urlscan.io logo urlscan.io
SecurityTrails logo

cheet-2642-ontariofarmer.gdev.postmedia.digital Open in urlscan Pro
34.95.11.30  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Effective URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Submission: On February 10 via api from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 75 IPs in 5 countries across 68 domains to perform 277 HTTP transactions. The main IP is 34.95.11.30, located in Montreal, Canada and belongs to GOOGLE-PRIVATE-CLOUD, US. The main domain is cheet-2642-ontariofarmer.gdev.postmedia.digital.
TLS certificate: Issued by R3 on February 9th 2022. Valid for: 3 months.
This is the only time cheet-2642-ontariofarmer.gdev.postmedia.digital was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 26 34.95.11.30 396982 (GOOGLE-PR...)
5 142.250.80.2 15169 (GOOGLE)
4 54.192.160.42 16509 (AMAZON-02)
2 17 104.16.190.66 13335 (CLOUDFLAR...)
1 13.225.214.27 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 13.225.63.113 16509 (AMAZON-02)
3 52.95.147.107 16509 (AMAZON-02)
5 2607:f8b0:400... 15169 (GOOGLE)
4 34.149.157.221 15169 (GOOGLE)
3 13.225.63.43 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
2 6 13.226.31.3 16509 (AMAZON-02)
1 2a04:4e42:600... 54113 (FASTLY)
9 151.101.66.133 54113 (FASTLY)
1 3.227.87.232 14618 (AMAZON-AES)
2 142.250.65.162 15169 (GOOGLE)
1 2600:141b:13:... 20940 (AKAMAI-ASN1)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 146.75.28.157 54113 (FASTLY)
4 2a04:4e42:200... 54113 (FASTLY)
4 4 2620:1ec:21::14 8068 (MICROSOFT...)
1 1 108.174.10.14 14413 (LINKEDIN)
1 3 104.18.98.194 13335 (CLOUDFLAR...)
1 104.244.42.195 13414 (TWITTER)
1 104.244.42.133 13414 (TWITTER)
2 99.83.154.140 16509 (AMAZON-02)
3 3 3.218.90.66 14618 (AMAZON-AES)
5 10 34.199.160.85 14618 (AMAZON-AES)
3 3 35.211.178.172 15169 (GOOGLE)
2 2 23.111.200.118 7979 (SERVERS-COM)
2 2 44.193.191.16 14618 (AMAZON-AES)
2 2 35.169.147.222 14618 (AMAZON-AES)
2 2a03:2880:f11... 32934 (FACEBOOK)
5 5 35.173.74.115 14618 (AMAZON-AES)
12 23 142.250.72.98 15169 (GOOGLE)
12 44.194.147.181 14618 (AMAZON-AES)
2 4 35.190.60.146 15169 (GOOGLE)
1 1 173.223.56.123 16625 (AKAMAI-AS)
5 5 151.101.130.49 54113 (FASTLY)
2 2 3.233.68.37 14618 (AMAZON-AES)
4 4 216.200.232.253 30419 (MEDIAMATH...)
2 6 34.235.23.231 14618 (AMAZON-AES)
1 13.225.214.50 16509 (AMAZON-02)
3 5 23.52.162.21 16625 (AKAMAI-AS)
4 4 52.223.22.214 16509 (AMAZON-02)
1 12 209.54.180.144 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
2 104.16.68.69 13335 (CLOUDFLAR...)
1 2 100.20.199.76 16509 (AMAZON-02)
8 8 52.223.40.198 16509 (AMAZON-02)
2 2 18.233.240.143 14618 (AMAZON-AES)
2 3 34.197.192.192 14618 (AMAZON-AES)
2 23.52.161.180 16625 (AKAMAI-AS)
2 104.107.5.93 16625 (AKAMAI-AS)
1 5 34.98.64.218 15169 (GOOGLE)
5 6 68.67.161.212 29990 (ASN-APPNEX)
2 3 63.251.86.51 10913 (INTERNAP-BLK)
1 5 2607:f8b0:400... 15169 (GOOGLE)
5 10 8.43.72.98 26667 (RUBICONPR...)
2 2 216.152.140.200 13768 (COGECO-PEER1)
1 104.36.115.113 62713 (AS-PUBMATIC)
1 6 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2600:1f18:4e9... 14618 (AMAZON-AES)
3 63.251.86.50 10913 (INTERNAP-BLK)
3 4 23.64.107.8 16625 (AKAMAI-AS)
1 1 68.67.179.154 29990 (ASN-APPNEX)
2 2 75.126.248.142 36351 (SOFTLAYER)
1 2 185.167.164.42 198622 (ADFORM)
3 8.28.7.83 62713 (AS-PUBMATIC)
1 1 107.178.254.65 15169 (GOOGLE)
2 8.28.7.84 62713 (AS-PUBMATIC)
3 104.36.115.109 62713 (AS-PUBMATIC)
1 1 2620:112:f002... 6336 (TURN-US-ASN)
1 2001:4998:14:... 14777 (YAHOO)
11 2607:f8b0:400... 15169 (GOOGLE)
1 2600:9000:21d... 16509 (AMAZON-02)
11 2607:f8b0:400... 15169 (GOOGLE)
12 2607:f8b0:400... 15169 (GOOGLE)
10 2607:f8b0:400... 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
14 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 142.250.80.34 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2620:116:800b... 14618 (AMAZON-AES)
2 2 50.31.142.95 23352 (SERVERCEN...)
1 1 2600:9000:21e... 16509 (AMAZON-02)
1 2a04:4e42:400... 54113 (FASTLY)
277 75
26    34.95.11.30 (Montreal, Canada)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: 30.11.95.34.bc.googleusercontent.com
cheet-2642-ontariofarmer.gdev.postmedia.digital
5    142.250.80.2 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s33-in-f2.1e100.net
securepubads.g.doubleclick.net
4    54.192.160.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-160-42.ewr53.r.cloudfront.net
c.amazon-adsystem.com
17    104.16.190.66 (None, )

ASN13335 (CLOUDFLARENET, US)
hb.districtm.io
cdn.districtm.io
dmx.districtm.io
1    13.225.214.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-27.ewr50.r.cloudfront.net
cdn.adsafeprotected.com
2    2607:f8b0:4006:81f::200a (Queens, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:3037::6815:3c3f (United States)

ASN13335 (CLOUDFLARENET, US)
www.npttech.com
1    2606:4700:10::6816:49e8 (United States)

ASN13335 (CLOUDFLARENET, US)
auth.lrcontent.com
1    13.225.63.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-113.ewr53.r.cloudfront.net
ak.sail-horizon.com
3    52.95.147.107 (Montreal, Canada)

ASN16509 (AMAZON-02, US)
PTR: s3-w.ca-central-1.amazonaws.com
pmd-dev-frontend-modules.s3.amazonaws.com
5    2607:f8b0:4006:820::2003 (Queens, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    34.149.157.221 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 221.157.149.34.bc.googleusercontent.com
smartcdn.gprod.postmedia.digital
3    13.225.63.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-43.ewr53.r.cloudfront.net
smartcdn.prod.postmedia.digital
3    2607:f8b0:4006:824::2008 (Queens, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    13.226.31.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-31-3.ewr53.r.cloudfront.net
sb.scorecardresearch.com
1    2a04:4e42:600::645 (United States)

ASN54113 (FASTLY, US)
jssdkcdns.mparticle.com
9    151.101.66.133 (United States)

ASN54113 (FASTLY, US)
cdn.krxd.net
consumer.krxd.net
1    3.227.87.232 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-227-87-232.compute-1.amazonaws.com
pixel.adsafeprotected.com
2    142.250.65.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f2.1e100.net
www.googleadservices.com
1    2600:141b:13::17d7:82d1 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
2    2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    146.75.28.157 (Ashburn, United States)

ASN54113 (FASTLY, US)
static.ads-twitter.com
4    2a04:4e42:200::645 (United States)

ASN54113 (FASTLY, US)
identity.mparticle.com
4    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com
px4.ads.linkedin.com
3    104.18.98.194 (None, )

ASN13335 (CLOUDFLARENET, US)
p.adsymptotic.com
1    104.244.42.195 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    104.244.42.133 (United States)

ASN13414 (TWITTER, US)
t.co
2    99.83.154.140 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa7557bb34ea5624b.awsglobalaccelerator.com
api.sail-personalize.com
3    3.218.90.66 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-90-66.compute-1.amazonaws.com
ups.analytics.yahoo.com
10    34.199.160.85 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-160-85.compute-1.amazonaws.com
match.sharethrough.com
3    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
2    23.111.200.118 (Russian Federation)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
2    44.193.191.16 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-193-191-16.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    35.169.147.222 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-147-222.compute-1.amazonaws.com
pixel.advertising.com
2    2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
5    35.173.74.115 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-74-115.compute-1.amazonaws.com
usermatch.krxd.net
23    142.250.72.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f2.1e100.net
cm.g.doubleclick.net
12    44.194.147.181 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-147-181.compute-1.amazonaws.com
beacon.krxd.net
4    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
id.rlcdn.com
1    173.223.56.123 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a173-223-56-123.deploy.static.akamaitechnologies.com
stags.bluekai.com
5    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    3.233.68.37 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-68-37.compute-1.amazonaws.com
match.prod.bidr.io
4    216.200.232.253 (United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
6    34.235.23.231 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-23-231.compute-1.amazonaws.com
ml314.com
1    13.225.214.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-50.ewr50.r.cloudfront.net
aa.agkn.com
5    23.52.162.21 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-162-21.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
4    52.223.22.214 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
12    209.54.180.144 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    2607:f8b0:4006:808::2002 (Queens, United States)

ASN15169 (GOOGLE, US)
adservice.google.ca
1    2607:f8b0:4006:80c::2002 (Queens, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2607:f8b0:4006:80c::2001 (Queens, United States)

ASN15169 (GOOGLE, US)
c0ace983ffea1bea0427354da745db13.safeframe.googlesyndication.com
2    104.16.68.69 (None, )

ASN13335 (CLOUDFLARENET, US)
dmx.districtm.io
2    100.20.199.76 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-100-20-199-76.us-west-2.compute.amazonaws.com
dpm.demdex.net
8    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    18.233.240.143 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-240-143.compute-1.amazonaws.com
sync.crwdcntrl.net
3    34.197.192.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-192-192.compute-1.amazonaws.com
ps.eyeota.net
2    23.52.161.180 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-161-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    104.107.5.93 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-107-5-93.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
5    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
us-u.openx.net
6    68.67.161.212 (Brooklyn, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 801.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
3    63.251.86.51 (United States)

ASN10913 (INTERNAP-BLK, US)
ap.lijit.com
5    2607:f8b0:4006:81f::2002 (Queens, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
10    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
token.rubiconproject.com
pixel.rubiconproject.com
2    216.152.140.200 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    104.36.115.113 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
6    2607:f8b0:4006:822::2004 (Queens, United States)

ASN15169 (GOOGLE, US)
www.google.com
2    2607:f8b0:4006:80f::2003 (Queens, United States)

ASN15169 (GOOGLE, US)
www.google.ca
1    2600:1f18:4e9:5a07:e7d9:5422:56cf:eb6f (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
3    63.251.86.50 (United States)

ASN10913 (INTERNAP-BLK, US)
ce.lijit.com
4    23.64.107.8 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-64-107-8.deploy.static.akamaitechnologies.com
px.owneriq.net
1    68.67.179.154 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 574.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
2    75.126.248.142 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 8e.f8.7e4b.ip4.static.sl-reverse.com
um.simpli.fi
2    185.167.164.42 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
3    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
2    8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
3    104.36.115.109 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
1    2001:4998:14:800::1001 (United States)

ASN14777 (YAHOO, US)
ads.yahoo.com
11    2607:f8b0:4006:822::2002 (Queens, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2600:9000:21dd:8200:7:75d4:e40:93a1 (United States)

ASN16509 (AMAZON-02, US)
assets.ribn.com
11    2607:f8b0:4006:824::2016 (Queens, United States)

ASN15169 (GOOGLE, US)
i.ytimg.com
12    2607:f8b0:4006:81d::200e (Queens, United States)

ASN15169 (GOOGLE, US)
www.youtube.com
10    2607:f8b0:4006:80d::2001 (Queens, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    2607:f8b0:4006:80a::2001 (Queens, United States)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    2607:f8b0:4006:80d::2002 (Queens, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
14    2607:f8b0:4006:807::2006 (Queens, United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    2607:f8b0:4006:80c::2006 (Queens, United States)

ASN15169 (GOOGLE, US)
static.doubleclick.net
1    2607:f8b0:4006:807::2001 (Queens, United States)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
2    142.250.80.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f2.1e100.net
googleads4.g.doubleclick.net
2    2607:f8b0:4006:80c::2003 (Queens, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2620:116:800b:21:1d2b:ecd5:fcc0:2c58 (United States)

ASN14618 (AMAZON-AES, US)
cms.quantserve.com
2    50.31.142.95 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
1    2600:9000:21ea:3800:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    2a04:4e42:400::645 (United States)

ASN54113 (FASTLY, US)
jssdks.mparticle.com
Apex Domain
Subdomains		 Transfer
36 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159
cm.g.doubleclick.net — Cisco Umbrella Rank: 175
googleads.g.doubleclick.net — Cisco Umbrella Rank: 37
static.doubleclick.net — Cisco Umbrella Rank: 309
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276
239 KB
33 postmedia.digital
cheet-2642-ontariofarmer.gdev.postmedia.digital
smartcdn.gprod.postmedia.digital — Cisco Umbrella Rank: 68899
smartcdn.prod.postmedia.digital — Cisco Umbrella Rank: 178808
488 KB
26 krxd.net
cdn.krxd.net — Cisco Umbrella Rank: 1228
consumer.krxd.net — Cisco Umbrella Rank: 1569
usermatch.krxd.net — Cisco Umbrella Rank: 981
beacon.krxd.net — Cisco Umbrella Rank: 371
186 KB
23 googlesyndication.com
c0ace983ffea1bea0427354da745db13.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 92
tpc.googlesyndication.com — Cisco Umbrella Rank: 120
158 KB
19 districtm.io
hb.districtm.io — Cisco Umbrella Rank: 70016
cdn.districtm.io — Cisco Umbrella Rank: 1644
dmx.districtm.io — Cisco Umbrella Rank: 1164
20 KB
16 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 263
s.amazon-adsystem.com — Cisco Umbrella Rank: 266
50 KB
14 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 246
120 KB
12 youtube.com
www.youtube.com — Cisco Umbrella Rank: 87
801 KB
12 rubiconproject.com
eus.rubiconproject.com — Cisco Umbrella Rank: 512
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 935
token.rubiconproject.com — Cisco Umbrella Rank: 593
pixel.rubiconproject.com — Cisco Umbrella Rank: 288
17 KB
11 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 103
123 KB
11 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 429
image6.pubmatic.com — Cisco Umbrella Rank: 582
simage2.pubmatic.com — Cisco Umbrella Rank: 552
image4.pubmatic.com — Cisco Umbrella Rank: 738
image2.pubmatic.com — Cisco Umbrella Rank: 752
simage4.pubmatic.com — Cisco Umbrella Rank: 1024
26 KB
10 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 561
2 KB
8 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 295
5 KB
7 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 210
secure.adnxs.com — Cisco Umbrella Rank: 350
6 KB
7 google.com
adservice.google.com — Cisco Umbrella Rank: 59
www.google.com — Cisco Umbrella Rank: 2
16 KB
7 gstatic.com
fonts.gstatic.com
www.gstatic.com
107 KB
6 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 598
ce.lijit.com — Cisco Umbrella Rank: 696
5 KB
6 ml314.com
ml314.com — Cisco Umbrella Rank: 1357
15 KB
6 mparticle.com
jssdkcdns.mparticle.com — Cisco Umbrella Rank: 5051
identity.mparticle.com — Cisco Umbrella Rank: 2515
jssdks.mparticle.com — Cisco Umbrella Rank: 4790
48 KB
6 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 129
3 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 346
111 KB
5 openx.net
u.openx.net — Cisco Umbrella Rank: 636
us-u.openx.net — Cisco Umbrella Rank: 322
1 KB
5 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 463
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 488
4 KB
5 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 491
1 KB
5 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 269
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 419
ads.yahoo.com — Cisco Umbrella Rank: 835
2 KB
5 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 439
www.linkedin.com — Cisco Umbrella Rank: 602
px4.ads.linkedin.com — Cisco Umbrella Rank: 5087
4 KB
4 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 789
2 KB
4 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 356
2 KB
4 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 387
2 KB
4 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 283
id.rlcdn.com — Cisco Umbrella Rank: 548
679 B
3 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 845
2 KB
3 google.ca
adservice.google.ca — Cisco Umbrella Rank: 12901
www.google.ca — Cisco Umbrella Rank: 8810
1 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 265
2 KB
3 adsymptotic.com
p.adsymptotic.com — Cisco Umbrella Rank: 497
638 B
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50
182 KB
3 amazonaws.com
pmd-dev-frontend-modules.s3.amazonaws.com
297 KB
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 523
1 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 529
950 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 691
1 KB
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 542
911 B
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 662
583 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 187
2 KB
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 444
1 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 97
425 B
2 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 307
677 B
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 768
794 B
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1448
1 KB
2 sail-personalize.com
api.sail-personalize.com — Cisco Umbrella Rank: 2482
475 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 126
115 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 99
16 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
2 KB
2 adsafeprotected.com
cdn.adsafeprotected.com — Cisco Umbrella Rank: 3336
pixel.adsafeprotected.com — Cisco Umbrella Rank: 519
25 KB
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 659
438 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 927
463 B
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 213
2 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 146
38 KB
1 ribn.com
assets.ribn.com — Cisco Umbrella Rank: 44469
4 KB
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 653
518 B
1 pippio.com
pippio.com — Cisco Umbrella Rank: 692
554 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 388
659 B
1 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 447
716 B
1 t.co
t.co — Cisco Umbrella Rank: 456
336 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 468
458 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 539
6 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 830
2 KB
1 sail-horizon.com
ak.sail-horizon.com — Cisco Umbrella Rank: 2571
43 KB
1 lrcontent.com
auth.lrcontent.com — Cisco Umbrella Rank: 37875
47 KB
1 npttech.com
www.npttech.com — Cisco Umbrella Rank: 4023
3 KB
277 68
Domain Requested by
26 cheet-2642-ontariofarmer.gdev.postmedia.digital 1 redirects cheet-2642-ontariofarmer.gdev.postmedia.digital
23 cm.g.doubleclick.net 12 redirects u.openx.net
ap.lijit.com
s.amazon-adsystem.com
googleads.g.doubleclick.net
c0ace983ffea1bea0427354da745db13.safeframe.googlesyndication.com
14 s0.2mdn.net cheet-2642-ontariofarmer.gdev.postmedia.digital
s0.2mdn.net
c0ace983ffea1bea0427354da745db13.safeframe.googlesyndication.com
13 dmx.districtm.io 1 redirects hb.districtm.io
cdn.districtm.io
cheet-2642-ontariofarmer.gdev.postmedia.digital
12 www.youtube.com cheet-2642-ontariofarmer.gdev.postmedia.digital
www.youtube.com
12 s.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
match.sharethrough.com
u.openx.net
ap.lijit.com
cdn.districtm.io
ads.pubmatic.com
eus.rubiconproject.com
12 beacon.krxd.net cheet-2642-ontariofarmer.gdev.postmedia.digital
cdn.krxd.net
11 i.ytimg.com www.youtube.com
11 pagead2.googlesyndication.com securepubads.g.doubleclick.net
c0ace983ffea1bea0427354da745db13.safeframe.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
10 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
cheet-2642-ontariofarmer.gdev.postmedia.digital
c0ace983ffea1bea0427354da745db13.safeframe.googlesyndication.com
10 match.sharethrough.com 5 redirects s.amazon-adsystem.com
match.sharethrough.com
8 match.adsrvr.org 8 redirects
6 www.google.com 1 redirects cheet-2642-ontariofarmer.gdev.postmedia.digital
tpc.googlesyndication.com
c0ace983ffea1bea0427354da745db13.safeframe.googlesyndication.com
www.youtube.com
6 ib.adnxs.com 5 redirects googleads.g.doubleclick.net
6 ml314.com 2 redirects cheet-2642-ontariofarmer.gdev.postmedia.digital
ml314.com
6 cdn.krxd.net pmd-dev-frontend-modules.s3.amazonaws.com
cdn.krxd.net
6 sb.scorecardresearch.com 2 redirects pmd-dev-frontend-modules.s3.amazonaws.com
cheet-2642-ontariofarmer.gdev.postmedia.digital
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 googleads.g.doubleclick.net 1 redirects www.googleadservices.com
c0ace983ffea1bea0427354da745db13.safeframe.googlesyndication.com
cheet-2642-ontariofarmer.gdev.postmedia.digital
www.youtube.com
5 sync-tm.everesttech.net 5 redirects
5 usermatch.krxd.net 5 redirects
5 cdn.districtm.io 1 redirects hb.districtm.io
cdn.districtm.io
s.amazon-adsystem.com
5 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
5 securepubads.g.doubleclick.net cheet-2642-ontariofarmer.gdev.postmedia.digital
securepubads.g.doubleclick.net
4 pixel.rubiconproject.com s.amazon-adsystem.com
4 token.rubiconproject.com 3 redirects eus.rubiconproject.com
4 px.owneriq.net 3 redirects ap.lijit.com
4 eb2.3lift.com 4 redirects
4 sync.mathtag.com 4 redirects
4 identity.mparticle.com jssdkcdns.mparticle.com
4 smartcdn.gprod.postmedia.digital cheet-2642-ontariofarmer.gdev.postmedia.digital
4 c.amazon-adsystem.com cheet-2642-ontariofarmer.gdev.postmedia.digital
c.amazon-adsystem.com
3 dsum-sec.casalemedia.com 1 redirects googleads.g.doubleclick.net
3 image2.pubmatic.com ads.pubmatic.com
3 simage2.pubmatic.com ads.pubmatic.com
3 ce.lijit.com ap.lijit.com
3 us-u.openx.net u.openx.net
3 ap.lijit.com 2 redirects s.amazon-adsystem.com
3 ps.eyeota.net 2 redirects cheet-2642-ontariofarmer.gdev.postmedia.digital
3 idsync.rlcdn.com 2 redirects cheet-2642-ontariofarmer.gdev.postmedia.digital
3 consumer.krxd.net cdn.krxd.net
3 x.bidswitch.net 3 redirects
3 ups.analytics.yahoo.com 3 redirects
3 p.adsymptotic.com 1 redirects cheet-2642-ontariofarmer.gdev.postmedia.digital
ads.pubmatic.com
3 px.ads.linkedin.com 3 redirects
3 www.googletagmanager.com pmd-dev-frontend-modules.s3.amazonaws.com
www.googletagmanager.com
3 smartcdn.prod.postmedia.digital cheet-2642-ontariofarmer.gdev.postmedia.digital
3 pmd-dev-frontend-modules.s3.amazonaws.com cheet-2642-ontariofarmer.gdev.postmedia.digital
pmd-dev-frontend-modules.s3.amazonaws.com
2 b1sync.zemanta.com 2 redirects
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 googleads4.g.doubleclick.net cheet-2642-ontariofarmer.gdev.postmedia.digital
2 c1.adform.net 1 redirects ads.pubmatic.com
2 um.simpli.fi 2 redirects
2 www.google.ca cheet-2642-ontariofarmer.gdev.postmedia.digital
2 pixel-sync.sitescout.com 2 redirects
2 pixel-us-east.rubiconproject.com 2 redirects
2 u.openx.net 1 redirects s.amazon-adsystem.com
2 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
2 ads.pubmatic.com s.amazon-adsystem.com
ads.pubmatic.com
2 sync.crwdcntrl.net 2 redirects
2 dpm.demdex.net 1 redirects cheet-2642-ontariofarmer.gdev.postmedia.digital
2 c0ace983ffea1bea0427354da745db13.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 ssum-sec.casalemedia.com 2 redirects
2 match.prod.bidr.io 2 redirects
2 www.facebook.com cheet-2642-ontariofarmer.gdev.postmedia.digital
2 pixel.advertising.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 ads.betweendigital.com 2 redirects
2 api.sail-personalize.com ak.sail-horizon.com
2 connect.facebook.net cheet-2642-ontariofarmer.gdev.postmedia.digital
connect.facebook.net
2 www.googleadservices.com www.googletagmanager.com
www.googleadservices.com
2 fonts.googleapis.com cheet-2642-ontariofarmer.gdev.postmedia.digital
securepubads.g.doubleclick.net
1 jssdks.mparticle.com jssdkcdns.mparticle.com
1 simage4.pubmatic.com ads.pubmatic.com
1 s.ad.smaato.net 1 redirects
1 cms.quantserve.com c0ace983ffea1bea0427354da745db13.safeframe.googlesyndication.com
1 yt3.ggpht.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 www.googletagservices.com c0ace983ffea1bea0427354da745db13.safeframe.googlesyndication.com
1 assets.ribn.com cheet-2642-ontariofarmer.gdev.postmedia.digital
1 id.rlcdn.com s.amazon-adsystem.com
1 ads.yahoo.com s.amazon-adsystem.com
1 ad.turn.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 pippio.com 1 redirects
1 secure.adnxs.com 1 redirects
1 pr-bh.ybp.yahoo.com u.openx.net
1 image6.pubmatic.com ads.pubmatic.com
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.ca securepubads.g.doubleclick.net
1 aa.agkn.com cheet-2642-ontariofarmer.gdev.postmedia.digital
1 stags.bluekai.com 1 redirects
1 t.co cheet-2642-ontariofarmer.gdev.postmedia.digital
1 analytics.twitter.com static.ads-twitter.com
1 px4.ads.linkedin.com 1 redirects
1 www.linkedin.com 1 redirects
1 static.ads-twitter.com cheet-2642-ontariofarmer.gdev.postmedia.digital
1 snap.licdn.com www.googletagmanager.com
1 pixel.adsafeprotected.com cdn.adsafeprotected.com
1 jssdkcdns.mparticle.com pmd-dev-frontend-modules.s3.amazonaws.com
1 ak.sail-horizon.com cheet-2642-ontariofarmer.gdev.postmedia.digital
1 auth.lrcontent.com cheet-2642-ontariofarmer.gdev.postmedia.digital
1 www.npttech.com cheet-2642-ontariofarmer.gdev.postmedia.digital
1 cdn.adsafeprotected.com cheet-2642-ontariofarmer.gdev.postmedia.digital
1 hb.districtm.io cheet-2642-ontariofarmer.gdev.postmedia.digital
277 105
Subject Issuer Validity Valid
cheet-2642-driving.gdev.postmedia.digital
R3		 2022-02-09 -
2022-05-10		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
districtm.io
Cloudflare Inc ECC CA-3		 2021-06-02 -
2022-06-01		 a year crt.sh
*.adsafeprotected.com
Amazon		 2021-07-21 -
2022-08-19		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-05 -
2022-07-04		 a year crt.sh
ak.sail-horizon.com
Amazon		 2022-01-06 -
2023-02-02		 a year crt.sh
*.s3.amazonaws.com
Amazon		 2021-12-15 -
2022-12-03		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
smartcdn.gprod.postmedia.digital
GTS CA 1D4		 2021-12-16 -
2022-03-16		 3 months crt.sh
*.prod.postmedia.digital
Amazon		 2022-01-15 -
2023-02-13		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
jssdkcdns.mparticle.com
R3		 2021-12-27 -
2022-03-27		 3 months crt.sh
cdn.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-30 -
2022-12-29		 a year crt.sh
fw.adsafeprotected.com
Amazon		 2021-08-11 -
2022-09-09		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2021-07-15 -
2022-07-20		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-11-19 -
2022-02-17		 3 months crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-21 -
2022-07-26		 a year crt.sh
identity.mparticle.com
Go Daddy Secure Certificate Authority - G2		 2021-07-07 -
2022-08-08		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-24 -
2022-03-23		 a year crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-24 -
2022-03-23		 a year crt.sh
api.sail-personalize.com
Amazon		 2021-06-24 -
2022-07-23		 a year crt.sh
consumer.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-13 -
2022-07-12		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.ml314.com
Amazon		 2021-12-17 -
2023-01-14		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2021-07-14 -
2022-06-27		 a year crt.sh
*.google.ca
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
*.sharethrough.com
Amazon		 2021-08-13 -
2022-09-11		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-18 -
2022-07-13		 6 months crt.sh
www.google.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh
*.ribn.com
Amazon		 2021-09-20 -
2022-10-19		 a year crt.sh
edgestatic.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
jssdks.mparticle.com
R3		 2021-12-27 -
2022-03-27		 3 months crt.sh

This page contains 29 frames:

Primary Page: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Frame ID: C7C4E0C816F9350A8DC44EE7ECC0B54B
Requests: 105 HTTP requests in this frame

Frame: https://pmd-dev-frontend-modules.s3.amazonaws.com/CHEET-4605-debb28b/xd.html
Frame ID: 03A74F9DD739EFA07F61BD658E6AEF2C
Requests: 2 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 1980BC95EF846175D024A6021F8762B4
Requests: 10 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: 0A17A354B460B3C0FBBBAC142BD7C7CB
Requests: 23 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&dcc=t
Frame ID: 15B065D5DA51A6094D978DAB01BC0E17
Requests: 1 HTTP requests in this frame

Frame: https://c0ace983ffea1bea0427354da745db13.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 01DFF486314F8DBD08FC7496F87A8EBA
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Frame ID: 6E9C0AE607D3752869ED00E7AF3652AA
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: 2712FF22AEDFB34123E825286FA92ADD
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Frame ID: FCD3BC428B1415EBD1CAC833A339F84D
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: 2999D8BA63B168C554DAEC35AD9C425A
Requests: 12 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: 59C7A28235CC84B37175C9E0B35CD89C
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=5238648912890707969&ex=districtm
Frame ID: D0A9095A301589C6D34D4254FAE30C17
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=1358049491610281972&ex=appnexus.com
Frame ID: 1A3A284C539C7652BCF9EC12ED2D239F
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Frame ID: 529BA651DBF180117C862FB78BDECA14
Requests: 7 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
Frame ID: 468FF57066FF571746DAFB101B157AA9
Requests: 3 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1605454715927848592635
Frame ID: 9F733C7D89BAAA8E083DBD526F23B93B
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: B9A0547CB95B99CAF53EA0861AAF492A
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=07C71460-8653-41C1-AB37-539E9D81DB99
Frame ID: F1595E6C1123D0E0D0E88BC714F03B3D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YgT5wAAFJx8O0wBB&gdpr=0&gdpr_consent=
Frame ID: 7008CCDDF3396D0D4829D3CC2BD57EF8
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=07C71460-8653-41C1-AB37-539E9D81DB99&ex=pubmatic.com
Frame ID: 118A5F2A5DA20A990D469BFDDD3FDE57
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 096DF5D3EDBA2212C782DB17A1217450
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BED00B3EC506F5C0F1FCA7D05901E16B
Requests: 2 HTTP requests in this frame

Frame: https://www.youtube.com/embed/huP4KOq-v7g?autoplay=0&cc_load_policy=1&color=white&controls=1&enablejsapi=1&origin=https%3A%2F%2Fcheet-2642-ontariofarmer.gdev.postmedia.digital&playsinline=1&rel=0&playlist=huP4KOq-v7g%2C6kfv6OjkAPo%2CGSTTZ7mtwKc%2ClkhYkiqApyI%2CLefQlPR5tiU%2CiYlGGPcBNLM%2Ce3Q4fByDnWY%2CFELEXBxSqOc%2CHiIgtQALCkI%2CU04Sbe64a2Y&embed_config=%7B%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F3081%2FSMCO_ENCO_MAGOnFarmer_EN_WEB%2Findex%22%2C%22cust_params%22%3A%22player%253Dyt%2526no_pol%253Dtrue%2526page%253Dindex%2526pr%253Donf%2526sensitive%253Dn%2526negative%253Dn%2526ck%253Dindex%2526imp%253Dindex%2526kuid%253D%2526adt%253DveryLow%2526alc%253DveryLow%2526dlm%253DveryLow%2526drg%253DveryLow%2526hat%253DveryLow%2526off%253DveryLow%2526vio%253DveryLow%2526ias-kw%253D%2526fr%253Dfalse%2526cheetah%253Dy%22%2C%22ppid%22%3A%2200000000ppidp1560126540933913520%22%7D%2C%22nonPersonalizedAd%22%3Atrue%7D%7D&widgetid=1
Frame ID: F6A602A50462431E222C1ABDC3C36150
Requests: 19 HTTP requests in this frame

Frame: https://c0ace983ffea1bea0427354da745db13.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C50D686AAF0D7383ACF6A6038F193E62
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012201141909000/amp4ads-v0.mjs
Frame ID: 34177439007BEBBCBF1D3CE991D5401D
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLHZsgIQwJrPAhjw6a3BATAB&v=APEucNWPXiVSNufDYJwkNtcUbEDeA_chZdjCkhdVqxXM2hWuGIpaKBJ0vW1JiorvfuUjbcSoYEakwD1mh6m0QfnJdFMcwvCc7Q
Frame ID: 4934790B0BB077BE8BE5795962C0BBFC
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2926134720286356086/index.html
Frame ID: 49246E51E054625D83CB5454AA441185
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 333D6D2111107BF1917BA8BA30F72693
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C043E6FAB26AFE21241274F055F16033
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home | Ontario FarmerOntario Farmer

Page URL History Show full URLs

  1. http://cheet-2642-ontariofarmer.gdev.postmedia.digital/ HTTP 308
    https://cheet-2642-ontariofarmer.gdev.postmedia.digital/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

