| PublisherCommonId object| __id5_finalization_registry object| ID5 object| confiant number| google_srt object| _google_rum_ns_ object| Sailthru object| Criteo object| google_image_requests object| __permutive boolean| __pubxLoaded__ object| social_lrobj number| google_unique_id object| __nextfloorsConfig__ object| __pubxFloorsConfig__ object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_144 object| Criteo_prebid_144 object| GoogleGcLKhOms function| html5passToken object| google_timing_params object| vf object| vfQ boolean| femCePnIdReadyTriggered object| dataLayer string| FCObject function| fc object| mParticle object| gtm_data_layer boolean| pnFullTPVersion number| pnInitPerformance object| pn string| __tpVersion object| SWG function| ___tp object| _vfP boolean| vfLoaded function| clearImmediate function| setImmediate object| viafoura object| google_tag_manager function| postscribe object| google_tag_manager_external object| cX object| PianoESPConfig function| onYouTubeIframeAPIReady object| Ribn object| mpOneTrustKit object| GoogleTagManagerKit function| OptanonWrapper object| dl_mparticle function| cxCCE_callQueueExecute object| cxTest object| webVitals object| ari object| TRUE_ANTHEM function| e function| t object| marfeel function| fbq function| _fbq object| PARSELY function| autotrack object| gaGlobal function| gtag function| cXJsonpCB1 object| webpackChunk_marfeel_marfeel_sdk object| __mrfCompass

40 Cookies

Domain/Path Name / Value
winnipegsun.com/ Name: flipp-uid
Value: f6a00f1d-750c-47d9-94bb-cf58decf5f9a
.winnipegsun.com/ Name: _scor_uid
Value: 4c9005d5af9d407bb82e1ba51ba2c997
.winnipegsun.com/ Name: pbjs_sharedId
Value: 1fd07e2a-8e19-4e56-bcb6-10467b8494f5
.winnipegsun.com/ Name: pbjs_sharedId_cst
Value: zix7LPQsHA%3D%3D
winnipegsun.com/ Name: __adblocker
Value: false
.p.flipp.com/ Name: gid
Value: "gStFOgABW/Ie6ZNgCzm65A=="
winnipegsun.com/ Name: political-ad-opt-out
Value: {"data":false,"exp":604800000,"ts":1734337606923,"mac":-1317635031}
winnipegsun.com/ Name: sailthru_pageviews
Value: 1
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.winnipegsun.com/ Name: permutive-id
Value: a7ffb3b1-d076-4032-b1c9-3c6f1cde9f6a
prebid.media.net/ Name: receive-cookie-deprecation
Value: 1
.id5-sync.com/ Name: id5
Value: afd8dec0-ad55-7f9e-975f-0e04e80ff7b8#1734337607786#1
.23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/ Name: pxid
Value: 94a7a68f-6204-42a5-bd9a-0d5f9dcf0a5f
.rubiconproject.com/ Name: khaos
Value: M4QRTYNH-1J-4LE2
.rubiconproject.com/ Name: audit
Value: 1|yQuirGeEF6B7+3qB3+4jA73dDCC+ZXywNKDLFkebH7quJMxbna1fvDoMHvsnyq8XwgljsaUT6sVE/84BBg91bSYbB5SW5XQ3bEZ4ejAm8TEijy0RC4Zd8SKPLRELhl3xGLmP30iNJH4=
