winnipegsun.com Open in urlscan Pro
34.117.147.204 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Submission: On January 10 via api (January 10th 2025, 8:41:38 am UTC) from US — Scanned from IL

Summary HTTP 265 Redirects Links 28 Behaviour Indicators

Summary

This website contacted 87 IPs in 8 countries across 67 domains to perform 265 HTTP transactions. The main IP is 34.117.147.204, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is winnipegsun.com.
TLS certificate: Issued by WR3 on December 26th 2024. Valid for: 3 months.

This is the only time winnipegsun.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	34.117.147.204 34.117.147.204	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	172.67.155.215 172.67.155.215	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	34.149.157.221 34.149.157.221	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	142.250.185.202 142.250.185.202	15169 (GOOGLE) (GOOGLE)
1 6	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
3	108.138.3.93 108.138.3.93	16509 (AMAZON-02) (AMAZON-02)
1	104.102.34.86 104.102.34.86	16625 (AKAMAI-AS) (AKAMAI-AS)
32	34.117.54.29 34.117.54.29	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.66.112.95 18.66.112.95	16509 (AMAZON-02) (AMAZON-02)
3	172.67.73.177 172.67.73.177	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.35.58.60 13.35.58.60	16509 (AMAZON-02) (AMAZON-02)
1	192.0.73.2 192.0.73.2	2635 (AUTOMATTIC) (AUTOMATTIC)
2	104.18.4.235 104.18.4.235	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.107.6.158 13.107.6.158	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 5	18.244.18.38 18.244.18.38	16509 (AMAZON-02) (AMAZON-02)
5	216.58.206.67 216.58.206.67	15169 (GOOGLE) (GOOGLE)
1	34.107.254.252 34.107.254.252	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.245.31.65 18.245.31.65	16509 (AMAZON-02) (AMAZON-02)
1	169.150.247.38 169.150.247.38	60068 (CDN77 Dat...) (CDN77 Datacamp Limited)
2	151.101.1.229 151.101.1.229	54113 (FASTLY) (FASTLY)
1	87.248.119.252 87.248.119.252	203220 (YAHOO-DEB...) (YAHOO-DEB Yahoo-UK Limited)
5 11	162.19.138.120 162.19.138.120	16276 (OVH OVH SAS) (OVH OVH SAS)
2	104.22.53.86 104.22.53.86	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.215.23.172 23.215.23.172	16625 (AKAMAI-AS) (AKAMAI-AS)
2	65.9.66.104 65.9.66.104	16509 (AMAZON-02) (AMAZON-02)
2	172.64.144.166 172.64.144.166	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.138.11.78 108.138.11.78	16509 (AMAZON-02) (AMAZON-02)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	178.250.1.3 178.250.1.3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE Criteo Technology SAS)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	34.248.19.126 34.248.19.126	16509 (AMAZON-02) (AMAZON-02)
1	3.161.82.122 3.161.82.122	16509 (AMAZON-02) (AMAZON-02)
2	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE Criteo Technology SAS)
2	162.19.138.83 162.19.138.83	16276 (OVH OVH SAS) (OVH OVH SAS)
8	34.252.120.72 34.252.120.72	16509 (AMAZON-02) (AMAZON-02)
1	34.149.50.64 34.149.50.64	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	3.72.78.234 3.72.78.234	16509 (AMAZON-02) (AMAZON-02)
1 2	52.95.125.22 52.95.125.22	16509 (AMAZON-02) (AMAZON-02)
1	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
5 5	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 1	216.200.232.249 216.200.232.249	30419 (PAEDAE-INC) (PAEDAE-INC)
3 3	37.157.4.29 37.157.4.29	198622 (ADFORM Ad...) (ADFORM Adform A/S)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
4	104.18.5.235 104.18.5.235	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.123.90.23 3.123.90.23	16509 (AMAZON-02) (AMAZON-02)
2	34.160.55.127 34.160.55.127	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	54.246.81.101 54.246.81.101	16509 (AMAZON-02) (AMAZON-02)
2	3.67.242.141 3.67.242.141	16509 (AMAZON-02) (AMAZON-02)
1	18.173.205.8 18.173.205.8	16509 (AMAZON-02) (AMAZON-02)
1	184.30.22.30 184.30.22.30	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	151.101.193.108 151.101.193.108	54113 (FASTLY) (FASTLY)
1	104.16.185.87 104.16.185.87	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.24.18 104.18.24.18	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	184.28.88.244 184.28.88.244	16625 (AKAMAI-AS) (AKAMAI-AS)
2	18.184.206.66 18.184.206.66	16509 (AMAZON-02) (AMAZON-02)
2 2	185.89.210.46 185.89.210.46	29990 (ASN-APPNEX) (ASN-APPNEX)
2	178.250.1.57 178.250.1.57	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE Criteo Technology SAS)
2	104.18.223.248 104.18.223.248	13335 (CLOUDFLAR...) (CLOUDFLARENET)
36	18.66.102.31 18.66.102.31	16509 (AMAZON-02) (AMAZON-02)
9	142.250.181.232 142.250.181.232	15169 (GOOGLE) (GOOGLE)
1	13.35.58.87 13.35.58.87	16509 (AMAZON-02) (AMAZON-02)
1	151.101.130.133 151.101.130.133	54113 (FASTLY) (FASTLY)
3	151.101.2.133 151.101.2.133	54113 (FASTLY) (FASTLY)
3	104.102.38.221 104.102.38.221	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.16.143.111 104.16.143.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.194.133 151.101.194.133	54113 (FASTLY) (FASTLY)
3	104.18.176.126 104.18.176.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.239.248 104.18.239.248	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	104.17.247.203 104.17.247.203	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.98.115 143.204.98.115	16509 (AMAZON-02) (AMAZON-02)
2	104.21.50.90 104.21.50.90	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	157.240.253.1 157.240.253.1	32934 (FACEBOOK) (FACEBOOK)
2	142.250.185.196 142.250.185.196	15169 (GOOGLE) (GOOGLE)
1	3.161.77.50 3.161.77.50	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.78 142.250.185.78	15169 (GOOGLE) (GOOGLE)
2	54.236.195.58 54.236.195.58	14618 (AMAZON-AES) (AMAZON-AES)
2	216.239.34.181 216.239.34.181	15169 (GOOGLE) (GOOGLE)
2	142.251.173.154 142.251.173.154	15169 (GOOGLE) (GOOGLE)
2	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2	57.129.37.202 57.129.37.202	16276 (OVH OVH SAS) (OVH OVH SAS)
2	157.240.253.35 157.240.253.35	32934 (FACEBOOK) (FACEBOOK)
1	18.210.235.203 18.210.235.203	14618 (AMAZON-AES) (AMAZON-AES)
3	52.202.2.12 52.202.2.12	14618 (AMAZON-AES) (AMAZON-AES)
1	34.231.219.101 34.231.219.101	14618 (AMAZON-AES) (AMAZON-AES)
9	18.209.41.108 18.209.41.108	14618 (AMAZON-AES) (AMAZON-AES)
2	54.146.51.79 54.146.51.79	14618 (AMAZON-AES) (AMAZON-AES)
1	63.34.81.234 63.34.81.234	16509 (AMAZON-02) (AMAZON-02)
1	167.235.124.61 167.235.124.61	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
1	142.250.185.67 142.250.185.67	15169 (GOOGLE) (GOOGLE)
265	87