277
Requests

78 %
HTTPS

35 %
IPv6

68
Domains

105
Subdomains

75
IPs

5
Countries

3318 kB
Transfer

9611 kB
Size

109
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cheet-2642-ontariofarmer.gdev.postmedia.digital/ HTTP 308
    https://cheet-2642-ontariofarmer.gdev.postmedia.digital/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61
  • https://sb.scorecardresearch.com/b?c1=2&c2=10276888&ns__t=1644493247523&ns_c=UTF-8&c8=Home%20%7C%20Ontario%20Farmer&c7=https%3A%2F%2Fcheet-2642-ontariofarmer.gdev.postmedia.digital%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=10276888&ns__t=1644493247523&ns_c=UTF-8&c8=Home%20%7C%20Ontario%20Farmer&c7=https%3A%2F%2Fcheet-2642-ontariofarmer.gdev.postmedia.digital%2F&c9=
Request Chain 69
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1747836&time=1644493247708&url=https%3A%2F%2Fcheet-2642-ontariofarmer.gdev.postmedia.digital%2F HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1747836&time=1644493247708&url=https%3A%2F%2Fcheet-2642-ontariofarmer.gdev.postmedia.digital%2F&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1747836%26time%3D1644493247708%26url%3Dhttps%253A%252F%252Fcheet-2642-ontariofarmer.gdev.postmedia.digital%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1747836&time=1644493247708&url=https%3A%2F%2Fcheet-2642-ontariofarmer.gdev.postmedia.digital%2F&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1747836&time=1644493247708&url=https%3A%2F%2Fcheet-2642-ontariofarmer.gdev.postmedia.digital%2F&cookiesTest=true&liSync=true&e_ipv6=AQJAi7M9NGtLZwAAAX7jb5afrF9UvA4TJeF0EYGX-ExnaDiyWlO2AuXXlCeTUO9rIcoLsPuU HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=4e0961d7-b2cc-4146-9234-1ef6357511fc HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=4e0961d7-b2cc-4146-9234-1ef6357511fc&_expected_cookie=4efd826e240af41802c19a0df28fbcd0
Request Chain 78
  • https://ups.analytics.yahoo.com/ups/58377/occ?gdpr=&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58377/occ?gdpr=&gdpr_consent=&verify=true HTTP 302
  • https://dmx.districtm.io/s/10057/y-ADBoYWFE2uGnGgLhmJlMI7g9OChYqnzA9iUlfE8-~A
Request Chain 79
  • https://match.sharethrough.com/1PQ8qgv7/v1/ HTTP 302
  • https://dmx.districtm.io/s/10059/8d8b5b05-466e-41b2-8d05-be91bf1c9375
Request Chain 80
  • https://x.bidswitch.net/sync?ssp=districtm&user_id=24uvNex4kAYny3h6rIxgPIREDJd HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=districtm&user_id=24uvNex4kAYny3h6rIxgPIREDJd HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Ddistrictm%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Ddistrictm%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D&crf=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=d5e2caa6-a3a8-5129-98a7-31f3faa3c833&ssp=districtm&expires=30&user_group=1 HTTP 302
  • https://dmx.districtm.io/s/10009/a03ea989-647c-4d91-b2a9-497ed3bfb76e
Request Chain 81
  • https://sync.srv.stackadapt.com/sync?nid=132 HTTP 302
  • https://dmx.districtm.io/s/10026/qW9iOQcESZxYVy_DWMrXr5U4mbk
Request Chain 82
  • https://pixel.advertising.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP4a4696ab-8a66-11ec-8c96-0e46dbec0cf3 HTTP 302
  • https://dmx.districtm.io/s/10051/y-.TI6jNRE2uE4aCz1sU1UbirHVG6nx5sW~A~UP4a4696ab-8a66-11ec-8c96-0e46dbec0cf3
Request Chain 90
  • https://usermatch.krxd.net/um/v2?partner=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=T3AzSEhFUFI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cm=&google_nid=krux_digital&google_hm=T3AzSEhFUFI&google_tc= HTTP 302
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESEOyeikJzJ6H-y7CprF0oxhI&google_cver=1
Request Chain 91
  • https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=T3AzSEhFUFI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm=&google_hm=T3AzSEhFUFI&google_tc= HTTP 302
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESEC3U9T808wDow6FTmRtoM48&google_cver=1
Request Chain 93
  • https://stags.bluekai.com/site/26357?id=Op3HHEPR&redir=https://beacon.krxd.net/usermatch.gif?_kuid%3DOp3HHEPR%26partner%3Dbluekai%26bk_uuid%3D%24_BK_UUID HTTP 302
  • https://beacon.krxd.net/usermatch.gif?_kuid=Op3HHEPR&partner=bluekai&bk_uuid=$_BK_UUID
Request Chain 95
  • https://sync-tm.everesttech.net/upi/pid/NC4WTmcy?redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner_id%3Dcb276571-e0d9-4438-9fd4-80a1ff034b01%26puid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/NC4WTmcy?redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner_id%3Dcb276571-e0d9-4438-9fd4-80a1ff034b01%26puid%3D%24%7BTM_USER_ID%7D&_test=YgT5wAAFJx8O0wBB HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner_id=cb276571-e0d9-4438-9fd4-80a1ff034b01&puid=YgT5wAAFJx8O0wBB&_test=YgT5wAAFJx8O0wBB
Request Chain 96
  • https://usermatch.krxd.net/um/v2?partner=beeswax HTTP 302
  • https://match.prod.bidr.io/cookie-sync/krux?partner_user_id=Op3HHEPR HTTP 303
  • https://match.prod.bidr.io/cookie-sync/krux?partner_user_id=Op3HHEPR&_bee_ppp=1 HTTP 303
  • https://beacon.krxd.net/usermatch.gif?partner=beeswax&partner_uid=AAEUSE7ECfQAAHccD3thZA
Request Chain 97
  • https://usermatch.krxd.net/um/v2?partner=mediamath HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10031&mt_exuid=Op3HHEPR&redirect=https://beacon.krxd.net/usermatch.gif?partner%3Dmediamath%26partner_id%3D%5BMM_UUID%5D HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=mediamath&partner_id=3ec36204-f9c0-4500-a2fb-1e8e4c98d324
Request Chain 99
  • https://usermatch.krxd.net/um/v2?partner=neustar HTTP 302
  • https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=Op3HHEPR
Request Chain 100
  • https://ssum-sec.casalemedia.com/usermatchredir?s=183716&cb=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcasale%26partner_uid%3D__UID__ HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcasale%26partner_uid%3D__UID__&s=183716&C=1 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=casale&partner_uid=YgT5wFVx1VfG77DPAM.50QAA%26473
Request Chain 101
  • https://sync.srv.stackadapt.com/sync?nid=salesforce HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=stackadapt&partner_uid=qW9iOQcESZxYVy_DWMrXr5U4mbk
Request Chain 102
  • https://usermatch.krxd.net/um/v2?partner=triplelift&gdpr=0&cmp_cs=&us_privacy=undefined HTTP 302
  • https://eb2.3lift.com/xuid?mid=3587&xuid=Op3HHEPR&dongle=13b2&rdir=https://beacon.krxd.net/usermatch.gif?partner%3Dtriplelift%26partner_uid%3D$UID&gdpr=0&cmp_cs=&us_privacy=undefined HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=3587&xuid=Op3HHEPR&dongle=13b2&gdpr=0&cmp_cs=&us_privacy=undefined&rdir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dtriplelift%26partner_uid%3D%24UID HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=triplelift&partner_uid=1605454715927848592635
Request Chain 103
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&dcc=t
Request Chain 112
  • https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3625040135422214160&redir= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3625040135422214160&redir=
Request Chain 113
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
  • https://ml314.com/utsync.ashx?eid=53819&et=0&fp=6eb0d8c8-8ec0-49b3-afec-dd8bfc9c7013&gdpr=0&gdpr_consent=
Request Chain 114
  • https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3625040135422214160 HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3625040135422214160 HTTP 302
  • https://ml314.com/csync.ashx?fp=b3370cb7ce7eead7f8612df1239cc66a&eid=50146&person_id=3625040135422214160
Request Chain 115
  • https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif HTTP 302
  • https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2WXxTJkZmUxF1ed8p1w6IgrKr9MWHypcI48IdwP_Y84I&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26referrer_pid%3Dr8hrb20 HTTP 302
  • https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
Request Chain 116
  • https://ml314.com/csync.ashx?fp=Op3HHEPR&person_id=3625040135422214160&eid=748&return=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dmadisonlogic%26partner_uid%3D3625040135422214160 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=madisonlogic&partner_uid=3625040135422214160
Request Chain 120
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Request Chain 121
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=districtm HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Ddistrictm HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=5238648912890707969&ex=districtm
Request Chain 122
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=1358049491610281972&ex=appnexus.com
Request Chain 123
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com HTTP 302
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Request Chain 124
  • https://cdn.districtm.io/ids/?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D HTTP 301
  • https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
Request Chain 125
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1605454715927848592635
Request Chain 129
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1 HTTP 302
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=KZGWTJHH-28-9G9E
Request Chain 130
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=6eb0d8c8-8ec0-49b3-afec-dd8bfc9c7013&gdpr=0&gdpr_consent=
Request Chain 131
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=97 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=97 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=gBgkxrVErPj9wqivTDd2AmVY&source_user_id=cc60af1f-4b6f-44e6-8d02-d305b6cc5499-6204f9c0-4341&gdpr=0&gdpr_consent=
Request Chain 132
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=6eb0d8c8-8ec0-49b3-afec-dd8bfc9c7013&gdpr=0&gdpr_consent=
Request Chain 137
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/580448699/?random=2041357170&cv=9&fst=1644493248340&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg290&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fcheet-2642-ontariofarmer.gdev.postmedia.digital%2F&tiba=Home%20%7C%20Ontario%20Farmer&auid=260944317.1644493248&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=wPkEYraUGMiDNaDSu9AM&sscte=1&crd=&eitems=ChAIgIyTkAYQpK3aj9jOwe4vEh0A-e5AUGU5HNCvtW2Cq2IqCLeJjmS7U0RmoC36cQ HTTP 302
  • https://www.google.com/pagead/1p-conversion/580448699/?random=2041357170&cv=9&fst=1644493248340&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg290&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fcheet-2642-ontariofarmer.gdev.postmedia.digital%2F&tiba=Home%20%7C%20Ontario%20Farmer&auid=260944317.1644493248&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=wPkEYraUGMiDNaDSu9AM&cid=CAQSKQCNIrLMR2ol1x6U9NKHjcWmxn9X-_EVZ33RO0f9KmpPyjifIKzrKMlk&eitems=ChAIgIyTkAYQpK3aj9jOwe4vEh0A-e5AUD1_UHJngxjE-OkjBExYDS2oZTHkiwFJWw&random=1397278157&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.ca/pagead/1p-conversion/580448699/?random=2041357170&cv=9&fst=1644493248340&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg290&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fcheet-2642-ontariofarmer.gdev.postmedia.digital%2F&tiba=Home%20%7C%20Ontario%20Farmer&auid=260944317.1644493248&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=wPkEYraUGMiDNaDSu9AM&cid=CAQSKQCNIrLMR2ol1x6U9NKHjcWmxn9X-_EVZ33RO0f9KmpPyjifIKzrKMlk&eitems=ChAIgIyTkAYQpK3aj9jOwe4vEh0A-e5AUD1_UHJngxjE-OkjBExYDS2oZTHkiwFJWw&random=1397278157&resp=GooglemKTybQhCsO&ipr=y&prhg=0
Request Chain 139
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YgT5wAAFJx8O0wBB
Request Chain 141
  • https://match.adsrvr.org/track/cmf/openx?oxid=9f0024bd-a581-317a-5cfd-456530002741&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=6eb0d8c8-8ec0-49b3-afec-dd8bfc9c7013&ttd_puid=9f0024bd-a581-317a-5cfd-456530002741
Request Chain 143
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECjG3JeK6qQJzF497fod8aw&google_cver=1
Request Chain 145
  • https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=2b2b1102356f0fc4bb65f140&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=3&3pid=3ec36204-f9c0-4500-a2fb-1e8e4c98d324&gdpr=0&gdpr_consent=
Request Chain 146
  • https://px.owneriq.net/eucm/p/sv?gdpr=0&gdpr_consent= HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fpx.owneriq.net%2ffr%2fepx.gif&uid=Q6977796482136910923&ref=%2Feucm%2Fp%2Fsv HTTP 302
  • https://px.owneriq.net/fr/epx.gif
Request Chain 147
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=MmIyYjExMDIzNTZmMGZjNGJiNjVmMTQw&gdpr=0
Request Chain 148
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=12&3pid=5238648912890707969&gdpr=0&gdpr_consent=
Request Chain 149
  • https://um.simpli.fi/lj_match?r=1644493248394&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=C2835A87145D4E8D8F5FBFABDFA0194D
Request Chain 151
  • https://dmx.districtm.io/s/v1/users/10002 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=dmx.com&id=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAyLCJ1c3IiOiJxZ1llc2dZYk1qUjFkazVsZURSclFWbHVlVE5vTm5KSmVHZFFTVkpGUkVwayJ9.bj5T9A3bbc75fP6iQf72y2QqV9wR7msj0LVIOT6cNxnGMSSHOcdz-T_4H7u2g1Dn-lQaBSaQOQ64Ev0bPPNkKg
Request Chain 154
  • https://c1.adform.net/serving/cookie/match?party=14&cid=07C71460-8653-41C1-AB37-539E9D81DB99 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=07C71460-8653-41C1-AB37-539E9D81DB99
Request Chain 155
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YgT5wAAFJx8O0wBB&gdpr=0&gdpr_consent=
Request Chain 157
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=B8cUYIZTQcGrN1OenYHbmQ%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 158
  • https://idsync.rlcdn.com/420486.gif?partner_uid=07C71460-8653-41C1-AB37-539E9D81DB99 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDA3QzcxNDYwLTg2NTMtNDFDMS1BQjM3LTUzOUU5RDgxREI5ORAAGg0IwPOTkAYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=0be116c3eeda80ada309685680c069f69d2d701c6b9a77d835c9cac2bdf7239c791426b5417dce21&_=2 HTTP 307
  • https://p.adsymptotic.com/d/px?_pid=13553&_psign=9e62e5c043ecadc9479a0ccac401dd7d
Request Chain 159
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=3ec36204-f9c0-4500-a2fb-1e8e4c98d324
Request Chain 160
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDdDNzE0NjAtODY1My00MUMxLUFCMzctNTM5RTlEODFEQjk5&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 161
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGpkrSK_sdY-bLtAcYqG4Ds&google_cver=1
Request Chain 162
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:43DFF3CD0F99411CA82B3C6FD65DD333
Request Chain 163
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3791191646582480870&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 164
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=6eb0d8c8-8ec0-49b3-afec-dd8bfc9c7013
Request Chain 165
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=KZGWTJJE-7-677U HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=KZGWTJJE-7-677U&ex=d-rubiconproject.com&status=ok
Request Chain 166
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjFhODBkN2UzYmExZGVjMjhiZGFlMDlmMzFlNzkwNDJlYTk0NDM4OQ
Request Chain 167
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZGWTJJE-7-677U&sigv=1&esig=2~2e070719704c5efae4d730b0aa5036a3cd829af7
Request Chain 168
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=3ec36204-f9c0-4500-a2fb-1e8e4c98d324&expires=28
Request Chain 170
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pHV1RKSkUtNy02NzdV
Request Chain 171
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YgT5wAAFJx8O0wBB
Request Chain 172
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=6eb0d8c8-8ec0-49b3-afec-dd8bfc9c7013&gdpr=0&gdpr_consent=&expires=30
Request Chain 173
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHgQkRuAzLnWaOeUDJDKNcg&google_cver=1
Request Chain 180
  • https://sb.scorecardresearch.com/c2/10276888/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
Request Chain 230
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEu4gEhbMcTKvVdH8wAc-9o&google_cver=1
Request Chain 231
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YgT5wFVx1VfG77DPAM.50QAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEu4gEhbMcTKvVdH8wAc-9o&google_cver=1&google_hm=2
Request Chain 232
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEA05oBzD_kTjFHq8IbdPS9Q&google_cver=1
Request Chain 233
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTIzODY0ODkxMjg5MDcwNzk2OQ%3D%3D
Request Chain 258
  • https://px.owneriq.net/ecmg?google_gid=CAESEHQz7tNTISjcZTWDa7xZbJs&google_cver=1&google_push=AYg5qPIlC1EZCwLqqeJidObirTFBMXdRkanfvMrIzuNj8wa6xhTYAuoQR7JXBl7N4QuuQWS5c-AHKEiwJd8w_DZFJvrRXR1whwBn HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AYg5qPIlC1EZCwLqqeJidObirTFBMXdRkanfvMrIzuNj8wa6xhTYAuoQR7JXBl7N4QuuQWS5c-AHKEiwJd8w_DZFJvrRXR1whwBn&google_cver=1&google_gid=CAESEHQz7tNTISjcZTWDa7xZbJs&google_hm=UTY5Nzc3OTY0ODIxMzY5MTA5MjM=
Request Chain 259
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESELwAay38GlsNqdo-PDI8Dps&google_cver=1&google_push=AYg5qPILeQtCzf2iU3B31TZW01wX7UwZoU4uQAs0YEklFPXy6ZSIixFIX9vA3HVevM4GrNyNaIB0CmhkNVfqsPaDwNWVmzRRTPs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NmViMGQ4YzgtOGVjMC00OWIzLWFmZWMtZGQ4YmZjOWM3MDEz&google_push&gdpr=0&gdpr_consent=&ttd_tdid=6eb0d8c8-8ec0-49b3-afec-dd8bfc9c7013
Request Chain 260
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEPdbrTvPoTFA0ghMqe6MlmU&google_cver=1&google_push=AYg5qPJelnkSH0nf65iJ-qU7NK6D5iMgwWYNoyG4ppvsPNVQZJnmbx5ycu7IzTuMzi_yHvEz0QGOfPFwudh5TeM5DXTp8ZBX7qx0 HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEPdbrTvPoTFA0ghMqe6MlmU&google_push=AYg5qPJelnkSH0nf65iJ-qU7NK6D5iMgwWYNoyG4ppvsPNVQZJnmbx5ycu7IzTuMzi_yHvEz0QGOfPFwudh5TeM5DXTp8ZBX7qx0&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPJelnkSH0nf65iJ-qU7NK6D5iMgwWYNoyG4ppvsPNVQZJnmbx5ycu7IzTuMzi_yHvEz0QGOfPFwudh5TeM5DXTp8ZBX7qx0&google_hm=SVFmOFh0Nm9ZVER2MGRsaXFJQXA=
Request Chain 261
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEBoSsUAD18cazy_7T67B3XE&google_cver=1&google_push=AYg5qPLJKh0o6qAu1ygtdbLN0Ls8pjeMZb6dQ6dle6L_5isBsP0oj3KFOn8C00OPrEqkBVTabhko7iKvCXoiLlqFEr7XNAuSRKct HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLJKh0o6qAu1ygtdbLN0Ls8pjeMZb6dQ6dle6L_5isBsP0oj3KFOn8C00OPrEqkBVTabhko7iKvCXoiLlqFEr7XNAuSRKct
Request Chain 262
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEDBr9himbD5B9kPFkQzuN1c&google_cver=1&google_push=AYg5qPJesEKCQNVfuIHzOg0YDlBfbqM-4C3vAoINkVcD-odsdCMTVndc9WCEmSg6dFYyRWO-4yMF97Pw14K8fvelp_feBbaw8hR9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTYwNTQ1NDcxNTkyNzg0ODU5MjYzNQ%3D%3D&google_push=AYg5qPJesEKCQNVfuIHzOg0YDlBfbqM-4C3vAoINkVcD-odsdCMTVndc9WCEmSg6dFYyRWO-4yMF97Pw14K8fvelp_feBbaw8hR9

277 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
cheet-2642-ontariofarmer.gdev.postmedia.digital/
Redirect Chain
  • http://cheet-2642-ontariofarmer.gdev.postmedia.digital/
  • https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
630 KB
188 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
5273f00303297b56ff43a31ddc49a0580fd556eca2ba3e5a00b2f6cc4212334a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

date
Thu, 10 Feb 2022 11:40:46 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding user-agent
expires
Thu, 10 Feb 2022 11:45:46 GMT
cache-control
max-age=300
x-frame-options
SAMEORIGIN
x-pmd-backend
cheetah-nginx
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains

Redirect headers

Date
Thu, 10 Feb 2022 11:40:42 GMT
Content-Type
text/html
Content-Length
164
Connection
keep-alive
Location
https://cheet-2642-ontariofarmer.gdev.postmedia.digital
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
sffe /
Resource Hash
ff1b6dd68446cefef654646ec6591f53e2eabf67d96c310cb89c2b8a9c34d648
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:40:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27113
x-xss-protection
0
server
sffe
etag
"1127 / 594 of 1000 / last-modified: 1644486248"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 10 Feb 2022 11:40:47 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.160.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-160-42.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
c7360a9b46fde11845b3090ca0034fb409d92398a71f3ae15fac3a2fa29ae6cc

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
b8_BFwGreWZ8DiwPnFEjUic3PIjCmAYu
content-encoding
gzip
etag
a89a0f9aa62d9c46ee287cd1f0b6423d
age
525
x-cache
Hit from cloudfront
server
Server
x-amz-rid
04J4DSD0HQRC7HEBF0QP
date
Thu, 10 Feb 2022 11:32:45 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
EWR53-C3
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
ol7fnq7sPQtJGk0WSxp_uwpHRJIIAShqWTq2xoE-c35NbfpJtvg6Jg==
all.postmedia.js
hb.districtm.io/prod/100549/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.districtm.io/prod/100549/all.postmedia.js
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5f7c1c0cbec2c27d4165db4cd06b7780f477fc9161008bde67c7a9d62b223aa

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:40:47 GMT
via
1.1 3500217a9615be8281152e7c88016d27.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
4501
x-cache
Miss from cloudfront
cf-bgj
minify
content-encoding
br
last-modified
Thu, 10 Dec 2020 10:37:54 GMT
server
cloudflare
etag
W/"5f2e83162e71fb84bb30df8f49e91eee"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=43200
x-amz-cf-pop
YTO50-C3
cf-ray
6db5108a2f545443-YYZ
x-amz-cf-id
oMLzit6jFwj77cuISbncmYKu6Otu__klaSHlOdizxtKrKjCVudcWUg==
expires
Thu, 10 Feb 2022 23:40:47 GMT
iasPET.1.js
cdn.adsafeprotected.com/ 		22 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-27.ewr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 04 Feb 2022 07:47:18 GMT
Via
1.1 16d05722e4fd66d659ec48b5bb6f2d18.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Wed, 02 Jun 2021 17:38:57 GMT
Server
AmazonS3
Age
532410
ETag
"51636de3ce868a2172f9e6996c2934e0"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Cache-Control
max-age=604800
X-Amz-Cf-Pop
EWR50-C1
Accept-Ranges
bytes
Content-Length
22521
X-Amz-Cf-Id
MKEOcBIhAKO2TlOielnj6TogNPUFGjWAqLKXb5WrkcUgvJIq54qZVQ==
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aa8c4f5924fd06cbaf5c65fac729f0c3207d1f70534b07fc0915948c41b29d6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 10 Feb 2022 10:46:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 10 Feb 2022 11:40:47 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 10 Feb 2022 11:40:47 GMT
advertising.js
www.npttech.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.npttech.com/advertising.js
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:3c3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:40:47 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
813
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
JNMEQGQ9NJ9E6X1S
x-amz-id-2
fxImh/8M8kos4PfArLZQ66EMsMP9XUBIudAFPFkNaHH9tQrUf3+tzsmbOphXS4daZ7ig6eUbrKc=
last-modified
Wed, 19 Jun 2019 08:25:01 GMT
server
cloudflare
etag
W/"3d6f80c860866175f58a84bbbc9217c6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yP5lvzlpb2X3aODj6XWdKdkF7nUDNUpJT5Ib0TqM64lYj2j0NvyVJS2qA8qlIOkxxTEulfCrl7DbM6%2FcWgDmPRyc37GhATtnXhMffYvd63Hzaz8gLA6RUGbiy7hUuculHjDf%2B8VLik4vpAawLtw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=28800
x-amz-version-id
hXQWgdpwSBM26VgKOeTSlm.4VT89.h9w
cf-ray
6db5108acdc97156-YUL
LoginRadiusV2.js
auth.lrcontent.com/v2/js/ 		199 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.lrcontent.com/v2/js/LoginRadiusV2.js
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:49e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68a335c0d87dce935fee1811892070e78c514828d50bfe2ae21fde739ec1002c
Security Headers
Name Value
Strict-Transport-Security max-age= 63072000; includeSubdomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:40:47 GMT
via
1.1 c1c976b1b60b605adb44f62da9e0bb8a.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
age
819
cf-polished
origSize=1238069
x-cache
Miss from cloudfront
content-encoding
gzip
last-modified
Mon, 13 Dec 2021 05:19:58 GMT
server
cloudflare
etag
W/"ae3463c4a59ae100b160ed4dd5dbf4b8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age= 63072000; includeSubdomains; preload
content-type
application/javascript
cache-control
max-age=14400
x-amz-cf-pop
EWR52-C3
cf-ray
6db5108a2ed1ca4b-YUL
x-amz-cf-id
UKx_SLTr25mJR9OxZ3Jl1iZpjZMyCaPjbVBPFMpyn7yVrNt_E6CAIg==
cf-bgj
minify
spm.v1.min.js
ak.sail-horizon.com/spm/ 		121 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-113.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d06ae5e97e495832fc4526c3e93d7e9440f1faf5f77669b41678c9d564a25faf

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:33:14 GMT
content-encoding
gzip
last-modified
Tue, 08 Jun 2021 04:22:34 GMT
server
AmazonS3
age
454
etag
W/"b22b4f4738e8722be1636447be239da2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 1089f52bc4f4516fdbd56d5c71d181e8.cloudfront.net (CloudFront)
cache-control
max-age=600; must-revalidate
x-amz-cf-pop
EWR53-C1
x-amz-cf-id
B_DRFsDIktl1FhBF8zfZyiLhiSi0QC1vu87j36Qmv7t-98vc--27GA==
fem.js
pmd-dev-frontend-modules.s3.amazonaws.com/CHEET-4605-debb28b/ 		259 KB
260 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pmd-dev-frontend-modules.s3.amazonaws.com/CHEET-4605-debb28b/fem.js
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.147.107 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-w.ca-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
ad0de585bfd20058e6f55655569d98b055d5e533979e236e7adb6b7cf60246fb

Request headers

Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Origin
https://cheet-2642-ontariofarmer.gdev.postmedia.digital
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 10 Feb 2022 11:40:48 GMT
Last-Modified
Sat, 05 Feb 2022 02:50:44 GMT
Server
AmazonS3
x-amz-request-id
069Z0VHCZXGCV4A5
ETag
"2418e28b16766e6deaec4aab5b5a44a0"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET, HEAD
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3000
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
265335
x-amz-id-2
sDiVfd6/T8/JFGJz9w6IxGCVn0sdm1qKwqV8JBILlphbOnKuvvNLCyQ1MCcUem1zGEJMZKq265I=
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cheet-2642-ontariofarmer.gdev.postmedia.digital
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 08:30:30 GMT
x-content-type-options
nosniff
age
11417
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 10 Feb 2023 08:30:30 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cheet-2642-ontariofarmer.gdev.postmedia.digital
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 14:35:30 GMT
x-content-type-options
nosniff
age
162317
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 08 Feb 2023 14:35:30 GMT
truncated
/ 		128 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
23d00276404c2322c5d3bb27f5e930b67f81bc964189b36b028ab1521a5929db

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
CD_Winter-Scene.jpg
smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2022/01/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2022/01/CD_Winter-Scene.jpg?quality=90&strip=all&w=466&type=webp
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
4910659dc839049030cd900a2fba16b8b73872cbdc04bf71c494b0c0512edef4

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nexus
date
Wed, 09 Feb 2022 16:19:24 GMT
via
1.1 google
server
nginx/1.19.10
cache-control
max-age=2592000,public
age
69683
etag
"381af7f1ed861f0d0c47f3e75268eb56ba0741dd"
vary
Accept
content-type
image/webp
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-64c799cd7-6vb56
alt-svc
clear
content-length
32578
truncated
/ 		256 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3fde76cacc186420d0405496f66f9cd00a7c14a38a9ffa4b626a09affe83cc2a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml
business-wire-logo.svg
cheet-2642-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/images/common/ 		11 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/images/common/business-wire-logo.svg
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
7fb15552a88b764ca42963e71136255cecf99c6bccc6fdc68fbe0f930a516cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Thu, 10 Feb 2022 11:40:47 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 22:47:19 GMT
etag
W/"62044477-2b6a"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Sun, 05 Feb 2023 11:40:47 GMT
Newsfile-High-Res.png
smartcdn.prod.postmedia.digital/nexus/wp-content/uploads/2021/04/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.prod.postmedia.digital/nexus/wp-content/uploads/2021/04/Newsfile-High-Res.png
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-43.ewr53.r.cloudfront.net
Software
nginx/1.19.10 /
Resource Hash
7720a0f40d088f144d749c07f075b8dfdc84afd25900a59045fe6c29d0fc5090

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nexus
date
Tue, 04 May 2021 23:36:37 GMT
via
1.1 1654fbe9176188c45d0b894b1eaf5aa0.cloudfront.net (CloudFront)
server
nginx/1.19.10
age
24321850
etag
"58a1b532378c9a60bc8df47534dea7218beaf9a0"
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=31536000,public
x-amz-cf-pop
EWR53-C1
x-pmd-smart-cdn-proxy
da21880a3f69
content-length
13064
x-amz-cf-id
ptQ8SALIoIlR3huohZxX3cpmbggUGaALfh0dv_Lxq1-Hcy2i8pqm4Q==
expires
Wed, 04 May 2022 23:36:37 GMT
globe-newswire.svg
cheet-2642-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/images/common/ 		14 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/images/common/globe-newswire.svg
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
ca157b8a9c98a19c0446a974ea642d13e3b3398f328d312fd474df9f63c45fe9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Thu, 10 Feb 2022 11:40:47 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 22:47:19 GMT
etag
W/"62044477-3750"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Sun, 05 Feb 2023 11:40:47 GMT
icon-generic-play.svg
cheet-2642-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/images/common-icon/ 		1 KB
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/images/common-icon/icon-generic-play.svg?7988ae5f65d0
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
2f28c008f0ce667d697ccc95a07377e8562c0c28dd910f864724a265f75671e4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Thu, 10 Feb 2022 11:40:47 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 22:47:18 GMT
etag
W/"62044476-443"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Sun, 05 Feb 2023 11:40:47 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v24/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v24/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cheet-2642-ontariofarmer.gdev.postmedia.digital
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 19:30:01 GMT
x-content-type-options
nosniff
age
58246
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15660
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:19:40 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Feb 2023 19:30:01 GMT
gtm.js
www.googletagmanager.com/ 		474 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer
Requested by
Host: pmd-dev-frontend-modules.s3.amazonaws.com
URL: https://pmd-dev-frontend-modules.s3.amazonaws.com/CHEET-4605-debb28b/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2008 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
308cdcc3f7ce905c24d687f13f6f0f9883c00f55b02eade3dc71ab9f9cb85290
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:40:47 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
108281
x-xss-protection
0
last-modified
Thu, 10 Feb 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 10 Feb 2022 11:40:47 GMT
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: pmd-dev-frontend-modules.s3.amazonaws.com
URL: https://pmd-dev-frontend-modules.s3.amazonaws.com/CHEET-4605-debb28b/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.31.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-31-3.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:19:42 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
42723
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 b1cccfee199a18a4097165436eb291a8.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
x-amz-cf-id
L8HHzYAYGdnO3bOssBPnuuu86_S8UuWWE3YZArr-caoLUtSQEeFguQ==
icon-soc-fb.svg
cheet-2642-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/images/share-icons/ 		775 B
692 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/images/share-icons/icon-soc-fb.svg
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
40e562e806ce113ae7879d0dd76db82797b5c274794751c260381f2c8b283641
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Thu, 10 Feb 2022 11:40:47 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 22:47:19 GMT
etag
W/"62044477-307"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Sun, 05 Feb 2023 11:40:47 GMT
icon-soc-tw.svg
cheet-2642-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/images/share-icons/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/images/share-icons/icon-soc-tw.svg
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
975a64dc9bbc5e1884ba8ca2e76d9b2791d16d5c9f3619bf30477cd21a8636d2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Thu, 10 Feb 2022 11:40:47 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 22:47:19 GMT
etag
W/"62044477-6a2"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Sun, 05 Feb 2023 11:40:47 GMT
shared.6e7ba9ef551c.js
cheet-2642-ontariofarmer.gdev.postmedia.digital/9.5.0/CACHE/js/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/9.5.0/CACHE/js/shared.6e7ba9ef551c.js
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
6e7ba9ef551c702f3beaed9757a67322b8fc869d1d0491f6422b6e0b59e2baac
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Origin
https://cheet-2642-ontariofarmer.gdev.postmedia.digital
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Thu, 10 Feb 2022 11:40:47 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 22:47:23 GMT
etag
W/"6204447b-5e1d"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Sun, 05 Feb 2023 11:40:47 GMT
main.2e1c7a21c00f.js
cheet-2642-ontariofarmer.gdev.postmedia.digital/9.5.0/CACHE/js/ 		95 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/9.5.0/CACHE/js/main.2e1c7a21c00f.js
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
2e1c7a21c00f36840e958472cd721813085b600be879fa748dce2e8afc4fa932
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Origin
https://cheet-2642-ontariofarmer.gdev.postmedia.digital
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Thu, 10 Feb 2022 11:40:47 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 22:47:23 GMT
etag
W/"6204447b-17d59"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Sun, 05 Feb 2023 11:40:47 GMT
pubads_impl_2022020801.js
securepubads.g.doubleclick.net/gpt/ 		357 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js?31064837
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
sffe /
Resource Hash
8f4b70778aa21c1c093c6acbad70c70b2e69d4d22e47d9405ee137db16ca050b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:37:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64978
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122244
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 09:34:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 09 Feb 2023 17:37:49 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		126 B
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=cheet-2642-ontariofarmer.gdev.postmedia.digital
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
7a9e016195625593e47c9afc045aa82b43843486bd2b0ea6ecedbcf39a2203c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 10 Feb 2022 11:40:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
expires
Thu, 10 Feb 2022 11:40:47 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		0
324 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3528&u=https%3A%2F%2Fcheet-2642-ontariofarmer.gdev.postmedia.digital
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.160.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-160-42.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:40:46 GMT
via
1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR53-C3
x-cache
Miss from cloudfront
access-control-allow-origin
https://cheet-2642-ontariofarmer.gdev.postmedia.digital
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
-DEoHMPKdP7FUAu1HBay4NGUAnfs7-eoOfjVkFrTbQy1fm-vxS8ltw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.160.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-160-42.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:40:48 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
x-amz-cf-pop
EWR53-C3
x-cache
Miss from cloudfront
access-control-allow-origin
*
last-modified
Fri, 21 Jan 2022 02:54:57 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
eaU6ir6qmGswM2SGRmLi7PKhBcBrRdvn
via
1.1 29cdae592cbcdf154c4515153175497e.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
content-type
application/javascript
x-amz-cf-id
kHE0qax18c2sjkwN81iFnb0j7vPjRz6QoJpU9FTaSw--eBtuTjwIJw==
xd.html
pmd-dev-frontend-modules.s3.amazonaws.com/CHEET-4605-debb28b/ Frame 03A7 		192 B
581 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pmd-dev-frontend-modules.s3.amazonaws.com/CHEET-4605-debb28b/xd.html
Requested by
Host: pmd-dev-frontend-modules.s3.amazonaws.com
URL: https://pmd-dev-frontend-modules.s3.amazonaws.com/CHEET-4605-debb28b/fem.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.147.107 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-w.ca-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
3883b449b3d23a43ca6d94db34a412bfe28815da53e7f1be2cc7ed48f115e873

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/

Response headers

x-amz-id-2
JLZ+PPgqx37F3vAOjg8ohe5ihHds840MgJYgJH4uVE0ke1SDnGGzteOKmm2pW2RDA7gIMRCAHCw=
x-amz-request-id
069XGNCECD8AXGB2
Date
Thu, 10 Feb 2022 11:40:48 GMT
Last-Modified
Sat, 05 Feb 2022 02:50:44 GMT
ETag
"7465ccd683bdd21bff4288ce47f5d260"
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Type
text/html
Server
AmazonS3
Content-Length
192
mparticle.js
jssdkcdns.mparticle.com/js/v2/us1-a9588c0ddc27594cabd152e47ffe27ee/ 		184 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jssdkcdns.mparticle.com/js/v2/us1-a9588c0ddc27594cabd152e47ffe27ee/mparticle.js
Requested by
Host: pmd-dev-frontend-modules.s3.amazonaws.com
URL: https://pmd-dev-frontend-modules.s3.amazonaws.com/CHEET-4605-debb28b/fem.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
f7914b4836b5815c4b3dcd79c44fa3390dedf00785d79f90dc7f6c6f38c947c5

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:40:47 GMT
via
1.1 varnish, 1.1 varnish
age
2
x-origin-name
fastlyshield--shield_ssl_cache_iad_kjyo7100066_IAD
x-cache
MISS, HIT
x-cache-hits
0, 1
content-encoding
gzip
content-length
48496
x-served-by
cache-iad-kjyo7100066-IAD, cache-yul12828-YUL
server
Kestrel
x-timer
S1644493247.499617,VS0,VE1
vary
Accept, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 10 Feb 2022 12:40:45 GMT
uthtxmddg.js
cdn.krxd.net/controltag/ 		29 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/controltag/uthtxmddg.js
Requested by
Host: pmd-dev-frontend-modules.s3.amazonaws.com
URL: https://pmd-dev-frontend-modules.s3.amazonaws.com/CHEET-4605-debb28b/fem.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
76a237b880fbfc8ac655e91dcf5c9af3b44ccc506c69328409b4047d72519eea

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Thu, 10 Feb 2022 11:40:47 GMT
via
1.1 varnish, 1.1 varnish
age
737
x-cache
MISS, HIT, HIT
x-app-cache
HIT
x-age
0
content-encoding
gzip
content-length
6471
x-served-by
config-service-a005-ash-prod.krxd.net, cache-iad-kjyo7100134-IAD, cache-yul12832-YUL
x-response-time
0
x-do-esi
esi
x-timer
S1644493248.505236,VS0,VE0
etag
"8d8408c6b02eb41f93710c678ece74490c4f6485"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 1, 16
gtm.js
www.googletagmanager.com/ 		110 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer
Requested by
Host: pmd-dev-frontend-modules.s3.amazonaws.com
URL: https://pmd-dev-frontend-modules.s3.amazonaws.com/CHEET-4605-debb28b/fem.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2008 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4781d19db46fbcc9339afb12d1a7a2f3c5fe8d41fae220bfe30be55859610a98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:40:47 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34222
x-xss-protection
0
last-modified
Thu, 10 Feb 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 10 Feb 2022 11:40:47 GMT
index.html
cdn.districtm.io/ids/ Frame 1980 		116 B
307 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: hb.districtm.io
URL: https://hb.districtm.io/prod/100549/all.postmedia.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/

Response headers

date
Thu, 10 Feb 2022 11:40:47 GMT
content-type
text/html
cf-ray
6db5108c9b8d5443-YYZ
age
13389
last-modified
Thu, 20 May 2021 02:18:27 GMT
via
1.1 4d97f94583f1e10ee7186f0faa691d12.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-cf-id
ZHkTLf5nWYOubfWYH0waINX2bAS1mur_CC-SLRU3f7xD7Px3SJdfEA==
x-amz-cf-pop
YTO50-C3
x-cache
Hit from cloudfront
vary
Accept-Encoding
server
cloudflare
content-encoding
br
v1
dmx.districtm.io/b/ 		0
228 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: hb.districtm.io
URL: https://hb.districtm.io/prod/100549/all.postmedia.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 10 Feb 2022 11:40:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
https://cheet-2642-ontariofarmer.gdev.postmedia.digital
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6db5108c7b435443-YYZ
access-control-allow-headers
origin, content-type
v1
dmx.districtm.io/b/ 		0
39 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: hb.districtm.io
URL: https://hb.districtm.io/prod/100549/all.postmedia.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 10 Feb 2022 11:40:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
https://cheet-2642-ontariofarmer.gdev.postmedia.digital
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6db5108c7b445443-YYZ
access-control-allow-headers
origin, content-type
pub
pixel.adsafeprotected.com/services/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=928934&slot=%7Bid:ad-1,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENCO_MAGOnFarmer_EN_WEB/index,t:display%7D&slot=%7Bid:ad-2,ss:%5B6.6,1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENCO_MAGOnFarmer_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-1,ss:%5B5.5%5D,p:/3081/SMCO_ENCO_MAGOnFarmer_EN_WEB/index,t:display%7D&slot=%7Bid:ad-3,ss:%5B7.7,1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENCO_MAGOnFarmer_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-2,ss:%5B5.5%5D,p:/3081/SMCO_ENCO_MAGOnFarmer_EN_WEB/index,t:display%7D&slot=%7Bid:ad-4,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENCO_MAGOnFarmer_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-3,ss:%5B5.5%5D,p:/3081/SMCO_ENCO_MAGOnFarmer_EN_WEB/index,t:display%7D&slot=%7Bid:ad-5,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENCO_MAGOnFarmer_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-4,ss:%5B5.5%5D,p:/3081/SMCO_ENCO_MAGOnFarmer_EN_WEB/index,t:display%7D&slot=%7Bid:ad-6,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENCO_MAGOnFarmer_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-5,ss:%5B5.5%5D,p:/3081/SMCO_ENCO_MAGOnFarmer_EN_WEB/index,t:display%7D&slot=%7Bid:ad-7,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENCO_MAGOnFarmer_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-6,ss:%5B5.5%5D,p:/3081/SMCO_ENCO_MAGOnFarmer_EN_WEB/index,t:display%7D&slot=%7Bid:ad-8,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENCO_MAGOnFarmer_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-7,ss:%5B5.5%5D,p:/3081/SMCO_ENCO_MAGOnFarmer_EN_WEB/index,t:display%7D&slot=%7Bid:ad-9,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENCO_MAGOnFarmer_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-8,ss:%5B5.5%5D,p:/3081/SMCO_ENCO_MAGOnFarmer_EN_WEB/index,t:display%7D&slot=%7Bid:ad-10,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENCO_MAGOnFarmer_EN_WEB/index,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=a4c48d90-4947-2100-c7b4-3588987c1257&url=https%253A%252F%252Fcheet-2642-ontariofarmer.gdev.postmedia.digital%252F
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.87.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-87-232.compute-1.amazonaws.com
Software
nginx /
Resource Hash
116657b39cc25181d96d3940554a9b7679b0dbf7fa5e0fc9bab1fee9681d48fa