winnipegsun.com/ Name: sailthru_content
Value: 6e4d5c00f579802281015d18acc31228
winnipegsun.com/ Name: sailthru_visitor
Value: 2c0512be-b7a6-4c5a-940a-1bec89c3d51c
.doubleclick.net/ Name: IDE
Value: AHWqTUlQctJhxhip3tTsdrTVaUikXr2Nkr27r5gqK2Jae0WH--0WycPagJw9knaax74
.criteo.com/ Name: uid
Value: ca708ff1-a6ff-48f9-b8bb-aa7b9e7c486e
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.winnipegsun.com/ Name: __eoi
Value: ID=87cb6d2477c93d43:T=1734337609:RT=1734337609:S=AA-AfjZPeFYupIaiFdfpraSFDCOe
.winnipegsun.com/ Name: cto_bundle
Value: pNIZRF9SYUtLRDhwRldkOWVZWmhkNjRsTDlGQ1NwV1BoYjg3VkJvaHBXa2xtSDkzMjYydXY4NElPYUU0TGNtOGtvNXVqJTJCTTYxaVhLOFpIYjVZWU1XYUtGJTJGUkVWSlQybE03cGM1ZHJnOSUyQlQ0NWJlRHBlY01VcEJCN0N5QjRuQmozY0FzN0pTU1JsOXBJejQ2S0hiMmVNTkxDNDJwYnJUTnZkMm9vQkd1SjhldGFCR1UlM0Q
winnipegsun.com/ Name: x-id
Value: {"data":{"id":"9s53unkba0mygrn8gs45igugz7kcr8ggp","updated":1734337610263,"adLightDisabled":true,"printSubscriber":false,"adLight":false},"exp":604800000,"ts":1734337610271,"mac":-1158686680}
fem.gprod.postmedia.digital/ Name: x-id
Value: {"data":{"id":"9s53unkba0mygrn8gs45igugz7kcr8ggp","updated":1734337610263,"adLightDisabled":true,"printSubscriber":false,"adLight":false},"exp":604800000,"ts":1734337610298,"mac":-1158684541}
.winnipegsun.com/ Name: _pctx
Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAEzIEYOAWDgTgDsvPgGYRADgECOQgKwAmEAF8gA
.winnipegsun.com/ Name: _pcid
Value: %7B%22browserId%22%3A%22m4qru0ylzbcg9cgm%22%7D
winnipegsun.com/ Name: __pnahc
Value: 0
.piano.io/ Name: __cf_bm
Value: 7IsXjoFwcCOsxnVKCbaO5vhuSh6p6m1lg_ydRZElanc-1734337610-1.0.1.1-QQPuyMvLbShCHJ352s_s0WeEi5dOKlrtsXWe2ayrFBiSkarYjWKUKUkFgZ1HI_tHADtal2ELSQmi8DXOgNU6Iw
.winnipegsun.com/ Name: __tbc
Value: %7Bkpex%7DnAB7oVsm1gvn_ZqDkiiM3Ek0QQhyRMEVQtVlCws7XqbLAljYNG1ZlmCUlm2OTCWM
.winnipegsun.com/ Name: __pat
Value: -18000000
.winnipegsun.com/ Name: __pvi
Value: eyJpZCI6InYtbTRxcnUwemlvaTF5YXo2YSIsImRvbWFpbiI6Ii53aW5uaXBlZ3N1bi5jb20iLCJ0aW1lIjoxNzM0MzM3NjExMDQxfQ%3D%3D
.winnipegsun.com/ Name: xbc
Value: %7Bkpex%7D6NwT-EC_xxljnSDr9pyBVgZnfsbKdxtRGsloy220opOekyjvrVK8IQZY_PoPVxl-cIT6wMvGGGyljfJOD7Z99w
.tinypass.com/ Name: LANG
Value: en_US
.winnipegsun.com/ Name: cX_P
Value: m4qru0ylzbcg9cgm
.winnipegsun.com/ Name: _gcl_au
Value: 1.1.838034372.1734337612
.tinypass.com/ Name: LANG_CHANGED
Value: en_US
.cxense.com/ Name: gckp
Value: cx:bjz9hkvx25ct2xh2ob9nfpldp:kgq66l8uhd84
.winnipegsun.com/ Name: _ga
Value: GA1.1.1291122515.1734337612
.winnipegsun.com/ Name: _ga_72QH41ZTMR
Value: GS1.1.1734337611.1.0.1734337611.60.0.0
.winnipegsun.com/ Name: mprtcl-v4_4662F03F