1 34.117.147.204 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 204.147.117.34.bc.googleusercontent.com

winnipegsun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.155.215 (United States)

ASN13335 (CLOUDFLARENET, US)

www.npttech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 34.149.157.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.157.149.34.bc.googleusercontent.com

smartcdn.gprod.postmedia.digital	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.3.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-3-93.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.102.34.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-34-86.deploy.static.akamaitechnologies.com

micro.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 34.117.54.29 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 29.54.117.34.bc.googleusercontent.com

dcs-static.gprod.postmedia.digital	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fem.gprod.postmedia.digital	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-95.fra56.r.cloudfront.net

ak.sail-horizon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.73.177 (United States)

ASN13335 (CLOUDFLARENET, US)

tags.qortex.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
events.qortex.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.58.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-58-60.fra60.r.cloudfront.net

cdn-gateflipp.flippback.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.73.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.4.235 (None, )

ASN13335 (CLOUDFLARENET, US)

auth.lrcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.6.158 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: bingforbusiness.com

edge-auth.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.244.18.38 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-38.fra56.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.58.206.67 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s11-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.co.il	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com

api.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.31.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-65.fra56.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.150.247.38 (Frankfurt am Main, Germany)

ASN60068 (CDN77 Datacamp Limited, GB)
PTR: 169-150-247-38.bunnyinfra.net

cdn.pbxai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.229 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.248.119.252 (United Kingdom)

ASN203220 (YAHOO-DEB Yahoo-UK Limited, GB)
PTR: e2-bmr.ycpi.vip.deb.yahoo.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 162.19.138.120 (Amsterdam, Netherlands) 5 redirects

ASN16276 (OVH OVH SAS, FR)
PTR: ns31533571.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.22.53.86 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.215.23.172 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-23-172.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.66.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-104.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.144.166 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

cdn.confiant-integrations.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.11.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-11-78.fra56.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.3 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.248.19.126 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-19-126.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.161.82.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-82-122.fra56.r.cloudfront.net

p.flipp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31532338.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.252.120.72 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-120-72.eu-west-1.compute.amazonaws.com

c2shb.pubgw.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.50.64 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 64.50.149.34.bc.googleusercontent.com

s.seedtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.72.78.234 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-72-78-234.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.125.22 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 15.197.193.217 (Seattle, United States) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.200.232.249 (Frederick, United States) 1 redirects

ASN30419 (PAEDAE-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.4.29 (Denmark) 3 redirects

ASN198622 (ADFORM Adform A/S, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.5.235 (None, )

ASN13335 (CLOUDFLARENET, US)

config.lrcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.123.90.23 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-90-23.eu-central-1.compute.amazonaws.com

floor.pbxai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.160.55.127 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 127.55.160.34.bc.googleusercontent.com

navvy.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.246.81.101 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-81-101.eu-west-1.compute.amazonaws.com

postmedia.hub.loginradius.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.67.242.141 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-242-141.eu-central-1.compute.amazonaws.com

prebid-a.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.205.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-205-8.fra56.r.cloudfront.net

check.analytics.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.22.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-22-30.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.159.8 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.108 (San Francisco, United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.185.87 (None, )

ASN13335 (CLOUDFLARENET, US)

cs.seedtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.24.18 (None, )

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.28.88.244 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-28-88-244.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.184.206.66 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-206-66.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.46 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.57 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)

ssp-sync.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.223.248 (None, )