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:40:47 GMT
x-server-name
app16.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://cheet-2642-ontariofarmer.gdev.postmedia.digital
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
server
nginx
6e98ab1120e7988224000.js
cheet-2642-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/6e98ab1120e7988224000.js
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/9.5.0/CACHE/js/shared.6e7ba9ef551c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
316d22df4137a2793c5f8a3b8b8235b76bf08cc61a3fc1a9a0d943adaea72e0f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Thu, 10 Feb 2022 11:40:47 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 22:45:41 GMT
etag
W/"62044415-1cff"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Sun, 05 Feb 2023 11:40:47 GMT
2d6b1c26b5e74395237a1.js
cheet-2642-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/2d6b1c26b5e74395237a1.js
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/9.5.0/CACHE/js/shared.6e7ba9ef551c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
59d375a3759bc158c0d677747918964d67c112cc9ae205d52ce0c9c312ae996a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Thu, 10 Feb 2022 11:40:47 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 22:45:41 GMT
etag
W/"62044415-4935"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Sun, 05 Feb 2023 11:40:47 GMT
cbd77f7022ec42f8f4c88.js
cheet-2642-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/cbd77f7022ec42f8f4c88.js
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/9.5.0/CACHE/js/shared.6e7ba9ef551c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
a28a2b0db2877beb0d34c45d36536502fa2553b16f14e8e2594515b6c4078e49
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Thu, 10 Feb 2022 11:40:47 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 22:45:41 GMT
etag
W/"62044415-2ea9"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Sun, 05 Feb 2023 11:40:47 GMT
319134f8edfeb15b070c18.js
cheet-2642-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/319134f8edfeb15b070c18.js
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/9.5.0/CACHE/js/shared.6e7ba9ef551c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
a1f4086973dc8059c20b2a680c1e4cfae4069ff3a4a063a297bbcd9281115dab
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Thu, 10 Feb 2022 11:40:47 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 22:45:41 GMT
etag
W/"62044415-2e3e"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Sun, 05 Feb 2023 11:40:47 GMT
a31b63a7db010a13439a4.js
cheet-2642-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/a31b63a7db010a13439a4.js
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/9.5.0/CACHE/js/shared.6e7ba9ef551c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
dea759394a532f5d3ca25e8697fd2077dac60131e9eb3bd1ab3d6aee3a86ec47
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Thu, 10 Feb 2022 11:40:47 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 22:45:41 GMT
etag
W/"62044415-1eaa"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Sun, 05 Feb 2023 11:40:47 GMT
0b4e1db468856be7c4117.js
cheet-2642-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/0b4e1db468856be7c4117.js
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/9.5.0/CACHE/js/shared.6e7ba9ef551c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
b6450083a5b47788232fbe8dbf4ef3f900984519e23585b78d082e9f41109a1b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Thu, 10 Feb 2022 11:40:47 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 22:45:41 GMT
etag
W/"62044415-4c4a"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Sun, 05 Feb 2023 11:40:47 GMT
6c309176cae2b5e44ea913.js
cheet-2642-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/ 		51 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/6c309176cae2b5e44ea913.js
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/9.5.0/CACHE/js/shared.6e7ba9ef551c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
60b9395e2eab9a67ccaae4113ecd8b3cbd8f6fa22df673e02e6f426041cf98f3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Thu, 10 Feb 2022 11:40:47 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 22:45:41 GMT
etag
W/"62044415-ca34"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Sun, 05 Feb 2023 11:40:47 GMT
c8f105934f6481c31e252.js
cheet-2642-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/c8f105934f6481c31e252.js
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/9.5.0/CACHE/js/shared.6e7ba9ef551c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
e1daf097a379fb90af7040fcdc5b39a344f71531af1bedf5b4ce58546eaa186b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Thu, 10 Feb 2022 11:40:47 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 22:45:41 GMT
etag
W/"62044415-19d5"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Sun, 05 Feb 2023 11:40:47 GMT
99570a8661cf974c335a3.js
cheet-2642-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/99570a8661cf974c335a3.js
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/9.5.0/CACHE/js/shared.6e7ba9ef551c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
e2cf23246faa8dc51d53f8194af77082ccfa8dff6a73596ea98c0ded52fb3a39
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Thu, 10 Feb 2022 11:40:47 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 22:45:41 GMT
etag
W/"62044415-3fb0"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Sun, 05 Feb 2023 11:40:47 GMT
38f433b6a6367d1711665.js
cheet-2642-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/38f433b6a6367d1711665.js
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/9.5.0/CACHE/js/shared.6e7ba9ef551c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
b40fffdca8df7dcf6a825dc35de6f3ee8bca5119730c8938e77e805d8016cb78
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Thu, 10 Feb 2022 11:40:47 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 22:45:41 GMT
etag
W/"62044415-38bc"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Sun, 05 Feb 2023 11:40:47 GMT
0c3df80a51de2ab6e84c9.js
cheet-2642-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/0c3df80a51de2ab6e84c9.js
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/9.5.0/CACHE/js/shared.6e7ba9ef551c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
f79e1f14cff6f380ebbbea645bb159978ead5447a33a0ced34534b2271eb4019
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Thu, 10 Feb 2022 11:40:47 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 22:45:41 GMT
etag
W/"62044415-32f4"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Sun, 05 Feb 2023 11:40:47 GMT
0c201cfbaeab033b467f14.js
cheet-2642-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/0c201cfbaeab033b467f14.js
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/9.5.0/CACHE/js/shared.6e7ba9ef551c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
c5bfe7e837984f45a4b301978ceb06a03fea2e60a15b937d99fd5b30d6ae9946
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Thu, 10 Feb 2022 11:40:47 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 22:45:41 GMT
etag
W/"62044415-24f2"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Sun, 05 Feb 2023 11:40:47 GMT
ebada5baf015643cf58b15.js
cheet-2642-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/ebada5baf015643cf58b15.js
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/9.5.0/CACHE/js/shared.6e7ba9ef551c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
0a055b94dddc24c4d91c386d3eb855fc8eb2e973346a021eafb4e625398b60da
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Thu, 10 Feb 2022 11:40:47 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 22:45:41 GMT
etag
W/"62044415-1a84"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Sun, 05 Feb 2023 11:40:47 GMT
3b3f819d1ffe0e05145e10.js
cheet-2642-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/3b3f819d1ffe0e05145e10.js
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/9.5.0/CACHE/js/shared.6e7ba9ef551c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
9008ac843d4735e349bdde45c352caeb6d5c1517622730fa602d6b56cf5e4b3a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Thu, 10 Feb 2022 11:40:47 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 22:45:41 GMT
etag
W/"62044415-2ab4"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Sun, 05 Feb 2023 11:40:47 GMT
7cf4d25d2e47a8e0a18e28.js
cheet-2642-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/7cf4d25d2e47a8e0a18e28.js
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/9.5.0/CACHE/js/shared.6e7ba9ef551c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
42d28b968b79182a5ce39cb1bfb0a1f62441f1fb1a5d233162712097967aa6cd
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Thu, 10 Feb 2022 11:40:47 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 22:45:41 GMT
etag
W/"62044415-25d9"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Sun, 05 Feb 2023 11:40:47 GMT
CD_Bake-it-Foward-Truck-e1639757520670.jpg
smartcdn.prod.postmedia.digital/nexus/wp-content/uploads/2021/12/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.prod.postmedia.digital/nexus/wp-content/uploads/2021/12/CD_Bake-it-Foward-Truck-e1639757520670.jpg?quality=90&strip=all&w=344&type=webp
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-43.ewr53.r.cloudfront.net
Software
nginx/1.19.10 /
Resource Hash
5853621d02d975fba45c91907a09fec43c635c608a30f31ecd9b85342693b41d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nexus
date
Mon, 07 Feb 2022 15:37:05 GMT
via
1.1 1654fbe9176188c45d0b894b1eaf5aa0.cloudfront.net (CloudFront)
server
nginx/1.19.10
age
245022
etag
"ad4eb5e4458105b8a5460e49803224b75633b8a0"
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=31536000,public
x-amz-cf-pop
EWR53-C1
x-pmd-smart-cdn-proxy
12c24f332b00
content-length
32210
x-amz-cf-id
8v8ZA8pHDLPFE2MgA6aLQyJVq4IKbwnoCHH-dn3HqnAsqwYZ70HYVA==
expires
Tue, 07 Feb 2023 15:37:05 GMT
wild-boars-e1637260632118.jpg
smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2021/11/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2021/11/wild-boars-e1637260632118.jpg?quality=90&strip=all&w=344&type=webp
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
c6d4675d324e5b40ed5fe0f15dfc55855a7d6389232ce7c981062d99b80d366c

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nexus
date
Wed, 09 Feb 2022 16:19:24 GMT
via
1.1 google
server
nginx/1.19.10
cache-control
max-age=2592000,public
age
69683
etag
"7a09af2688eda187779b301412175145979f59a9"
vary
Accept
content-type
image/webp
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-64c799cd7-85q8c
alt-svc
clear
content-length
16430
Peggy-Brekveld-President-e1637684271190.jpg
smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2021/11/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2021/11/Peggy-Brekveld-President-e1637684271190.jpg?quality=90&strip=all&w=344&type=webp
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
42cb48fcecb9f09d629e736d1ca8a7eb9c37c8e493b140d071fa92396897b333

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nexus
date
Wed, 09 Feb 2022 16:19:24 GMT
via
1.1 google
server
nginx/1.19.10
cache-control
max-age=2592000,public
age
69683
etag
"9427ccddca2fc4413cf31e61819ef57d3a7733a0"
vary
Accept
content-type
image/webp
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-64c799cd7-4zpbt
alt-svc
clear
content-length
35688
ca.0402-dn-migrants.dn_.jpg
smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2021/10/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2021/10/ca.0402-dn-migrants.dn_.jpg?quality=90&strip=all&w=344&type=webp
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
39874e19af66fa05a8e943e773c81187cb7437bb3cb0076df6defb9381d32911

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nexus
date
Wed, 09 Feb 2022 16:19:24 GMT
via
1.1 google
server
nginx/1.19.10
cache-control
max-age=2592000,public
age
69683
etag
"0f76a31c5e5eab3492b396502a69587e7ce4fc0b"
vary
Accept
content-type
image/webp
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-64c799cd7-qq4l7
alt-svc
clear
content-length
29074
wild-boars-e1637260632118.jpg
smartcdn.prod.postmedia.digital/nexus/wp-content/uploads/2021/11/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.prod.postmedia.digital/nexus/wp-content/uploads/2021/11/wild-boars-e1637260632118.jpg?quality=90&strip=all&w=344&type=webp
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-43.ewr53.r.cloudfront.net
Software
nginx/1.19.10 /
Resource Hash
c6d4675d324e5b40ed5fe0f15dfc55855a7d6389232ce7c981062d99b80d366c

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nexus
date
Mon, 07 Feb 2022 15:37:05 GMT
via
1.1 1654fbe9176188c45d0b894b1eaf5aa0.cloudfront.net (CloudFront)
server
nginx/1.19.10
age
245022
etag
"7a09af2688eda187779b301412175145979f59a9"
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=31536000,public
x-amz-cf-pop
EWR53-C1
x-pmd-smart-cdn-proxy
12c24f332b00
content-length
16430
x-amz-cf-id
gqpZGnB9rIZwazjOGJUyQe5RdipQGKVFIPmbraA9zA_vfasCIg677Q==
expires
Tue, 07 Feb 2023 15:37:05 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
cafe /
Resource Hash
083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:40:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14879
x-xss-protection
0
server
cafe
etag
17635014576153706337
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 11:40:48 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:82d1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

X-EdgeConnect-Origin-MEX-Latency
303
Date
Thu, 10 Feb 2022 11:40:47 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 Sep 2021 19:17:49 GMT
X-CDN
AKAM
X-EdgeConnect-MidMile-RTT
1
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=34751
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2036
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
26236
x-xss-protection
0
pragma
public
x-fb-debug
4cR1KtX+Ms4bn6+7lTveKmiaR5+ryAVuiCkGbeHGZi9CSBd6tpCAT1Wr74mRSHEnPSwmVSGFmlu1/+JsEeAofQ==
x-fb-trip-id
1512268381
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 10 Feb 2022 11:40:47 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
uwt.js
static.ads-twitter.com/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.28.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:40:47 GMT
content-encoding
gzip
last-modified
Sat, 05 Feb 2022 00:34:56 GMT
etag
"8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache
x-cache
HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
5410
x-served-by
cache-iad-kiad7000137-IAD
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=10276888&ns__t=1644493247523&ns_c=UTF-8&c8=Home%20%7C%20Ontario%20Farmer&c7=https%3A%2F%2Fcheet-2642-ontariofarmer.gdev.postmedia.digital%2F&c9=
  • https://sb.scorecardresearch.com/b2?c1=2&c2=10276888&ns__t=1644493247523&ns_c=UTF-8&c8=Home%20%7C%20Ontario%20Farmer&c7=https%3A%2F%2Fcheet-2642-ontariofarmer.gdev.postmedia.digital%2F&c9=
0
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=10276888&ns__t=1644493247523&ns_c=UTF-8&c8=Home%20%7C%20Ontario%20Farmer&c7=https%3A%2F%2Fcheet-2642-ontariofarmer.gdev.postmedia.digital%2F&c9=
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Server
13.226.31.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-31-3.ewr53.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:40:47 GMT
via
1.1 b1cccfee199a18a4097165436eb291a8.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
pIzjldKglXunsin80pbH6Owqr0uiiTwCXG5oIhc9gn9lKS3B3vblaw==
x-cache
Miss from cloudfront

Redirect headers

date
Thu, 10 Feb 2022 11:40:47 GMT
via
1.1 b1cccfee199a18a4097165436eb291a8.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=10276888&ns__t=1644493247523&ns_c=UTF-8&c8=Home%20%7C%20Ontario%20Farmer&c7=https%3A%2F%2Fcheet-2642-ontariofarmer.gdev.postmedia.digital%2F&c9=
content-length
210
x-amz-cf-id
IUDdD5wOmByw0yGrdZjl9Bbla0-USVhyh0MNEdcqfdHSj-7VmMmV0w==
bid
c.amazon-adsystem.com/e/dtb/ 		194 B
683 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3528&u=https%3A%2F%2Fcheet-2642-ontariofarmer.gdev.postmedia.digital%2F&pid=rCpYJh9cn65Zr&cb=0&ws=1600x1200&v=7.72.0&t=2000&slots=%5B%7B%22sd%22%3A%22ad-1%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-2%22%2C%22s%22%3A%5B%226x6%22%2C%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-1%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-3%22%2C%22s%22%3A%5B%227x7%22%2C%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-2%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-4%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-3%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-5%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-4%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-6%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-5%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-7%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-6%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-8%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-7%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-9%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-8%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-10%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.160.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-160-42.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
61a9435112cb68acc5f8da27798416ac4082a71a8ee5d392fb39c30185e4bc73
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:40:48 GMT
via
1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR53-C3
x-amz-rid
8TP802TRS2GM3AYX01GM
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://cheet-2642-ontariofarmer.gdev.postmedia.digital
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
194
x-amz-cf-id
5DJ-RMIgYeomPtow67ssUcv-wdpkpIDMOuBa-gZ2tDcU4KsgRF09_A==
xd.js
pmd-dev-frontend-modules.s3.amazonaws.com/CHEET-4605-debb28b/ Frame 03A7 		37 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pmd-dev-frontend-modules.s3.amazonaws.com/CHEET-4605-debb28b/xd.js
Requested by
Host: pmd-dev-frontend-modules.s3.amazonaws.com
URL: https://pmd-dev-frontend-modules.s3.amazonaws.com/CHEET-4605-debb28b/xd.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.147.107 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-w.ca-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
be083f1ee8d5a8261339c981ff3d1b389d6ad916b8d1fabc7b9111f74e24edbe

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://pmd-dev-frontend-modules.s3.amazonaws.com/CHEET-4605-debb28b/xd.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 10 Feb 2022 11:40:48 GMT
Last-Modified
Sat, 05 Feb 2022 02:50:44 GMT
Server
AmazonS3
x-amz-request-id
069R7CEC06ART6P9
ETag
"49a7b5dd083851608a56dd11249d627a"
Content-Type
application/javascript
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
37386
x-amz-id-2
ZESHdQHY+ppatwZix6COjznniGmrr9ra7JvkhWdCHFIHXUni27bC5M0RCEkYWfd3TjmH/Sd52xI=
idsync.d5cb6b96.js
cdn.districtm.io/ids/ Frame 1980 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/ids/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:40:47 GMT
via
1.1 a20436c6d109fe9002d093f519ad4399.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
32695
cf-polished
origSize=3302
x-cache
Hit from cloudfront
cf-bgj
minify
content-encoding
br
last-modified
Thu, 20 May 2021 02:18:27 GMT
server
cloudflare
etag
W/"74ede07ef946dc2316f86b2661cf2dd3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=172800
x-amz-cf-pop
IAD89-C2
cf-ray
6db5108dedea5443-YYZ
x-amz-cf-id
1eRSpWhdVAkBadFJp4F5rFN7MnzWD6LrYuBkp7TuCOeRux1TRVDlcg==
expires
Sat, 12 Feb 2022 11:40:47 GMT
controltag.js.a1705c5ac5f06cf0c202ff70908fc042
cdn.krxd.net/ctjs/ 		259 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/uthtxmddg.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Thu, 10 Feb 2022 11:40:47 GMT
content-encoding
gzip
age
16586557
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
14946906
content-length
84509
x-served-by
cache-yul12832-YUL
last-modified
Mon, 02 Aug 2021 12:06:17 GMT
x-timer
S1644493248.672044,VS0,VE0
etag
"a1705c5ac5f06cf0c202ff70908fc042"
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Thu, 31 Jul 2031 12:06:16 GMT
identify
identity.mparticle.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-mp-key
Origin
https://cheet-2642-ontariofarmer.gdev.postmedia.digital
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Kestrel
access-control-allow-headers
content-type,x-mp-key
access-control-allow-methods
POST
access-control-allow-origin
*
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
accept-ranges
bytes
date
Thu, 10 Feb 2022 11:40:47 GMT
via
1.1 varnish
age
1200
x-served-by
cache-yul12828-YUL
x-cache
HIT
x-cache-hits
542
x-timer
S1644493248.712967,VS0,VE0
strict-transport-security
max-age=900
identify
identity.mparticle.com/v1/ 		175 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-a9588c0ddc27594cabd152e47ffe27ee/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
1b93d9d52bdd69d6c34dcfacab0abff29802bd793fc43027c9790b38c64cd5a3
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

x-mp-key
us1-a9588c0ddc27594cabd152e47ffe27ee
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 10 Feb 2022 11:40:47 GMT
content-encoding
gzip
server
Kestrel
x-timer
S1644493248.725410,VS0,VE28
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by
cache-yul12828-YUL
vary
Accept-Encoding
x-cache
MISS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
strict-transport-security
max-age=900
accept-ranges
bytes
via
1.1 varnish
x-cache-hits
0
gtm.js
www.googletagmanager.com/ 		132 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2008 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d8eeb3ec3f40114d43b4869dbac0b371ec9156700a268881e87bd9540e62aaf2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:40:47 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42812
x-xss-protection
0
last-modified
Thu, 10 Feb 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 10 Feb 2022 11:40:47 GMT
/
p.adsymptotic.com/d/px/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1747836&time=1644493247708&url=https%3A%2F%2Fcheet-2642-ontariofarmer.gdev.postmedia.digital%2F
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1747836&time=1644493247708&url=https%3A%2F%2Fcheet-2642-ontariofarmer.gdev.postmedia.digital%2F&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1747836%26time%3D1644493247708%26url%3Dhttps%253A%252F%252Fcheet-2642-ontariofarm...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1747836&time=1644493247708&url=https%3A%2F%2Fcheet-2642-ontariofarmer.gdev.postmedia.digital%2F&cookiesTest=true&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1747836&time=1644493247708&url=https%3A%2F%2Fcheet-2642-ontariofarmer.gdev.postmedia.digital%2F&cookiesTest=true&liSync=true&e_ipv6=AQJAi7M9NGtLZ...
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=4e0961d7-b2cc-4146-9234-1ef6357511fc
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=4e0961d7-b2cc-4146-9234-1ef6357511fc&_expected_cookie=4efd826e240af41802c19a0d...
43 B
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=4e0961d7-b2cc-4146-9234-1ef6357511fc&_expected_cookie=4efd826e240af41802c19a0df28fbcd0
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Server
104.18.98.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:40:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6db510935a2a544f-YYZ
p3p
CP='NON DSP COR CONi OUR BUS CNT'
content-type
image/gif
content-length
43

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=4e0961d7-b2cc-4146-9234-1ef6357511fc&_expected_cookie=4efd826e240af41802c19a0df28fbcd0
date
Thu, 10 Feb 2022 11:40:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6db51092f98d544f-YYZ
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
1685973801652415
connect.facebook.net/signals/config/ 		310 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1685973801652415?v=2.9.52&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1a1cb145978036238fc717a47ecca7efce5f18634a29ee41c0d57ce7f24eaf83
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
90182
x-xss-protection
0
pragma
public
x-fb-debug
j4vlhnsvXzFYeX+EzEIAFmyMKy5yUuUeeGbp8Q4/GhFR8wCMOWVoIb8O194iFt3pvz6UW5wKIc1IJdpo9UUI6A==
x-frame-options
DENY
date
Thu, 10 Feb 2022 11:40:47 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
cheet-2642-ontariofarmer.gdev.postmedia.digital/api-root/media/videos/playlists/PLUgqTrlOvAcqbOWvfhmLwV1Yt80fKjtww/player/json/ 		9 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/api-root/media/videos/playlists/PLUgqTrlOvAcqbOWvfhmLwV1Yt80fKjtww/player/json/
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/2d6b1c26b5e74395237a1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
6adc1b55c587e052e2ef91a7430b26e202e5529996e2cec4e81bc47aeeb31dbd
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:40:48 GMT
content-encoding
gzip
vary
Accept-Encoding, Accept, Cookie, Origin
x-frame-options
SAMEORIGIN
x-pmd-backend
cheetah-nginx
allow
GET, HEAD, OPTIONS
content-type
application/json
cache-control
max-age=900
strict-transport-security
max-age=15724800; includeSubDomains
expires
Thu, 10 Feb 2022 11:55:48 GMT
buyers
dmx.districtm.io/s/v1/ Frame 1980 		483 B
728 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/buyers
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b247fe1779679885463ef9e1ed7e989ffb1a7a41f93af4834c4902d475f3a84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:40:47 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
DELETE, GET, OPTIONS, POST
content-type
application/json
access-control-allow-origin
https://cdn.districtm.io
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6db5108e6ebc5443-YYZ
access-control-allow-headers
Origin, Content-Type
adsct
analytics.twitter.com/i/ 		31 B
458 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o01de&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=561ac53c-b85f-4086-82fc-327bba7b597e&tw_document_href=https%3A%2F%2Fcheet-2642-ontariofarmer.gdev.postmedia.digital%2F&tpx_cb=twttr.conversion.loadPixels
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-response-time
6
date
Thu, 10 Feb 2022 11:40:47 GMT
content-encoding
gzip
server
tsa_b
strict-transport-security
max-age=631138519
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0
x-connection-hash
460deea6e1f1b628067789ce1de3fe7e08467f2349dcf882f709669e30b3f935
content-type
application/javascript;charset=utf-8
content-length
57
adsct
t.co/i/ 		43 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o01de&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=561ac53c-b85f-4086-82fc-327bba7b597e&tw_document_href=https%3A%2F%2Fcheet-2642-ontariofarmer.gdev.postmedia.digital%2F
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.133 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-response-time
5
date
Thu, 10 Feb 2022 11:40:47 GMT
server
tsa_b
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
219fa355e1a635ab206edbb75ab59043ab9a1452f23eb4e2ae847a4190643a53
content-length
43
simple
api.sail-personalize.com/v1/personalize/ 		256 B
475 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Requested by
Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash
a6d23495a999c964a80da42c8ec8ffffce542b3643cec11df85c85064df8d6e7

Request headers

x-lib-version
v1.0.1
Accept-Language
en-CA,en;q=0.9
authorization
Bearer b9d3df2fccd108b5eff3c44f573b2cd6
content-type
application/json
accept
application/json
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
x-referring-url
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 11:40:47 GMT
content-encoding
gzip
allowedorigins
*
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
allowedheaders
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length
174
allowedmethods
GET,OPTIONS
expires
-1
simple
api.sail-personalize.com/v1/personalize/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-lib-version,x-referring-url
Origin
https://cheet-2642-ontariofarmer.gdev.postmedia.digital
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 10 Feb 2022 11:40:47 GMT
content-type
text/plain
content-length
18
access-control-allow-origin
https://cheet-2642-ontariofarmer.gdev.postmedia.digital
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
OPTIONS,GET,POST,PUT,DELETE
access-control-allow-headers
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
allow
HEAD,GET,OPTIONS
proxy.3d2100fd7107262ecb55ce6847f01fa5.html
cdn.krxd.net/partnerjs/xdi/ Frame 0A17 		805 B
827 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/

Response headers

last-modified
Tue, 21 Feb 2017 17:50:54 GMT
etag
"3d2100fd7107262ecb55ce6847f01fa5"
cache-control
public, max-age=315360000
expires
Fri, 19 Feb 2027 17:50:50 GMT
content-type
text/html
x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
content-encoding
gzip
accept-ranges
bytes
date
Thu, 10 Feb 2022 11:40:47 GMT
via
1.1 varnish
age
21343767
x-served-by
cache-yul12832-YUL
x-cache
HIT
x-cache-hits
5214834
x-timer
S1644493248.799203,VS0,VE0
vary
Accept-Encoding
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length
525
y-ADBoYWFE2uGnGgLhmJlMI7g9OChYqnzA9iUlfE8-~A
dmx.districtm.io/s/10057/ Frame 1980
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58377/occ?gdpr=&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58377/occ?gdpr=&gdpr_consent=&verify=true
  • https://dmx.districtm.io/s/10057/y-ADBoYWFE2uGnGgLhmJlMI7g9OChYqnzA9iUlfE8-~A
100 B
186 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10057/y-ADBoYWFE2uGnGgLhmJlMI7g9OChYqnzA9iUlfE8-~A
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cce5c01e865de0f57ae5fced1a8ed24f883dae8676ed01d1fe908e8ca26a291
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Thu, 10 Feb 2022 11:40:48 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6db5108fd9335443-YYZ

Redirect headers

location
https://dmx.districtm.io/s/10057/y-ADBoYWFE2uGnGgLhmJlMI7g9OChYqnzA9iUlfE8-~A
date
Thu, 10 Feb 2022 11:40:47 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
8d8b5b05-466e-41b2-8d05-be91bf1c9375
dmx.districtm.io/s/10059/ Frame 1980
Redirect Chain
  • https://match.sharethrough.com/1PQ8qgv7/v1/
  • https://dmx.districtm.io/s/10059/8d8b5b05-466e-41b2-8d05-be91bf1c9375
92 B
169 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10059/8d8b5b05-466e-41b2-8d05-be91bf1c9375
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1280d3514561855032887f2d5d3d0d236e9c17bfab1b375685007946ae2c0358
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Thu, 10 Feb 2022 11:40:47 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6db5108f88ab5443-YYZ

Redirect headers

location
https://dmx.districtm.io/s/10059/8d8b5b05-466e-41b2-8d05-be91bf1c9375
date
Thu, 10 Feb 2022 11:40:47 GMT
content-length
0
a03ea989-647c-4d91-b2a9-497ed3bfb76e
dmx.districtm.io/s/10009/ Frame 1980
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=districtm&user_id=24uvNex4kAYny3h6rIxgPIREDJd
  • https://x.bidswitch.net/ul_cb/sync?ssp=districtm&user_id=24uvNex4kAYny3h6rIxgPIREDJd
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Ddistrictm%26expires%3D30%26user_group%3D%2...
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Ddistrictm%26expires%3D30%26user_group%3D%2...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=d5e2caa6-a3a8-5129-98a7-31f3faa3c833&ssp=districtm&expires=30&user_group=1
  • https://dmx.districtm.io/s/10009/a03ea989-647c-4d91-b2a9-497ed3bfb76e
92 B
140 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10009/a03ea989-647c-4d91-b2a9-497ed3bfb76e
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c397e8062184038eccc067433d5e484e4063afa3e0af6234d4424baf7777f8f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Thu, 10 Feb 2022 11:40:48 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6db51094180e5443-YYZ

Redirect headers

Location
//dmx.districtm.io/s/10009/a03ea989-647c-4d91-b2a9-497ed3bfb76e
Date
Thu, 10 Feb 2022 11:40:48 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
qW9iOQcESZxYVy_DWMrXr5U4mbk
dmx.districtm.io/s/10026/ Frame 1980
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=132
  • https://dmx.districtm.io/s/10026/qW9iOQcESZxYVy_DWMrXr5U4mbk
83 B
141 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10026/qW9iOQcESZxYVy_DWMrXr5U4mbk
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63ebe369c64160017cb1de86cb4ee09d3a779eb2432c191fd35722a3bbc1be1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Thu, 10 Feb 2022 11:40:48 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6db5108fd9325443-YYZ

Redirect headers

Location
https://dmx.districtm.io/s/10026/qW9iOQcESZxYVy_DWMrXr5U4mbk
Date
Thu, 10 Feb 2022 11:40:47 GMT
Connection
keep-alive
Content-Length
83
Content-Type
text/html; charset=utf-8
y-.TI6jNRE2uE4aCz1sU1UbirHVG6nx5sW~A~UP4a4696ab-8a66-11ec-8c96-0e46dbec0cf3
dmx.districtm.io/s/10051/ Frame 1980
Redirect Chain
  • https://pixel.advertising.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP4a4696ab-8a66-11ec-8c96-0e46dbec0cf3
  • https://dmx.districtm.io/s/10051/y-.TI6jNRE2uE4aCz1sU1UbirHVG6nx5sW~A~UP4a4696ab-8a66-11ec-8c96-0e46dbec0cf3
131 B
175 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10051/y-.TI6jNRE2uE4aCz1sU1UbirHVG6nx5sW~A~UP4a4696ab-8a66-11ec-8c96-0e46dbec0cf3
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fa0e47853440db100e94063e180d4acbaf5b8ee7345078298281f234d86602e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Thu, 10 Feb 2022 11:40:48 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6db5109009795443-YYZ

Redirect headers

location
https://dmx.districtm.io/s/10051/y-.TI6jNRE2uE4aCz1sU1UbirHVG6nx5sW~A~UP4a4696ab-8a66-11ec-8c96-0e46dbec0cf3
date
Thu, 10 Feb 2022 11:40:47 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
www.facebook.com/tr/ 		44 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1685973801652415&ev=PageView&dl=https%3A%2F%2Fcheet-2642-ontariofarmer.gdev.postmedia.digital%2F&rl=&if=false&ts=1644493247854&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22514537319740368%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22CAD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22503487844400487%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22CAD%22%7D%7D%7D&par[2]=%7B%22extractorID%22%3A%221042784969583558%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22CAD%22%7D%7D%7D&par[3]=%7B%22extractorID%22%3A%22858678751523779%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[4]=%7B%22extractorID%22%3A%221127243281129742%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[5]=%7B%22extractorID%22%3A%22497819211464386%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1644493247853.766882699&it=1644493247716&coo=false&rqm=GET
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:40:47 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Thu, 10 Feb 2022 11:40:47 GMT
identify
identity.mparticle.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-mp-key
Origin
https://cheet-2642-ontariofarmer.gdev.postmedia.digital
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Kestrel
access-control-allow-headers
content-type,x-mp-key
access-control-allow-methods
POST
access-control-allow-origin
*
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
accept-ranges
bytes
date
Thu, 10 Feb 2022 11:40:47 GMT
via
1.1 varnish
age
1200
x-served-by
cache-yul12828-YUL
x-cache
HIT
x-cache-hits
543
x-timer
S1644493248.862995,VS0,VE0
strict-transport-security
max-age=900
identify
identity.mparticle.com/v1/ 		175 B
229 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-a9588c0ddc27594cabd152e47ffe27ee/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
2815faade47d85001754ec4332317e6c738f2f86ac66393db53aee86082ee05b
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

x-mp-key
us1-a9588c0ddc27594cabd152e47ffe27ee
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 10 Feb 2022 11:40:47 GMT
content-encoding
gzip
server
Kestrel
x-timer
S1644493248.875140,VS0,VE40
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by
cache-yul12828-YUL
vary
Accept-Encoding
x-cache
MISS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
strict-transport-security
max-age=900
accept-ranges
bytes
via
1.1 varnish
x-cache-hits
0
42fb57ac-2013-45a6-8dad-332d53e17c1b
consumer.krxd.net/consent/get/ 		239 B
430 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/42fb57ac-2013-45a6-8dad-332d53e17c1b?idt=device&dt=kxcookie&callback=Krux.ns.postmedia.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8ddf9e8fa96d1bbbeaf292ca94fc082dde61e4a6be90c87f8b2609fd88edbd4d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:40:47 GMT
via
1.1 varnish
age
2
x-served-by
consumer-a007-ash-prod.krxd.net, cache-yul12829-YUL
vary
Accept-Encoding
x-cache
MISS, HIT
content-type
text/javascript; charset=UTF-8
content-encoding
gzip
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1644493248.910355,VS0,VE0
content-length
193
x-cache-hits
0, 1
uthtxmddg.js
cdn.krxd.net/controltag/ Frame 0A17 		29 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/controltag/uthtxmddg.js
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
76a237b880fbfc8ac655e91dcf5c9af3b44ccc506c69328409b4047d72519eea

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Thu, 10 Feb 2022 11:40:47 GMT
via
1.1 varnish, 1.1 varnish
age
737
x-cache
MISS, HIT, HIT
x-app-cache
HIT
x-age
0
content-encoding
gzip
content-length
6471
x-served-by
config-service-a005-ash-prod.krxd.net, cache-iad-kjyo7100134-IAD, cache-yul12832-YUL
x-response-time
0
x-do-esi
esi
x-timer
S1644493248.893992,VS0,VE0
etag
"8d8408c6b02eb41f93710c678ece74490c4f6485"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 1, 17
controltag.js.a1705c5ac5f06cf0c202ff70908fc042
cdn.krxd.net/ctjs/ Frame 0A17 		259 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/uthtxmddg.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Thu, 10 Feb 2022 11:40:47 GMT
content-encoding
gzip
age
16586557
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
14946908
content-length
84509
x-served-by
cache-yul12832-YUL
last-modified
Mon, 02 Aug 2021 12:06:17 GMT
x-timer
S1644493248.907252,VS0,VE0
etag
"a1705c5ac5f06cf0c202ff70908fc042"
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Thu, 31 Jul 2031 12:06:16 GMT
42fb57ac-2013-45a6-8dad-332d53e17c1b
consumer.krxd.net/consent/get/ Frame 0A17 		224 B
306 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/42fb57ac-2013-45a6-8dad-332d53e17c1b?idt=device&dt=kxcookie&callback=Krux.ns.postmedia.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
213e90e8499a0310e4c2ff23ee2515d64dd9e276caf2638618933abe76b6e6de