Value: {'gs':{'ie':1|'dt':'us1-99b65fde89a1a145894d2d51d283cc83'|'av':'1.0.0'|'cgid':'1eddbcd3-1bb3-4c69-4373-64fe421c4432'|'das':'c5366eca-3db7-4a34-656b-73a64e7527e0'|'csm':'WyI0NDc0Nzc5OTM2NTk5NjQ4NzgyIl0='|'sid':'E5234864-0700-420B-3082-6FEC41E9033D'|'les':1734337611227|'ssd':1734337611224}|'l':0|'4474779936599648782':{'fst':1734337612135}|'cu':'4474779936599648782'}

1 Console Messages

Source Level URL
Text
network error URL: https://idsync.rlcdn.com/712559.gif?partner_uid=f6a00f1d-750c-47d9-94bb-cf58decf5f9a
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co
3fe0c431e7d2ae92ddfa97246eb7dd53.safeframe.googlesyndication.com
aax.amazon-adsystem.com
acdn.adnxs.com
ads.pubmatic.com
ak.sail-horizon.com
api.permutive.com
api.sail-personalize.com
api.viafoura.co
assets.ribn.com
auth.lrcontent.com
b.trueanthem.com
bidder.criteo.com
btlr.sharethrough.com
buy.tinypass.com
c.amazon-adsystem.com
c2.piano.io
c2shb.pubgw.yahoo.com
cdn-gateflipp.flippback.com
cdn.confiant-integrations.net
cdn.cxense.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.parsely.com
cdn.pbxai.com
cdn.tinypass.com
cdn.viafoura.net
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
config.lrcontent.com
connect.facebook.net
contextual.media.net
csi.gstatic.com
d0.eu-3-id5-sync.com
d0.eu-4-id5-sync.com
d1.eu-3-id5-sync.com
d1.eu-4-id5-sync.com
d2.eu-3-id5-sync.com
d2.eu-4-id5-sync.com
d3.eu-3-id5-sync.com
d3.eu-4-id5-sync.com
d4.eu-3-id5-sync.com
d4.eu-4-id5-sync.com
d5.eu-3-id5-sync.com
d5.eu-4-id5-sync.com
d6.eu-3-id5-sync.com
d6.eu-4-id5-sync.com
d7.eu-3-id5-sync.com
d7.eu-4-id5-sync.com
dcs-static.gprod.postmedia.digital
edge-auth.microsoft.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
eus.rubiconproject.com
events.newsroom.bi
events.qortex.ai
experience.tinypass.com
fastlane.rubiconproject.com
fem.gprod.postmedia.digital
floor.pbxai.com
fonts.googleapis.com
fonts.gstatic.com
googlesync.permutive.com
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.cxense.com
id5-sync.com
identity.mparticle.com
idsync.rlcdn.com
js-sec.indexww.com
jssdkcdns.mparticle.com
jssdks.mparticle.com
lb.eu-1-id5-sync.com
lexicon.33across.com
micro.rubiconproject.com
p.flipp.com
pagead2.googlesyndication.com
postmedia-d.openx.net
postmedia.hub.loginradius.com
prebid.media.net
region1.analytics.google.com
rtb.openx.net
s.seedtag.com
sb.scorecardresearch.com
sdk.mrf.io
secure.cdn.fastclick.net
secure.gravatar.com
securepubads.g.doubleclick.net
smartcdn.gprod.postmedia.digital
static.criteo.net
static.trueanthem.com
stats.g.doubleclick.net
tags.crwdcntrl.net
tags.fullcontact.com
tags.qortex.ai
unpkg.com
ups.analytics.yahoo.com
winnipegsun.com
www.google.com
www.google.de
www.googletagmanager.com
www.npttech.com
api.permutive.com
b.trueanthem.com
cdn.parsely.com
cdn.viafoura.net
connect.facebook.net