ASN13335 (CLOUDFLARENET, US)

experience.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 18.66.102.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-31.fra56.r.cloudfront.net

cdn.viafoura.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.181.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.58.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-58-87.fra60.r.cloudfront.net

tags.fullcontact.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.133 (San Francisco, United States)

ASN54113 (FASTLY, US)

jssdkcdns.mparticle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.2.133 (San Francisco, United States)

ASN54113 (FASTLY, US)

identity.mparticle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.102.38.221 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-38-221.deploy.static.akamaitechnologies.com

cdn.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.143.111 (None, )

ASN13335 (CLOUDFLARENET, US)

c2.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.133 (San Francisco, United States)

ASN54113 (FASTLY, US)

jssdks.mparticle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.176.126 (None, )

ASN13335 (CLOUDFLARENET, US)

buy.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.239.248 (None, )

ASN13335 (CLOUDFLARENET, US)

buy.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.247.203 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-115.fra50.r.cloudfront.net

d-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.50.90 (None, )

ASN13335 (CLOUDFLARENET, US)

sdk.mrf.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.161.77.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-77-50.fra56.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.236.195.58 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-195-58.compute-1.amazonaws.com

api.viafoura.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.34.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.173.154 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wi-in-f154.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 57.129.37.202 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: haproxy02.cl15.ovh.mrf.io

events.newsroom.bi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.253.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.210.235.203 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-235-203.compute-1.amazonaws.com

idx.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.202.2.12 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-2-12.compute-1.amazonaws.com

api.fullcontact.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.231.219.101 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-219-101.compute-1.amazonaws.com

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 18.209.41.108 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-209-41-108.compute-1.amazonaws.com

livecomments.viafoura.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
notifications.viafoura.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.146.51.79 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-51-79.compute-1.amazonaws.com

i.viafoura.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.34.81.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-81-234.eu-west-1.compute.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.235.124.61 (Bühl, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: nue0039.cxense.com