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:40:47 GMT
via
1.1 varnish
age
0
x-served-by
consumer-a006-ash-prod.krxd.net, cache-yul12829-YUL
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
content-encoding
gzip
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1644493248.960909,VS0,VE19
content-length
188
x-cache-hits
0, 0
usermatch.gif
beacon.krxd.net/ Frame 0A17
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=google
  • https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=T3AzSEhFUFI
  • https://cm.g.doubleclick.net/pixel?google_cm=&google_nid=krux_digital&google_hm=T3AzSEhFUFI&google_tc=
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESEOyeikJzJ6H-y7CprF0oxhI&google_cver=1
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEOyeikJzJ6H-y7CprF0oxhI&google_cver=1
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Server
44.194.147.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-147-181.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:40:48 GMT
cache-control
private, no-cache, no-store
x-request-time
D=30 t=1644493248
x-served-by
beacon-n037-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 10 Feb 2022 11:40:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEOyeikJzJ6H-y7CprF0oxhI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
291
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 0A17
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=T3AzSEhFUFI
  • https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm=&google_hm=T3AzSEhFUFI&google_tc=
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESEC3U9T808wDow6FTmRtoM48&google_cver=1
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEC3U9T808wDow6FTmRtoM48&google_cver=1
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Server
44.194.147.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-147-181.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:40:48 GMT
cache-control
private, no-cache, no-store
x-request-time
D=19 t=1644493248
x-served-by
beacon-n018-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 10 Feb 2022 11:40:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEC3U9T808wDow6FTmRtoM48&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
291
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
379708.gif
idsync.rlcdn.com/ Frame 0A17 		42 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/379708.gif?partner_uid=Op3HHEPR
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 10 Feb 2022 11:40:48 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
usermatch.gif
beacon.krxd.net/ Frame 0A17
Redirect Chain
  • https://stags.bluekai.com/site/26357?id=Op3HHEPR&redir=https://beacon.krxd.net/usermatch.gif?_kuid%3DOp3HHEPR%26partner%3Dbluekai%26bk_uuid%3D%24_BK_UUID
  • https://beacon.krxd.net/usermatch.gif?_kuid=Op3HHEPR&partner=bluekai&bk_uuid=$_BK_UUID
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?_kuid=Op3HHEPR&partner=bluekai&bk_uuid=$_BK_UUID
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Server
44.194.147.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-147-181.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:40:48 GMT
cache-control
private, no-cache, no-store
x-request-time
D=23 t=1644493248
x-served-by
beacon-n032-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://beacon.krxd.net/usermatch.gif?_kuid=Op3HHEPR&partner=bluekai&bk_uuid=$_BK_UUID
Date
Thu, 10 Feb 2022 11:40:48 GMT
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
p
sb.scorecardresearch.com/ Frame 0A17 		64 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=9&c2=8188709&cs_xi=Op3HHEPR&rn=1644493248
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.31.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-31-3.ewr53.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:40:48 GMT
via
1.1 b1cccfee199a18a4097165436eb291a8.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
dlIIkkAD5hBQC0Ei5XfC3KixPxhur62a_qTy8xT5KRcZ0btc7YadHw==
usermatch.gif
beacon.krxd.net/ Frame 0A17
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/NC4WTmcy?redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner_id%3Dcb276571-e0d9-4438-9fd4-80a1ff034b01%26puid%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/NC4WTmcy?redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner_id%3Dcb276571-e0d9-4438-9fd4-80a1ff034b01%26puid%3D%24%7BTM_USER_ID%7D&_test=YgT5wA...
  • https://beacon.krxd.net/usermatch.gif?partner_id=cb276571-e0d9-4438-9fd4-80a1ff034b01&puid=YgT5wAAFJx8O0wBB&_test=YgT5wAAFJx8O0wBB
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner_id=cb276571-e0d9-4438-9fd4-80a1ff034b01&puid=YgT5wAAFJx8O0wBB&_test=YgT5wAAFJx8O0wBB
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Server
44.194.147.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-147-181.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:40:48 GMT
cache-control
private, no-cache, no-store
x-request-time
D=22 t=1644493248
x-served-by
beacon-n036-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 10 Feb 2022 11:40:48 GMT
via
1.1 varnish
server
Varnish
x-timer
S1644493248.069115,VS0,VE0
x-served-by
cache-yul12831-YUL
x-cache
HIT
location
https://beacon.krxd.net/usermatch.gif?partner_id=cb276571-e0d9-4438-9fd4-80a1ff034b01&puid=YgT5wAAFJx8O0wBB&_test=YgT5wAAFJx8O0wBB
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
usermatch.gif
beacon.krxd.net/ Frame 0A17
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=beeswax
  • https://match.prod.bidr.io/cookie-sync/krux?partner_user_id=Op3HHEPR
  • https://match.prod.bidr.io/cookie-sync/krux?partner_user_id=Op3HHEPR&_bee_ppp=1
  • https://beacon.krxd.net/usermatch.gif?partner=beeswax&partner_uid=AAEUSE7ECfQAAHccD3thZA
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=beeswax&partner_uid=AAEUSE7ECfQAAHccD3thZA
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Server
44.194.147.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-147-181.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:40:48 GMT
cache-control
private, no-cache, no-store
x-request-time
D=21 t=1644493248
x-served-by
beacon-n017-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=beeswax&partner_uid=AAEUSE7ECfQAAHccD3thZA
Date
Thu, 10 Feb 2022 11:40:48 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
usermatch.gif
beacon.krxd.net/ Frame 0A17
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=mediamath
  • https://sync.mathtag.com/sync/img?mt_exid=10031&mt_exuid=Op3HHEPR&redirect=https://beacon.krxd.net/usermatch.gif?partner%3Dmediamath%26partner_id%3D%5BMM_UUID%5D
  • https://beacon.krxd.net/usermatch.gif?partner=mediamath&partner_id=3ec36204-f9c0-4500-a2fb-1e8e4c98d324
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=mediamath&partner_id=3ec36204-f9c0-4500-a2fb-1e8e4c98d324
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Server
44.194.147.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-147-181.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:40:48 GMT
cache-control
private, no-cache, no-store
x-request-time
D=19 t=1644493248
x-served-by
beacon-n033-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Thu, 10 Feb 2022 11:40:48 GMT
Server
MT3 4133 baa842e master ord-pixel-x11 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://beacon.krxd.net/usermatch.gif?partner=mediamath&partner_id=3ec36204-f9c0-4500-a2fb-1e8e4c98d324
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 10 Feb 2022 11:40:47 GMT
tag.aspx
ml314.com/ Frame 0A17 		27 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ml314.com/tag.aspx?1012022
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.235.23.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-23-231.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
300b9ba11e041384aafe746b81adbac891f04890e6d71728d572df9073610076

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 10 Feb 2022 11:40:47 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=86400
transfer-encoding
chunked
Connection
keep-alive
g.js
aa.agkn.com/adscores/ Frame 0A17
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=neustar
  • https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=Op3HHEPR
43 B
659 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=Op3HHEPR
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Server
13.225.214.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-50.ewr50.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 11:40:48 GMT
via
1.1 d3fbeb74a503a5fcf3e4ca458c365012.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
EWR50-C1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
content-type
image/gif
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
_wxLtrBjVv4t7JBl0_vW90qNwGzGH4h4OAPa__aVlAJITRVMAHEyow==
expires
0

Redirect headers

location
https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=Op3HHEPR
date
Thu, 10 Feb 2022 11:40:48 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a015-ash-prod.krxd.net
usermatch.gif
beacon.krxd.net/ Frame 0A17
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=183716&cb=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcasale%26partner_uid%3D__UID__
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcasale%26partner_uid%3D__UID__&s=183716&C=1
  • https://beacon.krxd.net/usermatch.gif?partner=casale&partner_uid=YgT5wFVx1VfG77DPAM.50QAA%26473
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=casale&partner_uid=YgT5wFVx1VfG77DPAM.50QAA%26473
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Server
44.194.147.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-147-181.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:40:48 GMT
cache-control
private, no-cache, no-store
x-request-time
D=31 t=1644493248
x-served-by
beacon-n029-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Thu, 10 Feb 2022 11:40:48 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://beacon.krxd.net/usermatch.gif?partner=casale&partner_uid=YgT5wFVx1VfG77DPAM.50QAA%26473
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
283
Expires
Thu, 10 Feb 2022 11:40:48 GMT
usermatch.gif
beacon.krxd.net/ Frame 0A17
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=salesforce
  • https://beacon.krxd.net/usermatch.gif?partner=stackadapt&partner_uid=qW9iOQcESZxYVy_DWMrXr5U4mbk
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=stackadapt&partner_uid=qW9iOQcESZxYVy_DWMrXr5U4mbk
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Server
44.194.147.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-147-181.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:40:48 GMT
cache-control
private, no-cache, no-store
x-request-time
D=29 t=1644493248
x-served-by
beacon-n027-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://beacon.krxd.net/usermatch.gif?partner=stackadapt&partner_uid=qW9iOQcESZxYVy_DWMrXr5U4mbk
Date
Thu, 10 Feb 2022 11:40:48 GMT
Connection
keep-alive
Content-Length
123
Content-Type
text/html; charset=utf-8
usermatch.gif
beacon.krxd.net/ Frame 0A17
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=triplelift&gdpr=0&cmp_cs=&us_privacy=undefined
  • https://eb2.3lift.com/xuid?mid=3587&xuid=Op3HHEPR&dongle=13b2&rdir=https://beacon.krxd.net/usermatch.gif?partner%3Dtriplelift%26partner_uid%3D$UID&gdpr=0&cmp_cs=&us_privacy=undefined
  • https://eb2.3lift.com/xuid?ld=1&mid=3587&xuid=Op3HHEPR&dongle=13b2&gdpr=0&cmp_cs=&us_privacy=undefined&rdir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dtriplelift%26partner_uid%3D%24UID
  • https://beacon.krxd.net/usermatch.gif?partner=triplelift&partner_uid=1605454715927848592635
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=triplelift&partner_uid=1605454715927848592635
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Server
44.194.147.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-147-181.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:40:48 GMT
cache-control
private, no-cache, no-store
x-request-time
D=28 t=1644493248
x-served-by
beacon-n002-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=triplelift&partner_uid=1605454715927848592635
date
Thu, 10 Feb 2022 11:40:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
iu3
s.amazon-adsystem.com/ Frame 15B0
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&dcc=t
275 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
5bfee1a430ede5828fcb00547e58f4121e6758b35517b4ee1b5387067a2e65e9
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/

Response headers

Server
Server
Date
Thu, 10 Feb 2022 11:40:48 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
275
Connection
keep-alive
x-amz-rid
64XM05JJGPQSVJN7JKGQ
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

Server
Server
Date
Thu, 10 Feb 2022 11:40:48 GMT
Content-Length
0
Connection
keep-alive
x-amz-rid
R2P254RMQWEAPDG18DV4
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&dcc=t
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()
integrator.js
adservice.google.ca/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=cheet-2642-ontariofarmer.gdev.postmedia.digital
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js?31064837
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 10 Feb 2022 11:40:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cheet-2642-ontariofarmer.gdev.postmedia.digital
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js?31064837
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 10 Feb 2022 11:40:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		528 KB
55 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2890307273580346&correlator=1873480384773866&output=ldjh&eid=31061815%2C31064803%2C31064837%2C31061166&output=ldjh&gdfp_req=1&vrg=2022020801&ptt=17&impl=fifs&sc=1&sfv=1-0-38&ecs=20220210&iu_parts=3081%2CSMCO_ENCO_MAGOnFarmer_EN_WEB%2Cindex&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C6x6%7C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C7x7%7C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250&ppid=00000000ppidp1560126540933913520&prev_scp=loc%3D1%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D4a0bb04c-8a66-11ec-af84-0a30f786b825%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%7Cloc%3D2%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D4a0bb04d-8a66-11ec-af84-0a30f786b825%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%26pub%3D40%7Cloc%3D1%26amznbid%3D2%26amznp%3D2%26id%3D4a0bb04e-8a66-11ec-af84-0a30f786b825%7Cloc%3D3%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D4a0bb04f-8a66-11ec-af84-0a30f786b825%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%7Cloc%3D2%26amznbid%3D2%26amznp%3D2%26id%3D4a0bb050-8a66-11ec-af84-0a30f786b825%7Cloc%3D4%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D4a0bb051-8a66-11ec-af84-0a30f786b825%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%26pub%3D40%7Cloc%3D3%26amznbid%3D2%26amznp%3D2%26id%3D4a0bb052-8a66-11ec-af84-0a30f786b825%7Cloc%3D5%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D4a0bb053-8a66-11ec-af84-0a30f786b825%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%7Cloc%3D4%26amznbid%3D2%26amznp%3D2%26id%3D4a0bb054-8a66-11ec-af84-0a30f786b825%7Cloc%3D6%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D4a0bb055-8a66-11ec-af84-0a30f786b825%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%26pub%3D40%7Cloc%3D5%26amznbid%3D2%26amznp%3D2%26id%3D4a0bb056-8a66-11ec-af84-0a30f786b825%7Cloc%3D7%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D4a0bb057-8a66-11ec-af84-0a30f786b825%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%26pub%3D40%7Cloc%3D6%26amznbid%3D2%26amznp%3D2%26id%3D4a0bb058-8a66-11ec-af84-0a30f786b825%7Cloc%3D8%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D4a0bb059-8a66-11ec-af84-0a30f786b825%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%26pub%3D40%7Cloc%3D7%26amznbid%3D2%26amznp%3D2%26id%3D4a0bb05a-8a66-11ec-af84-0a30f786b825%7Cloc%3D9%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D4a0bb05b-8a66-11ec-af84-0a30f786b825%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%26pub%3D40%7Cloc%3D8%26amznbid%3D2%26amznp%3D2%26id%3D4a0bb05c-8a66-11ec-af84-0a30f786b825%7Cloc%3D10%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D4a0bb05d-8a66-11ec-af84-0a30f786b825%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%26pub%3D40&eri=1&cust_params=no_pol%3Dtrue%26page%3Dindex%26pr%3Donf%26sensitive%3Dn%26negative%3Dn%26ck%3Dindex%26imp%3Dindex%26kuid%3D%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3D&cookie_enabled=1&bc=31&abxe=1&dt=1644493248159&lmt=1644493248&dlt=1644493246986&idt=612&frm=20&biw=1600&bih=1200&oid=2&adxs=200%2C797%2C765%2C797%2C765%2C200%2C765%2C200%2C765%2C200%2C765%2C200%2C765%2C200%2C765%2C200%2C765%2C200&adys=233%2C1318%2C1859%2C2599%2C3425%2C3225%2C3766%2C3566%2C4107%2C3907%2C4448%2C4248%2C4789%2C4589%2C5130%2C4930%2C5471%2C5271&adks=625928897%2C1960150758%2C1840685615%2C346298458%2C1840685612%2C625928910%2C1840685613%2C625928909%2C1840685586%2C625928908%2C1840685587%2C625928907%2C1840685584%2C625928906%2C1840685585%2C625928905%2C1840685590%2C2524969409&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg%7Ch%7Ci&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fcheet-2642-ontariofarmer.gdev.postmedia.digital%2F&vis=1&scr_x=0&scr_y=0&psz=1600x250%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250&msz=1600x250%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250&ga_vid=1096390675.1644493248&ga_sid=1644493248&ga_hid=1246277190&ga_fc=false&fws=4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4&ohw=1600%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600&btvi=0%7C1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7C10%7C11%7C12%7C13%7C14%7C15%7C16%7C17&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js?31064837
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
5fd87cbae66f4a6bc31cb921552cc523a4fffafd8484fe7e1279681506ea2a00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:40:49 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,71397,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55958
x-xss-protection
0
google-lineitem-id
-1,-1,5900230719,-1,5900230719,-1,-2,-1,-2,-1,-2,-1,-2,-1,-2,-1,-2,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,138379291044,-1,138379268081,-1,-2,-1,-2,-1,-2,-1,-2,-1,-2,-1,-2,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cheet-2642-ontariofarmer.gdev.postmedia.digital
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
c0ace983ffea1bea0427354da745db13.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 01DF 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c0ace983ffea1bea0427354da745db13.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js?31064837
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Thu, 10 Feb 2022 11:40:48 GMT
expires
Fri, 10 Feb 2023 11:40:48 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
utsync.ashx
ml314.com/ Frame 0A17 		769 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=748&ct=js&pi=&fp=&clid=&if=1&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fcdn.krxd.net%2Fpartnerjs%2Fxdi%2Fproxy.3d2100fd7107262ecb55ce6847f01fa5.html%23!kxcid%3Duthtxmddg%26kxt%3Dhttps%253A%252F%252Fcheet-2642-ontariofarmer.gdev.postmedia.digital%26kxcl%3Dcdn%26kxp%3D&pv=1644493248208_dl59s246w&bl=en-us&cb=4581561&return=https%3A%2F%2Fml314.com%2Fcsync.ashx%3Ffp%3DOp3HHEPR%26person_id%3D%5BPersonID%5D%26eid%3D748%26return%3Dhttps%253A%252F%252Fbeacon.krxd.net%252Fusermatch.gif%253Fpartner%253Dmadisonlogic%2526partner_uid%253D%5BPersonID%5D&ht=&d=&dc=&si=1644493248208_dl59s246w&cid=&s=1600x1200&rp=https%3A%2F%2Fcheet-2642-ontariofarmer.gdev.postmedia.digital%2F
Requested by
Host: ml314.com
URL: https://ml314.com/tag.aspx?1012022
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.235.23.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-23-231.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2392ec3224598ead10b594552a5a2524c11862aeff4ef96db479eeb56256d89d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Feb 2022 11:40:47 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
p3P
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control
private
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
537
Expires
0
users
dmx.districtm.io/s/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://cdn.districtm.io
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 10 Feb 2022 11:40:48 GMT
cf-ray
6db51091cd648c0f-EWR
access-control-allow-origin
https://cdn.districtm.io
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-max-age
14400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
users
dmx.districtm.io/s/v1/ Frame 1980 		0
678 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/users
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://cdn.districtm.io/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 10 Feb 2022 11:40:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-allow-origin
https://cdn.districtm.io
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6db510922d0d5443-YYZ
access-control-allow-headers
Origin, Content-Type
pr
s.amazon-adsystem.com/v3/ Frame 6E9C 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
bed79e22634d48c6e53d084c7dc1ac8e7ed34377df61478f7020d89248124ea1
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&dcc=t

Response headers

Server
Server
Date
Thu, 10 Feb 2022 11:40:48 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
2044
Connection
keep-alive
x-amz-rid
Z6TB73W5G15K6D13DA2P
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()
demconf.jpg
dpm.demdex.net/ Frame 0A17
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3625040135422214160&redir=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3625040135422214160&redir=
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3625040135422214160&redir=
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
HTTP/1.1
Server
100.20.199.76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-100-20-199-76.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v024-01ccf09a3.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
KPYco03nSFU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-usw2-1-v024-0aaf7d1d0.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
8GXw1lZkR+o=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3625040135422214160&redir=
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
utsync.ashx
ml314.com/ Frame 0A17
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=d0tro1j&ttd_tpi=1
  • https://ml314.com/utsync.ashx?eid=53819&et=0&fp=6eb0d8c8-8ec0-49b3-afec-dd8bfc9c7013&gdpr=0&gdpr_consent=
43 B
517 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/utsync.ashx?eid=53819&et=0&fp=6eb0d8c8-8ec0-49b3-afec-dd8bfc9c7013&gdpr=0&gdpr_consent=
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
HTTP/1.1
Server
34.235.23.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-23-231.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Feb 2022 11:40:48 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
p3P
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control
private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0,Fri, 11 Feb 2022 06:40:48 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Feb 2022 11:40:48 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ml314.com/utsync.ashx?eid=53819&et=0&fp=6eb0d8c8-8ec0-49b3-afec-dd8bfc9c7013&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
241
csync.ashx
ml314.com/ Frame 0A17
Redirect Chain
  • https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3625040135422214160
  • https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3625040135422214160
  • https://ml314.com/csync.ashx?fp=b3370cb7ce7eead7f8612df1239cc66a&eid=50146&person_id=3625040135422214160
43 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/csync.ashx?fp=b3370cb7ce7eead7f8612df1239cc66a&eid=50146&person_id=3625040135422214160
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
HTTP/1.1
Server
34.235.23.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-23-231.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 10 Feb 2022 11:40:48 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
private
Connection
keep-alive
Content-Length
43
Expires
Fri, 11 Feb 2022 06:40:48 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Feb 2022 11:40:48 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://ml314.com/csync.ashx?fp=b3370cb7ce7eead7f8612df1239cc66a&eid=50146&person_id=3625040135422214160
cache-control
no-cache
x-server
10.40.45.182
content-length
0
expires
0
match
ps.eyeota.net/ Frame 0A17
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif
  • https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif
  • https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2WXxTJkZmUxF1ed8p1w6IgrKr9MWHypcI48IdwP_Y84I&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26referrer_p...
  • https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
HTTP/1.1
Server
34.197.192.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-192-192.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 10 Feb 2022 11:40:48 GMT
Content-Type
image/gif
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Pragma
no-cache
Date
Thu, 10 Feb 2022 11:40:47 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
p3P
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Location
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
Cache-Control
private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
193
Expires
0,Fri, 11 Feb 2022 06:40:48 GMT
usermatch.gif
beacon.krxd.net/ Frame 0A17
Redirect Chain
  • https://ml314.com/csync.ashx?fp=Op3HHEPR&person_id=3625040135422214160&eid=748&return=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dmadisonlogic%26partner_uid%3D3625040135422214160
  • https://beacon.krxd.net/usermatch.gif?partner=madisonlogic&partner_uid=3625040135422214160
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=madisonlogic&partner_uid=3625040135422214160
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Server
44.194.147.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-147-181.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:40:48 GMT
cache-control
private, no-cache, no-store
x-request-time
D=30 t=1644493248
x-served-by
beacon-n008-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Thu, 10 Feb 2022 11:40:47 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/html; charset=utf-8
Location
https://beacon.krxd.net/usermatch.gif?partner=madisonlogic&partner_uid=3625040135422214160
Cache-Control
private
Connection
keep-alive
Content-Length
211
Expires
Fri, 11 Feb 2022 06:40:48 GMT
/
match.sharethrough.com/jwumXNuB/v1/ Frame 2712 		427 B
529 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.160.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-160-85.compute-1.amazonaws.com
Software
/
Resource Hash
bd7842472e8c9d9405db5d61105e83befafdc65ab1849d822c4b7d12d1446093

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

date
Thu, 10 Feb 2022 11:40:48 GMT
content-length
427
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FCD3 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=154807
expires
Sat, 12 Feb 2022 06:40:55 GMT
date
Thu, 10 Feb 2022 11:40:48 GMT
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 2999 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 10 Feb 2022 11:40:48 GMT
Connection
keep-alive
Vary
Accept-Encoding
cm
u.openx.net/w/1.0/ Frame 59C7
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX...
722 B
477 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
57f753b7e56b556cb8ac84c3c70bc6cb1db46c23a926764d8b0997162c3e85e7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.1.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Thu, 10 Feb 2022 11:40:48 GMT
content-type
text/html
content-length
458
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Redirect headers

server
OXGW/17.1.0
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
date
Thu, 10 Feb 2022 11:40:48 GMT
content-length
0
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ecm3
s.amazon-adsystem.com/ Frame D0A9
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=districtm
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Ddistrictm
  • https://s.amazon-adsystem.com/ecm3?id=5238648912890707969&ex=districtm
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=5238648912890707969&ex=districtm
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Server
Server
Date
Thu, 10 Feb 2022 11:40:48 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
MWF80V505WVH2ZXDTM2G
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

Server
nginx/1.17.9
Date
Thu, 10 Feb 2022 11:40:48 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=5238648912890707969&ex=districtm
AN-X-Request-Uuid
c8c8c639-7df2-47d4-b94b-dfcbc0489e61
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 801.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
ecm3
s.amazon-adsystem.com/ Frame 1A3A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=1358049491610281972&ex=appnexus.com
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=1358049491610281972&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Server
Server
Date
Thu, 10 Feb 2022 11:40:48 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
B2F95WG51TR2VN2WSVZN
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

Server
nginx/1.17.9
Date
Thu, 10 Feb 2022 11:40:48 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=1358049491610281972&ex=appnexus.com
AN-X-Request-Uuid
1edcfec4-7cad-4d72-ab07-c03f4a427ded
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 801.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
amazon
ap.lijit.com/beacon/ Frame 529B
Redirect Chain
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
a29f94f3b58a5f194036a27556a7fa4b4b2ae2b2e273c3561b56c69e9506c2ce

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Server
nginx
Date
Thu, 10 Feb 2022 11:40:48 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Vary
Accept-Encoding
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
Content-Encoding
gzip
X-Sovrn-Pod
ad_ap3dca1

Redirect headers

Server
nginx
Date
Thu, 10 Feb 2022 11:40:48 GMT
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap3dca1
index.html
cdn.districtm.io/ids/ Frame 468F
Redirect Chain
  • https://cdn.districtm.io/ids/?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
  • https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
116 B
263 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

date
Thu, 10 Feb 2022 11:40:48 GMT
content-type
text/html
cf-ray
6db510923d1d5443-YYZ
age
13390
last-modified
Thu, 20 May 2021 02:18:27 GMT
via
1.1 7a818cb34d4f96c0d6b48a1a51f766d0.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-cf-id
xybYeU4g4-_e1OmCjedxlSyd7iLpvNtUh_yrAUBG9LF6Cnw2xuRFsA==
x-amz-cf-pop
YTO50-C3
x-cache
Hit from cloudfront
vary
Accept-Encoding
server
cloudflare
content-encoding
br

Redirect headers

date
Thu, 10 Feb 2022 11:40:48 GMT
location
https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
cf-ray
6db510920cce5443-YYZ
cache-control
max-age=3600
expires
Thu, 10 Feb 2022 12:40:48 GMT
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
ecm3
s.amazon-adsystem.com/ Frame 9F73
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1605454715927848592635
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1605454715927848592635
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Server
Server
Date
Thu, 10 Feb 2022 11:40:48 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
2EA6V97C9NXNXP8RPXBH
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

date
Thu, 10 Feb 2022 11:40:48 GMT
content-length
0
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1605454715927848592635
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
www.googleadservices.com/pagead/conversion/580448699/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/580448699/?random=1644493248340&cv=9&fst=1644493248340&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg290&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fcheet-2642-ontariofarmer.gdev.postmedia.digital%2F&tiba=Home%20%7C%20Ontario%20Farmer&auid=260944317.1644493248&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
cafe /
Resource Hash
bbdbf2bb616e0110a6994c4b7116daf95ed7988cd0a3a818b80db34b7a4ff77d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 11:40:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1222
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/990309138/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/990309138/?random=1644493248348&cv=9&fst=1644493248348&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg290&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fcheet-2642-ontariofarmer.gdev.postmedia.digital%2F&tiba=Home%20%7C%20Ontario%20Farmer&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
142cb8d24e29a22b084a24a2f2dd3a41bbfe91dbc98e2afdeab6d07005fa251d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 11:40:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1025
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 2712 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=8d8b5b05-466e-41b2-8d05-be91bf1c9375
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Feb 2022 11:40:48 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
E96GE0P4ZYV9QN949NC9
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 2712
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=18694
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=KZGWTJHH-28-9G9E
68 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=KZGWTJHH-28-9G9E
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
34.199.160.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-160-85.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:40:48 GMT
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=KZGWTJHH-28-9G9E
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
b3266a43228eaeab48f59934ee9159da
Expires
0
v1
match.sharethrough.com/sync/ Frame 2712
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=6eb0d8c8-8ec0-49b3-afec-dd8bfc9c7013&gdpr=0&gdpr_consent=
68 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=6eb0d8c8-8ec0-49b3-afec-dd8bfc9c7013&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
34.199.160.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-160-85.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:40:48 GMT
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 10 Feb 2022 11:40:48 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=6eb0d8c8-8ec0-49b3-afec-dd8bfc9c7013&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
v1
match.sharethrough.com/sync/ Frame 2712
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=97
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=97
  • https://match.sharethrough.com/sync/v1?source_id=gBgkxrVErPj9wqivTDd2AmVY&source_user_id=cc60af1f-4b6f-44e6-8d02-d305b6cc5499-6204f9c0-4341&gdpr=0&gdpr_consent=
68 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=gBgkxrVErPj9wqivTDd2AmVY&source_user_id=cc60af1f-4b6f-44e6-8d02-d305b6cc5499-6204f9c0-4341&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
34.199.160.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-160-85.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:40:48 GMT
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 10 Feb 2022 11:40:47 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://match.sharethrough.com/sync/v1?source_id=gBgkxrVErPj9wqivTDd2AmVY&source_user_id=cc60af1f-4b6f-44e6-8d02-d305b6cc5499-6204f9c0-4341&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
v1
match.sharethrough.com/sync/ Frame 2712
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=6eb0d8c8-8ec0-49b3-afec-dd8bfc9c7013&gdpr=0&gdpr_consent=
68 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=6eb0d8c8-8ec0-49b3-afec-dd8bfc9c7013&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
34.199.160.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-160-85.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:40:48 GMT
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 10 Feb 2022 11:40:48 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=6eb0d8c8-8ec0-49b3-afec-dd8bfc9c7013&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
/
www.facebook.com/tr/ Frame B9A0 		0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
Origin
https://cheet-2642-ontariofarmer.gdev.postmedia.digital
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/

Response headers

content-type
text/plain
access-control-allow-origin
https://cheet-2642-ontariofarmer.gdev.postmedia.digital
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=0
date
Thu, 10 Feb 2022 11:40:48 GMT
usync.js
eus.rubiconproject.com/ Frame 2999 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
276056816d9fc84293ac402b06fe009d2052432a4a929500478ca0684249e793

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 10 Feb 2022 11:40:48 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=44151
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9704
Expires
Thu, 10 Feb 2022 23:56:39 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame FCD3 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=46156643&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
883a1e12cc9b8b410a1caf352ed47bb06f28a7fc91ac96f27c03c271c2ce66a5

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:40:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
1569
content-type
text/html; charset=UTF-8
idsync.d5cb6b96.js
cdn.districtm.io/ids/ Frame 468F 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:40:48 GMT
via
1.1 a20436c6d109fe9002d093f519ad4399.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
32696
cf-polished
origSize=3302
x-cache
Hit from cloudfront
cf-bgj
minify
content-encoding
br
last-modified
Thu, 20 May 2021 02:18:27 GMT
server
cloudflare
etag
W/"74ede07ef946dc2316f86b2661cf2dd3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=172800
x-amz-cf-pop
IAD89-C2
cf-ray
6db51092bdfd5443-YYZ
x-amz-cf-id
1eRSpWhdVAkBadFJp4F5rFN7MnzWD6LrYuBkp7TuCOeRux1TRVDlcg==
expires
Sat, 12 Feb 2022 11:40:48 GMT
/
www.google.ca/pagead/1p-conversion/580448699/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/580448699/?random=2041357170&cv=9&fst=1644493248340&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&...
  • https://www.google.com/pagead/1p-conversion/580448699/?random=2041357170&cv=9&fst=1644493248340&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_...
  • https://www.google.ca/pagead/1p-conversion/580448699/?random=2041357170&cv=9&fst=1644493248340&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_a...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-conversion/580448699/?random=2041357170&cv=9&fst=1644493248340&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg290&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fcheet-2642-ontariofarmer.gdev.postmedia.digital%2F&tiba=Home%20%7C%20Ontario%20Farmer&auid=260944317.1644493248&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=wPkEYraUGMiDNaDSu9AM&cid=CAQSKQCNIrLMR2ol1x6U9NKHjcWmxn9X-_EVZ33RO0f9KmpPyjifIKzrKMlk&eitems=ChAIgIyTkAYQpK3aj9jOwe4vEh0A-e5AUD1_UHJngxjE-OkjBExYDS2oZTHkiwFJWw&random=1397278157&resp=GooglemKTybQhCsO&ipr=y&prhg=0
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
H3
Server
2607:f8b0:4006:80f::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 11:40:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Feb 2022 11:40:48 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.ca/pagead/1p-conversion/580448699/?random=2041357170&cv=9&fst=1644493248340&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg290&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fcheet-2642-ontariofarmer.gdev.postmedia.digital%2F&tiba=Home%20%7C%20Ontario%20Farmer&auid=260944317.1644493248&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=wPkEYraUGMiDNaDSu9AM&cid=CAQSKQCNIrLMR2ol1x6U9NKHjcWmxn9X-_EVZ33RO0f9KmpPyjifIKzrKMlk&eitems=ChAIgIyTkAYQpK3aj9jOwe4vEh0A-e5AUD1_UHJngxjE-OkjBExYDS2oZTHkiwFJWw&random=1397278157&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 59C7 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=c7d658c0-b92b-8a80-9cf3-c7f25833eca1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Feb 2022 11:40:48 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
VX67SVW7NBVV8FVWXNTD
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 59C7
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YgT5wAAFJx8O0wBB
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YgT5wAAFJx8O0wBB
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 11:40:48 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Feb 2022 11:40:48 GMT
via
1.1 varnish
server
Varnish
x-timer
S1644493248.469309,VS0,VE0
x-served-by
cache-yul12831-YUL
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YgT5wAAFJx8O0wBB
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
0bc742f9-352d-a333-6d2a-5390cf57ea08
pr-bh.ybp.yahoo.com/sync/openx/ Frame 59C7 		43 B
993 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/0bc742f9-352d-a333-6d2a-5390cf57ea08?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:e7d9:5422:56cf:eb6f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:40:48 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
sd
us-u.openx.net/w/1.0/ Frame 59C7
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=9f0024bd-a581-317a-5cfd-456530002741&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=6eb0d8c8-8ec0-49b3-afec-dd8bfc9c7013&ttd_puid=9f0024bd-a581-317a-5cfd-456530002741
43 B
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=6eb0d8c8-8ec0-49b3-afec-dd8bfc9c7013&ttd_puid=9f0024bd-a581-317a-5cfd-456530002741
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 11:40:48 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Feb 2022 11:40:48 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=6eb0d8c8-8ec0-49b3-afec-dd8bfc9c7013&ttd_puid=9f0024bd-a581-317a-5cfd-456530002741
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
293
pixel
cm.g.doubleclick.net/ Frame 59C7 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjM2ZmY3NzctNmNmNi02ZmRlLTQ5MWQtMWZkY2ZhZTJlOTIx
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 11:40:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 59C7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECjG3JeK6qQJzF497fod8aw&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECjG3JeK6qQJzF497fod8aw&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 11:40:48 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Feb 2022 11:40:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECjG3JeK6qQJzF497fod8aw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 529B 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=2b2b1102356f0fc4bb65f140&ex=sovrn.com&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Feb 2022 11:40:48 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
N062TATKHHF0CCK3SVE2
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 529B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=2b2b1102356f0fc4bb65f140&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=3&3pid=3ec36204-f9c0-4500-a2fb-1e8e4c98d324&gdpr=0&gdpr_consent=
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=3&3pid=3ec36204-f9c0-4500-a2fb-1e8e4c98d324&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Feb 2022 11:40:48 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Thu, 10 Feb 2022 11:40:48 GMT
Server
MT3 4133 baa842e master ord-pixel-x54 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ce.lijit.com/merge?pid=3&3pid=3ec36204-f9c0-4500-a2fb-1e8e4c98d324&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 10 Feb 2022 11:40:47 GMT
epx.gif
px.owneriq.net/fr/ Frame 529B
Redirect Chain
  • https://px.owneriq.net/eucm/p/sv?gdpr=0&gdpr_consent=
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fpx.owneriq.net%2ffr%2fepx.gif&uid=Q6977796482136910923&ref=%2Feucm%2Fp%2Fsv
  • https://px.owneriq.net/fr/epx.gif
43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/fr/epx.gif
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
23.64.107.8 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-107-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 10 Feb 2022 11:40:48 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
max-age=259307
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 13 Feb 2022 11:42:35 GMT

Redirect headers

Date
Thu, 10 Feb 2022 11:40:48 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://px.owneriq.net/fr/epx.gif
Cache-Control
max-age=70936
Connection
keep-alive
Content-Type
text/html
Content-Length
154
pixel
cm.g.doubleclick.net/ Frame 529B
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=MmIyYjExMDIzNTZmMGZjNGJiNjVmMTQw&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=MmIyYjExMDIzNTZmMGZjNGJiNjVmMTQw&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
H3
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 11:40:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 10 Feb 2022 11:40:48 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=MmIyYjExMDIzNTZmMGZjNGJiNjVmMTQw&gdpr=0
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap3dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
merge
ce.lijit.com/ Frame 529B
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=12&3pid=5238648912890707969&gdpr=0&gdpr_consent=
43 B
839 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=12&3pid=5238648912890707969&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Feb 2022 11:40:48 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 10 Feb 2022 11:40:48 GMT
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 574.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
0d3133c6-3a27-47da-aad5-766f4c0671cd
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ce.lijit.com/merge?pid=12&3pid=5238648912890707969&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
merge
ce.lijit.com/ Frame 529B
Redirect Chain
  • https://um.simpli.fi/lj_match?r=1644493248394&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=2&3pid=C2835A87145D4E8D8F5FBFABDFA0194D
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=C2835A87145D4E8D8F5FBFABDFA0194D
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Feb 2022 11:40:48 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Thu, 10 Feb 2022 11:40:48 GMT
x-content-type-options
nosniff
server
nginx
location
https://ce.lijit.com/merge?pid=2&3pid=C2835A87145D4E8D8F5FBFABDFA0194D
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Wed, 09 Feb 2022 11:40:48 GMT
khaos.jpg
token.rubiconproject.com/ Frame 2999 		284 B
921 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
1c34e56f66d325760e494cbb7a93f50f
Content-Type
image/jpg
ecm3
s.amazon-adsystem.com/ Frame 468F
Redirect Chain
  • https://dmx.districtm.io/s/v1/users/10002
  • https://s.amazon-adsystem.com/ecm3?ex=dmx.com&id=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAyLCJ1c3IiOiJxZ1llc2dZYk1qUjFkazVsZURSclFWbHVlVE5vTm5KSmVHZFFTVkpGUkVwayJ9.bj5T9A3bbc75fP6iQf72y2...
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=dmx.com&id=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAyLCJ1c3IiOiJxZ1llc2dZYk1qUjFkazVsZURSclFWbHVlVE5vTm5KSmVHZFFTVkpGUkVwayJ9.bj5T9A3bbc75fP6iQf72y2QqV9wR7msj0LVIOT6cNxnGMSSHOcdz-T_4H7u2g1Dn-lQaBSaQOQ64Ev0bPPNkKg
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
Protocol
HTTP/1.1
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Feb 2022 11:40:48 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
F5FP6P23YFMH6Z130GYE
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Thu, 10 Feb 2022 11:40:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://s.amazon-adsystem.com/ecm3?ex=dmx.com&id=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAyLCJ1c3IiOiJxZ1llc2dZYk1qUjFkazVsZURSclFWbHVlVE5vTm5KSmVHZFFTVkpGUkVwayJ9.bj5T9A3bbc75fP6iQf72y2QqV9wR7msj0LVIOT6cNxnGMSSHOcdz-T_4H7u2g1Dn-lQaBSaQOQ64Ev0bPPNkKg
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-allow-origin
https://cdn.districtm.io
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6db510934ec75443-YYZ
access-control-allow-headers
Origin, Content-Type
content-length
0
/
www.google.com/pagead/1p-user-list/990309138/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/990309138/?random=1644493248348&cv=9&fst=1644490800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg290&sendb=1&frm=0&url=https%3A%2F%2Fcheet-2642-ontariofarmer.gdev.postmedia.digital%2F&tiba=Home%20%7C%20Ontario%20Farmer&async=1&fmt=3&is_vtc=1&random=4277362550&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 11:40:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ca/pagead/1p-user-list/990309138/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/990309138/?random=1644493248348&cv=9&fst=1644490800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg290&sendb=1&frm=0&url=https%3A%2F%2Fcheet-2642-ontariofarmer.gdev.postmedia.digital%2F&tiba=Home%20%7C%20Ontario%20Farmer&async=1&fmt=3&is_vtc=1&random=4277362550&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 11:40:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
c1.adform.net/serving/cookie/ Frame F159
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=07C71460-8653-41C1-AB37-539E9D81DB99
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=07C71460-8653-41C1-AB37-539E9D81DB99
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=07C71460-8653-41C1-AB37-539E9D81DB99
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.42 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 10 Feb 2022 11:40:48 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Thu, 10 Feb 2022 11:40:48 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=07C71460-8653-41C1-AB37-539E9D81DB99
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 7008
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YgT5wAAFJx8O0wBB&gdpr=0&gdpr_consent=
1 B
547 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YgT5wAAFJx8O0wBB&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 10 Feb 2022 11:40:48 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
va1pug016:0:461
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Varnish
retry-after
0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YgT5wAAFJx8O0wBB&gdpr=0&gdpr_consent=
accept-ranges
bytes
date
Thu, 10 Feb 2022 11:40:48 GMT
via
1.1 varnish
x-served-by
cache-yul12831-YUL
x-cache
HIT
x-cache-hits
0
x-timer
S1644493249.532815,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 118A 		43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=07C71460-8653-41C1-AB37-539E9D81DB99&ex=pubmatic.com
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Server
Server
Date
Thu, 10 Feb 2022 11:40:48 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
0XFN9WCYKWAF0N5BB9PG
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FCD3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=B8cUYIZTQcGrN1OenYHbmQ%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:40:48 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=154807
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Sat, 12 Feb 2022 06:40:55 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Feb 2022 11:40:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
px
p.adsymptotic.com/d/ Frame FCD3
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=07C71460-8653-41C1-AB37-539E9D81DB99
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDA3QzcxNDYwLTg2NTMtNDFDMS1BQjM3LTUzOUU5RDgxREI5ORAAGg0IwPOTkAYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=0be116c3eeda80ada309685680c069f69d2d701c6b9a77d835c9cac2bdf7239c791426b5417dce21&_=2
  • https://p.adsymptotic.com/d/px?_pid=13553&_psign=9e62e5c043ecadc9479a0ccac401dd7d
43 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px?_pid=13553&_psign=9e62e5c043ecadc9479a0ccac401dd7d
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Server
104.18.98.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:40:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6db510949c68544f-YYZ
p3p
CP='NON DSP COR CONi OUR BUS CNT'
content-type
image/gif
content-length
43