ep1.adtrafficquality.google
hbopenbid.pubmatic.com
id.cxense.com
tags.fullcontact.com
winnipegsun.com
www.googletagmanager.com
104.102.34.86
104.16.143.111
104.18.176.126
104.18.223.248
104.18.24.18
104.18.27.193
108.138.3.93
13.107.6.158
13.32.27.97
13.35.57.137
13.35.58.38
135.125.140.162
135.125.145.78
135.125.146.80
135.125.146.82
141.95.33.120
142.250.181.227
142.250.185.136
142.250.185.226
142.250.186.164
142.250.186.34
142.250.186.67
142.250.74.194
151.101.129.108
157.240.252.13
162.19.138.120
162.19.56.86
172.217.18.98
172.64.144.166
172.67.155.215
172.67.159.162
172.67.72.135
18.158.6.234
18.244.18.122
18.66.147.39
2001:4860:4802:32::3
2001:4860:4802:32::36
23.215.23.172
23.43.60.191
2400:52e0:1e00::1081:1
2600:1f18:44f0:4850:e81e:5d55:f330:a6e2
2600:9000:2156:3a00:8:2ae1:d740:93a1
2602:803:c003:200::21
2606:4700:10::ac43:266a
2606:4700:20::681a:13e
2606:4700:20::ac43:49b1
2606:4700:4400::6812:2a4f
2606:4700:4400::ac40:98f3
2606:4700::6811:f8cb
2606:4700::6812:4eb
2a00:1288:80:807::1
2a00:1450:4001:809::200a
2a00:1450:4001:810::2001
2a00:1450:4001:811::2001
2a00:1450:4001:831::2008
2a00:1450:400c:c1f::9a
2a02:2638:3::3
2a02:2638:3::39
2a02:2638:3::c
2a02:26f0:7100:983::268b
2a02:26f0:7100:997::268b
2a04:4e42:400::645
2a04:4e42:600::645
2a04:4e42::485
2a04:4e42::645
2a04:fa87:fffe::c000:4902
3.78.93.150
34.107.254.252
34.117.147.204
34.117.54.29
34.120.63.153
34.149.157.221
34.149.50.64
35.227.252.103
35.241.9.51
35.244.159.8
35.244.174.68
35.244.193.51
37.252.171.85
51.195.115.36
51.195.126.30
51.195.127.100
51.195.127.115
51.195.34.222
51.195.34.255
51.195.73.74
51.195.73.82
52.19.246.65
54.246.81.101
65.9.66.104
65.9.66.90
75.2.40.13
88.221.125.233
95.101.148.20
034d4607e9ac8dfc957062617960801b2b50a49facfe5db938618333c9e9821c
04c7f536471e1a16bb37c13fb4959de30d7e897ba4f6d66335b3c25d26289616
04d85fdaa240e9c6964c1b3afe75b8802720a8d9a98e6c35f346f599b1113af4
04de103e0254b5ac670faee52a061486bfbcf2f97946776f6917ce261b18f7c3
05e89bb53a6d6c4d0d2a2f0fe8f40f3ee2cf515b5c67b4e3a9ff902934e14648
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06f7475a6484661441948ea34c709996a4b623d173d4b88567e05ae146fb7f0b
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
1413cc79bcd47b4af0fe4fe72237f906e31ca8d335314ff0ddb1ffca3c1b7afe
15b54a90686829d59ef0c2bc6a9e2e82b6a11536be56acf2b4ff414b081c891d
168cde2bf1eff6c6fb697b0c474a052e62fa509086b52aec4e3c9fb7fb2bd331
16c6db2264fc4692b56c6684fc47601ab5f09dd4110f3f8e1497fb223e1e1240
1c98a84adf8057582eb14cb1492c47817902052f8bc287b133173f334cf60399
1e97e8f4f823e5834cc1a26bc74e86046dd36b1a825ca8f3cc1ec72213f2350f
1fb82c9bb456f6d5336430ebb3d5b1e596ceb303ee99690f0c9187aa13a0cd43
225d824297f9136dc522d211061ccba4e5a14b0f38741d0a776e3d070a7ba276