id.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	postmedia.digital smartcdn.gprod.postmedia.digital — Cisco Umbrella Rank: 107750 dcs-static.gprod.postmedia.digital — Cisco Umbrella Rank: 127262 fem.gprod.postmedia.digital — Cisco Umbrella Rank: 150231	808 KB
36	viafoura.net cdn.viafoura.net — Cisco Umbrella Rank: 11081	463 KB
13	viafoura.co api.viafoura.co — Cisco Umbrella Rank: 11014 livecomments.viafoura.co — Cisco Umbrella Rank: 11491 i.viafoura.co — Cisco Umbrella Rank: 10906 notifications.viafoura.co — Cisco Umbrella Rank: 12650	7 KB
13	id5-sync.com 5 redirects id5-sync.com — Cisco Umbrella Rank: 533 cdn.id5-sync.com — Cisco Umbrella Rank: 1004	67 KB
10	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218 cm.g.doubleclick.net — Cisco Umbrella Rank: 284 stats.g.doubleclick.net — Cisco Umbrella Rank: 135 td.doubleclick.net — Cisco Umbrella Rank: 182	212 KB
9	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	858 KB
9	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 548 c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 2777	2 KB
7	amazon-adsystem.com 1 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 347 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 687 aax.amazon-adsystem.com — Cisco Umbrella Rank: 468 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1199	93 KB
6	mparticle.com jssdkcdns.mparticle.com — Cisco Umbrella Rank: 7123 identity.mparticle.com — Cisco Umbrella Rank: 3615 jssdks.mparticle.com — Cisco Umbrella Rank: 6521	128 KB
6	tinypass.com experience.tinypass.com — Cisco Umbrella Rank: 12181 cdn.tinypass.com — Cisco Umbrella Rank: 7749 buy.tinypass.com — Cisco Umbrella Rank: 7928	125 KB
6	lrcontent.com auth.lrcontent.com — Cisco Umbrella Rank: 73732 config.lrcontent.com — Cisco Umbrella Rank: 30746	114 KB
5	adsrvr.org 5 redirects match.adsrvr.org — Cisco Umbrella Rank: 377	3 KB
5	sharethrough.com btlr.sharethrough.com — Cisco Umbrella Rank: 985 match.sharethrough.com — Cisco Umbrella Rank: 530	2 KB
5	scorecardresearch.com 2 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 186	12 KB
5	rubiconproject.com micro.rubiconproject.com — Cisco Umbrella Rank: 3385 fastlane.rubiconproject.com Failed token.rubiconproject.com — Cisco Umbrella Rank: 500 prebid-a.rubiconproject.com — Cisco Umbrella Rank: 3621 eus.rubiconproject.com — Cisco Umbrella Rank: 616	178 KB
4	google.com www.google.com — Cisco Umbrella Rank: 3 analytics.google.com — Cisco Umbrella Rank: 142	966 B
4	cxense.com cdn.cxense.com — Cisco Umbrella Rank: 6353 id.cxense.com — Cisco Umbrella Rank: 13212	45 KB
4	fullcontact.com tags.fullcontact.com — Cisco Umbrella Rank: 28744 api.fullcontact.com — Cisco Umbrella Rank: 28185	49 KB
4	loginradius.com postmedia.hub.loginradius.com — Cisco Umbrella Rank: 152397	1 KB
4	criteo.com gum.criteo.com — Cisco Umbrella Rank: 450 grid-bidder.criteo.com Failed ssp-sync.criteo.com — Cisco Umbrella Rank: 980	283 B
4	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1010 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1026	27 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	289 KB
3	liadm.com d-code.liadm.com — Cisco Umbrella Rank: 3414 idx.liadm.com — Cisco Umbrella Rank: 1368 rp.liadm.com — Cisco Umbrella Rank: 966	47 KB
3	adform.net 3 redirects c1.adform.net — Cisco Umbrella Rank: 611	2 KB
3	adnxs.com ib.adnxs.com Failed acdn.adnxs.com — Cisco Umbrella Rank: 643 secure.adnxs.com — Cisco Umbrella Rank: 495	2 KB
3	openx.net oajs.openx.net Failed rtb.openx.net Failed u.openx.net — Cisco Umbrella Rank: 761 google-bidout-d.openx.net	18 B
3	qortex.ai tags.qortex.ai — Cisco Umbrella Rank: 41643 events.qortex.ai — Cisco Umbrella Rank: 36065	19 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	214 B
2	newsroom.bi events.newsroom.bi — Cisco Umbrella Rank: 7097	1 KB
2	google.co.il www.google.co.il — Cisco Umbrella Rank: 35336	515 B
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 3695 p1.parsely.com — Cisco Umbrella Rank: 2508	23 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	78 KB
2	mrf.io sdk.mrf.io — Cisco Umbrella Rank: 9039	63 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 740	5 KB
2	seedtag.com s.seedtag.com — Cisco Umbrella Rank: 1893 cs.seedtag.com — Cisco Umbrella Rank: 7608	896 B
2	media.net prebid.media.net Failed navvy.media.net — Cisco Umbrella Rank: 4561	408 B
2	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 946	573 B
2	confiant-integrations.net cdn.confiant-integrations.net — Cisco Umbrella Rank: 1734	154 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 318	2 KB
2	pbxai.com cdn.pbxai.com — Cisco Umbrella Rank: 11357 floor.pbxai.com — Cisco Umbrella Rank: 10499 Failed	9 KB
2	microsoft.com edge-auth.microsoft.com — Cisco Umbrella Rank: 36307	281 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	2 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36
1	piano.io c2.piano.io — Cisco Umbrella Rank: 6909	3 KB
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 698
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 1045	881 B
1	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 4214	634 B
1	pubmatic.com hbopenbid.pubmatic.com Failed ads.pubmatic.com — Cisco Umbrella Rank: 570
1	flipp.com p.flipp.com — Cisco Umbrella Rank: 13081
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2700	2 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 793	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 2357	8 KB
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1120	17 KB
1	rlcdn.com api.rlcdn.com Failed idsync.rlcdn.com Failed check.analytics.rlcdn.com — Cisco Umbrella Rank: 3130	386 B
1	permutive.com api.permutive.com — Cisco Umbrella Rank: 2768	384 B
1	gravatar.com secure.gravatar.com — Cisco Umbrella Rank: 2458	7 KB
1	flippback.com cdn-gateflipp.flippback.com — Cisco Umbrella Rank: 12664	31 KB
1	sail-horizon.com ak.sail-horizon.com — Cisco Umbrella Rank: 4115	56 KB
1	npttech.com www.npttech.com — Cisco Umbrella Rank: 9114	3 KB
1	winnipegsun.com winnipegsun.com	52 KB
0	bidswitch.net Failed x.bidswitch.net Failed
0	smartadserver.com Failed ssbsync.smartadserver.com Failed
0	googlesyndication.com Failed c247440e8a4afbe1294a171ebfbf9473.safeframe.googlesyndication.com Failed
0	casalemedia.com Failed htlb.casalemedia.com Failed
0	sail-personalize.com Failed api.sail-personalize.com Failed
0	33across.com Failed lexicon.33across.com Failed cdn-ima.33across.com Failed
0	permutive.app Failed 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app Failed
265	67