Redirect headers

date
Thu, 10 Feb 2022 11:40:48 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://p.adsymptotic.com/d/px?_pid=13553&_psign=9e62e5c043ecadc9479a0ccac401dd7d
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
clear
content-length
0
SPug
image4.pubmatic.com/AdServer/ Frame FCD3
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=3ec36204-f9c0-4500-a2fb-1e8e4c98d324
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=3ec36204-f9c0-4500-a2fb-1e8e4c98d324
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:40:47 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 10 Feb 2022 11:40:48 GMT
Server
MT3 4133 baa842e master ord-pixel-x4 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=3ec36204-f9c0-4500-a2fb-1e8e4c98d324
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 10 Feb 2022 11:40:47 GMT
Pug
image2.pubmatic.com/AdServer/ Frame FCD3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDdDNzE0NjAtODY1My00MUMxLUFCMzctNTM5RTlEODFEQjk5&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:40:48 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug011:0:544
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 10 Feb 2022 11:40:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame FCD3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGpkrSK_sdY-bLtAcYqG4Ds&google_cver=1
42 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGpkrSK_sdY-bLtAcYqG4Ds&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:40:48 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug013:0:586
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 10 Feb 2022 11:40:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGpkrSK_sdY-bLtAcYqG4Ds&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame FCD3
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:43DFF3CD0F99411CA82B3C6FD65DD333
42 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:43DFF3CD0F99411CA82B3C6FD65DD333
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:40:48 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug015:0:391
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Thu, 10 Feb 2022 11:40:48 GMT
x-content-type-options
nosniff
server
nginx
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:43DFF3CD0F99411CA82B3C6FD65DD333
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Wed, 09 Feb 2022 11:40:48 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame FCD3
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3791191646582480870&gdpr=0&gdpr_consent=&us_privacy=
1 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3791191646582480870&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:40:48 GMT
cache-control
no-store, no-cache, private
x-lat
10:0:444
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3791191646582480870&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 10 Feb 2022 11:40:48 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame FCD3
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=6eb0d8c8-8ec0-49b3-afec-dd8bfc9c7013
42 B
310 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=6eb0d8c8-8ec0-49b3-afec-dd8bfc9c7013
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:40:48 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug018:0:466
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 10 Feb 2022 11:40:48 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=6eb0d8c8-8ec0-49b3-afec-dd8bfc9c7013
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
ecm3
s.amazon-adsystem.com/ Frame 2999
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=KZGWTJJE-7-677U
  • https://s.amazon-adsystem.com/ecm3?id=KZGWTJJE-7-677U&ex=d-rubiconproject.com&status=ok
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=KZGWTJJE-7-677U&ex=d-rubiconproject.com&status=ok
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Feb 2022 11:40:48 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
YZEK1Z8DYQVCNHV63GA9
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://s.amazon-adsystem.com/ecm3?id=KZGWTJJE-7-677U&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
b3266a43228eaeab48f59934ee9159da
Expires
0
pixel
cm.g.doubleclick.net/ Frame 2999
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjFhODBkN2UzYmExZGVjMjhiZGFlMDlmMzFlNzkwNDJlYTk0NDM4OQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjFhODBkN2UzYmExZGVjMjhiZGFlMDlmMzFlNzkwNDJlYTk0NDM4OQ
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H3
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 11:40:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjFhODBkN2UzYmExZGVjMjhiZGFlMDlmMzFlNzkwNDJlYTk0NDM4OQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
1c34e56f66d325760e494cbb7a93f50f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
ads.yahoo.com/cms/ Frame 2999
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZGWTJJE-7-677U&sigv=1&esig=2~2e070719704c5efae4d730b0aa5036a3cd829af7
0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZGWTJJE-7-677U&sigv=1&esig=2~2e070719704c5efae4d730b0aa5036a3cd829af7
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Server
2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:40:48 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZGWTJJE-7-677U&sigv=1&esig=2~2e070719704c5efae4d730b0aa5036a3cd829af7
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
1c34e56f66d325760e494cbb7a93f50f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 2999
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=3ec36204-f9c0-4500-a2fb-1e8e4c98d324&expires=28
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=3ec36204-f9c0-4500-a2fb-1e8e4c98d324&expires=28
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
b3266a43228eaeab48f59934ee9159da
Content-Type
image/gif

Redirect headers

Date
Thu, 10 Feb 2022 11:40:48 GMT
Server
MT3 4133 baa842e master ord-pixel-x11 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=3ec36204-f9c0-4500-a2fb-1e8e4c98d324&expires=28
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 10 Feb 2022 11:40:47 GMT
709414.gif
id.rlcdn.com/ Frame 2999 		42 B
307 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 10 Feb 2022 11:40:48 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
pixel
cm.g.doubleclick.net/ Frame 2999
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pHV1RKSkUtNy02NzdV
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pHV1RKSkUtNy02NzdV
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H3
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 11:40:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pHV1RKSkUtNy02NzdV
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
1c34e56f66d325760e494cbb7a93f50f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 2999
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YgT5wAAFJx8O0wBB
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YgT5wAAFJx8O0wBB
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
1c34e56f66d325760e494cbb7a93f50f
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 10 Feb 2022 11:40:48 GMT
via
1.1 varnish
server
Varnish
x-timer
S1644493249.690374,VS0,VE0
x-served-by
cache-yul12831-YUL
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YgT5wAAFJx8O0wBB
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tap.php
pixel.rubiconproject.com/ Frame 2999
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=6eb0d8c8-8ec0-49b3-afec-dd8bfc9c7013&gdpr=0&gdpr_consent=&expires=30
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=6eb0d8c8-8ec0-49b3-afec-dd8bfc9c7013&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
b3266a43228eaeab48f59934ee9159da
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 10 Feb 2022 11:40:48 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=6eb0d8c8-8ec0-49b3-afec-dd8bfc9c7013&gdpr=0&gdpr_consent=&expires=30
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
289
tap.php
pixel.rubiconproject.com/ Frame 2999
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHgQkRuAzLnWaOeUDJDKNcg&google_cver=1
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHgQkRuAzLnWaOeUDJDKNcg&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
1c34e56f66d325760e494cbb7a93f50f
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 10 Feb 2022 11:40:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHgQkRuAzLnWaOeUDJDKNcg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
users
dmx.districtm.io/s/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://cdn.districtm.io
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 10 Feb 2022 11:40:48 GMT
cf-ray
6db51094998b8c0f-EWR
access-control-allow-origin
https://cdn.districtm.io
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-max-age
14400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
users
dmx.districtm.io/s/v1/ Frame 1980 		0
726 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/users
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://cdn.districtm.io/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 10 Feb 2022 11:40:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-allow-origin
https://cdn.districtm.io
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6db51094f99d5443-YYZ
access-control-allow-headers
Origin, Content-Type
optout_check
beacon.krxd.net/ 		82 B
241 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon.krxd.net/optout_check?callback=Krux.ns.postmedia.kxjsonp_optOutCheck
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.147.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-147-181.compute-1.amazonaws.com
Software
/
Resource Hash
54fe9f7c928d0fc395507e9f82ac74b96bc024ce1c051ed33eb4253fbb7671a5

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:40:48 GMT
cache-control
private, max-age=0, s-max-age=0
x-request-time
D=26 t=1644493248
x-served-by
beacon-n004-ash-prod.krxd.net
content-type
text/javascript
get
cdn.krxd.net/userdata/ 		364 B
514 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/userdata/get?pub=42fb57ac-2013-45a6-8dad-332d53e17c1b&technographics=1&callback=Krux.ns.postmedia.kxjsonp_userdata
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
00df94a6261bf2d611399f0346fa5d816002d578ad46379a1bd33d727e5da1a6

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_userdata_ash_prod_krxd_net___UserData_Service_V2
date
Thu, 10 Feb 2022 11:40:48 GMT
content-encoding
gzip
age
0
x-served-by
userdata-a021-ash-prod.krxd.net, cache-yul12832-YUL
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript
via
1.1 varnish
cache-control
private, max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1644493249.842225,VS0,VE20
content-length
286
x-cache-hits
0, 0
sodar
pagead2.googlesyndication.com/getconfig/ 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022020801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js?31064837
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5a86add46ea715e379a378ec80c7650cad497aefc2478ea37e1c6a87353e4d94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 10 Feb 2022 11:40:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10020
x-xss-protection
0
ribn-postmedia.min.js
assets.ribn.com/v2/production/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.ribn.com/v2/production/ribn-postmedia.min.js
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:8200:7:75d4:e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c81cab8c63d469329c0e0724770c6c8622f0d5d1fb8b6f919b6d7dddfadba190

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 13:36:14 GMT
content-encoding
gzip
last-modified
Wed, 01 Sep 2021 18:06:03 GMT
server
AmazonS3
age
79475
etag
W/"baaa6497dd2dea88d8fdb6d6cca08cf2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 3dd77c5199bed8cf64af9bc1af1f0d84.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
x-amz-cf-id
1fgRj_3eQJDZk9djPkDf3etC3fDU-MWRsmaOEIlImqrdbqdd5fuhRQ==
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/10276888/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
348 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol
H2
Server
13.226.31.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-31-3.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:36:04 GMT
via
1.1 b1cccfee199a18a4097165436eb291a8.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
last-modified
Mon, 01 Mar 2021 20:42:20 GMT
server
AmazonS3
age
285
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
EWR53-C2
accept-ranges
bytes
content-length
0
x-amz-cf-id
ELtVbjO0Sxwb9I1muV8Ddx61pGHXiogtDb02Hp6tt-FCy6pZY_f42g==

Redirect headers

date
Thu, 10 Feb 2022 11:40:48 GMT
via
1.1 b1cccfee199a18a4097165436eb291a8.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
/internal-c2/default/cs.js
content-length
48
x-amz-cf-id
6pZEy92_tqXp7W9v_NxaaiyWpj_cvo9kmtlg3dWngHJpRGq3Jgt47A==
mqdefault.webp
i.ytimg.com/vi_webp/6kfv6OjkAPo/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/6kfv6OjkAPo/mqdefault.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2016 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
348180de8ed0528db1aee2b84174dcbe296baf2df1048a6f8d405181f4c3861d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:27:30 GMT
x-content-type-options
nosniff
age
798
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10702
x-xss-protection
0
server
sffe
etag
"1643415215"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 10 Feb 2022 13:27:30 GMT
mqdefault.webp
i.ytimg.com/vi_webp/GSTTZ7mtwKc/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/GSTTZ7mtwKc/mqdefault.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2016 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2f4ff612aae54db25ceb56885665ad9c8bfac2cad5f30c1b582febc1fe10789
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 10:49:16 GMT
x-content-type-options
nosniff
age
3092
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12166
x-xss-protection
0
server
sffe
etag
"1643136245"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 10 Feb 2022 12:49:16 GMT
mqdefault.webp
i.ytimg.com/vi_webp/lkhYkiqApyI/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/lkhYkiqApyI/mqdefault.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2016 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f40c33990c532ef379fe609b48dfca08d5fbcb6139e312a8e829466d7d09f34e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 10:39:15 GMT
x-content-type-options
nosniff
age
3693
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9018
x-xss-protection
0
server
sffe
etag
"1642437482"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 10 Feb 2022 12:39:15 GMT
mqdefault.webp
i.ytimg.com/vi_webp/LefQlPR5tiU/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/LefQlPR5tiU/mqdefault.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2016 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97ebbb14c84d4682c8097790b33367c3a0614d1775bc8eb76b194e8c94262b3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:12:17 GMT
x-content-type-options
nosniff
age
1711
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8064
x-xss-protection
0
server
sffe
etag
"1641504165"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 10 Feb 2022 13:12:17 GMT
mqdefault.webp
i.ytimg.com/vi_webp/iYlGGPcBNLM/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/iYlGGPcBNLM/mqdefault.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2016 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0ca367a40b39037858a2dbfc221129b3f620a7a35731880c725369a9671863d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:27:30 GMT
x-content-type-options
nosniff
age
798
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10790
x-xss-protection
0
server
sffe
etag
"1641831118"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 10 Feb 2022 13:27:30 GMT
mqdefault.webp
i.ytimg.com/vi_webp/e3Q4fByDnWY/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/e3Q4fByDnWY/mqdefault.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2016 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82b89ed3521ceae654e81e6b5d453c0c73abf4fce788f7f55dc92cc1b0b39551
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:36:39 GMT
x-content-type-options
nosniff
age
249
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7728
x-xss-protection
0
server
sffe
etag
"1641403360"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 10 Feb 2022 13:36:39 GMT
mqdefault.webp
i.ytimg.com/vi_webp/FELEXBxSqOc/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/FELEXBxSqOc/mqdefault.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2016 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a43daa7f7b51b472b7b657134f86414bfbde762ce8828a9a66f57a0c22db4152
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 10:02:37 GMT
x-content-type-options
nosniff
age
5891
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10186
x-xss-protection
0
server
sffe
etag
"1640094503"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 10 Feb 2022 12:02:37 GMT
mqdefault.webp
i.ytimg.com/vi_webp/HiIgtQALCkI/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/HiIgtQALCkI/mqdefault.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2016 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
740a9e7b3db299d6c5d2013418c00c437d768f4097e5d74f6c58db38cc431e28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:33:39 GMT
x-content-type-options
nosniff
age
429
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11584
x-xss-protection
0
server
sffe
etag
"1640297242"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 10 Feb 2022 13:33:39 GMT
mqdefault.webp
i.ytimg.com/vi_webp/U04Sbe64a2Y/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/U04Sbe64a2Y/mqdefault.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2016 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc3cc0865aad29753640bd3cfee8f49521946b2c5867aea60616ea09b15f599e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:37:47 GMT
x-content-type-options
nosniff
age
181
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9690
x-xss-protection
0
server
sffe
etag
"1640091167"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 10 Feb 2022 13:37:47 GMT
mqdefault.webp
i.ytimg.com/vi_webp/huP4KOq-v7g/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/huP4KOq-v7g/mqdefault.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2016 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b916b00b7d8fb73a2053891ce152a1603af199fc33baba62ae2c9785747f628
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:39:44 GMT
x-content-type-options
nosniff
age
64
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10192
x-xss-protection
0
server
sffe
etag
"1644337732"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=300
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 10 Feb 2022 11:44:44 GMT
icon-yt-play.svg
cheet-2642-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/images/common-icon/ 		441 B
597 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/images/common-icon/icon-yt-play.svg?7988ae5f65d0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
fd583bd394cf970e462e11c2855609a468859ce761c8c3b6bc93dc90e93923cf
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Thu, 10 Feb 2022 11:40:48 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 22:47:18 GMT
etag
W/"62044476-1b9"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Sun, 05 Feb 2023 11:40:48 GMT
iframe_api
www.youtube.com/ 		980 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/6c309176cae2b5e44ea913.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d8f66b4bcc5e8d3e51de1971d5860966de604f411416bd5338fbecb882dfed7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:40:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
content-type
text/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
expires
Thu, 10 Feb 2022 11:40:48 GMT
42fb57ac-2013-45a6-8dad-332d53e17c1b
consumer.krxd.net/consent/get/ 		224 B
311 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/42fb57ac-2013-45a6-8dad-332d53e17c1b?idt=device&dt=kxcookie&callback=Krux.ns.postmedia.kxjsonp_consent_get_1
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
14cd34073ec766404b16802f2913e9d78c1349bef4fca986affa1b788470bd36

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:40:48 GMT
via
1.1 varnish
age
0
x-served-by
consumer-a016-ash-prod.krxd.net, cache-yul12829-YUL
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
content-encoding
gzip
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1644493249.896533,VS0,VE20
content-length
188
x-cache-hits
0, 0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js?31064837
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:40:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 10 Feb 2022 11:40:49 GMT
www-widgetapi.js
www.youtube.com/s/player/96dcbc8c/www-widgetapi.vflset/ 		147 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/96dcbc8c/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
86891a4f92d09b470ae41e59041f933740ed0637ff2b92780b185cf1649cdb4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 16:48:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
67945
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48432
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 01:19:32 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 09 Feb 2023 16:48:24 GMT
pixel.gif
beacon.krxd.net/ 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/pixel.gif?source=smarttag&fired=report&confid=uthtxmddg&_kpid=42fb57ac-2013-45a6-8dad-332d53e17c1b&_kcp_s=communities&_kcp_d=postmedia.digital&_knifr=5&_kua_kx_tz=0&geo_country=ca&geo_region=qc&geo_dma=124462&_kua_kx_lang=en-us&_kua_kx_tech_browser_language=en-us&_kua_mpid=1560126540933913520&_kua_ad_light_user=false&_kua_kx_tech_browser=Chrome%209&_kua_kx_tech_manufacturer=Microsoft%20Corporation&_kua_kx_tech_device=Computer&_kua_kx_tech_os=Windows%2010&_kua_kx_geo_country=ca&_kua_kx_geo_region=qc&_kua_kx_geo_dma=124462&_kua_kx_whistle=0&_kpa_domain=postmedia.digital&_kpa_page_type=index&_kpa_communities_page_type=index&_kpa_main_category=index&_kpa_env=test&_kpa_view_type=HTML&_kpa_paywall_whitelist=false&t_navigation_type=0&t_dns=0&t_tcp=26&t_http_request=-1&t_http_response=158&t_content_ready=4548&t_window_load=5968&t_redirect=0&interchange_ran=false&userdata_was_requested=true&userdata_did_respond=true&store_user_after=w4pv98h8z&userdata_user=Op3HHEPR%2Cw4pv98h8z&sview=1&kplt0=41818&kplt1=42920&kplt2=42921&kplt3=42922&kplt4=44981&kplt5=45977&kplt6=46302&jsonp_requests=https%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2F42fb57ac-2013-45a6-8dad-332d53e17c1b%2C39%2Chttps%3A%2F%2Fbeacon.krxd.net%2Foptout_check%2C64%2Chttps%3A%2F%2Fcdn.krxd.net%2Fuserdata%2Fget%2C64%2Chttps%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2F42fb57ac-2013-45a6-8dad-332d53e17c1b%2C34
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.147.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-147-181.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:40:49 GMT
cache-control
private, no-cache, no-store
x-request-time
D=101 t=1644493249
x-served-by
beacon-n021-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 096D 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 10 Feb 2022 05:23:24 GMT
expires
Fri, 10 Feb 2023 05:23:24 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
22645
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame BED0 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
dbe80cb933e8b71f45639bb6d0f2deed4a8a0278db5cf6eb0558676e5c811629
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-cIIWoGJuSHDxKrFEIbEH0g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Thu, 10 Feb 2022 11:40:49 GMT
date
Thu, 10 Feb 2022 11:40:49 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-cIIWoGJuSHDxKrFEIbEH0g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
511
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
huP4KOq-v7g
www.youtube.com/embed/ Frame F6A6 		71 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/huP4KOq-v7g?autoplay=0&cc_load_policy=1&color=white&controls=1&enablejsapi=1&origin=https%3A%2F%2Fcheet-2642-ontariofarmer.gdev.postmedia.digital&playsinline=1&rel=0&playlist=huP4KOq-v7g%2C6kfv6OjkAPo%2CGSTTZ7mtwKc%2ClkhYkiqApyI%2CLefQlPR5tiU%2CiYlGGPcBNLM%2Ce3Q4fByDnWY%2CFELEXBxSqOc%2CHiIgtQALCkI%2CU04Sbe64a2Y&embed_config=%7B%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F3081%2FSMCO_ENCO_MAGOnFarmer_EN_WEB%2Findex%22%2C%22cust_params%22%3A%22player%253Dyt%2526no_pol%253Dtrue%2526page%253Dindex%2526pr%253Donf%2526sensitive%253Dn%2526negative%253Dn%2526ck%253Dindex%2526imp%253Dindex%2526kuid%253D%2526adt%253DveryLow%2526alc%253DveryLow%2526dlm%253DveryLow%2526drg%253DveryLow%2526hat%253DveryLow%2526off%253DveryLow%2526vio%253DveryLow%2526ias-kw%253D%2526fr%253Dfalse%2526cheetah%253Dy%22%2C%22ppid%22%3A%2200000000ppidp1560126540933913520%22%7D%2C%22nonPersonalizedAd%22%3Atrue%7D%7D&widgetid=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/96dcbc8c/www-widgetapi.vflset/www-widgetapi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f9d24745fb703b079ee7f0a9c3114df9d6c80b1ca7a9f954a2a391c932d8ab51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 10 Feb 2022 11:40:49 GMT
strict-transport-security
max-age=31536000
cross-origin-opener-policy-report-only
same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
report-to
{"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding
br
server
ESF
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
c0ace983ffea1bea0427354da745db13.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C50D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c0ace983ffea1bea0427354da745db13.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js?31064837
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 10 Feb 2022 11:40:48 GMT
expires
Fri, 10 Feb 2023 11:40:48 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012201141909000/ Frame 3417 		220 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012201141909000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js?31064837
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8ade0d94aaf4b3d52776b75609e8d1c31995677a0a033a6fa2408425da07740
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
209108
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61542
x-xss-protection
0
server
sffe
date
Tue, 08 Feb 2022 01:35:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"00d9ef7efeb287da"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 08 Feb 2023 01:35:41 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012201141909000/v0/ Frame 3417 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012201141909000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js?31064837
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb696ecd7c4f31fdd7c7c1cc37e8efc29614fbcbadf74f455aa496d72ce33250
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
63300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5698
x-xss-protection
0
server
sffe
date
Wed, 09 Feb 2022 18:05:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"919adc590e0ff503"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 09 Feb 2023 18:05:49 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012201141909000/v0/ Frame 3417 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012201141909000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js?31064837
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc83fe6d180fd859f448bacd040799bf379ee7e0d9b1e6c3f19499c1c4358864
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
322910
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29570
x-xss-protection
0
server
sffe
date
Sun, 06 Feb 2022 17:58:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"c52208c2e07002d5"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 06 Feb 2023 17:58:59 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012201141909000/v0/ Frame 3417 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012201141909000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js?31064837
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea29de07cdb14f2c6c59c06fdcd4ec30c2030b3ba8ee6a0aa325085496b9a94d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
208032
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1851
x-xss-protection
0
server
sffe
date
Tue, 08 Feb 2022 01:53:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"76a8c96b6aaec2c9"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 08 Feb 2023 01:53:37 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012201141909000/v0/ Frame 3417 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012201141909000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js?31064837
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7d040d5e84706dac2d471ad33830bd0ae361ca06e53e72e817701478c6d5afa
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
54867
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13611
x-xss-protection
0
server
sffe
date
Wed, 09 Feb 2022 20:26:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"7aefe3fe93cc7383"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 09 Feb 2023 20:26:22 GMT
css
fonts.googleapis.com/ Frame 3417 		8 KB
888 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js?31064837
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 10 Feb 2022 11:26:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 10 Feb 2022 11:40:49 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 10 Feb 2022 11:40:49 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3417 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:24:30 GMT
x-content-type-options
nosniff
server
cafe
age
65779
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Thu, 10 Feb 2022 17:24:30 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3417 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 00:17:40 GMT
x-content-type-options
nosniff
server
cafe
age
40989
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 11 Feb 2022 00:17:40 GMT
l
www.google.com/ads/measurement/ Frame 3417 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTyE5Vp1-DwITEj-8EBL2ruDaqjo9BT1aii91MSVJJPs_bRhWcZ-nUY8c8IgBRbjmsRxw--pFegWi3V0tjg4rbXgfHWXQ
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 3417 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CUNqSwPkEYomeFY61zwXMkp7wDeT7lp5o6P-mzuoNl-3l06gjEAEg4pn9D2B9oAHUiO_wA8gBCakCnB5iJ814qj7gAgCoAwHIAwqqBKkCT9B4rtbcgSokU2NojzlzCUUdHGl4vMlcWq_WemZXUt27UccyB4N5BBhL8eLR2iKvMyxbDaHNm-njAZE94s_4hOqcupAZh0czlMrqvlFIQISW5TdDucRuul0VS8oP7dG3Mqhm7E_DGYdoaztqlbXYmXhH_Ui_noPOrd6VszHaYxLfV5l00vKRn0Ocv_EiMMlKuhjC_ai4mXX7wnW9S54qRd_CGL0PXau2XPgk3Ob_EVbut-AqMJ0CEd5VGppBpwnTe3tNO-u2lkCkFnn7Iv9WtVDJz02iVOIApGxVYZzF63HPaHbEv2clVXROdsqReqlRJoG3IMlmV5eWJ-L4464mZeMatworxYgtvlm4GeFaUA9gmQLQhN2IEWmpm9_HSU_S8eNPkCNFc7LmwASzhuHk1QPgBAGSBQQIBBgBkgUECAUYBKAGLoAHlPeQD6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEJKWCtIIBwiAYRABGB2ACgPICwG4E4gn2BMNiBQB0BUBmBYBgBcBshceChwIABIUcHViLTU2MTEwNTM2NjI2MTMzOTAYzfUR&sigh=rigP1yPqO3w&uach_m=[UACH]&template_id=5000
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 4934 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLHZsgIQwJrPAhjw6a3BATAB&v=APEucNWPXiVSNufDYJwkNtcUbEDeA_chZdjCkhdVqxXM2hWuGIpaKBJ0vW1JiorvfuUjbcSoYEakwD1mh6m0QfnJdFMcwvCc7Q
Requested by
Host: c0ace983ffea1bea0427354da745db13.safeframe.googlesyndication.com
URL: https://c0ace983ffea1bea0427354da745db13.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://c0ace983ffea1bea0427354da745db13.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 10 Feb 2022 11:40:49 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame C50D 		75 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Das8VZ2mJ6XW-tCEoWR01ZfGHHgB9S9kQSE0Sc93Xj4wd8nbd44GGjcNhIp-sbKNeGeFnt7cTkyZV6WNzDll9ve45xPjVYSnGbexQLOmF0fffiCp2xAVm7UrnIUWK54dmZLMf04R5yZR-avMSHhsANs9hqOQ&dbm_d=AKAmf-DxbgQ4XJ8sp93f4M7UbcfvZxklB4tHkGG4JpwzH5G7PysosgQx4Yuedmyscz2C8RU3d2ufvkGf9MPTkFgPp5olVVH5OoNdSvRTlHqfgUCaHrL3aIIm4a6T1_c5YFydNbNH2-Edz0Wqz8XJ6rgCvB1suthQYhkMyLmS7ySHjg-yi8XAfTYnmWgk8Py7RugTtwy4rQWCdYi6lXONtZ3285ERbszMTBhWtSOG-Dv-Qg0En1lXkT_wWZ9Jo9gOlzXFT5mHZYN23EYJ3_8tNtWdh8mBMAEZhB2fyhWfgXhVYKtPwg6qcFI-Ixy_7803YEZfONPwsJug1S6YY_7yFXszZ4LPqOgS42dpmk3OMKDH98UC_9JlLGKqjSmT3PTU-Sys4dW2-B6uSUPV2pkNR_zKoLVJsQSIVTWmHk1taLm-Jh6YavG8OOAwBDIU1Tp7YES8FsGYyaD_0sBJBUZ5sw6ft_L9HUNVLtPiCyweai1OfDJ4uQJoRManjZnK56RIeiRzV5fuYFa_UGbIl7AzfurRJAZVeNZ1wHQBS4160WkYnZYgWA7lPP1cRtSSApQ4Ovk5c_5O8uOfY1nU586V-UCFFtagQ5KQPtLy2Kw3qXT8gCt6J3BkhAjETk_aLb0DZmp9kqBGs0WD4ysW2ClmjOCFPF388SDcmQ-tEdPH0Rhp5yQ569nigPRFgsU4VBIMOv7810Jrlk_16EiU6RYSlzlQLDcJ25euwRr-nL4wU3w6fHWjwDLvlMP2hh2NiqkTzP6AmCVnO94PAjZXn4jaKJwK8KOImzJDrE2NPX_0TnocZ7bxXRnc6UB25XvOBi-4XX9TJlAGOLvt8-fDB6fTrXYCMxfrOyjzVz17pKp2gMPRCabMX1tXKhpfQTP0Jm5CEoy5dGWa-eFjsfohKa39V3tFrWz6Ene3j0RDyblwpTDbVl0NE6JKOhUpfCi6njFnL6dV1FnGiJIsaQ72u95EAfModXRYHjuQrvabZxhq7ag-ln1EXfonRS1MV998Y-c7WcIhAh7zgj2Fzd43tSS1Oh1r-KvJ3CyOAEl8fyRUzTd2k_c6tGESaKRUzWneI_2cZbZsdtoqX15YGW7E79YDmU5SSDariUQ7aXlQA7mAV8A3-P0a_diE5U3LiloNNptvKy5sK7FyJu5cIXNSEJ6FaBKIH1JwU9U0EjRNndTBNB9uKHlehFPI9vlXB8QcJkU4dS8G-Ndm5sMmpdU0zV_rf14l0VEpNVGavGevDINAmbbvLvqNl5PaXXcARE4zw2uiObLewnUAtL5t4xE0jh_pyl9-vxc3zQw6kLki11oonxcxiviY5kWGeQrq1G5kyfbzbErZmUgYcVUiXqSOel46bF8LmnWJMO2gzAEnAthIPxHyz8_6gk5GSROjSLTt2jArURm8S-ByDCi9gZZghCMHIyxf_zj5kDcOIKW9mBFrXomHZF1A6lf8Pu8HMXa2hp3OEd77ejCz1wn9HqXhg-NBqXieLZrRs8198u4BbDce96cttSn0djuSL-cEpthRVnFNwF-qHvAqQLcfu8K1JqMF-x51gGP2cDJFpwuca1NBc7Q2Qu4kBg_hG_tA7wTt_L2RJJ4fj0JD1d5Pg9wgEJr9VzIPkzgceNYUxk5nw1J37XDyl4cp9ho7O_RL9Y8RkqoTiwE2P99_ARqtLs3KM4ht_vdJZKDBO79mzhGFR72Xl25oOydGQfhThh6btnBzqfkLDSAijcp4DgoLv0kvhQ_jHz0qHMdtz6lVYo-Lqh3S60KW9ztwLWDS7yQXfsOODQyUAseOsa38dEQ0rodQMsKszdm-FazD3G49iK7NOXqG0rnNHPUOq7UWn_xrCztb1tlpwWxY2LuekK8lwu3uHB5HRdR8D3OglwBRVwqutC-5QYmqyiVMkGKucPFvTmaLejIWYJH_NzuELZOVioZBD0bNLR0UdESc4bJNDfUqk1yMMaJSzqGL7bVSEDEuQHQDgQN93T2wnc3wjdUEOaqkqOXhBBHuIGUNY7lzbJNaitFiBBuWzzi1fswWa8JUcSoTDHFI_1LqEulE-jsFJHQWJZjqPyx51BS_f6dfZMeXnmHvZ9SorbE7mjTRcmyVo_CEc-Ga4C8AkmLBXl117ngW8kz8TZBnRNgbB6UJIETboCPzGXG0qQjSiO3lGdau9HNga1H8-5gtC0S4Xqn5wbJ9uiZczR8K7CAMA5C8i9ybLNNbLaWiwqX2uboTiHBE0j2s0IYGwngLLAvfiGUQxPlL8my4RMmoBYmQv3SJgx7PedAcU5AcoScW7dJ-O3Mk4Q7SHKfAcbJ9G9Dmqzc6Bf7nI5azxU1E_ueDxbcn7HXJLv74J7xDkxVfyFtUBaN3xskSPbXEQPdTcdJpkyLmyB83AogJElADSswXeqsDhJfnJ8tBQJLhIGFgHbT66mazvNYSxWLvCAFo856M6pAhHYC66SIsGaGq5goArVRXw7Dm0RclEnDbjoBHQcpNgLPInospxNxQYYzPvuyvUGjDi_4WtwLyqMp9UHgWMwHo7p0U-xwcclTxDKOHTSvFGWto0GLFn-NeoFX6gA9GjbiF5qLxvRNmsVr97jkaNH-4hRi30P4dMkih77mDC52xQ7UwmtvAoTwhkBL5WpICeB3_hzVEeGU4RCZd5R6DuOwojA4gWaQCh6xoZ8i0U7vWQSXN1NP2wz4WUnOC3OgGr32wXvxmrsvwGXemJouA1GjVvQ5Tgg5G3w-Tp46MTZ4WdAgfz5V3EXcNUOg061pTmCdrTzEOkSmEEhtyHlkROS62bCu4ugA-WXFxw1eGXWSEl1ue3r1tYkUwpKLVS7YCx23pevOeTZ9EMzeoEANVnK-t7Hp3rMcCje2BsgrfBsfP6gqgrQ6Gkt8gAh03jC4yytBbljK2B0Ok6tvF0-wI5yStUyaxPLv-CN7DMci8HyMPQB3slN4bDSfEwytQ6gnYTwo1LBG_CL231VSGGc06Ux0M6Syg1hWhfxK4_SmzaeH63u1fOj3JGjciMwOXoJWoT9-MHGfztBHTGWMnvyXST2w70Fg7m45KkdSxOg6zBGicxdYmAckER1-tY9Qa-ApIPHpuA1Hq1QmFtF8uAzGXhZWzv4izFgK79fCel4SqUA7NXqM-3ysuzJe9RaV8e98EX85mjIDG8oWa_BXYpv6qvpxqtZ32tZn1FjNb9-G2yJfqGKJYR6xBSaGTT7vMVsAjcIzfpFdDGO74QvV6UEiDvQ6fZqiK_BFTBHH0VIUe1EbaRPI&cid=CAASEuRo4PUlYmwlcg-f6LKrQjUoBw&rfl=1%2Chttps%253A%252F%252Fcheet-2642-ontariofarmer.gdev.postmedia.digital%252F%240
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b0cae2f23069415b0b022eb7adf056279d0c869f2e5a2d2b3a3de371fcf2aef4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://c0ace983ffea1bea0427354da745db13.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 11:40:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31977
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C50D 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BTXmAAVUqkTzM2EHCiHFZ6jW-sCTqELqnbB3zPI7KT4z0WQGA1-MDr8x_QEj1oqr2b-QqTkUxgv_agFAGT0OU0DwhvGLi0SuRy15yqATocKko6U3I
Requested by
Host: c0ace983ffea1bea0427354da745db13.safeframe.googlesyndication.com
URL: https://c0ace983ffea1bea0427354da745db13.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://c0ace983ffea1bea0427354da745db13.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 11:40:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/ Frame C50D 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/window_focus_fy2019.js
Requested by
Host: c0ace983ffea1bea0427354da745db13.safeframe.googlesyndication.com
URL: https://c0ace983ffea1bea0427354da745db13.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://c0ace983ffea1bea0427354da745db13.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:36:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
288
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 24 Feb 2022 11:36:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C50D 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c0ace983ffea1bea0427354da745db13.safeframe.googlesyndication.com
URL: https://c0ace983ffea1bea0427354da745db13.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://c0ace983ffea1bea0427354da745db13.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:40:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38562
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1644410386637351"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 10 Feb 2022 11:40:49 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/ Frame C50D 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: c0ace983ffea1bea0427354da745db13.safeframe.googlesyndication.com
URL: https://c0ace983ffea1bea0427354da745db13.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://c0ace983ffea1bea0427354da745db13.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:30:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
593
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6367
x-xss-protection
0
server
cafe
etag
17798303060702513824
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 24 Feb 2022 11:30:56 GMT
l
www.google.com/ads/measurement/ Frame C50D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQFe87SYUnCRXEyn35xbkQazYTBT-HmCnqpoAgWSZXdprFFBchAzhMKdUTt6u3c26PejJzRQWfc29RqdPzEQyVGuuDSIA
Requested by
Host: c0ace983ffea1bea0427354da745db13.safeframe.googlesyndication.com
URL: https://c0ace983ffea1bea0427354da745db13.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://c0ace983ffea1bea0427354da745db13.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame BED0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022020801&jk=2890307273580346&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
51HlaoDq_D6uZSgBzZWUemIfoZ0TtR6K4rqMqSgJuCQ.js
pagead2.googlesyndication.com/bg/ Frame 096D 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/51HlaoDq_D6uZSgBzZWUemIfoZ0TtR6K4rqMqSgJuCQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e751e56a80eafc3eae652801cd95947a621fa19d13b51e8ae2ba8ca92809b824
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 05:23:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
22652
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13873
x-xss-protection
0
last-modified
Mon, 07 Feb 2022 12:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 Feb 2023 05:23:17 GMT
www-player-webp.css
www.youtube.com/s/player/96dcbc8c/ Frame F6A6 		342 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/96dcbc8c/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/huP4KOq-v7g?autoplay=0&cc_load_policy=1&color=white&controls=1&enablejsapi=1&origin=https%3A%2F%2Fcheet-2642-ontariofarmer.gdev.postmedia.digital&playsinline=1&rel=0&playlist=huP4KOq-v7g%2C6kfv6OjkAPo%2CGSTTZ7mtwKc%2ClkhYkiqApyI%2CLefQlPR5tiU%2CiYlGGPcBNLM%2Ce3Q4fByDnWY%2CFELEXBxSqOc%2CHiIgtQALCkI%2CU04Sbe64a2Y&embed_config=%7B%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F3081%2FSMCO_ENCO_MAGOnFarmer_EN_WEB%2Findex%22%2C%22cust_params%22%3A%22player%253Dyt%2526no_pol%253Dtrue%2526page%253Dindex%2526pr%253Donf%2526sensitive%253Dn%2526negative%253Dn%2526ck%253Dindex%2526imp%253Dindex%2526kuid%253D%2526adt%253DveryLow%2526alc%253DveryLow%2526dlm%253DveryLow%2526drg%253DveryLow%2526hat%253DveryLow%2526off%253DveryLow%2526vio%253DveryLow%2526ias-kw%253D%2526fr%253Dfalse%2526cheetah%253Dy%22%2C%22ppid%22%3A%2200000000ppidp1560126540933913520%22%7D%2C%22nonPersonalizedAd%22%3Atrue%7D%7D&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b77abfeaea1a4ad2f58b86aa6b30e3c8b3bdc13c2732e89ad4c4ea5af427309
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.youtube.com/embed/huP4KOq-v7g?autoplay=0&cc_load_policy=1&color=white&controls=1&enablejsapi=1&origin=https%3A%2F%2Fcheet-2642-ontariofarmer.gdev.postmedia.digital&playsinline=1&rel=0&playlist=huP4KOq-v7g%2C6kfv6OjkAPo%2CGSTTZ7mtwKc%2ClkhYkiqApyI%2CLefQlPR5tiU%2CiYlGGPcBNLM%2Ce3Q4fByDnWY%2CFELEXBxSqOc%2CHiIgtQALCkI%2CU04Sbe64a2Y&embed_config=%7B%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F3081%2FSMCO_ENCO_MAGOnFarmer_EN_WEB%2Findex%22%2C%22cust_params%22%3A%22player%253Dyt%2526no_pol%253Dtrue%2526page%253Dindex%2526pr%253Donf%2526sensitive%253Dn%2526negative%253Dn%2526ck%253Dindex%2526imp%253Dindex%2526kuid%253D%2526adt%253DveryLow%2526alc%253DveryLow%2526dlm%253DveryLow%2526drg%253DveryLow%2526hat%253DveryLow%2526off%253DveryLow%2526vio%253DveryLow%2526ias-kw%253D%2526fr%253Dfalse%2526cheetah%253Dy%22%2C%22ppid%22%3A%2200000000ppidp1560126540933913520%22%7D%2C%22nonPersonalizedAd%22%3Atrue%7D%7D&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 13:45:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
78914
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47770
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 01:19:32 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 09 Feb 2023 13:45:35 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F6A6 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/huP4KOq-v7g?autoplay=0&cc_load_policy=1&color=white&controls=1&enablejsapi=1&origin=https%3A%2F%2Fcheet-2642-ontariofarmer.gdev.postmedia.digital&playsinline=1&rel=0&playlist=huP4KOq-v7g%2C6kfv6OjkAPo%2CGSTTZ7mtwKc%2ClkhYkiqApyI%2CLefQlPR5tiU%2CiYlGGPcBNLM%2Ce3Q4fByDnWY%2CFELEXBxSqOc%2CHiIgtQALCkI%2CU04Sbe64a2Y&embed_config=%7B%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F3081%2FSMCO_ENCO_MAGOnFarmer_EN_WEB%2Findex%22%2C%22cust_params%22%3A%22player%253Dyt%2526no_pol%253Dtrue%2526page%253Dindex%2526pr%253Donf%2526sensitive%253Dn%2526negative%253Dn%2526ck%253Dindex%2526imp%253Dindex%2526kuid%253D%2526adt%253DveryLow%2526alc%253DveryLow%2526dlm%253DveryLow%2526drg%253DveryLow%2526hat%253DveryLow%2526off%253DveryLow%2526vio%253DveryLow%2526ias-kw%253D%2526fr%253Dfalse%2526cheetah%253Dy%22%2C%22ppid%22%3A%2200000000ppidp1560126540933913520%22%7D%2C%22nonPersonalizedAd%22%3Atrue%7D%7D&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 11:41:34 GMT
x-content-type-options
nosniff
age
172755
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 08 Feb 2023 11:41:34 GMT
www-embed-player.js
www.youtube.com/s/player/96dcbc8c/www-embed-player.vflset/ Frame F6A6 		282 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/96dcbc8c/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/huP4KOq-v7g?autoplay=0&cc_load_policy=1&color=white&controls=1&enablejsapi=1&origin=https%3A%2F%2Fcheet-2642-ontariofarmer.gdev.postmedia.digital&playsinline=1&rel=0&playlist=huP4KOq-v7g%2C6kfv6OjkAPo%2CGSTTZ7mtwKc%2ClkhYkiqApyI%2CLefQlPR5tiU%2CiYlGGPcBNLM%2Ce3Q4fByDnWY%2CFELEXBxSqOc%2CHiIgtQALCkI%2CU04Sbe64a2Y&embed_config=%7B%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F3081%2FSMCO_ENCO_MAGOnFarmer_EN_WEB%2Findex%22%2C%22cust_params%22%3A%22player%253Dyt%2526no_pol%253Dtrue%2526page%253Dindex%2526pr%253Donf%2526sensitive%253Dn%2526negative%253Dn%2526ck%253Dindex%2526imp%253Dindex%2526kuid%253D%2526adt%253DveryLow%2526alc%253DveryLow%2526dlm%253DveryLow%2526drg%253DveryLow%2526hat%253DveryLow%2526off%253DveryLow%2526vio%253DveryLow%2526ias-kw%253D%2526fr%253Dfalse%2526cheetah%253Dy%22%2C%22ppid%22%3A%2200000000ppidp1560126540933913520%22%7D%2C%22nonPersonalizedAd%22%3Atrue%7D%7D&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e8237174d7df397d5743d7809d2135cc46113bf5e01616719f8626e539683a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.youtube.com/embed/huP4KOq-v7g?autoplay=0&cc_load_policy=1&color=white&controls=1&enablejsapi=1&origin=https%3A%2F%2Fcheet-2642-ontariofarmer.gdev.postmedia.digital&playsinline=1&rel=0&playlist=huP4KOq-v7g%2C6kfv6OjkAPo%2CGSTTZ7mtwKc%2ClkhYkiqApyI%2CLefQlPR5tiU%2CiYlGGPcBNLM%2Ce3Q4fByDnWY%2CFELEXBxSqOc%2CHiIgtQALCkI%2CU04Sbe64a2Y&embed_config=%7B%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F3081%2FSMCO_ENCO_MAGOnFarmer_EN_WEB%2Findex%22%2C%22cust_params%22%3A%22player%253Dyt%2526no_pol%253Dtrue%2526page%253Dindex%2526pr%253Donf%2526sensitive%253Dn%2526negative%253Dn%2526ck%253Dindex%2526imp%253Dindex%2526kuid%253D%2526adt%253DveryLow%2526alc%253DveryLow%2526dlm%253DveryLow%2526drg%253DveryLow%2526hat%253DveryLow%2526off%253DveryLow%2526vio%253DveryLow%2526ias-kw%253D%2526fr%253Dfalse%2526cheetah%253Dy%22%2C%22ppid%22%3A%2200000000ppidp1560126540933913520%22%7D%2C%22nonPersonalizedAd%22%3Atrue%7D%7D&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 16:48:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
67951
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
86941
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 01:19:32 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 09 Feb 2023 16:48:18 GMT
base.js
www.youtube.com/s/player/96dcbc8c/player_ias.vflset/en_US/ Frame F6A6 		2 MB
536 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/huP4KOq-v7g?autoplay=0&cc_load_policy=1&color=white&controls=1&enablejsapi=1&origin=https%3A%2F%2Fcheet-2642-ontariofarmer.gdev.postmedia.digital&playsinline=1&rel=0&playlist=huP4KOq-v7g%2C6kfv6OjkAPo%2CGSTTZ7mtwKc%2ClkhYkiqApyI%2CLefQlPR5tiU%2CiYlGGPcBNLM%2Ce3Q4fByDnWY%2CFELEXBxSqOc%2CHiIgtQALCkI%2CU04Sbe64a2Y&embed_config=%7B%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F3081%2FSMCO_ENCO_MAGOnFarmer_EN_WEB%2Findex%22%2C%22cust_params%22%3A%22player%253Dyt%2526no_pol%253Dtrue%2526page%253Dindex%2526pr%253Donf%2526sensitive%253Dn%2526negative%253Dn%2526ck%253Dindex%2526imp%253Dindex%2526kuid%253D%2526adt%253DveryLow%2526alc%253DveryLow%2526dlm%253DveryLow%2526drg%253DveryLow%2526hat%253DveryLow%2526off%253DveryLow%2526vio%253DveryLow%2526ias-kw%253D%2526fr%253Dfalse%2526cheetah%253Dy%22%2C%22ppid%22%3A%2200000000ppidp1560126540933913520%22%7D%2C%22nonPersonalizedAd%22%3Atrue%7D%7D&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f7672936fb92f71e4cc6bd4d921f19103d630329a18929988f57621bafde2d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.youtube.com/embed/huP4KOq-v7g?autoplay=0&cc_load_policy=1&color=white&controls=1&enablejsapi=1&origin=https%3A%2F%2Fcheet-2642-ontariofarmer.gdev.postmedia.digital&playsinline=1&rel=0&playlist=huP4KOq-v7g%2C6kfv6OjkAPo%2CGSTTZ7mtwKc%2ClkhYkiqApyI%2CLefQlPR5tiU%2CiYlGGPcBNLM%2Ce3Q4fByDnWY%2CFELEXBxSqOc%2CHiIgtQALCkI%2CU04Sbe64a2Y&embed_config=%7B%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F3081%2FSMCO_ENCO_MAGOnFarmer_EN_WEB%2Findex%22%2C%22cust_params%22%3A%22player%253Dyt%2526no_pol%253Dtrue%2526page%253Dindex%2526pr%253Donf%2526sensitive%253Dn%2526negative%253Dn%2526ck%253Dindex%2526imp%253Dindex%2526kuid%253D%2526adt%253DveryLow%2526alc%253DveryLow%2526dlm%253DveryLow%2526drg%253DveryLow%2526hat%253DveryLow%2526off%253DveryLow%2526vio%253DveryLow%2526ias-kw%253D%2526fr%253Dfalse%2526cheetah%253Dy%22%2C%22ppid%22%3A%2200000000ppidp1560126540933913520%22%7D%2C%22nonPersonalizedAd%22%3Atrue%7D%7D&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 13:45:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
78914
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
548780
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 01:19:32 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 09 Feb 2023 13:45:35 GMT
fetch-polyfill.js
www.youtube.com/s/player/96dcbc8c/fetch-polyfill.vflset/ Frame F6A6 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/96dcbc8c/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/huP4KOq-v7g?autoplay=0&cc_load_policy=1&color=white&controls=1&enablejsapi=1&origin=https%3A%2F%2Fcheet-2642-ontariofarmer.gdev.postmedia.digital&playsinline=1&rel=0&playlist=huP4KOq-v7g%2C6kfv6OjkAPo%2CGSTTZ7mtwKc%2ClkhYkiqApyI%2CLefQlPR5tiU%2CiYlGGPcBNLM%2Ce3Q4fByDnWY%2CFELEXBxSqOc%2CHiIgtQALCkI%2CU04Sbe64a2Y&embed_config=%7B%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F3081%2FSMCO_ENCO_MAGOnFarmer_EN_WEB%2Findex%22%2C%22cust_params%22%3A%22player%253Dyt%2526no_pol%253Dtrue%2526page%253Dindex%2526pr%253Donf%2526sensitive%253Dn%2526negative%253Dn%2526ck%253Dindex%2526imp%253Dindex%2526kuid%253D%2526adt%253DveryLow%2526alc%253DveryLow%2526dlm%253DveryLow%2526drg%253DveryLow%2526hat%253DveryLow%2526off%253DveryLow%2526vio%253DveryLow%2526ias-kw%253D%2526fr%253Dfalse%2526cheetah%253Dy%22%2C%22ppid%22%3A%2200000000ppidp1560126540933913520%22%7D%2C%22nonPersonalizedAd%22%3Atrue%7D%7D&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
245700ec8ef4a9acfb6088689f5b4867269393b8222cb1c75ea791621751ff87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.youtube.com/embed/huP4KOq-v7g?autoplay=0&cc_load_policy=1&color=white&controls=1&enablejsapi=1&origin=https%3A%2F%2Fcheet-2642-ontariofarmer.gdev.postmedia.digital&playsinline=1&rel=0&playlist=huP4KOq-v7g%2C6kfv6OjkAPo%2CGSTTZ7mtwKc%2ClkhYkiqApyI%2CLefQlPR5tiU%2CiYlGGPcBNLM%2Ce3Q4fByDnWY%2CFELEXBxSqOc%2CHiIgtQALCkI%2CU04Sbe64a2Y&embed_config=%7B%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F3081%2FSMCO_ENCO_MAGOnFarmer_EN_WEB%2Findex%22%2C%22cust_params%22%3A%22player%253Dyt%2526no_pol%253Dtrue%2526page%253Dindex%2526pr%253Donf%2526sensitive%253Dn%2526negative%253Dn%2526ck%253Dindex%2526imp%253Dindex%2526kuid%253D%2526adt%253DveryLow%2526alc%253DveryLow%2526dlm%253DveryLow%2526drg%253DveryLow%2526hat%253DveryLow%2526off%253DveryLow%2526vio%253DveryLow%2526ias-kw%253D%2526fr%253Dfalse%2526cheetah%253Dy%22%2C%22ppid%22%3A%2200000000ppidp1560126540933913520%22%7D%2C%22nonPersonalizedAd%22%3Atrue%7D%7D&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 16:48:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
67950
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3338
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 01:19:32 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 09 Feb 2023 16:48:19 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/174135706206933467/ Frame 3417 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/174135706206933467/downsize_200k_v1
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7da7a59e1c7dda8305c136059fff64cc4a04f4d777769579a2fb6bf87c68754c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 11:20:45 GMT
x-content-type-options
nosniff
age
519604
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56681
x-xss-protection
0
last-modified
Sun, 04 Apr 2021 22:14:19 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 04 Feb 2023 11:20:45 GMT
truncated
/ Frame 3417 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 3417 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 3417 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
97c48ad498efa9ce9f2ab4fb6bdd134685f55b7997c844012dd49da08f352572