22e126d65f16aabac31dc85a45e988ffe283608308577b30765b0d9d1278952f
240355f4e85792fb5c1e46a942e6d797a078d39f8717dfbab666e4e80cb4dd8d
24930a966af2518c00990759d25fa7c8e4fc9d7e5545975b35126a189f9424fc
25ac26aadc09be84db851e081d10ceae576ff1f7959aae3b722dd0a77ef3af63
2614f69f1941ba6c764aa1ef37758143d584c6d999627588671be7fb86b2c6ad
2a647bbfb5c6723ca10f9833ae08d3381b0061f982959571e56a55d7768cb7a5
2c624232cdd221771294dfbb310aca000a0df6ac8b66b696d90ef06fdefb64a3
2ccc5bce4ed4dc706b916db3f824ccd9e15291a974b2ae99170e4c7084469eca
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
33cc6e61cbb1addafa75cc8ed40216823ee7e50631bb8d2b71eda77ca81a77f3
36260e9cb231e00f7334eacc8a181329ba4c622cb50312342edb9e8512812cf7
3873e5114afbc6d6098ec9b76fbc7ca5960eb6947284a71ba27ea5101a4d4e61
38a11452e6756d1a40a0eea0c36687c531fe06c4bc7aa226164af19a64913114
3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a
3e70c4ca9d435e42a0401220dffc2ee0ab7f0ae5a4a019e83ec0b394445c9101
3e9efb85ab321f1ba103f865b477202ebe5875930fdefbd2df34c8314c91ed4a
3f39d5c348e5b79d06e842c114e6cc571583bbf44e4b0ebfda1a01ec05745d43
3fda18890bfb730d2aa2ea2286a96738e2115c49984ac2b37ba24affa16dde5f
43430345ff39208aded96d7d9afeb2f6563e70af6d912226d5ec467158cb3d29
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
459145908fcd4374a85bed15907b1f471c25107c604eca7f946ce5d3c7aa8aef
469c3c3ebe581ecb1a3c893d20b642bbc014912693d13cc2bfd54de246e12c1d
497f053df078e16fc3614f2d1f04630846b2c7a9efe4ef5ce273baddc814415b
4b227777d4dd1fc61c6f884f48641d02b4d121d3fd328cb08b5531fcacdabf8a
51e1536475859c28a616c56f420bdd7ed68f10c5903c26136e1734d5aca9c7fb
53074eb539662d6dd23262b633cb65fbaaacfe73306052110039e1ff3f6b5b57
5a8b83e579d3752ef279c107ea7cdf854538ed54fbeab238d8fa504096b87d8d
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1
5b740b764c32da039868fb07780caa7d55401fb92c17adfff3e07e31f74e9464
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
63c9ad44e1d61d106c6663164d76bc49269c5b989df3b22128de89d1d32bc3f1
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
6930d38f6f7ead76abe7bc384185f12e8a3c12f0975fd14e7d80257396d5fcc0
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b23c0d5f35d1b11f9b683f0b0a617355deb11277d91ae091d399c655b87940d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b87183b2e26d8ce2a9b0e9fd934c7b034277b46fcb89d9a47aad11f91e3dbc1
6be124880445738af07e274e6bd8d8e436bb0d133a580d22c94d5e336f32d13d
6e1442a4ed58986cc47bc718ab9b6b434c367cf0e8f900309318b0bb78412076
7355909b93826a1a3d800d808f635650c7f7a364c6125e922152eca64d747cf3
73f5cb8f7a137847e41aeb849588174535651b6e140d8b13575f46fff0c496a2
7902699be42c8a8e46fbbb4501726517e86b22c56a189f7625a6da49081b2451