	Domain	Requested by
36	cdn.viafoura.net	fem.gprod.postmedia.digital cdn.viafoura.net winnipegsun.com
28	dcs-static.gprod.postmedia.digital	winnipegsun.com dcs-static.gprod.postmedia.digital
11	id5-sync.com	5 redirects micro.rubiconproject.com cdn.id5-sync.com winnipegsun.com
10	smartcdn.gprod.postmedia.digital	winnipegsun.com
9	www.googletagmanager.com	fem.gprod.postmedia.digital jssdkcdns.mparticle.com www.googletagmanager.com
8	livecomments.viafoura.co	cdn.viafoura.net
8	c2shb.pubgw.yahoo.com	micro.rubiconproject.com
5	match.adsrvr.org	5 redirects
5	sb.scorecardresearch.com	2 redirects winnipegsun.com fem.gprod.postmedia.digital
5	securepubads.g.doubleclick.net	winnipegsun.com securepubads.g.doubleclick.net
4	buy.tinypass.com	cdn.tinypass.com
4	postmedia.hub.loginradius.com	fem.gprod.postmedia.digital auth.lrcontent.com
4	config.lrcontent.com	auth.lrcontent.com
4	fem.gprod.postmedia.digital	winnipegsun.com fem.gprod.postmedia.digital
3	api.fullcontact.com	tags.fullcontact.com
3	cdn.cxense.com	cdn.tinypass.com cdn.cxense.com
3	identity.mparticle.com	jssdkcdns.mparticle.com
3	c1.adform.net	3 redirects
3	btlr.sharethrough.com	micro.rubiconproject.com
3	fonts.gstatic.com	fonts.googleapis.com
3	c.amazon-adsystem.com	winnipegsun.com c.amazon-adsystem.com
2	i.viafoura.co	cdn.viafoura.net
2	www.facebook.com	winnipegsun.com
2	events.newsroom.bi	sdk.mrf.io
2	www.google.co.il	winnipegsun.com
2	td.doubleclick.net	www.googletagmanager.com
2	stats.g.doubleclick.net	www.googletagmanager.com
2	analytics.google.com	www.googletagmanager.com
2	api.viafoura.co	cdn.viafoura.net
2	www.google.com	www.googletagmanager.com auth.lrcontent.com
2	connect.facebook.net	winnipegsun.com connect.facebook.net
2	sdk.mrf.io	winnipegsun.com sdk.mrf.io
2	unpkg.com	1 redirects winnipegsun.com
2	jssdks.mparticle.com	jssdkcdns.mparticle.com
2	ssp-sync.criteo.com	winnipegsun.com
2	secure.adnxs.com	2 redirects
2	match.sharethrough.com	winnipegsun.com
2	u.openx.net	1 redirects micro.rubiconproject.com
2	prebid-a.rubiconproject.com	micro.rubiconproject.com
2	navvy.media.net	micro.rubiconproject.com
2	aax-eu.amazon-adsystem.com	1 redirects c.amazon-adsystem.com
2	lb.eu-1-id5-sync.com	cdn.id5-sync.com
2	gum.criteo.com	static.criteo.net micro.rubiconproject.com
2	bcp.crwdcntrl.net	tags.crwdcntrl.net
2	cdn.confiant-integrations.net	winnipegsun.com cdn.confiant-integrations.net
2	tags.crwdcntrl.net	winnipegsun.com securepubads.g.doubleclick.net
2	cdn.id5-sync.com	micro.rubiconproject.com winnipegsun.com
2	cdn.jsdelivr.net	micro.rubiconproject.com securepubads.g.doubleclick.net
2	edge-auth.microsoft.com	winnipegsun.com edge-auth.microsoft.com
2	auth.lrcontent.com	winnipegsun.com cdn.viafoura.net
2	tags.qortex.ai	winnipegsun.com tags.qortex.ai
2	fonts.googleapis.com	winnipegsun.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	www.gstatic.com	www.google.com
1	id.cxense.com	cdn.cxense.com
1	notifications.viafoura.co	cdn.viafoura.net
1	p1.parsely.com	winnipegsun.com
1	rp.liadm.com	d-code.liadm.com
1	idx.liadm.com	d-code.liadm.com
1	www.google-analytics.com	www.googletagmanager.com
1	cdn.parsely.com	www.googletagmanager.com
1	d-code.liadm.com	tags.fullcontact.com
1	c2.piano.io	cdn.tinypass.com
1	cdn.tinypass.com	experience.tinypass.com
1	jssdkcdns.mparticle.com	fem.gprod.postmedia.digital
1	tags.fullcontact.com	fem.gprod.postmedia.digital
1	experience.tinypass.com	fem.gprod.postmedia.digital
1	cm.g.doubleclick.net	1 redirects
1	ads.pubmatic.com	micro.rubiconproject.com
1	js-sec.indexww.com	micro.rubiconproject.com
1	cs.seedtag.com	micro.rubiconproject.com
1	acdn.adnxs.com	micro.rubiconproject.com
1	eus.rubiconproject.com	micro.rubiconproject.com
1	check.analytics.rlcdn.com	micro.rubiconproject.com
1	token.rubiconproject.com	winnipegsun.com
1	sync.mathtag.com	1 redirects
1	esp.rtbhouse.com	invstatic101.creativecdn.com
1	s.seedtag.com	micro.rubiconproject.com
1	p.flipp.com	cdn-gateflipp.flippback.com
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	events.qortex.ai	tags.qortex.ai
1	secure.cdn.fastclick.net	winnipegsun.com
1	ups.analytics.yahoo.com	micro.rubiconproject.com
1	floor.pbxai.com	micro.rubiconproject.com cdn.pbxai.com
1	cdn.pbxai.com	micro.rubiconproject.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	api.permutive.com	fem.gprod.postmedia.digital
1	secure.gravatar.com	winnipegsun.com
1	cdn-gateflipp.flippback.com	winnipegsun.com
1	ak.sail-horizon.com	winnipegsun.com
1	micro.rubiconproject.com	winnipegsun.com
1	www.npttech.com	winnipegsun.com
1	winnipegsun.com
0	x.bidswitch.net Failed	winnipegsun.com
0	ssbsync.smartadserver.com Failed	winnipegsun.com
0	c247440e8a4afbe1294a171ebfbf9473.safeframe.googlesyndication.com Failed	securepubads.g.doubleclick.net
0	fastlane.rubiconproject.com Failed	micro.rubiconproject.com
0	hbopenbid.pubmatic.com Failed	micro.rubiconproject.com
0	ib.adnxs.com Failed	micro.rubiconproject.com
0	rtb.openx.net Failed	micro.rubiconproject.com
0	htlb.casalemedia.com Failed	micro.rubiconproject.com
0	prebid.media.net Failed	micro.rubiconproject.com
0	grid-bidder.criteo.com Failed	micro.rubiconproject.com
0	oajs.openx.net Failed	oa.openxcdn.net
0	idsync.rlcdn.com Failed	winnipegsun.com
0	cdn-ima.33across.com Failed	securepubads.g.doubleclick.net
0	api.sail-personalize.com Failed	ak.sail-horizon.com
0	api.rlcdn.com Failed	micro.rubiconproject.com
0	lexicon.33across.com Failed	micro.rubiconproject.com
0	23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app Failed	fem.gprod.postmedia.digital
265	113