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v41/ Frame 3417 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v41/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cheet-2642-ontariofarmer.gdev.postmedia.digital
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 18:13:31 GMT
x-content-type-options
nosniff
age
149238
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28196
x-xss-protection
0
last-modified
Tue, 18 Jan 2022 17:53:50 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 08 Feb 2023 18:13:31 GMT
rum
dsum-sec.casalemedia.com/ Frame 4934
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEu4gEhbMcTKvVdH8wAc-9o&google_cver=1
43 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEu4gEhbMcTKvVdH8wAc-9o&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLHZsgIQwJrPAhjw6a3BATAB&v=APEucNWPXiVSNufDYJwkNtcUbEDeA_chZdjCkhdVqxXM2hWuGIpaKBJ0vW1JiorvfuUjbcSoYEakwD1mh6m0QfnJdFMcwvCc7Q
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Feb 2022 11:40:49 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 10 Feb 2022 11:40:49 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Feb 2022 11:40:49 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEu4gEhbMcTKvVdH8wAc-9o&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 4934
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YgT5wFVx1VfG77DPAM.50QAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEu4gEhbMcTKvVdH8wAc-9o&google_cver=1&google_hm=2
43 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEu4gEhbMcTKvVdH8wAc-9o&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLHZsgIQwJrPAhjw6a3BATAB&v=APEucNWPXiVSNufDYJwkNtcUbEDeA_chZdjCkhdVqxXM2hWuGIpaKBJ0vW1JiorvfuUjbcSoYEakwD1mh6m0QfnJdFMcwvCc7Q
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Feb 2022 11:40:49 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 10 Feb 2022 11:40:49 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Feb 2022 11:40:49 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEu4gEhbMcTKvVdH8wAc-9o&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 4934
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEA05oBzD_kTjFHq8IbdPS9Q&google_cver=1
43 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEA05oBzD_kTjFHq8IbdPS9Q&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLHZsgIQwJrPAhjw6a3BATAB&v=APEucNWPXiVSNufDYJwkNtcUbEDeA_chZdjCkhdVqxXM2hWuGIpaKBJ0vW1JiorvfuUjbcSoYEakwD1mh6m0QfnJdFMcwvCc7Q
Protocol
HTTP/1.1
Server
68.67.161.212 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
801.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Feb 2022 11:40:49 GMT
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 801.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
81ccff7f-e02e-427d-a97c-b2e4d8f5c5d5
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Feb 2022 11:40:49 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEA05oBzD_kTjFHq8IbdPS9Q&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4934
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTIzODY0ODkxMjg5MDcwNzk2OQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTIzODY0ODkxMjg5MDcwNzk2OQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLHZsgIQwJrPAhjw6a3BATAB&v=APEucNWPXiVSNufDYJwkNtcUbEDeA_chZdjCkhdVqxXM2hWuGIpaKBJ0vW1JiorvfuUjbcSoYEakwD1mh6m0QfnJdFMcwvCc7Q
Protocol
H3
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 11:40:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 10 Feb 2022 11:40:49 GMT
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 801.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
5887f306-532f-41e9-94cf-7d5a574b2cd5
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTIzODY0ODkxMjg5MDcwNzk2OQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame C50D 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c0ace983ffea1bea0427354da745db13.safeframe.googlesyndication.com/
Origin
https://c0ace983ffea1bea0427354da745db13.safeframe.googlesyndication.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 04:35:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25523
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 11 Feb 2022 04:35:26 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220208/r20110914/elements/html/ Frame C50D 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220208/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Das8VZ2mJ6XW-tCEoWR01ZfGHHgB9S9kQSE0Sc93Xj4wd8nbd44GGjcNhIp-sbKNeGeFnt7cTkyZV6WNzDll9ve45xPjVYSnGbexQLOmF0fffiCp2xAVm7UrnIUWK54dmZLMf04R5yZR-avMSHhsANs9hqOQ&dbm_d=AKAmf-DxbgQ4XJ8sp93f4M7UbcfvZxklB4tHkGG4JpwzH5G7PysosgQx4Yuedmyscz2C8RU3d2ufvkGf9MPTkFgPp5olVVH5OoNdSvRTlHqfgUCaHrL3aIIm4a6T1_c5YFydNbNH2-Edz0Wqz8XJ6rgCvB1suthQYhkMyLmS7ySHjg-yi8XAfTYnmWgk8Py7RugTtwy4rQWCdYi6lXONtZ3285ERbszMTBhWtSOG-Dv-Qg0En1lXkT_wWZ9Jo9gOlzXFT5mHZYN23EYJ3_8tNtWdh8mBMAEZhB2fyhWfgXhVYKtPwg6qcFI-Ixy_7803YEZfONPwsJug1S6YY_7yFXszZ4LPqOgS42dpmk3OMKDH98UC_9JlLGKqjSmT3PTU-Sys4dW2-B6uSUPV2pkNR_zKoLVJsQSIVTWmHk1taLm-Jh6YavG8OOAwBDIU1Tp7YES8FsGYyaD_0sBJBUZ5sw6ft_L9HUNVLtPiCyweai1OfDJ4uQJoRManjZnK56RIeiRzV5fuYFa_UGbIl7AzfurRJAZVeNZ1wHQBS4160WkYnZYgWA7lPP1cRtSSApQ4Ovk5c_5O8uOfY1nU586V-UCFFtagQ5KQPtLy2Kw3qXT8gCt6J3BkhAjETk_aLb0DZmp9kqBGs0WD4ysW2ClmjOCFPF388SDcmQ-tEdPH0Rhp5yQ569nigPRFgsU4VBIMOv7810Jrlk_16EiU6RYSlzlQLDcJ25euwRr-nL4wU3w6fHWjwDLvlMP2hh2NiqkTzP6AmCVnO94PAjZXn4jaKJwK8KOImzJDrE2NPX_0TnocZ7bxXRnc6UB25XvOBi-4XX9TJlAGOLvt8-fDB6fTrXYCMxfrOyjzVz17pKp2gMPRCabMX1tXKhpfQTP0Jm5CEoy5dGWa-eFjsfohKa39V3tFrWz6Ene3j0RDyblwpTDbVl0NE6JKOhUpfCi6njFnL6dV1FnGiJIsaQ72u95EAfModXRYHjuQrvabZxhq7ag-ln1EXfonRS1MV998Y-c7WcIhAh7zgj2Fzd43tSS1Oh1r-KvJ3CyOAEl8fyRUzTd2k_c6tGESaKRUzWneI_2cZbZsdtoqX15YGW7E79YDmU5SSDariUQ7aXlQA7mAV8A3-P0a_diE5U3LiloNNptvKy5sK7FyJu5cIXNSEJ6FaBKIH1JwU9U0EjRNndTBNB9uKHlehFPI9vlXB8QcJkU4dS8G-Ndm5sMmpdU0zV_rf14l0VEpNVGavGevDINAmbbvLvqNl5PaXXcARE4zw2uiObLewnUAtL5t4xE0jh_pyl9-vxc3zQw6kLki11oonxcxiviY5kWGeQrq1G5kyfbzbErZmUgYcVUiXqSOel46bF8LmnWJMO2gzAEnAthIPxHyz8_6gk5GSROjSLTt2jArURm8S-ByDCi9gZZghCMHIyxf_zj5kDcOIKW9mBFrXomHZF1A6lf8Pu8HMXa2hp3OEd77ejCz1wn9HqXhg-NBqXieLZrRs8198u4BbDce96cttSn0djuSL-cEpthRVnFNwF-qHvAqQLcfu8K1JqMF-x51gGP2cDJFpwuca1NBc7Q2Qu4kBg_hG_tA7wTt_L2RJJ4fj0JD1d5Pg9wgEJr9VzIPkzgceNYUxk5nw1J37XDyl4cp9ho7O_RL9Y8RkqoTiwE2P99_ARqtLs3KM4ht_vdJZKDBO79mzhGFR72Xl25oOydGQfhThh6btnBzqfkLDSAijcp4DgoLv0kvhQ_jHz0qHMdtz6lVYo-Lqh3S60KW9ztwLWDS7yQXfsOODQyUAseOsa38dEQ0rodQMsKszdm-FazD3G49iK7NOXqG0rnNHPUOq7UWn_xrCztb1tlpwWxY2LuekK8lwu3uHB5HRdR8D3OglwBRVwqutC-5QYmqyiVMkGKucPFvTmaLejIWYJH_NzuELZOVioZBD0bNLR0UdESc4bJNDfUqk1yMMaJSzqGL7bVSEDEuQHQDgQN93T2wnc3wjdUEOaqkqOXhBBHuIGUNY7lzbJNaitFiBBuWzzi1fswWa8JUcSoTDHFI_1LqEulE-jsFJHQWJZjqPyx51BS_f6dfZMeXnmHvZ9SorbE7mjTRcmyVo_CEc-Ga4C8AkmLBXl117ngW8kz8TZBnRNgbB6UJIETboCPzGXG0qQjSiO3lGdau9HNga1H8-5gtC0S4Xqn5wbJ9uiZczR8K7CAMA5C8i9ybLNNbLaWiwqX2uboTiHBE0j2s0IYGwngLLAvfiGUQxPlL8my4RMmoBYmQv3SJgx7PedAcU5AcoScW7dJ-O3Mk4Q7SHKfAcbJ9G9Dmqzc6Bf7nI5azxU1E_ueDxbcn7HXJLv74J7xDkxVfyFtUBaN3xskSPbXEQPdTcdJpkyLmyB83AogJElADSswXeqsDhJfnJ8tBQJLhIGFgHbT66mazvNYSxWLvCAFo856M6pAhHYC66SIsGaGq5goArVRXw7Dm0RclEnDbjoBHQcpNgLPInospxNxQYYzPvuyvUGjDi_4WtwLyqMp9UHgWMwHo7p0U-xwcclTxDKOHTSvFGWto0GLFn-NeoFX6gA9GjbiF5qLxvRNmsVr97jkaNH-4hRi30P4dMkih77mDC52xQ7UwmtvAoTwhkBL5WpICeB3_hzVEeGU4RCZd5R6DuOwojA4gWaQCh6xoZ8i0U7vWQSXN1NP2wz4WUnOC3OgGr32wXvxmrsvwGXemJouA1GjVvQ5Tgg5G3w-Tp46MTZ4WdAgfz5V3EXcNUOg061pTmCdrTzEOkSmEEhtyHlkROS62bCu4ugA-WXFxw1eGXWSEl1ue3r1tYkUwpKLVS7YCx23pevOeTZ9EMzeoEANVnK-t7Hp3rMcCje2BsgrfBsfP6gqgrQ6Gkt8gAh03jC4yytBbljK2B0Ok6tvF0-wI5yStUyaxPLv-CN7DMci8HyMPQB3slN4bDSfEwytQ6gnYTwo1LBG_CL231VSGGc06Ux0M6Syg1hWhfxK4_SmzaeH63u1fOj3JGjciMwOXoJWoT9-MHGfztBHTGWMnvyXST2w70Fg7m45KkdSxOg6zBGicxdYmAckER1-tY9Qa-ApIPHpuA1Hq1QmFtF8uAzGXhZWzv4izFgK79fCel4SqUA7NXqM-3ysuzJe9RaV8e98EX85mjIDG8oWa_BXYpv6qvpxqtZ32tZn1FjNb9-G2yJfqGKJYR6xBSaGTT7vMVsAjcIzfpFdDGO74QvV6UEiDvQ6fZqiK_BFTBHH0VIUe1EbaRPI&cid=CAASEuRo4PUlYmwlcg-f6LKrQjUoBw&rfl=1%2Chttps%253A%252F%252Fcheet-2642-ontariofarmer.gdev.postmedia.digital%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://c0ace983ffea1bea0427354da745db13.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:19:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1253
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 24 Feb 2022 11:19:56 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220208/r20110914/ Frame C50D 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220208/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Das8VZ2mJ6XW-tCEoWR01ZfGHHgB9S9kQSE0Sc93Xj4wd8nbd44GGjcNhIp-sbKNeGeFnt7cTkyZV6WNzDll9ve45xPjVYSnGbexQLOmF0fffiCp2xAVm7UrnIUWK54dmZLMf04R5yZR-avMSHhsANs9hqOQ&dbm_d=AKAmf-DxbgQ4XJ8sp93f4M7UbcfvZxklB4tHkGG4JpwzH5G7PysosgQx4Yuedmyscz2C8RU3d2ufvkGf9MPTkFgPp5olVVH5OoNdSvRTlHqfgUCaHrL3aIIm4a6T1_c5YFydNbNH2-Edz0Wqz8XJ6rgCvB1suthQYhkMyLmS7ySHjg-yi8XAfTYnmWgk8Py7RugTtwy4rQWCdYi6lXONtZ3285ERbszMTBhWtSOG-Dv-Qg0En1lXkT_wWZ9Jo9gOlzXFT5mHZYN23EYJ3_8tNtWdh8mBMAEZhB2fyhWfgXhVYKtPwg6qcFI-Ixy_7803YEZfONPwsJug1S6YY_7yFXszZ4LPqOgS42dpmk3OMKDH98UC_9JlLGKqjSmT3PTU-Sys4dW2-B6uSUPV2pkNR_zKoLVJsQSIVTWmHk1taLm-Jh6YavG8OOAwBDIU1Tp7YES8FsGYyaD_0sBJBUZ5sw6ft_L9HUNVLtPiCyweai1OfDJ4uQJoRManjZnK56RIeiRzV5fuYFa_UGbIl7AzfurRJAZVeNZ1wHQBS4160WkYnZYgWA7lPP1cRtSSApQ4Ovk5c_5O8uOfY1nU586V-UCFFtagQ5KQPtLy2Kw3qXT8gCt6J3BkhAjETk_aLb0DZmp9kqBGs0WD4ysW2ClmjOCFPF388SDcmQ-tEdPH0Rhp5yQ569nigPRFgsU4VBIMOv7810Jrlk_16EiU6RYSlzlQLDcJ25euwRr-nL4wU3w6fHWjwDLvlMP2hh2NiqkTzP6AmCVnO94PAjZXn4jaKJwK8KOImzJDrE2NPX_0TnocZ7bxXRnc6UB25XvOBi-4XX9TJlAGOLvt8-fDB6fTrXYCMxfrOyjzVz17pKp2gMPRCabMX1tXKhpfQTP0Jm5CEoy5dGWa-eFjsfohKa39V3tFrWz6Ene3j0RDyblwpTDbVl0NE6JKOhUpfCi6njFnL6dV1FnGiJIsaQ72u95EAfModXRYHjuQrvabZxhq7ag-ln1EXfonRS1MV998Y-c7WcIhAh7zgj2Fzd43tSS1Oh1r-KvJ3CyOAEl8fyRUzTd2k_c6tGESaKRUzWneI_2cZbZsdtoqX15YGW7E79YDmU5SSDariUQ7aXlQA7mAV8A3-P0a_diE5U3LiloNNptvKy5sK7FyJu5cIXNSEJ6FaBKIH1JwU9U0EjRNndTBNB9uKHlehFPI9vlXB8QcJkU4dS8G-Ndm5sMmpdU0zV_rf14l0VEpNVGavGevDINAmbbvLvqNl5PaXXcARE4zw2uiObLewnUAtL5t4xE0jh_pyl9-vxc3zQw6kLki11oonxcxiviY5kWGeQrq1G5kyfbzbErZmUgYcVUiXqSOel46bF8LmnWJMO2gzAEnAthIPxHyz8_6gk5GSROjSLTt2jArURm8S-ByDCi9gZZghCMHIyxf_zj5kDcOIKW9mBFrXomHZF1A6lf8Pu8HMXa2hp3OEd77ejCz1wn9HqXhg-NBqXieLZrRs8198u4BbDce96cttSn0djuSL-cEpthRVnFNwF-qHvAqQLcfu8K1JqMF-x51gGP2cDJFpwuca1NBc7Q2Qu4kBg_hG_tA7wTt_L2RJJ4fj0JD1d5Pg9wgEJr9VzIPkzgceNYUxk5nw1J37XDyl4cp9ho7O_RL9Y8RkqoTiwE2P99_ARqtLs3KM4ht_vdJZKDBO79mzhGFR72Xl25oOydGQfhThh6btnBzqfkLDSAijcp4DgoLv0kvhQ_jHz0qHMdtz6lVYo-Lqh3S60KW9ztwLWDS7yQXfsOODQyUAseOsa38dEQ0rodQMsKszdm-FazD3G49iK7NOXqG0rnNHPUOq7UWn_xrCztb1tlpwWxY2LuekK8lwu3uHB5HRdR8D3OglwBRVwqutC-5QYmqyiVMkGKucPFvTmaLejIWYJH_NzuELZOVioZBD0bNLR0UdESc4bJNDfUqk1yMMaJSzqGL7bVSEDEuQHQDgQN93T2wnc3wjdUEOaqkqOXhBBHuIGUNY7lzbJNaitFiBBuWzzi1fswWa8JUcSoTDHFI_1LqEulE-jsFJHQWJZjqPyx51BS_f6dfZMeXnmHvZ9SorbE7mjTRcmyVo_CEc-Ga4C8AkmLBXl117ngW8kz8TZBnRNgbB6UJIETboCPzGXG0qQjSiO3lGdau9HNga1H8-5gtC0S4Xqn5wbJ9uiZczR8K7CAMA5C8i9ybLNNbLaWiwqX2uboTiHBE0j2s0IYGwngLLAvfiGUQxPlL8my4RMmoBYmQv3SJgx7PedAcU5AcoScW7dJ-O3Mk4Q7SHKfAcbJ9G9Dmqzc6Bf7nI5azxU1E_ueDxbcn7HXJLv74J7xDkxVfyFtUBaN3xskSPbXEQPdTcdJpkyLmyB83AogJElADSswXeqsDhJfnJ8tBQJLhIGFgHbT66mazvNYSxWLvCAFo856M6pAhHYC66SIsGaGq5goArVRXw7Dm0RclEnDbjoBHQcpNgLPInospxNxQYYzPvuyvUGjDi_4WtwLyqMp9UHgWMwHo7p0U-xwcclTxDKOHTSvFGWto0GLFn-NeoFX6gA9GjbiF5qLxvRNmsVr97jkaNH-4hRi30P4dMkih77mDC52xQ7UwmtvAoTwhkBL5WpICeB3_hzVEeGU4RCZd5R6DuOwojA4gWaQCh6xoZ8i0U7vWQSXN1NP2wz4WUnOC3OgGr32wXvxmrsvwGXemJouA1GjVvQ5Tgg5G3w-Tp46MTZ4WdAgfz5V3EXcNUOg061pTmCdrTzEOkSmEEhtyHlkROS62bCu4ugA-WXFxw1eGXWSEl1ue3r1tYkUwpKLVS7YCx23pevOeTZ9EMzeoEANVnK-t7Hp3rMcCje2BsgrfBsfP6gqgrQ6Gkt8gAh03jC4yytBbljK2B0Ok6tvF0-wI5yStUyaxPLv-CN7DMci8HyMPQB3slN4bDSfEwytQ6gnYTwo1LBG_CL231VSGGc06Ux0M6Syg1hWhfxK4_SmzaeH63u1fOj3JGjciMwOXoJWoT9-MHGfztBHTGWMnvyXST2w70Fg7m45KkdSxOg6zBGicxdYmAckER1-tY9Qa-ApIPHpuA1Hq1QmFtF8uAzGXhZWzv4izFgK79fCel4SqUA7NXqM-3ysuzJe9RaV8e98EX85mjIDG8oWa_BXYpv6qvpxqtZ32tZn1FjNb9-G2yJfqGKJYR6xBSaGTT7vMVsAjcIzfpFdDGO74QvV6UEiDvQ6fZqiK_BFTBHH0VIUe1EbaRPI&cid=CAASEuRo4PUlYmwlcg-f6LKrQjUoBw&rfl=1%2Chttps%253A%252F%252Fcheet-2642-ontariofarmer.gdev.postmedia.digital%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
406dae81a8e95037a3bca53ca771f446df097cf86084d76de62fd308e2bf32a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://c0ace983ffea1bea0427354da745db13.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:24:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1006
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9577
x-xss-protection
0
server
cafe
etag
11201793935764353180
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 24 Feb 2022 11:24:03 GMT
id
googleads.g.doubleclick.net/pagead/ Frame F6A6 		113 B
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/96dcbc8c/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4ce58a240161b60d9b17b44a5bb04e35d852f783330fb55a27c62e3a9b0ccba3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:40:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame F6A6 		29 B
588 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/96dcbc8c/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:28:14 GMT
x-content-type-options
nosniff
age
755
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 10 Feb 2022 11:43:14 GMT
remote.js
www.youtube.com/s/player/96dcbc8c/player_ias.vflset/en_US/ Frame F6A6 		97 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2b48c057e124da6c2c459a075e63a0bcf9967de990af4a110a7ed1b868793c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.youtube.com/embed/huP4KOq-v7g?autoplay=0&cc_load_policy=1&color=white&controls=1&enablejsapi=1&origin=https%3A%2F%2Fcheet-2642-ontariofarmer.gdev.postmedia.digital&playsinline=1&rel=0&playlist=huP4KOq-v7g%2C6kfv6OjkAPo%2CGSTTZ7mtwKc%2ClkhYkiqApyI%2CLefQlPR5tiU%2CiYlGGPcBNLM%2Ce3Q4fByDnWY%2CFELEXBxSqOc%2CHiIgtQALCkI%2CU04Sbe64a2Y&embed_config=%7B%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F3081%2FSMCO_ENCO_MAGOnFarmer_EN_WEB%2Findex%22%2C%22cust_params%22%3A%22player%253Dyt%2526no_pol%253Dtrue%2526page%253Dindex%2526pr%253Donf%2526sensitive%253Dn%2526negative%253Dn%2526ck%253Dindex%2526imp%253Dindex%2526kuid%253D%2526adt%253DveryLow%2526alc%253DveryLow%2526dlm%253DveryLow%2526drg%253DveryLow%2526hat%253DveryLow%2526off%253DveryLow%2526vio%253DveryLow%2526ias-kw%253D%2526fr%253Dfalse%2526cheetah%253Dy%22%2C%22ppid%22%3A%2200000000ppidp1560126540933913520%22%7D%2C%22nonPersonalizedAd%22%3Atrue%7D%7D&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 13:45:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
78913
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30660
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 01:19:32 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 09 Feb 2023 13:45:36 GMT
LUZC6BrGWKwONhLt-4ttNu4z7FD5LramrRgxO4PDNOE.js
www.google.com/js/th/ Frame F6A6 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/LUZC6BrGWKwONhLt-4ttNu4z7FD5LramrRgxO4PDNOE.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2d4642e81ac658ac0e3612edfb8b6d36ee33ec50f92eb6a6ad18313b83c334e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 06:08:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
106325
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13597
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 16:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 09 Feb 2023 06:08:44 GMT
embed.js
www.youtube.com/s/player/96dcbc8c/player_ias.vflset/en_US/ Frame F6A6 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b2df68db3a2e3f3f7182a16c8a255a9640057223555f379756f98bc020366a06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.youtube.com/embed/huP4KOq-v7g?autoplay=0&cc_load_policy=1&color=white&controls=1&enablejsapi=1&origin=https%3A%2F%2Fcheet-2642-ontariofarmer.gdev.postmedia.digital&playsinline=1&rel=0&playlist=huP4KOq-v7g%2C6kfv6OjkAPo%2CGSTTZ7mtwKc%2ClkhYkiqApyI%2CLefQlPR5tiU%2CiYlGGPcBNLM%2Ce3Q4fByDnWY%2CFELEXBxSqOc%2CHiIgtQALCkI%2CU04Sbe64a2Y&embed_config=%7B%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F3081%2FSMCO_ENCO_MAGOnFarmer_EN_WEB%2Findex%22%2C%22cust_params%22%3A%22player%253Dyt%2526no_pol%253Dtrue%2526page%253Dindex%2526pr%253Donf%2526sensitive%253Dn%2526negative%253Dn%2526ck%253Dindex%2526imp%253Dindex%2526kuid%253D%2526adt%253DveryLow%2526alc%253DveryLow%2526dlm%253DveryLow%2526drg%253DveryLow%2526hat%253DveryLow%2526off%253DveryLow%2526vio%253DveryLow%2526ias-kw%253D%2526fr%253Dfalse%2526cheetah%253Dy%22%2C%22ppid%22%3A%2200000000ppidp1560126540933913520%22%7D%2C%22nonPersonalizedAd%22%3Atrue%7D%7D&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 16:48:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
67943
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7644
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 01:19:32 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 09 Feb 2023 16:48:26 GMT
truncated
/ Frame F6A6 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
AKedOLS_LxZARH_Vp750gZxeQBeyiDUz04bcD1_casZj=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame F6A6 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AKedOLS_LxZARH_Vp750gZxeQBeyiDUz04bcD1_casZj=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/huP4KOq-v7g?autoplay=0&cc_load_policy=1&color=white&controls=1&enablejsapi=1&origin=https%3A%2F%2Fcheet-2642-ontariofarmer.gdev.postmedia.digital&playsinline=1&rel=0&playlist=huP4KOq-v7g%2C6kfv6OjkAPo%2CGSTTZ7mtwKc%2ClkhYkiqApyI%2CLefQlPR5tiU%2CiYlGGPcBNLM%2Ce3Q4fByDnWY%2CFELEXBxSqOc%2CHiIgtQALCkI%2CU04Sbe64a2Y&embed_config=%7B%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F3081%2FSMCO_ENCO_MAGOnFarmer_EN_WEB%2Findex%22%2C%22cust_params%22%3A%22player%253Dyt%2526no_pol%253Dtrue%2526page%253Dindex%2526pr%253Donf%2526sensitive%253Dn%2526negative%253Dn%2526ck%253Dindex%2526imp%253Dindex%2526kuid%253D%2526adt%253DveryLow%2526alc%253DveryLow%2526dlm%253DveryLow%2526drg%253DveryLow%2526hat%253DveryLow%2526off%253DveryLow%2526vio%253DveryLow%2526ias-kw%253D%2526fr%253Dfalse%2526cheetah%253Dy%22%2C%22ppid%22%3A%2200000000ppidp1560126540933913520%22%7D%2C%22nonPersonalizedAd%22%3Atrue%7D%7D&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
9b487e6390458c38b99abb6215507b8bd25f795dbaf1e24d233ddd5c51d295a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 10:46:00 GMT
x-content-type-options
nosniff
age
3289
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2114
x-xss-protection
0
server
fife
etag
"va"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 09 Feb 2022 02:45:32 GMT
sddefault.webp
i.ytimg.com/vi_webp/huP4KOq-v7g/ Frame F6A6 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/huP4KOq-v7g/sddefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/huP4KOq-v7g?autoplay=0&cc_load_policy=1&color=white&controls=1&enablejsapi=1&origin=https%3A%2F%2Fcheet-2642-ontariofarmer.gdev.postmedia.digital&playsinline=1&rel=0&playlist=huP4KOq-v7g%2C6kfv6OjkAPo%2CGSTTZ7mtwKc%2ClkhYkiqApyI%2CLefQlPR5tiU%2CiYlGGPcBNLM%2Ce3Q4fByDnWY%2CFELEXBxSqOc%2CHiIgtQALCkI%2CU04Sbe64a2Y&embed_config=%7B%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F3081%2FSMCO_ENCO_MAGOnFarmer_EN_WEB%2Findex%22%2C%22cust_params%22%3A%22player%253Dyt%2526no_pol%253Dtrue%2526page%253Dindex%2526pr%253Donf%2526sensitive%253Dn%2526negative%253Dn%2526ck%253Dindex%2526imp%253Dindex%2526kuid%253D%2526adt%253DveryLow%2526alc%253DveryLow%2526dlm%253DveryLow%2526drg%253DveryLow%2526hat%253DveryLow%2526off%253DveryLow%2526vio%253DveryLow%2526ias-kw%253D%2526fr%253Dfalse%2526cheetah%253Dy%22%2C%22ppid%22%3A%2200000000ppidp1560126540933913520%22%7D%2C%22nonPersonalizedAd%22%3Atrue%7D%7D&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2016 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5984e059ccb2c84f9b21e7e766aa4af4557431739f0fe98eeefa79709d3b1d2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:36:40 GMT
x-content-type-options
nosniff
age
249
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24534
x-xss-protection
0
server
sffe
etag
"1644337732"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=300
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 10 Feb 2022 11:41:40 GMT
index.html
s0.2mdn.net/sadbundle/2926134720286356086/ Frame 4924 		111 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2926134720286356086/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60e761f2efb0396df5e6292ac4a375382605cbffeff76475256c1a4ce6f48b4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://c0ace983ffea1bea0427354da745db13.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
date
Tue, 08 Feb 2022 01:49:19 GMT
expires
Wed, 08 Feb 2023 01:49:19 GMT
cache-control
public, max-age=31536000
last-modified
Thu, 03 Feb 2022 16:43:56 GMT
content-type
text/html
content-length
21669
age
208290
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame C50D 		0
571 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvOZLmJ-DGgXH5oRFFhKhSa35C5225EB6JYn-kgv4Vs_jM4Gk4G6XuicjhKtvgGhb2IhMmrUBFcZnOZa0WQHwFFW18qeAsaBSYumNSbUtg_Zt_tZn5jblSWU6Q1UN5xPY4gQxrGS_u0Uvd4Ali_Ql02UaLp5f9Ky1BbJJ442oUWsKGtqnU8V4wbxqhVBsXPg2xgzhzMYQu75ksRPSLRE7zCg5VbpjDFNZMxJOQS5W1bysl8HEEECl2-BPdBriW9NNdzKhOoqQZv1sqBOcgsnsxjvbYp9EqWGeqxEXfQ8ovy6GjomO42zdyl3bhlFivftsG8c4tVFrlmsC_qfvny3jS3zkFnsDYhxwQSAghZSTbsaZiu5mTcD-NoCdP6X3kQa00cLRsMgkT0Xz6Dt0az1Mj2wN0klV3m5feTsNja7jKqZQEmaFMCVz-ueMw0LOQ3Iuuh1js9vN77t2KoFZGbAM_9hm4qVEyQROgYD8YnKt9UQ9mkE05HatnagtOEuWht05-H2b1Jje6H0AzfBhTRteGm02WFmJvj4q05ywJuftM6APD9Ob-rtWH3BfMDSUusKOnUJ3nu8BjQltBznOBXYJHKp-yTQMJG-0fanKTcWgR55d3MxjKvqD2erx6prdGN5UDbPRjSLR6fWovzndQk247b6JgDWeMCaWX3DJ7NfbBn1zHW_1J3dPeE9N-gXPZGLuE1oJKacQIt9qcBAHkdOnXyORG-gSnvc9jWP6cbTm6VkuGOyPCCRTQRUR-VNqET9iF1wL9n7tJn0d_NIpG82JLjKApvfnvgy7tQLbHLQQigfaZhYpveMQqFHWn3Y25qdmHqXdDv0J6rCAqABSgNGu_toKOzYIXHX5AhWRUUPizsr91v8j4JlF1FtfFJHI1FKZ7IBW3nh5XeKmfC4A4b9QRtDA28kX6fqbI0jzcCUVx_HpOdPnn_-MbechKF5u62BRBWZtomMDmJMjLy5uef6jripiw179ps7zIt5avYB4zrOG2hkZQVrt-acJPqq_K-qxN500k5H3JFjjGE5i9xrC6ftD8BqD4pX7HgQJUAENmQKCrz_FS61WC8LZb61h0rTC80qcGnOgop0JNP3P71iHNeHvdzKYoTBq0NG8FLxKG1k2cve_YYMRxSCFHTn4IAQpM8IGLOvCTGGGiXWExZmZROtN6TungZU4b47Tt9ZJJQxbhwvp2wu99Y1P2buXOS9eY6BfiHKhgYheCwEX5xtKLkFWPirQnL7lnRwuMRrc-hQSD9kvHVRHe2BTt6HC5ttjrmfUTzhMG0x7l222mUXi9WnwHb0FhzQ86JTA&sai=AMfl-YTfv3W5_KgSEZsMVSC-fnKPoHqZVMuqFyMXjyHg9tH4xTKH3s8Uis_84ys-IukLi57SbDPXJ-OjiMAo2KIguIfB9ySqg-YYqooUXk77dqTJYNkMyL_QO3Rw8Jjp46pXF7ys2DZS2O0SvYsnAyO9x2pNfHca1w&sig=Cg0ArKJSzINgj1HwQVVREAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=339&cbvp=1&cstd=334&cisv=r20220208.95838&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://c0ace983ffea1bea0427354da745db13.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Thu, 10 Feb 2022 11:40:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
embedded_player
www.youtube.com/youtubei/v1/ Frame F6A6 		49 KB
17 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/embedded_player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1f63df222097b7f15622c1ee0cca5af1e83a10ac357814c3d2eb1a93bc25ffc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/huP4KOq-v7g?autoplay=0&cc_load_policy=1&color=white&controls=1&enablejsapi=1&origin=https%3A%2F%2Fcheet-2642-ontariofarmer.gdev.postmedia.digital&playsinline=1&rel=0&playlist=huP4KOq-v7g%2C6kfv6OjkAPo%2CGSTTZ7mtwKc%2ClkhYkiqApyI%2CLefQlPR5tiU%2CiYlGGPcBNLM%2Ce3Q4fByDnWY%2CFELEXBxSqOc%2CHiIgtQALCkI%2CU04Sbe64a2Y&embed_config=%7B%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F3081%2FSMCO_ENCO_MAGOnFarmer_EN_WEB%2Findex%22%2C%22cust_params%22%3A%22player%253Dyt%2526no_pol%253Dtrue%2526page%253Dindex%2526pr%253Donf%2526sensitive%253Dn%2526negative%253Dn%2526ck%253Dindex%2526imp%253Dindex%2526kuid%253D%2526adt%253DveryLow%2526alc%253DveryLow%2526dlm%253DveryLow%2526drg%253DveryLow%2526hat%253DveryLow%2526off%253DveryLow%2526vio%253DveryLow%2526ias-kw%253D%2526fr%253Dfalse%2526cheetah%253Dy%22%2C%22ppid%22%3A%2200000000ppidp1560126540933913520%22%7D%2C%22nonPersonalizedAd%22%3Atrue%7D%7D&widgetid=1
X-Youtube-Client-Name
56
X-Youtube-Client-Version
1.20220208.01.00
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
X-Goog-Visitor-Id
Cgt5ZnBuWXhJRmFPRSjB85OQBg%3D%3D
Content-Type
application/json