79df73fd1377483384f7b7565e98c4a430889f0388db05634271f9f302faeac7
7ba1f0aab4de1260aa8203c7ef5af671e41b8941f7e5158fff765b5bfa1728f7
7d3c52ed2a927dbf5be62429842d32160a3cc951bfa7d259f4c9c5ba5b467668
7d4673717bf833cb9c6e621fce14cf7bde7318e8ee88256a3c184d6118f9eb01
7dcd5e02ed952e12295eba3f40e69a57ea650d275ef3ca94b1e151c5714c1ab9
7dfb6e81dde0d6731c88c239c923978c88f599036551e361ba1f8976f7ca3862
7e5b74882c94c0a66c1272554bbe302fed4802398ab0687989e23c852f7ee16f
834855b0c8387a3ba457811b0e664777e79fa712722c962f12efb129b60c47b4
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
87a3b03ac7eeb0d3a15535c4430219e50dedb287de7d746e93d97b561649a1d2
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
89bd39b2a848d8ef9910066b7c39e9742cc47bd2cf700c273e026c3f60d213d2
89d35ac745843e299e5a72d38e2583b8859c33c6ece6d33cd6a8be6c23a32845
89eee127c0767cb52b9c4b3213a1e4afc0fa296aa045008d3252cfd4052c1306
94987ef7424268c64a4161eb6d39a3f7e2c21144b213ba51e95681651f9f85ba
9554b211b59cb46d8a4f37906b897d96928c4d591bbad5e7b37928a81155a964
9a426226261fd2e19408e89e1f85cfffaaf46480e824a667488b3a79f84bf44e
9ade68aab9ee152e49cc7ae1aa2950aa09c25d5c0c43c1f91fa797d7d3e8d53a
9e712a9100f1b3ed17e6e229d06dd6fbe2ffb94b1e4b5cf4e6ac47efe9851d07
9ecefd4787ce6dc9b10a91779b92a5e468220a9f4176ff08c48babf7a15b0ab8
a345a18e5d3f6c07451cb14dd480bfad123f03663912b581265d617d4725fe9a
a4401aae4b15569fbacfc877c1004bbd8ac7c168343e1a82c60b58af392d8b37
a57a163dac84cdd8c36e15669c6bfb06b238896dddcc7331908dbb1947dcb7d8
a5a6516ab26a25b1d7cbdb352bf3e79aa7816bee9a4fa98ab0fbd5ec2825202b
aca701811d62eb608d12b174231be1ceae3449fe0f4bc847469ff22aab8ca9a5
af22a25904001bfb76c53efb628e25c580da4506b7188f45084d4e90d5495765
af458a3896c6b4019d7ddb9f6e999cf9d5bffc777389945f4615116d1d5d3702
b0118c2db7330f9772d04a324f2321dd0abc54f100471a4fa89780baef6c6f59
b055b9d39c6b1142af7c5df0f92d9fa12df9b064d46af2f3c48cb51395b9c92e
b0dcf5adcbe60d3aaf19a7ae91d019e6803c5b8e852699a91082487458368080
b2af5028df2e1240e9cbb3f1637008bdab2b42f49214866f736acee350ed20e3
b510ee91066f77f938f78422378a73f44818d0ee661c0ccb5ad398cc7dd6b080
b52af4f6849257bb609f2078d51dc45ad49c0f9b5ff217cf6f9c1c8afcb9a8df
b5893f3d6dd6f6d02368ae843846c96a117964be20f37f89ebbadf46b6792bbd
b5f528cc0db682001457da87158b80a948cf4d2134743ee6cdf823fa8401ca75
b69ad8b1266df233a00c8ceb99f3271488f4d383741a21981b8ce50e32e3be07
b7ed30d665e26669f25bd17712f44cfd377ff37829e89593a40f28286f030578
bbc2cfe0cf275370ac684b551760a829af72e07c2575145dcc9673f4c2d5d794
bbdaabb630e360c9f424b9a5479c3936e69008e3d162b55ae341cf12b449b6f4
bc9a2e7ebc802c54bae45191afd2da677c4b00d5b87ca635cfb267f322c2f2d9
be2951bc33ee970af625fd99d3b07e9fcbe2caf63d38c20bd8378bb5bfcfd008
bedafe4415f6abb6dfa8c6c63335c65422bb883ada266557b90421e63fbb8d0b