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.reddit.com
pinterest.com
www.linkedin.com
www.tumblr.com
winnipegsun.remembering.ca
classifieds.winnipegsun.com
winnipegsun.adperfect.com
working.winnipegsun.com
shopping.winnipegsun.com
www.flyercity.ca
epaper.winnipegsun.com
chatterboxnorth.ca
bit.ly
www.facebook.com
www.youtube.com
www.instagram.com
www.postmediasolutions.com
adregistry.postmedia.com
www.postmedia.com

Subject Issuer	Validity	Valid
winnipegsun.com WR3	`2024-12-26` - `2025-03-26`	3 months	crt.sh
npttech.com WE1	`2024-12-16` - `2025-03-16`	3 months	crt.sh
gprod.postmedia.digital WR3	`2024-12-26` - `2025-03-26`	3 months	crt.sh
upload.video.google.com WR2	`2024-12-09` - `2025-03-03`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-12-09` - `2025-03-03`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M03	`2024-11-19` - `2025-12-18`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-04-03`	8 months	crt.sh
ak.sail-horizon.com Amazon RSA 2048 M02	`2024-12-12` - `2026-01-10`	a year	crt.sh
qortex.ai WE1	`2024-12-08` - `2025-03-08`	3 months	crt.sh
flippback.com Amazon RSA 2048 M02	`2024-08-18` - `2025-09-16`	a year	crt.sh
gravatar.com E6	`2024-12-16` - `2025-03-16`	3 months	crt.sh
lrcontent.com WE1	`2024-11-20` - `2025-02-18`	3 months	crt.sh
edge-auth.microsoft.com Microsoft Azure RSA TLS Issuing CA 04	`2024-12-28` - `2025-06-26`	6 months	crt.sh
*.gstatic.com WR2	`2024-12-09` - `2025-03-03`	3 months	crt.sh
api.permutive.com R11	`2024-12-18` - `2025-03-18`	3 months	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-12-22` - `2026-01-21`	a year	crt.sh
cdn.pbxai.com R11	`2024-11-27` - `2025-02-25`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2024-11-22` - `2025-05-21`	6 months	crt.sh
id5-sync.com E6	`2024-11-11` - `2025-02-09`	3 months	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2024-08-07` - `2025-08-07`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M02	`2024-09-07` - `2025-10-07`	a year	crt.sh
confiant-integrations.net WE1	`2025-01-05` - `2025-04-05`	3 months	crt.sh
alt1-3ps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-12-06` - `2026-01-04`	a year	crt.sh
oa.openxcdn.net WR3	`2024-11-13` - `2025-02-11`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-11-29` - `2025-02-25`	3 months	crt.sh
invstatic101.creativecdn.com WR3	`2024-12-14` - `2025-03-14`	3 months	crt.sh
flipp.com Amazon RSA 2048 M02	`2024-06-30` - `2025-07-28`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-12-03` - `2025-03-03`	3 months	crt.sh
eu-1-id5-sync.com R11	`2024-11-11` - `2025-02-09`	3 months	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2024-09-06` - `2025-03-05`	6 months	crt.sh
*.seedtag.com Sectigo RSA Domain Validation Secure Server CA	`2024-03-22` - `2025-04-22`	a year	crt.sh
*.sharethrough.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-07-15` - `2025-08-15`	a year	crt.sh
aax-eu.amazon-adsystem.com Amazon RSA 2048 M01	`2025-01-07` - `2025-12-22`	a year	crt.sh
esp.rtbhouse.com WR3	`2024-12-19` - `2025-03-19`	3 months	crt.sh
floor.pbxai.com Amazon RSA 2048 M03	`2024-07-07` - `2025-08-06`	a year	crt.sh
*.media.net Sectigo RSA Domain Validation Secure Server CA	`2024-04-16` - `2025-05-01`	a year	crt.sh
*.loginradius.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-10-13` - `2025-11-13`	a year	crt.sh
analytics.rlcdn.com Amazon RSA 2048 M02	`2024-05-26` - `2025-06-24`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2024-08-14` - `2025-08-18`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2024-04-08` - `2025-05-09`	a year	crt.sh
seedtag.com WE1	`2024-12-03` - `2025-03-03`	3 months	crt.sh
indexww.com WE1	`2024-11-30` - `2025-02-28`	3 months	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2024-11-27` - `2025-11-30`	a year	crt.sh
tinypass.com WE1	`2025-01-06` - `2025-04-06`	3 months	crt.sh
viafoura.com Amazon RSA 2048 M03	`2024-07-09` - `2025-08-07`	a year	crt.sh
*.google-analytics.com WR2	`2024-12-09` - `2025-03-03`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2024-02-15` - `2025-02-14`	a year	crt.sh
*.fullcontact.com Amazon RSA 2048 M03	`2024-11-19` - `2025-12-17`	a year	crt.sh
jssdkcdns.mparticle.com Go Daddy Secure Certificate Authority - G2	`2024-05-02` - `2025-06-03`	a year	crt.sh
identity.mparticle.com Go Daddy Secure Certificate Authority - G2	`2024-05-08` - `2025-06-09`	a year	crt.sh
*.cxense.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-14` - `2025-02-14`	a year	crt.sh
piano.io WE1	`2024-11-25` - `2025-02-23`	3 months	crt.sh
jssdks.mparticle.com Go Daddy Secure Certificate Authority - G2	`2024-09-15` - `2025-10-17`	a year	crt.sh
*.liadm.com Amazon RSA 2048 M02	`2024-10-31` - `2025-11-28`	a year	crt.sh
sdk.mrf.io WE1	`2024-11-18` - `2025-02-16`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-10-19` - `2025-01-17`	3 months	crt.sh
*.google.com WR2	`2024-12-09` - `2025-03-03`	3 months	crt.sh
*.parsely.com Amazon RSA 2048 M03	`2024-04-05` - `2025-05-04`	a year	crt.sh
*.doubleclick.net WR2	`2024-12-09` - `2025-03-03`	3 months	crt.sh
*.google.co.il WR2	`2024-12-09` - `2025-03-03`	3 months	crt.sh
ssl03.cert.cl15.k8s.mrf.io E6	`2024-11-21` - `2025-02-19`	3 months	crt.sh
api.fullcontact.com Amazon RSA 2048 M02	`2024-09-11` - `2025-10-10`	a year	crt.sh
viafoura.co Amazon RSA 2048 M03	`2024-10-23` - `2025-11-21`	a year	crt.sh