Response headers

date
Thu, 10 Feb 2022 11:40:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16933
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame C50D 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: c0ace983ffea1bea0427354da745db13.safeframe.googlesyndication.com
URL: https://c0ace983ffea1bea0427354da745db13.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://c0ace983ffea1bea0427354da745db13.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 04:24:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
112600
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Feb 2023 04:24:09 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 333D 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: c0ace983ffea1bea0427354da745db13.safeframe.googlesyndication.com
URL: https://c0ace983ffea1bea0427354da745db13.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://c0ace983ffea1bea0427354da745db13.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Wed, 09 Feb 2022 16:21:02 GMT
expires
Thu, 10 Feb 2022 16:21:02 GMT
cache-control
public, max-age=86400
age
69587
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame C50D 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4d35be6a4acb5913cc8012a296b45018f02ad68c190812d2af5aceb8752b44ca

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
generate_204
tpc.googlesyndication.com/ Frame 096D 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?1nmN4w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:40:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame F6A6 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:40:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 10 Feb 2022 11:40:50 GMT
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame 4924 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2926134720286356086/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2926134720286356086/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 05:47:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21220
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 11 Feb 2022 05:47:10 GMT
generate_204
www.youtube.com/ Frame F6A6 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?QmF-ZQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.youtube.com/embed/huP4KOq-v7g?autoplay=0&cc_load_policy=1&color=white&controls=1&enablejsapi=1&origin=https%3A%2F%2Fcheet-2642-ontariofarmer.gdev.postmedia.digital&playsinline=1&rel=0&playlist=huP4KOq-v7g%2C6kfv6OjkAPo%2CGSTTZ7mtwKc%2ClkhYkiqApyI%2CLefQlPR5tiU%2CiYlGGPcBNLM%2Ce3Q4fByDnWY%2CFELEXBxSqOc%2CHiIgtQALCkI%2CU04Sbe64a2Y&embed_config=%7B%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F3081%2FSMCO_ENCO_MAGOnFarmer_EN_WEB%2Findex%22%2C%22cust_params%22%3A%22player%253Dyt%2526no_pol%253Dtrue%2526page%253Dindex%2526pr%253Donf%2526sensitive%253Dn%2526negative%253Dn%2526ck%253Dindex%2526imp%253Dindex%2526kuid%253D%2526adt%253DveryLow%2526alc%253DveryLow%2526dlm%253DveryLow%2526drg%253DveryLow%2526hat%253DveryLow%2526off%253DveryLow%2526vio%253DveryLow%2526ias-kw%253D%2526fr%253Dfalse%2526cheetah%253Dy%22%2C%22ppid%22%3A%2200000000ppidp1560126540933913520%22%7D%2C%22nonPersonalizedAd%22%3Atrue%7D%7D&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:40:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame C043 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://c0ace983ffea1bea0427354da745db13.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 08 Feb 2022 05:22:45 GMT
expires
Wed, 08 Feb 2023 05:22:45 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
195485
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame C50D 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvOZLmJ-DGgXH5oRFFhKhSa35C5225EB6JYn-kgv4Vs_jM4Gk4G6XuicjhKtvgGhb2IhMmrUBFcZnOZa0WQHwFFW18qeAsaBSYumNSbUtg_Zt_tZn5jblSWU6Q1UN5xPY4gQxrGS_u0Uvd4Ali_Ql02UaLp5f9Ky1BbJJ442oUWsKGtqnU8V4wbxqhVBsXPg2xgzhzMYQu75ksRPSLRE7zCg5VbpjDFNZMxJOQS5W1bysl8HEEECl2-BPdBriW9NNdzKhOoqQZv1sqBOcgsnsxjvbYp9EqWGeqxEXfQ8ovy6GjomO42zdyl3bhlFivftsG8c4tVFrlmsC_qfvny3jS3zkFnsDYhxwQSAghZSTbsaZiu5mTcD-NoCdP6X3kQa00cLRsMgkT0Xz6Dt0az1Mj2wN0klV3m5feTsNja7jKqZQEmaFMCVz-ueMw0LOQ3Iuuh1js9vN77t2KoFZGbAM_9hm4qVEyQROgYD8YnKt9UQ9mkE05HatnagtOEuWht05-H2b1Jje6H0AzfBhTRteGm02WFmJvj4q05ywJuftM6APD9Ob-rtWH3BfMDSUusKOnUJ3nu8BjQltBznOBXYJHKp-yTQMJG-0fanKTcWgR55d3MxjKvqD2erx6prdGN5UDbPRjSLR6fWovzndQk247b6JgDWeMCaWX3DJ7NfbBn1zHW_1J3dPeE9N-gXPZGLuE1oJKacQIt9qcBAHkdOnXyORG-gSnvc9jWP6cbTm6VkuGOyPCCRTQRUR-VNqET9iF1wL9n7tJn0d_NIpG82JLjKApvfnvgy7tQLbHLQQigfaZhYpveMQqFHWn3Y25qdmHqXdDv0J6rCAqABSgNGu_toKOzYIXHX5AhWRUUPizsr91v8j4JlF1FtfFJHI1FKZ7IBW3nh5XeKmfC4A4b9QRtDA28kX6fqbI0jzcCUVx_HpOdPnn_-MbechKF5u62BRBWZtomMDmJMjLy5uef6jripiw179ps7zIt5avYB4zrOG2hkZQVrt-acJPqq_K-qxN500k5H3JFjjGE5i9xrC6ftD8BqD4pX7HgQJUAENmQKCrz_FS61WC8LZb61h0rTC80qcGnOgop0JNP3P71iHNeHvdzKYoTBq0NG8FLxKG1k2cve_YYMRxSCFHTn4IAQpM8IGLOvCTGGGiXWExZmZROtN6TungZU4b47Tt9ZJJQxbhwvp2wu99Y1P2buXOS9eY6BfiHKhgYheCwEX5xtKLkFWPirQnL7lnRwuMRrc-hQSD9kvHVRHe2BTt6HC5ttjrmfUTzhMG0x7l222mUXi9WnwHb0FhzQ86JTA&sai=AMfl-YTfv3W5_KgSEZsMVSC-fnKPoHqZVMuqFyMXjyHg9tH4xTKH3s8Uis_84ys-IukLi57SbDPXJ-OjiMAo2KIguIfB9ySqg-YYqooUXk77dqTJYNkMyL_QO3Rw8Jjp46pXF7ys2DZS2O0SvYsnAyO9x2pNfHca1w&sig=Cg0ArKJSzINgj1HwQVVREAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=782&vt=11&dtpt=443&dett=3&cstd=334&cisv=r20220208.95838&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=
Requested by
Host: cheet-2642-ontariofarmer.gdev.postmedia.digital
URL: https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://c0ace983ffea1bea0427354da745db13.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 10 Feb 2022 11:40:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
dpixel
cms.quantserve.com/ Frame 333D 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENAvbUDeVvmflG5POedLIxQ&google_cver=1&google_push=AYg5qPItxQxESGZJFPHooy3RZyZulA4UG7mK-IGbgDSdhseH1pRVdQr7YN3b9luQ0k6BKzZzxl8G968znt-ewH2WzQoLf6zQBzUn
Requested by
Host: c0ace983ffea1bea0427354da745db13.safeframe.googlesyndication.com
URL: https://c0ace983ffea1bea0427354da745db13.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:1d2b:ecd5:fcc0:2c58 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 11:40:50 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 333D
Redirect Chain
  • https://px.owneriq.net/ecmg?google_gid=CAESEHQz7tNTISjcZTWDa7xZbJs&google_cver=1&google_push=AYg5qPIlC1EZCwLqqeJidObirTFBMXdRkanfvMrIzuNj8wa6xhTYAuoQR7JXBl7N4QuuQWS5c-AHKEiwJd8w_DZFJvrRXR1whwBn
  • https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AYg5qPIlC1EZCwLqqeJidObirTFBMXdRkanfvMrIzuNj8wa6xhTYAuoQR7JXBl7N4QuuQWS5c-AHKEiwJd8w_DZFJvrRXR1whwBn&google_cver=1&googl...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AYg5qPIlC1EZCwLqqeJidObirTFBMXdRkanfvMrIzuNj8wa6xhTYAuoQR7JXBl7N4QuuQWS5c-AHKEiwJd8w_DZFJvrRXR1whwBn&google_cver=1&google_gid=CAESEHQz7tNTISjcZTWDa7xZbJs&google_hm=UTY5Nzc3OTY0ODIxMzY5MTA5MjM=
Protocol
H3
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 11:40:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 10 Feb 2022 11:40:50 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AYg5qPIlC1EZCwLqqeJidObirTFBMXdRkanfvMrIzuNj8wa6xhTYAuoQR7JXBl7N4QuuQWS5c-AHKEiwJd8w_DZFJvrRXR1whwBn&google_cver=1&google_gid=CAESEHQz7tNTISjcZTWDa7xZbJs&google_hm=UTY5Nzc3OTY0ODIxMzY5MTA5MjM=
Cache-Control
max-age=37803
Connection
keep-alive
Content-Type
text/html
Content-Length
154
pixel
cm.g.doubleclick.net/ Frame 333D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESELwAay38GlsNqdo-PDI8Dps&google_cver=1&google_push=AYg5qPILeQtCzf2iU3B31TZW01wX7UwZoU4uQAs0YEklFPXy6ZSIixFIX9vA3HVevM4GrNyNaIB0CmhkNVfqsPaDwN...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NmViMGQ4YzgtOGVjMC00OWIzLWFmZWMtZGQ4YmZjOWM3MDEz&google_push&gdpr=0&gdpr_consent=&ttd_tdid=6eb0d8c8-8ec0-49b3-afec-dd8bfc9c7013
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NmViMGQ4YzgtOGVjMC00OWIzLWFmZWMtZGQ4YmZjOWM3MDEz&google_push&gdpr=0&gdpr_consent=&ttd_tdid=6eb0d8c8-8ec0-49b3-afec-dd8bfc9c7013
Protocol
H3
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 11:40:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Feb 2022 11:40:50 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NmViMGQ4YzgtOGVjMC00OWIzLWFmZWMtZGQ4YmZjOWM3MDEz&google_push&gdpr=0&gdpr_consent=&ttd_tdid=6eb0d8c8-8ec0-49b3-afec-dd8bfc9c7013
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
423
pixel
cm.g.doubleclick.net/ Frame 333D
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEPdbrTvPoTFA0ghMqe6MlmU&google_cver=1&google_push=AYg5qPJelnkSH0nf65iJ-qU7NK6D5iMgwWYNoyG4ppvsPNVQZJnmbx5ycu7IzTuMzi_yHvEz0QGOfPFwudh5T...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEPdbrTvPoTFA0ghMqe6MlmU&google_push=AYg5qPJelnkSH0nf65iJ-qU7NK6D5iMgwWYNoyG4ppvsPNVQZJnmbx5ycu7IzTuMzi_yHvEz0QGOfPFwudh5T...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPJelnkSH0nf65iJ-qU7NK6D5iMgwWYNoyG4ppvsPNVQZJnmbx5ycu7IzTuMzi_yHvEz0QGOfPFwudh5TeM5DXTp8ZBX7qx0&google_hm=SVFmOFh0Nm9ZVER2MGRs...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPJelnkSH0nf65iJ-qU7NK6D5iMgwWYNoyG4ppvsPNVQZJnmbx5ycu7IzTuMzi_yHvEz0QGOfPFwudh5TeM5DXTp8ZBX7qx0&google_hm=SVFmOFh0Nm9ZVER2MGRsaXFJQXA=
Protocol
H3
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 11:40:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 10 Feb 2022 11:40:50 GMT
P3p
CP="We do not support P3P header."
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPJelnkSH0nf65iJ-qU7NK6D5iMgwWYNoyG4ppvsPNVQZJnmbx5ycu7IzTuMzi_yHvEz0QGOfPFwudh5TeM5DXTp8ZBX7qx0&google_hm=SVFmOFh0Nm9ZVER2MGRsaXFJQXA=
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
236
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 333D
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEBoSsUAD18cazy_7T67B3XE&google_cver=1&google_push=AYg5qPLJKh0o6qAu1ygtdbLN0Ls8pjeMZb6dQ6dle6L_5isBsP0oj3KFOn8C00OPrEqkBVTabhko7iKvCXoiLlqF...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLJKh0o6qAu1ygtdbLN0Ls8pjeMZb6dQ6dle6L_5isBsP0oj3KFOn8C00OPrEqkBVTabhko7iKvCXoiLlqFEr7XNAuSRKct
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLJKh0o6qAu1ygtdbLN0Ls8pjeMZb6dQ6dle6L_5isBsP0oj3KFOn8C00OPrEqkBVTabhko7iKvCXoiLlqFEr7XNAuSRKct
Protocol
H3
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 11:40:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 10 Feb 2022 11:40:50 GMT
via
1.1 27c608e7692c0c2238fa431356d5d6e2.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR50-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLJKh0o6qAu1ygtdbLN0Ls8pjeMZb6dQ6dle6L_5isBsP0oj3KFOn8C00OPrEqkBVTabhko7iKvCXoiLlqFEr7XNAuSRKct
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
cwBW80Q561gmgCAqJaNy-LHCYo6614xvN6wVFuv48YSyjRtBsXK1mg==
pixel
cm.g.doubleclick.net/ Frame 333D
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEDBr9himbD5B9kPFkQzuN1c&google_cver=1&google_push=AYg5qPJesEKCQNVfuIHzOg0YDlBfbqM-4C3vAoINkVcD-odsdCMTVndc9WCEmSg6dFYyRWO-4yMF97Pw14K8fvelp_feBbaw8hR9
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTYwNTQ1NDcxNTkyNzg0ODU5MjYzNQ%3D%3D&google_push=AYg5qPJesEKCQNVfuIHzOg0YDlBfbqM-4C3vAoINkVcD-odsdCMTVndc...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTYwNTQ1NDcxNTkyNzg0ODU5MjYzNQ%3D%3D&google_push=AYg5qPJesEKCQNVfuIHzOg0YDlBfbqM-4C3vAoINkVcD-odsdCMTVndc9WCEmSg6dFYyRWO-4yMF97Pw14K8fvelp_feBbaw8hR9
Protocol
H3
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 11:40:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTYwNTQ1NDcxNTkyNzg0ODU5MjYzNQ%3D%3D&google_push=AYg5qPJesEKCQNVfuIHzOg0YDlBfbqM-4C3vAoINkVcD-odsdCMTVndc9WCEmSg6dFYyRWO-4yMF97Pw14K8fvelp_feBbaw8hR9
date
Thu, 10 Feb 2022 11:40:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
dot.gif
s0.2mdn.net/ Frame 333D 		43 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEFuIBU2XN5Mf5YKKCBUp_Sc&google_cver=1&google_push=AYg5qPIW7xBdg9Z6TYF2fXm5GqMUxRkErnPcxF9_eZx6s4aQNE0ptIwHgqDsiU7WzOAY5EslRpiBHDBVeGAQitAjZ8UZu3gr0ioXyg
Requested by
Host: c0ace983ffea1bea0427354da745db13.safeframe.googlesyndication.com
URL: https://c0ace983ffea1bea0427354da745db13.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:40:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 11 Feb 2022 11:40:50 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 333D 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LBOTAxjivWfW6V_xD1Iq7bhhtlLap2U08Ig2i-cQ9sjy4sfDkpjYkLYzIQmPfouHRagBicFg
Requested by
Host: c0ace983ffea1bea0427354da745db13.safeframe.googlesyndication.com
URL: https://c0ace983ffea1bea0427354da745db13.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:40:50 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
cast_sender.js
www.gstatic.com/eureka/clank/98/ Frame F6A6 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/98/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b3043a59925da95728c8d505da11bc06e2c7a502486e1c84fcc9445dee2ab96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 15:09:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73910
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15480
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 16:03:53 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="cloudview-release"
expires
Thu, 10 Feb 2022 15:09:00 GMT
51HlaoDq_D6uZSgBzZWUemIfoZ0TtR6K4rqMqSgJuCQ.js
pagead2.googlesyndication.com/bg/ Frame C043 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/51HlaoDq_D6uZSgBzZWUemIfoZ0TtR6K4rqMqSgJuCQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e751e56a80eafc3eae652801cd95947a621fa19d13b51e8ae2ba8ca92809b824
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 05:23:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
22653
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13873
x-xss-protection
0
last-modified
Mon, 07 Feb 2022 12:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 Feb 2023 05:23:17 GMT
CTA.svg
s0.2mdn.net/sadbundle/2926134720286356086/ Frame 4924 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2926134720286356086/CTA.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
481e0cf92460614524b3dae2b34634f98fcf4f87c1b96818bdb6c8faf15bcc0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2926134720286356086/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 01:17:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
555772
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1599
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 16:43:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 04 Feb 2023 01:17:58 GMT
Logo.svg
s0.2mdn.net/sadbundle/2926134720286356086/ Frame 4924 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2926134720286356086/Logo.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99969250322c19d94786bd198ae7de80aa042690b7ad95228cccf3e4033d646d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2926134720286356086/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 01:49:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
208291
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1549
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 16:43:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 Feb 2023 01:49:19 GMT
txt5.svg
s0.2mdn.net/sadbundle/2926134720286356086/ Frame 4924 		15 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2926134720286356086/txt5.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
956816e200f859bb09c436321f3fe3a9eb10adfad22a232a1a3781608249846b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2926134720286356086/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 01:17:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
555772
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3821
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 16:43:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 04 Feb 2023 01:17:58 GMT
txt3.svg
s0.2mdn.net/sadbundle/2926134720286356086/ Frame 4924 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2926134720286356086/txt3.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
df88fc6f04ee2999ce3ac0bb69a5f911a6ad64e6ebd18c86022e8585b081cf7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2926134720286356086/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 01:54:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
207993
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2722
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 16:43:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 Feb 2023 01:54:17 GMT
txt4.svg
s0.2mdn.net/sadbundle/2926134720286356086/ Frame 4924 		13 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2926134720286356086/txt4.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a21a176b4c7a72ac7810b811ccc36af308d673ebb84bdd3fb071207d9e7125fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2926134720286356086/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 01:17:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
555772
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3798
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 16:43:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 04 Feb 2023 01:17:58 GMT
txt1.svg
s0.2mdn.net/sadbundle/2926134720286356086/ Frame 4924 		7 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2926134720286356086/txt1.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f461c7fdec0e8e2fce2520a7456da4506688bd1eee83a05bda2ecaa0cd47711
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2926134720286356086/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 01:17:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
555772
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2528
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 16:43:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 04 Feb 2023 01:17:58 GMT
txt2.svg
s0.2mdn.net/sadbundle/2926134720286356086/ Frame 4924 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2926134720286356086/txt2.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
201cc75ce5833b8ee6480df3ff9777193b0d28f59b4b4106a3b51e7e39296d77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2926134720286356086/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 01:17:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
555772
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1173
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 16:43:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 04 Feb 2023 01:17:58 GMT
pastille.svg
s0.2mdn.net/sadbundle/2926134720286356086/ Frame 4924 		357 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2926134720286356086/pastille.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
178a095bc5994c61643e7ab45d0d9562810284d5244837b5762f5cf76b0a770f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2926134720286356086/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 01:17:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
555771
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
240
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 16:43:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 04 Feb 2023 01:17:59 GMT
A1.png
s0.2mdn.net/sadbundle/2926134720286356086/ Frame 4924 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2926134720286356086/A1.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e698ae73d815ddaf61cdeac123a0b5f16cfc68012927d863fcba558debe8ccc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2926134720286356086/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 01:17:58 GMT
x-content-type-options
nosniff
age
555772
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23176
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 16:43:56 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 04 Feb 2023 01:17:58 GMT
BG-couleurs.png
s0.2mdn.net/sadbundle/2926134720286356086/ Frame 4924 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2926134720286356086/BG-couleurs.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f49300a39fe13ea0b68d92ac4df0b4e4bc47ad59b93f73b478e6c527f232ab12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2926134720286356086/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 01:17:58 GMT
x-content-type-options
nosniff
age
555772
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11378
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 16:43:56 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 04 Feb 2023 01:17:58 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C043 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bw-nLwfkEYpX-Er6OoPMP16Cp8AkAAAAAOAHgBAI&bg=!c3ClcDTNAAbS3PJy0tw7ACkAdvg8Wixhz7qs5Qwsa7-os88jkuauIptwhgjKS8ZwmwauUG1kjQk5qwIAAADKUgAAAANoAQeZAu13QFHhH1F_f5MUP6hZ5fmMqR6FfrCWQwXZqHOfqIfimh7p2YdWRo3UdrXebnke7eG-JaXJoR0_X0yxMp4RQ05bJvim6aR5b4SBF0fn7_JLDiSMtrIdQES33V-e8jvSnf2CDKNW5gowQve5IWazUz811UYlY1Lx5m-LZx3pvuLYXx8x0Ov0h6gU_UTpNTZeGd9RxkEEMzFzmFEtUlupRDVbghjmPm7Nv-Bt0w8oHxFsNZS8BElURnVpOuSJdQ4WDcna30gmUJ52YsEN52OhgywTVyBC7OukC9hxztg1nK8NfQ2HQTMXUZAz_5796VGI9CGCpnFE24paoejq8RN5T3SnLuTmMK5E7RB6RsfYZGKZ-JmHeTenRRGlfIUCpOZ0HhwbbdM6d4Q-CyaxF5UBx-ifaQ-U7F3Txyz4t8UDse8-ceRTArmr2hcqB_MTbZYO1hnvHnf8d7VR00TDS-EMIMFMxZioo6zqwQiiAYi2eGFpQujDV3rfJM3yP2-_f2ujY9LLOJyVEUo49h3tj2bQEzUtos4lqOzF3EEfecOKItZ74UZ_4wF0cUR8f_gv_MEqO9vauhIjYqY9yCdBgel8OUO5WHgXXQBttcTp2e7pAgYOcRonp8KGvFkhdfo9fi-kqfgD8-cFFy5t7ZasY-ID6YRG7bEhr0A0WwJ8Mgi-xxchUHK0KNG4gXrlV2784FroxA1ztBu5xzcHv9gJCB_L380px1jfzqIZYOvrR0vk_HKBI_SofUynaa0xji20r73rdkbYEQSTvq3n_YnhJE_6KKM6SXcMyfEWQvFWOOpQeue8xpml3vE_jRqeUDPgZTcc5xzrFLB21e-KxRJ1BitYaL_UHpOLVkW2ExcDG7suUB3lJ0_dG-Hf7p8yRy4Wp_x562o9_Z-OPsBzED65IMpMFIWqOLAsH-5QMwtzplSNPQytFUx8y-zGNb6_4jJ7GnDDiNoGMbRRQQWByr8-qSJs4Y5jDpW3v7qPmNd0OISx1g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 11:40:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame FCD3 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:40:49 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022020801&jk=2890307273580346&bg=!5Oel56PNAAbS3PJy0tw7ACkAdvg8WqqaEjKcgEwWbd_3y4X0jcuasw79rJFK97XDrNwt4ZW222jI1AIAAANoUgAAAANoAQcKAGCboxBAwvaf3Nr1kCiWmM5g9TE2e95oOmzpXadKoBwbJ6JWcPNfycJsixLA-HRq_TSXXgqxEiyp0LOAY02n4w034YGTqFRSQhr5gG0G4hZ-NsVCROoTE3Q4FBu_jifLaciZArK2PtNEGHNuRJi5N3IwPBCK98ynzpMFYuTOWG7wqTZ-ODmiArmQglzoIAjYlUqPvw80U8gOGVrZb6Q0cOq8NvPy9jYAPW3hFiC9itkD7UpqLeCzERK_axbUaXOstVRHyxLjXVcjdeJ4mwLRGYKpku1ZsJIxVFneWP7jEe70Ums2WZ1Xe_G5f8mDtmJzeCu8RNkjM-_hxY3O2MYotqrumUY4V9Fn112hoSP9yMeU3EBA07A7FN8gaPBGh1X1OJjH9IrPc8TMM5UDToOdJnFvW9Oj-1yu3AMYBkKBJn9zltI2THAkYVUUgYxT0y7kgV-VbUCO8K6OzwASiPVorfSI7z0cIza7Ncjifv0BJu-LlkBmsnjFSffoQeJnOAOYWXiHYralji33RhqxmLL2IIgAt4pfj8Cdbejx_qw40eSxZx51vyY7t3tdpnsfEgiFCdbhjYgEq-6-XfouM6GhWDNi2TQQuApdnnLTfHIdl6mWXzrG9RtwGrIFvROEwZ3Ue_mORxScFVcJ-9YhsvVB9C04Dma9R_huwXibRsNqxbJkAz3d3fQ_Kccafq4ZMU92ZiSk7-FUWfs2kyxvWuNEOIhmO1UiFY1_wgrJ4-hMDJ9IHFKiRLRJLUs_FnyxxonN0a7dJRgdlNd89i2WsgWQ-P8lkXDPvf2QkIgiK6H3h6p3GE219bLIYFXzp1OOOeCZr4ny0P1yoEaFGRiylBs_sM9IQGsgXwKmnW6ei1WLQ48wmsinSMqA4Gv9vhj_KD1JxLuCEAnFvyUI8dVP9alYP-se1wuFP2Xxb6gU9zFV-xHnSNW957KJ_7L2dT9J3JnwwgPoW4IaT5pANm0s3UFwJuRLDRgTnGDrcn7GI0hglnipOwE5hoqq0RzLLoMbnvY-iwSLkwlI8PhMiGQnIpQnEt1tJTYvQlU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 11:40:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C50D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvbUvDLUEfkFOZ3a3wUiseb_wmHwm-Cm-lprDDc-h0V7v817lSMX2_faJZ4eJCnlZDEX6WTmiXDG5v2r5ddoNaTpj8fNV1lEB6hRg&sai=AMfl-YRkAKIeVeQuVI476bIfccIJ05TB3mlkYWCew6sfOVzJPzWgDF030cApzZw_iXrxHOzdcO5I4k5pwK390B0VsmbA-mg1-gqqJyGEYZiUeNH8EKB9xaBCpxd4oxkBUt7TZC_wULp9mg5YJTHprBI&sig=Cg0ArKJSzD6cKk-f8e7rEAE&cid=CAASEuRo4PUlYmwlcg-f6LKrQjUoBw&id=lidar2&mcvt=1000&p=108,315,358,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220209&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=625928897&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644493249117&rpt=839&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://c0ace983ffea1bea0427354da745db13.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 11:40:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
log_event
www.youtube.com/youtubei/v1/ Frame F6A6 		28 B
50 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/96dcbc8c/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/huP4KOq-v7g?autoplay=0&cc_load_policy=1&color=white&controls=1&enablejsapi=1&origin=https%3A%2F%2Fcheet-2642-ontariofarmer.gdev.postmedia.digital&playsinline=1&rel=0&playlist=huP4KOq-v7g%2C6kfv6OjkAPo%2CGSTTZ7mtwKc%2ClkhYkiqApyI%2CLefQlPR5tiU%2CiYlGGPcBNLM%2Ce3Q4fByDnWY%2CFELEXBxSqOc%2CHiIgtQALCkI%2CU04Sbe64a2Y&embed_config=%7B%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F3081%2FSMCO_ENCO_MAGOnFarmer_EN_WEB%2Findex%22%2C%22cust_params%22%3A%22player%253Dyt%2526no_pol%253Dtrue%2526page%253Dindex%2526pr%253Donf%2526sensitive%253Dn%2526negative%253Dn%2526ck%253Dindex%2526imp%253Dindex%2526kuid%253D%2526adt%253DveryLow%2526alc%253DveryLow%2526dlm%253DveryLow%2526drg%253DveryLow%2526hat%253DveryLow%2526off%253DveryLow%2526vio%253DveryLow%2526ias-kw%253D%2526fr%253Dfalse%2526cheetah%253Dy%22%2C%22ppid%22%3A%2200000000ppidp1560126540933913520%22%7D%2C%22nonPersonalizedAd%22%3Atrue%7D%7D&widgetid=1
X-YouTube-Client-Version
1.20220208.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
Cgt5ZnBuWXhJRmFPRSjB85OQBg%3D%3D
X-YouTube-Ad-Signals
dt=1644493249414&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C501%2C282&vis=1&wgl=true&ca_type=image&bid=ANyPxKrQhB-n8gtDPegb12db1twFgkJe_MFZAS0HRqMTnsoWiaMicelzINQ02FKCQfeM4Xak01kgAX9GNGUC_h7GaIUA_AcwyQ