bf0c89a6d466325e7481eca13bbecf43daa80644400723d47e43457bc14985f2
c1544db2a2f5cdfa75336a02ad5a64b5f56ea06643afdbbebba79d01847b3eca
c5fdea6bcb7b7dc4aabe9e409df609b922dde30401ccf5c25f0f384f7e8c43b5
c7fb2e2146d627253f1e04641a3d88df3e98be65357fb6ebffee320c242ae213
c81cab8c63d469329c0e0724770c6c8622f0d5d1fb8b6f919b6d7dddfadba190
c933501263a2ab39dae9d5f9a321c9c1fc2bb50b97bf179ccbf768fd67760ed3
cb27a336683cba22685365c62785a69d3efc6a9fcb648419743943d52f267006
cf93db5f15fb6b90864ea934827bca87f92e75ad6a3aab83881b1f6777ee8929
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d22c2b457592d1f744afe93fdca6657e1985e47f0fade89674ae45ebce1d6428
d273d624b5d80af7ebc04239570da886c63da6ab124e52c9ff59cc42af9cc651
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d2be28a4b7d9a9ec5ae8ea70d1f0af2e72a083f2adcca45445e8703d29919f4b
d4735e3a265e16eee03f59718b9b5d03019c07d8b6c51f90da3a666eec13ab35
d4ef66da786aac7a6ae7d165b5a6d9f7456ec786ddc04100449d53ab5cf796db
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
deff765ba1fe89e0c571103166fa5d81af46c051b96b0cad7476d1071c28ac49
df7e70e5021544f4834bbee64a9e3789febc4be81470df629cad6ddb03320a5c
e1bd6ad2c28e99b5a6749053a2c31a1e1b5db76b401345eedc3eb723de0f6494
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3cd891a5c350fe9f6564ab148be19b80e9165128352ef29c8f2e68b25c34819
e4a149fa31aba2b0b15d24d1eb1403cc76cee5338af364ab1956f11b97f38a17
e5bab9427ec1d36c811e3ca40b2a1014b330dea0fc48b787041c572e1fdc4f28
e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683
e8348f85019c4116a8898d2ddadd8413d47b43983e15efe33544759ae707e58e
e9c754564fd8f989d1b1ddd98947aea39ed929b469459e4d5c55559612a7c5e0
ea6b93c529508cc8f9167a5d19eb446f2ce617efb53cb2682d1685dd07bb8be1
ec18f6490f532139b2dca673ba0f8e9436279088b816b165ef3769c4eca51796
ed13a91625b1d605490239eadb39dbedaaf56c273de30e3298be6e6e98a768d9
ee7c52f0029a6dc2e912c877609e2cbd0b4412b900316c24b65fbc4a453e9bcb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2d127de37b942baad06145e54b0c619a1f22327b2ebbcfbec78f5564afe39d
efc22a4037d8a6a9ac365825a869a4c68374ab697e36d3f9728969a712fbf058
f619cf57dca7918f00dc75994dd6895895b7b5b03487754ac3beaf6b929bdd10
f67ab10ad4e4c53121b6a5fe4da9c10ddee905b978d3788d2723d7bfacbe28a9
f791a923f7e9c7fd362dd9ee4e755e2ab41a48f596d90537f80fbed47860b814
f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9
f9e10418c6b3506080189f8fe72b48c6b9d0d9e116c2fb89b71e9adc3968a8eb
fb0991d4e66eae446ee6d6f76bf77e42139f6d58e00bd84687b0d323c8425430
fde0d811ebb22e6995222bf0c7df657b3c352b4a805f6dc3c1823d94fd1197ef
fdeaf00018129fff56ddcb03d2c1c43a1893cdc5d12bdbae125a0bf71dfd6761
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
ffebf3ed679cceb07d6da55bd428f84b39ba1f881cb2b00fd60badd310a58105