This page contains 20 frames:

Primary Page: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Frame ID: 67CBAFA5E4A9ADE56A66BEBF0BA5E3FB
Requests: 230 HTTP requests in this frame

Frame: https://fem.gprod.postmedia.digital/v117.1/xd.html
Frame ID: 7791CFA2AF279E95137205C5EDA9DCA4
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 3B7F2B64836AC98B88232147B9D4B235
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=winnipegsun.com
Frame ID: 2728927FB82E1A24887250A479DE6B4D
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_n-minuteMedia_pm-db5_n-Ogury_rbd_n-MediaNet_ox-db5_an-db5&dcc=t
Frame ID: 1F0B7DAE2BB378CE992BA0551B9DEF5D
Requests: 1 HTTP requests in this frame

Frame: https://c247440e8a4afbe1294a171ebfbf9473.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D58DCAF0E56EDB0F48B2B7132CDDD418
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 1686F7422FD3F5A4494207C887FE7544
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?cc=1&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Frame ID: AF9EEA527105105BAF8446195A1BD778
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 437D014664BFBAA1CE277262AD11CCCE
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=criteoPrebidAdapter&topUrl=winnipegsun.com&gpp=
Frame ID: 8048E148219B0EA44D8264B3F2774217
Requests: 1 HTTP requests in this frame

Frame: https://cs.seedtag.com/cs.html?pt=5169-5177-01&pc=CA&uid=1fce2cfd-0a6a-4fdb-8cd8-4268aab1cfe4
Frame ID: 6771D88E76034E78EBE56B8B641C9678
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 46A0A7156AAED9B2A7B9181AED8F722C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Frame ID: 7B4286F30A1582504000A0FA4021427F
Requests: 1 HTTP requests in this frame

Frame: https://edge-auth.microsoft.com/v0.5/signinprompt?uuid=18b2726d-5015-44a6-8ed5-601ed07f754a&send_session_started=true&client_id=a2f5b229-db73-4076-8a05-f85b0fd8a6e8&locale=en-US&context=signin
Frame ID: E436B6DF0C0F9819FD95D1753F7B994D
Requests: 1 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/cacheableShow?aid=RpxZ9l1H1l&templateId=OTEHRB8JJDBG&offerId=fakeOfferId&experienceId=EXZS44KN41XP&iframeId=offer_23447bbcdaa3f7fe692c-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwinnipegsun.com
Frame ID: 4238F463EDCD2BD2BE65B36AC6D0CD88
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/5190/sw_iframe.html?origin=https%3A%2F%2Fwinnipegsun.com
Frame ID: D4A009DA2DDB1734474C9C31144E3D88
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-72QH41ZTMR&gacid=800241550.1736498475&gtm=45je5190v880952817z879194588za200zb79194588&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=587483099
Frame ID: 8F760C4816CBDE35E71FA2F0A65C7A27
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-H792QCFZPV&gacid=800241550.1736498475&gtm=45je5190v880952819z8854753396za200zb854753396&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=984799243
Frame ID: 35F390F305F4D3A39574ADF589AEE3A0
Requests: 1 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: EAD16AC050E6563992E5318EB6CB9579
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 553B58A593B2228930464066FCBAAEE8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

UN human rights office in Venezuela partially resumes work months after government shut it down | Winnipeg Sun

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

265
Requests

89 %
HTTPS

0 %
IPv6

67
Domains

113
Subdomains

87
IPs

8
Countries

4351 kB
Transfer

12545 kB
Size

165
Cookies

28 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/intent/tweet?url=https%3A//winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down&text=UN%20human%20rights%20office%20in%20Venezuela%20partially%20resumes%20work%20months%20after%20government%20shut%20it%20down&via=
Title: X

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?kind=link&url=https%3A//winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down&title=UN%20human%20rights%20office%20in%20Venezuela%20partially%20resumes%20work%20months%20after%20government%20shut%20it%20down
Title: Reddit

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down&media=https://smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2024/12/xlm501-the-associated-press-1.jpg?quality=100&strip=all
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/sharing/share-offsite/?url=https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.tumblr.com/widgets/share/tool?canonicalUrl=https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down&title=UN%20human%20rights%20office%20in%20Venezuela%20partially%20resumes%20work%20months%20after%20government%20shut%20it%20down
Title: Tumblr