Response headers

date
Thu, 10 Feb 2022 11:40:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
events
jssdks.mparticle.com/v3/JS/us1-a9588c0ddc27594cabd152e47ffe27ee/ 		41 B
295 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v3/JS/us1-a9588c0ddc27594cabd152e47ffe27ee/events
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-a9588c0ddc27594cabd152e47ffe27ee/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
cb89432dfa78813659f4739cc771f15f1289212ef0b0791ae5ecdbbf1a9661b3

Request headers

Accept
text/plain;charset=UTF-8
Referer
https://cheet-2642-ontariofarmer.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 10 Feb 2022 11:40:52 GMT
content-encoding
gzip
server
Kestrel
x-timer
S1644493253.848318,VS0,VE16
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-served-by
cache-yul12824-YUL
vary
Accept-Encoding
x-cache
MISS
content-type
application/json
access-control-allow-origin
*
accept-ranges
bytes
via
1.1 varnish
x-cache-hits
0

Verdicts & Comments Add Verdict or Comment

110 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 function| structuredClone function| setNptTechAdblockerCookie object| script object| LRNameSpace object| LoginRadiusDefaults function| LoginRadiusUtility function| LoginRadiusApiFramework function| setLoginRadiusDefaultSchema function| setLoginRadiusModuleFunctions function| LoginRadiusHooksModel function| SetLoginRadiusCommonFunctions function| LoginRadiusControllers function| LoginRadiusV2 function| FormValidator object| hash object| modern_script_elem object| legacy_script_elem object| ytAdTargetingLoadEvent function| script_onload string| locSrc object| ytVideoAdTargetingConfig object| webpackJsonpFrontEndModules object| tp object| FrontEndModules object| googletag object| aax object| apstag function| Krux object| dataLayer object| KruxDataLayer object| ggeac object| google_js_reporting_queue boolean| apstagLOADED object| districtmHeader function| BlockAdBlock object| blockAdBlock object| __iasPET object| mParticle object| gtm_data_layer object| diagPixSentCodes object| __iasAdRefreshConfig function| udm_ object| _comscore object| COMSCORE object| google_tag_manager function| postscribe object| google_tag_manager_external object| webpackChunkdjango_content_services object| google_tag_data string| _linkedin_data_partner_id function| fbq function| _fbq function| twq function| onYouTubeIframeAPIReady string| iasScores undefined| google_measure_js_timing object| regeneratorRuntime function| lintrk boolean| _already_called_lintrk object| twttr object| Sailthru object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| Ribn object| GoogleGcLKhOms object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportGELProtoQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ampInaboxIframes object| ampInaboxPendingMessages object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| google_image_requests

109 Cookies

Domain/Path Name / Value
cheet-2642-ontariofarmer.gdev.postmedia.digital/ Name: x-id
Value: {"data":{"id":"idxwx27j5u3gzn80qbjtr7nuncr02afj8zwax95s8","updated":1644493247257},"exp":604800000,"ts":1644493247403,"mac":112874044}
.postmedia.digital/ Name: _gcl_au
Value: 1.1.260944317.1644493248
.scorecardresearch.com/ Name: UID
Value: 1E2eb6b392dc0b6e331ce821644493247
cheet-2642-ontariofarmer.gdev.postmedia.digital/ Name: __adblocker
Value: false
pmd-dev-frontend-modules.s3.amazonaws.com/ Name: x-id
Value: {"data":{"id":"idxwx27j5u3gzn80qbjtr7nuncr02afj8zwax95s8","updated":1644493247257},"exp":604800000,"ts":1644493247737,"mac":112966424}
cheet-2642-ontariofarmer.gdev.postmedia.digital/ Name: sailthru_pageviews
Value: 1
cheet-2642-ontariofarmer.gdev.postmedia.digital/ Name: political-ad-opt-out
Value: {"data":false,"exp":604800000,"ts":1644493247798,"mac":-867421747}
.linkedin.com/ Name: li_sugr
Value: 4e0961d7-b2cc-4146-9234-1ef6357511fc
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&5f2a307b-177b-4325-8c22-c6bc4a119a77"
.linkedin.com/ Name: lidc
Value: "b=OGST02:s=O:r=O:a=O:p=O:g=2596:u=1:x=1:i=1644493247:t=1644579647:v=2:sig=AQGOPSUsTS2CkUWR-3fEgi1-EvretAQk"
.postmedia.digital/ Name: _fbp
Value: fb.1.1644493247853.766882699
.t.co/ Name: muc_ads
Value: 64862747-1c64-4ab6-a89c-c03a48e56484
.twitter.com/ Name: personalization_id
Value: "v1_mJ1xzm0S/o665jPCLkbFfQ=="
cheet-2642-ontariofarmer.gdev.postmedia.digital/ Name: sailthru_visitor
Value: 7b00e59d-3a56-4780-baeb-256ec3700d95
.facebook.com/ Name: fr
Value: 0iHpKovrF7gaRKsTT..BiBPm_...1.0.BiBPm_.
.sharethrough.com/ Name: stx_user_id
Value: 8d8b5b05-466e-41b2-8d05-be91bf1c9375
.advertising.com/ Name: APID
Value: UP4a4696ab-8a66-11ec-8c96-0e46dbec0cf3
.yahoo.com/ Name: A3
Value: d=AQABBL_5BGICEBJlwns0y29w844Z4SQTLXYFEgEBAQFLBmIOYgAAAAAA_eMAAA&S=AQAAApFpc_A2IOxUhPaZyl_vkIg
.postmedia.digital/ Name: mprtcl-v4_767FC2FC
Value: {'gs':{'ie':1|'dt':'us1-a9588c0ddc27594cabd152e47ffe27ee'|'av':'1.0.0'|'cgid':'bb151f2b-bcca-4d26-97d6-2723bd47c9d4'|'das':'562517fa-bd7f-488d-a083-ef1306fd8a7e'|'csm':'WyIxNTYwMTI2NTQwOTMzOTEzNTIwIl0='|'sid':'034C177C-FA40-4666-9CC0-D6F85AE77C5C'|'les':1644493247864|'ssd':1644493247681}|'l':1|'1560126540933913520':{'fst':1644493247801|'ui':'eyIwIjoiaWR4d3gyN2o1dTNnem44MHFianRyN251bmNyMDJhZmo4endheDk1czgifQ=='}|'cu':'1560126540933913520'}
.bidswitch.net/ Name: tuuid
Value: a03ea989-647c-4d91-b2a9-497ed3bfb76e
.bidswitch.net/ Name: c
Value: 1644493247
.bidswitch.net/ Name: tuuid_lu
Value: 1644493247
.krxd.net/ Name: _kuid_
Value: Op3HHEPR
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-a96f6239-0704-499c-5857-2fc358cad7af.dufTPXPBj3EIJs2OYp9ot8XVnWUT%2FWImXAijpsGgKLk
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AqW9iOQcESZxYVy_DWMrXr5U4mbk.7mMReyU%2B2au5MLExEQmbpFxQXVw8V9HvSBV2GC2OEdE
.linkedin.com/ Name: UserMatchHistory
Value: AQKlRJ4suKeWZQAAAX7jb5XBoFiNciyuCFCxATEAmPIInrvUc-0ec3NYj2Y8eaOc2N9OSeI1D1r1cA
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQKdRtJXeMRKEwAAAX7jb5XB58ly7lSMUGA_9bRVR3081WUggfWhmY6OqWc3Yl3cJYfckgHh4nOMsF0FydC97w
.analytics.yahoo.com/ Name: IDSYNC
Value: "191l~235n:18ym~235n"
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YgT5wAAFJx8O0wBB
.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.www.linkedin.com/ Name: bscookie
Value: "v=1&202202101140487e54b509-3b25-475a-8814-9d330d65556dAQE9TTzaNAAt7gwsLot5czJqvv3xfj59"
.casalemedia.com/ Name: CMID
Value: YgT5wFVx1VfG77DPAM.50QAA
.casalemedia.com/ Name: CMPS
Value: 467
.casalemedia.com/ Name: CMPRO
Value: 473
.doubleclick.net/ Name: IDE
Value: AHWqTUk0AvP96y47Ci9Ti8k9jMQHsO-WW26fVbr3qKTcc0h2BG_Jch1pLiFB5j3XF_U
.mathtag.com/ Name: uuid
Value: 3ec36204-f9c0-4500-a2fb-1e8e4c98d324
.3lift.com/ Name: tluid
Value: 1605454715927848592635
.agkn.com/ Name: ab
Value: 0001%3A%2FpG6xPXWqWtr7S%2FYTXElNFNewMAO%2FbB3
.amazon-adsystem.com/ Name: ad-id
Value: A5CjFV8e4URTsjD0xxB5QrE
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.bidr.io/ Name: bito
Value: AAEUSE7ECfQAAHccD3thZA
.bidr.io/ Name: bitoIsSecure
Value: ok
.ml314.com/ Name: u
Value: aHR0cHM6Ly9jZG4ua3J4ZC5uZXQvcGFydG5lcmpzL3hkaS9wcm94eS4zZDIxMDBmZDcxMDcyNjJlY2I1NWNlNjg0N2YwMWZhNS5odG1sIyFreGNpZD11dGh0eG1kZGcma3h0PWh0dHBzJTNBJTJGJTJGY2hlZXQtMjY0Mi1vbnRhcmlvZmFybWVyLmdkZXYucG9zdG1lZGlhLmRpZ2l0YWwma3hjbD1jZG4ma3hwPQ==
.ml314.com/ Name: pi
Value: 3625040135422214160
.ml314.com/ Name: tp
Value: 4%3b2%2f10%2f2022+6%3a40%3a48+AM%3b0
.adsrvr.org/ Name: TDID
Value: 6eb0d8c8-8ec0-49b3-afec-dd8bfc9c7013
.crwdcntrl.net/ Name: _cc_cc
Value: ctst
.openx.net/ Name: i
Value: 4cac1be4-0c06-0e8d-062b-8d8d542714bc|1644493248
.eyeota.net/ Name: mako_uid
Value: 17ee36f9767-5a700000010a56b6
.eyeota.net/ Name: SERVERID
Value: 22198~DM
.lijit.com/ Name: ljt_reader
Value: 2b2b1102356f0fc4bb65f140
.adnxs.com/ Name: uuid2
Value: 5238648912890707969
.openx.net/ Name: pd
Value: v2|1644493248|vMgakWgyiK
.lijit.com/ Name: ljtrtbexp
Value: eJyrVjJSsjI0MzE1NzCyMLHQUTJG5Rqh8S0sUfmGKNprAXq9D%2F4%3D
.betweendigital.com/ Name: dc
Value: mow1
.betweendigital.com/ Name: tuuid
Value: d5e2caa6-a3a8-5129-98a7-31f3faa3c833
.betweendigital.com/ Name: ss
Value: 1
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 07C71460-8653-41C1-AB37-539E9D81DB99
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 156011:2
.pubmatic.com/ Name: DPSync3
Value: 1645660800%3A197_201%7C1645056000%3A164%7C1644537600%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1645660800%3A220_21_13_54_22%7C1645056000%3A2
.sitescout.com/ Name: ssi
Value: cc60af1f-4b6f-44e6-8d02-d305b6cc5499#1644493248480
.adsymptotic.com/ Name: U
Value: 4efd826e240af41802c19a0df28fbcd0
.sitescout.com/ Name: _ssuma
Value: eyI0MSI6MTY0NDQ5MzI0ODUzMX0
.openx.net/ Name: univ_id
Value: 537072971|6eb0d8c8-8ec0-49b3-afec-dd8bfc9c7013|1644493248530976
.rubiconproject.com/ Name: khaos
Value: KZGWTJJE-7-677U
.owneriq.net/ Name: si
Value: Q6977796482136910923
.adform.net/ Name: C
Value: 1
.rlcdn.com/ Name: rlas3
Value: tXXnEv2qop7FCwV8VDy4IxBMaEVrOUdXV1eUX5rJWOo=
.demdex.net/ Name: demdex
Value: 37417327560844431442465289276367959844
.lijit.com/ Name: _ljtrtb_3
Value: 3ec36204-f9c0-4500-a2fb-1e8e4c98d324
.betweendigital.com/ Name: ut
Value: YgT5wAAIJfCaZlajBSgavE8YK4C1YuZJN3D7Hw==
.adform.net/ Name: uid
Value: 1696481853975209574
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-YgT5wAAFJx8O0wBB&KRTB&22978-YgT5wAAFJx8O0wBB&KRTB&23194-YgT5wAAFJx8O0wBB&KRTB&23209-YgT5wAAFJx8O0wBB
.pubmatic.com/ Name: PugT
Value: 1644493248
.pubmatic.com/ Name: PUBMDCID
Value: 2
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-6eb0d8c8-8ec0-49b3-afec-dd8bfc9c7013&KRTB&22918-6eb0d8c8-8ec0-49b3-afec-dd8bfc9c7013&KRTB&23031-6eb0d8c8-8ec0-49b3-afec-dd8bfc9c7013
.lijit.com/ Name: _ljtrtb_12
Value: 5238648912890707969
.rlcdn.com/ Name: pxrc
Value: CMDzk5AGEgUI6AcQABIFCOhHEAA=
.simpli.fi/ Name: suid
Value: 43DFF3CD0F99411CA82B3C6FD65DD333
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEGpkrSK_sdY-bLtAcYqG4Ds&KRTB&16514-CAESEGpkrSK_sdY-bLtAcYqG4Ds&KRTB&23025-CAESEGpkrSK_sdY-bLtAcYqG4Ds
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:43DFF3CD0F99411CA82B3C6FD65DD333
.dpm.demdex.net/ Name: dpm
Value: 37417327560844431442465289276367959844
.turn.com/ Name: uid
Value: 3791191646582480870
.lijit.com/ Name: ljtrtb
Value: eJwNyckRgDAIAMBeeMsMVwjYjUHShGPvut99gAVOGKLhFskSSZNmesIB%2Bo92qQsZ7ixCG0R4yV7IHW2VcasYvB8sLRBy
.lijit.com/ Name: _ljtrtb_2
Value: C2835A87145D4E8D8F5FBFABDFA0194D
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3791191646582480870
.pippio.com/ Name: did
Value: --SzGoGpCFasGBZs
.pippio.com/ Name: didts
Value: 1644493248
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CMDzk5AGEgUI3k4QAA==
.mathtag.com/ Name: mt_mop
Value: 9:1644493248
.rubiconproject.com/ Name: audit
Value: 1|nnrP3nWSLgtrAn7AhuX/L50uT3o6m4dHJnETWI+R4vrWaDs14xzbSLqHXR/0Y0QEH6Po45z9N+giZ07GJqnMno4BjqNRGrmz
.districtm.io/ Name: _dm_uid
Value: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAwLCJ1c3IiOiJxZ2FBQXJJR0d6STBkWFpPWlhnMGEwRlpibmt6YURaeVNYaG5VRWxTUlVSS1pMb0dLUWlaVGhJa1lUQXpaV0U1T0RrdE5qUTNZeTAwWkRreExXSXlZVGt0TkRrM1pXUXpZbVppTnpabHVnWWdDS3BPRWh0eFZ6bHBUMUZqUlZOYWVGbFdlVjlFVjAxeVdISTFWVFJ0WW11NkJnTUlyazY2QmdNSXNFNjZCbEFJdzA0U1Mza3RMbFJKTm1wT1VrVXlkVVUwWVVONk1YTlZNVlZpYVhKSVZrYzJibmcxYzFkK1FYNVZVRFJoTkRZNU5tRmlMVGhoTmpZdE1URmxZeTA0WXprMkxUQmxORFprWW1Wak1HTm1NN29HTVFqSlRoSXNlUzFCUkVKdldWZEdSVEoxUjI1SFoweG9iVXBzVFVrM1p6bFBRMmhaY1c1NlFUbHBWV3htUlRndGZrRT0iLCJpYXQiOjE2NDQ0OTMyNDh9.adyzRY0BeBC0gzs87SQ55fs6H37bcxaMgO0-moCO_2dUUuyq5TsFsg3uKIbcYJuUQBus9TgTBVymgtPjtehZsg
.youtube.com/ Name: YSC
Value: u2dANR42k_k
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: yfpnYxIFaOE
.postmedia.digital/ Name: __gads
Value: ID=41ae777504297990:T=1644493248:S=ALNI_MZD8lZkUAvYeW85ndNZd1E8PXTzrw
.casalemedia.com/ Name: CMST
Value: YgT5wGIE+cEA
.casalemedia.com/ Name: CMRUM3
Value: 2d6204f9c12760CAESEEu4gEhbMcTKvVdH8wAc-9o
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2Hc#M2-lg!@wnfH8K6pQK`!5=E<*L5?%M/cgowNfxF88/l7L0i+'Vk/u>mv>zP=ufZ6?T*bpRz*qF1`*b^El)pMDJ
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHZDB0cm8xahILCLLp4PCGpbY6EAUSGwoMc2hhcmV0aHJvdWdoEgsIso-t8YaltjoQBRIUCgVvcGVueBILCIyp9vGGpbY6EAUSFwoIcHVibWF0aWMSCwjcz6_yhqW2OhAFEhYKB3J1Ymljb24SCwi-3Z30hqW2OhAFEhUKBmdvb2dsZRILCL6o7oKHpbY6EAUYASADKAIyCwjcx7KfnaW2OhAFOAFaCHB1Ym1hdGljYAI.
.owneriq.net/ Name: p2
Value: gguuid
.owneriq.net/ Name: gguuid
Value: 1
.quantserve.com/ Name: d
Value: EAkBCQG0JYEA
.quantserve.com/ Name: mc
Value: 6204f9c2-54885-33228-cbbdb
.zemanta.com/ Name: zuid
Value: IQf8Xt6oYTDv0dliqIAp
.pubmatic.com/ Name: SPugT
Value: 1644493249

8 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
other warning URL: https://www.googleadservices.com/pagead/conversion_async.js(Line 71)
Message:
Unrecognized feature: 'attribution-reporting'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
other warning URL: https://cdn.ampproject.org/rtv/012201141909000/v0/amp-ad-exit-0.1.mjs
Message:
Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
ad.turn.com
ads.betweendigital.com
ads.pubmatic.com
ads.yahoo.com
adservice.google.ca
adservice.google.com
ak.sail-horizon.com
analytics.twitter.com
ap.lijit.com
api.sail-personalize.com
assets.ribn.com
auth.lrcontent.com
b1sync.zemanta.com
beacon.krxd.net
c.amazon-adsystem.com
c0ace983ffea1bea0427354da745db13.safeframe.googlesyndication.com
c1.adform.net
cdn.adsafeprotected.com
cdn.ampproject.org
cdn.districtm.io
cdn.krxd.net
ce.lijit.com
cheet-2642-ontariofarmer.gdev.postmedia.digital
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
consumer.krxd.net
dmx.districtm.io
dpm.demdex.net
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hb.districtm.io
i.ytimg.com
ib.adnxs.com
id.rlcdn.com
identity.mparticle.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
jssdkcdns.mparticle.com
jssdks.mparticle.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
ml314.com
p.adsymptotic.com
pagead2.googlesyndication.com
pippio.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.adsafeprotected.com
pixel.advertising.com
pixel.rubiconproject.com
pmd-dev-frontend-modules.s3.amazonaws.com
pr-bh.ybp.yahoo.com
ps.eyeota.net
px.ads.linkedin.com
px.owneriq.net
px4.ads.linkedin.com
s.ad.smaato.net
s.amazon-adsystem.com
s0.2mdn.net
sb.scorecardresearch.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
smartcdn.gprod.postmedia.digital
smartcdn.prod.postmedia.digital
snap.licdn.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.ads-twitter.com
static.doubleclick.net
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.mathtag.com
sync.srv.stackadapt.com
t.co
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
www.facebook.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.linkedin.com
www.npttech.com
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
100.20.199.76
104.107.5.93
104.16.190.66
104.16.68.69
104.18.98.194
104.244.42.133
104.244.42.195
104.36.115.109
104.36.115.113
107.178.254.65
108.174.10.14
13.225.214.27
13.225.214.50
13.225.63.113
13.225.63.43
13.226.31.3
142.250.65.162
142.250.72.98
142.250.80.2
142.250.80.34
146.75.28.157
151.101.130.49
151.101.66.133
173.223.56.123
18.233.240.143
185.167.164.42
2001:4998:14:800::1001
209.54.180.144
216.152.140.200
216.200.232.253
23.111.200.118
23.52.161.180
23.52.162.21
23.64.107.8
2600:141b:13::17d7:82d1
2600:1f18:4e9:5a07:e7d9:5422:56cf:eb6f
2600:9000:21dd:8200:7:75d4:e40:93a1
2600:9000:21ea:3800:1b:5138:8a40:93a1
2606:4700:10::6816:49e8
2606:4700:3037::6815:3c3f
2607:f8b0:4006:807::2001
2607:f8b0:4006:807::2006
2607:f8b0:4006:808::2002
2607:f8b0:4006:80a::2001
2607:f8b0:4006:80c::2001
2607:f8b0:4006:80c::2002
2607:f8b0:4006:80c::2003
2607:f8b0:4006:80c::2006
2607:f8b0:4006:80d::2001
2607:f8b0:4006:80d::2002
2607:f8b0:4006:80f::2003
2607:f8b0:4006:81d::200e
2607:f8b0:4006:81f::2002
2607:f8b0:4006:81f::200a
2607:f8b0:4006:820::2003
2607:f8b0:4006:822::2002
2607:f8b0:4006:822::2004
2607:f8b0:4006:824::2008
2607:f8b0:4006:824::2016
2620:112:f002:bbbb::21
2620:116:800b:21:1d2b:ecd5:fcc0:2c58
2620:1ec:21::14
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
2a04:4e42:200::645
2a04:4e42:400::645
2a04:4e42:600::645
3.218.90.66
3.227.87.232
3.233.68.37
34.149.157.221
34.197.192.192
34.199.160.85
34.235.23.231
34.95.11.30
34.98.64.218
35.169.147.222
35.173.74.115
35.190.60.146
35.211.178.172
44.193.191.16
44.194.147.181
50.31.142.95
52.223.22.214
52.223.40.198
52.95.147.107
54.192.160.42
63.251.86.50
63.251.86.51
68.67.161.212
68.67.179.154
75.126.248.142
8.28.7.83
8.28.7.84
8.43.72.98
99.83.154.140
00df94a6261bf2d611399f0346fa5d816002d578ad46379a1bd33d727e5da1a6
05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966
096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593
0a055b94dddc24c4d91c386d3eb855fc8eb2e973346a021eafb4e625398b60da
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ca367a40b39037858a2dbfc221129b3f620a7a35731880c725369a9671863d2
0e8237174d7df397d5743d7809d2135cc46113bf5e01616719f8626e539683a0
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
116657b39cc25181d96d3940554a9b7679b0dbf7fa5e0fc9bab1fee9681d48fa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1280d3514561855032887f2d5d3d0d236e9c17bfab1b375685007946ae2c0358
142cb8d24e29a22b084a24a2f2dd3a41bbfe91dbc98e2afdeab6d07005fa251d
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c
14cd34073ec766404b16802f2913e9d78c1349bef4fca986affa1b788470bd36
178a095bc5994c61643e7ab45d0d9562810284d5244837b5762f5cf76b0a770f
1a1cb145978036238fc717a47ecca7efce5f18634a29ee41c0d57ce7f24eaf83
1b93d9d52bdd69d6c34dcfacab0abff29802bd793fc43027c9790b38c64cd5a3
1f63df222097b7f15622c1ee0cca5af1e83a10ac357814c3d2eb1a93bc25ffc3
1f7672936fb92f71e4cc6bd4d921f19103d630329a18929988f57621bafde2d8
201cc75ce5833b8ee6480df3ff9777193b0d28f59b4b4106a3b51e7e39296d77
213e90e8499a0310e4c2ff23ee2515d64dd9e276caf2638618933abe76b6e6de
2392ec3224598ead10b594552a5a2524c11862aeff4ef96db479eeb56256d89d
23d00276404c2322c5d3bb27f5e930b67f81bc964189b36b028ab1521a5929db
245700ec8ef4a9acfb6088689f5b4867269393b8222cb1c75ea791621751ff87
276056816d9fc84293ac402b06fe009d2052432a4a929500478ca0684249e793
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
2815faade47d85001754ec4332317e6c738f2f86ac66393db53aee86082ee05b
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2d4642e81ac658ac0e3612edfb8b6d36ee33ec50f92eb6a6ad18313b83c334e1
2e1c7a21c00f36840e958472cd721813085b600be879fa748dce2e8afc4fa932
2f28c008f0ce667d697ccc95a07377e8562c0c28dd910f864724a265f75671e4
300b9ba11e041384aafe746b81adbac891f04890e6d71728d572df9073610076
308cdcc3f7ce905c24d687f13f6f0f9883c00f55b02eade3dc71ab9f9cb85290
316d22df4137a2793c5f8a3b8b8235b76bf08cc61a3fc1a9a0d943adaea72e0f
348180de8ed0528db1aee2b84174dcbe296baf2df1048a6f8d405181f4c3861d
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3883b449b3d23a43ca6d94db34a412bfe28815da53e7f1be2cc7ed48f115e873
39874e19af66fa05a8e943e773c81187cb7437bb3cb0076df6defb9381d32911
3b3043a59925da95728c8d505da11bc06e2c7a502486e1c84fcc9445dee2ab96
3b77abfeaea1a4ad2f58b86aa6b30e3c8b3bdc13c2732e89ad4c4ea5af427309
3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3fde76cacc186420d0405496f66f9cd00a7c14a38a9ffa4b626a09affe83cc2a
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
406dae81a8e95037a3bca53ca771f446df097cf86084d76de62fd308e2bf32a5
40e562e806ce113ae7879d0dd76db82797b5c274794751c260381f2c8b283641
42cb48fcecb9f09d629e736d1ca8a7eb9c37c8e493b140d071fa92396897b333
42d28b968b79182a5ce39cb1bfb0a1f62441f1fb1a5d233162712097967aa6cd
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
4781d19db46fbcc9339afb12d1a7a2f3c5fe8d41fae220bfe30be55859610a98
481e0cf92460614524b3dae2b34634f98fcf4f87c1b96818bdb6c8faf15bcc0f
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4910659dc839049030cd900a2fba16b8b73872cbdc04bf71c494b0c0512edef4
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ce58a240161b60d9b17b44a5bb04e35d852f783330fb55a27c62e3a9b0ccba3
4d35be6a4acb5913cc8012a296b45018f02ad68c190812d2af5aceb8752b44ca
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5273f00303297b56ff43a31ddc49a0580fd556eca2ba3e5a00b2f6cc4212334a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54fe9f7c928d0fc395507e9f82ac74b96bc024ce1c051ed33eb4253fbb7671a5
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57f753b7e56b556cb8ac84c3c70bc6cb1db46c23a926764d8b0997162c3e85e7
5853621d02d975fba45c91907a09fec43c635c608a30f31ecd9b85342693b41d
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4
5984e059ccb2c84f9b21e7e766aa4af4557431739f0fe98eeefa79709d3b1d2d
59d375a3759bc158c0d677747918964d67c112cc9ae205d52ce0c9c312ae996a
5a86add46ea715e379a378ec80c7650cad497aefc2478ea37e1c6a87353e4d94
5bfee1a430ede5828fcb00547e58f4121e6758b35517b4ee1b5387067a2e65e9
5f461c7fdec0e8e2fce2520a7456da4506688bd1eee83a05bda2ecaa0cd47711
5fd87cbae66f4a6bc31cb921552cc523a4fffafd8484fe7e1279681506ea2a00
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
60b9395e2eab9a67ccaae4113ecd8b3cbd8f6fa22df673e02e6f426041cf98f3
60e761f2efb0396df5e6292ac4a375382605cbffeff76475256c1a4ce6f48b4c
61a9435112cb68acc5f8da27798416ac4082a71a8ee5d392fb39c30185e4bc73
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63ebe369c64160017cb1de86cb4ee09d3a779eb2432c191fd35722a3bbc1be1a
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
68a335c0d87dce935fee1811892070e78c514828d50bfe2ae21fde739ec1002c
6adc1b55c587e052e2ef91a7430b26e202e5529996e2cec4e81bc47aeeb31dbd
6b247fe1779679885463ef9e1ed7e989ffb1a7a41f93af4834c4902d475f3a84
6b916b00b7d8fb73a2053891ce152a1603af199fc33baba62ae2c9785747f628
6e7ba9ef551c702f3beaed9757a67322b8fc869d1d0491f6422b6e0b59e2baac
740a9e7b3db299d6c5d2013418c00c437d768f4097e5d74f6c58db38cc431e28
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b
76a237b880fbfc8ac655e91dcf5c9af3b44ccc506c69328409b4047d72519eea
7720a0f40d088f144d749c07f075b8dfdc84afd25900a59045fe6c29d0fc5090
7a9e016195625593e47c9afc045aa82b43843486bd2b0ea6ecedbcf39a2203c9
7cce5c01e865de0f57ae5fced1a8ed24f883dae8676ed01d1fe908e8ca26a291
7da7a59e1c7dda8305c136059fff64cc4a04f4d777769579a2fb6bf87c68754c
7fb15552a88b764ca42963e71136255cecf99c6bccc6fdc68fbe0f930a516cb7
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
82b89ed3521ceae654e81e6b5d453c0c73abf4fce788f7f55dc92cc1b0b39551
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86891a4f92d09b470ae41e59041f933740ed0637ff2b92780b185cf1649cdb4d
883a1e12cc9b8b410a1caf352ed47bb06f28a7fc91ac96f27c03c271c2ce66a5
8ddf9e8fa96d1bbbeaf292ca94fc082dde61e4a6be90c87f8b2609fd88edbd4d
8f4b70778aa21c1c093c6acbad70c70b2e69d4d22e47d9405ee137db16ca050b
9008ac843d4735e349bdde45c352caeb6d5c1517622730fa602d6b56cf5e4b3a
956816e200f859bb09c436321f3fe3a9eb10adfad22a232a1a3781608249846b
975a64dc9bbc5e1884ba8ca2e76d9b2791d16d5c9f3619bf30477cd21a8636d2
97c48ad498efa9ce9f2ab4fb6bdd134685f55b7997c844012dd49da08f352572
97ebbb14c84d4682c8097790b33367c3a0614d1775bc8eb76b194e8c94262b3d
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99969250322c19d94786bd198ae7de80aa042690b7ad95228cccf3e4033d646d
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b487e6390458c38b99abb6215507b8bd25f795dbaf1e24d233ddd5c51d295a5
9fa0e47853440db100e94063e180d4acbaf5b8ee7345078298281f234d86602e
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1f4086973dc8059c20b2a680c1e4cfae4069ff3a4a063a297bbcd9281115dab
a21a176b4c7a72ac7810b811ccc36af308d673ebb84bdd3fb071207d9e7125fe
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a28a2b0db2877beb0d34c45d36536502fa2553b16f14e8e2594515b6c4078e49
a29f94f3b58a5f194036a27556a7fa4b4b2ae2b2e273c3561b56c69e9506c2ce
a43daa7f7b51b472b7b657134f86414bfbde762ce8828a9a66f57a0c22db4152
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6d23495a999c964a80da42c8ec8ffffce542b3643cec11df85c85064df8d6e7
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7d040d5e84706dac2d471ad33830bd0ae361ca06e53e72e817701478c6d5afa
aa8c4f5924fd06cbaf5c65fac729f0c3207d1f70534b07fc0915948c41b29d6e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad0de585bfd20058e6f55655569d98b055d5e533979e236e7adb6b7cf60246fb
aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50
b0cae2f23069415b0b022eb7adf056279d0c869f2e5a2d2b3a3de371fcf2aef4
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2df68db3a2e3f3f7182a16c8a255a9640057223555f379756f98bc020366a06
b40fffdca8df7dcf6a825dc35de6f3ee8bca5119730c8938e77e805d8016cb78
b6450083a5b47788232fbe8dbf4ef3f900984519e23585b78d082e9f41109a1b
bbdbf2bb616e0110a6994c4b7116daf95ed7988cd0a3a818b80db34b7a4ff77d
bd7842472e8c9d9405db5d61105e83befafdc65ab1849d822c4b7d12d1446093
be083f1ee8d5a8261339c981ff3d1b389d6ad916b8d1fabc7b9111f74e24edbe
bed79e22634d48c6e53d084c7dc1ac8e7ed34377df61478f7020d89248124ea1
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c397e8062184038eccc067433d5e484e4063afa3e0af6234d4424baf7777f8f8
c5bfe7e837984f45a4b301978ceb06a03fea2e60a15b937d99fd5b30d6ae9946
c6d4675d324e5b40ed5fe0f15dfc55855a7d6389232ce7c981062d99b80d366c
c7360a9b46fde11845b3090ca0034fb409d92398a71f3ae15fac3a2fa29ae6cc
c81cab8c63d469329c0e0724770c6c8622f0d5d1fb8b6f919b6d7dddfadba190
ca157b8a9c98a19c0446a974ea642d13e3b3398f328d312fd474df9f63c45fe9
cb696ecd7c4f31fdd7c7c1cc37e8efc29614fbcbadf74f455aa496d72ce33250
cb89432dfa78813659f4739cc771f15f1289212ef0b0791ae5ecdbbf1a9661b3
cc3cc0865aad29753640bd3cfee8f49521946b2c5867aea60616ea09b15f599e
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cc83fe6d180fd859f448bacd040799bf379ee7e0d9b1e6c3f19499c1c4358864
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d06ae5e97e495832fc4526c3e93d7e9440f1faf5f77669b41678c9d564a25faf
d5f7c1c0cbec2c27d4165db4cd06b7780f477fc9161008bde67c7a9d62b223aa
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d8ade0d94aaf4b3d52776b75609e8d1c31995677a0a033a6fa2408425da07740
d8eeb3ec3f40114d43b4869dbac0b371ec9156700a268881e87bd9540e62aaf2
d8f66b4bcc5e8d3e51de1971d5860966de604f411416bd5338fbecb882dfed7e
dbe80cb933e8b71f45639bb6d0f2deed4a8a0278db5cf6eb0558676e5c811629
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
dea759394a532f5d3ca25e8697fd2077dac60131e9eb3bd1ab3d6aee3a86ec47
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
df88fc6f04ee2999ce3ac0bb69a5f911a6ad64e6ebd18c86022e8585b081cf7a
e1daf097a379fb90af7040fcdc5b39a344f71531af1bedf5b4ce58546eaa186b
e2b48c057e124da6c2c459a075e63a0bcf9967de990af4a110a7ed1b868793c8
e2cf23246faa8dc51d53f8194af77082ccfa8dff6a73596ea98c0ded52fb3a39
e2f4ff612aae54db25ceb56885665ad9c8bfac2cad5f30c1b582febc1fe10789
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e698ae73d815ddaf61cdeac123a0b5f16cfc68012927d863fcba558debe8ccc7
e751e56a80eafc3eae652801cd95947a621fa19d13b51e8ae2ba8ca92809b824
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
ea29de07cdb14f2c6c59c06fdcd4ec30c2030b3ba8ee6a0aa325085496b9a94d
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f40c33990c532ef379fe609b48dfca08d5fbcb6139e312a8e829466d7d09f34e
f49300a39fe13ea0b68d92ac4df0b4e4bc47ad59b93f73b478e6c527f232ab12
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e
f7914b4836b5815c4b3dcd79c44fa3390dedf00785d79f90dc7f6c6f38c947c5
f79e1f14cff6f380ebbbea645bb159978ead5447a33a0ced34534b2271eb4019
f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b
f9d24745fb703b079ee7f0a9c3114df9d6c80b1ca7a9f954a2a391c932d8ab51
fd583bd394cf970e462e11c2855609a468859ce761c8c3b6bc93dc90e93923cf
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3
ff1b6dd68446cefef654646ec6591f53e2eabf67d96c310cb89c2b8a9c34d648