Search URL Search Domain Scan URL

URL: https://winnipegsun.remembering.ca/
Title: Obituaries

Search URL Search Domain Scan URL

URL: https://classifieds.winnipegsun.com/
Title: Classifieds

Search URL Search Domain Scan URL

URL: https://winnipegsun.adperfect.com/
Title: Place an Ad

Search URL Search Domain Scan URL

URL: https://classifieds.winnipegsun.com/winnipeg/business-card-directory/search/
Title: Business Card Directory

Search URL Search Domain Scan URL

URL: https://classifieds.winnipegsun.com/winnipeg/celebrations/search/
Title: Celebrations

Search URL Search Domain Scan URL

URL: https://classifieds.winnipegsun.com/winnipeg/pet-posts/search/
Title: Pet Posts & Adoptions

Search URL Search Domain Scan URL

URL: https://working.winnipegsun.com/
Title: Working

Search URL Search Domain Scan URL

URL: https://shopping.winnipegsun.com/
Title: Business Ads

Search URL Search Domain Scan URL

URL: https://www.flyercity.ca/
Title: This Week's Flyers

Search URL Search Domain Scan URL

URL: https://epaper.winnipegsun.com/
Title: ePaper

Search URL Search Domain Scan URL

URL: https://chatterboxnorth.ca/winnipegsun/
Title: Manage Print Subscription

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?kind=link&url=https%3A//winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down&title=

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=%20https%3A//winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down&text=UN%20human%20rights%20office%20in%20Venezuela%20partially%20resumes%20work%20months%20after%20government%20shut%20it%20down&via=

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/sharing/share-offsite/?url=%20https%3A//winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down

Search URL Search Domain Scan URL

URL: https://bit.ly/PowerByViafoura

Search URL Search Domain Scan URL

URL: http://epaper.winnipegsun.com/
Title: ePaper

Search URL Search Domain Scan URL

URL: https://www.facebook.com/wpgsun/

Search URL Search Domain Scan URL

URL: https://twitter.com/winnipegsun

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCqNPpzfFRh29-ULwkF0ys0w

Search URL Search Domain Scan URL

URL: https://www.instagram.com/winnipeg_sun/

Search URL Search Domain Scan URL

URL: https://www.postmediasolutions.com/contact-us/
Title: Advertise With Us

Search URL Search Domain Scan URL

URL: https://adregistry.postmedia.com/
Title: Digital Ad Registry

Search URL Search Domain Scan URL

URL: https://www.postmedia.com/brands

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://sb.scorecardresearch.com/cs/10276888/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 83

https://sb.scorecardresearch.com/b?c1=2&c2=10276888&cs_fpcu=c0ac32b533d8413797863bf90da11e51&cs_it=b1&cv=4.12.0%2B2412121612&ns__t=1736498466748&ns_c=UTF-8&cs_cfg=1111110&cs_ucfr=&c7=https%3A%2F%2Fwinnipegsun.com%2Fpmn%2Fun-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down&c8=UN%20human%20rights%20office%20in%20Venezuela%20partially%20resumes%20work%20months%20after%20government%20shut%20it%20down%20%7C%20Winnipeg%20Sun&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=10276888&cs_fpcu=c0ac32b533d8413797863bf90da11e51&cs_it=b1&cv=4.12.0%2B2412121612&ns__t=1736498466748&ns_c=UTF-8&cs_cfg=1111110&cs_ucfr=&c7=https%3A%2F%2Fwinnipegsun.com%2Fpmn%2Fun-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down&c8=UN%20human%20rights%20office%20in%20Venezuela%20partially%20resumes%20work%20months%20after%20government%20shut%20it%20down%20%7C%20Winnipeg%20Sun&c9=

Request Chain 112

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_n-minuteMedia_pm-db5_n-Ogury_rbd_n-MediaNet_ox-db5_an-db5 HTTP 302
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_n-minuteMedia_pm-db5_n-Ogury_rbd_n-MediaNet_ox-db5_an-db5&dcc=t

Request Chain 115

https://id5-sync.com/i/1674/8.gif?o=api&id5id=ID5*6UOJ5N5yu-p-BVEqtNcOjNlQqRau2YfgW-9xixg5Vi7sQnM9gysgeBwn371OAprG&gdpr_consent=undefined&gdpr=false HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/k/264.gif?puid=12af3aa3-717f-48f7-b1f7-161f7b77d083&ttl=%%TTL%% HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-59b7AghQOaJ_uvloreVfBSpCxXKjbDOHlZpYxEO9_Q&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F1674%2F3%2F6%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/1674/3/6/3.gif?puid=4f6c6780-dd26-4500-ae36-bd834ede992d&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F1674%2F10%2F5%2F4.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F1674%2F10%2F5%2F4.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
https://id5-sync.com/c/1674/10/5/4.gif?puid=8847348161013697134&gdpr=0&gdpr_consent= HTTP 302
https://token.rubiconproject.com/token?pid=49266&puid={ID5UID}&gdpr=0&gdpr_consent=

Request Chain 119

https://id5-sync.com/i/1674/8.gif?o=api&id5id=ID5*NutbNgHaaTihrYP4a3_cXgb4e8RxcVUyhEejWceRhPzsQva699LK7hqdQWq5ACka&gdpr_consent=undefined&gdpr=false HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/k/264.gif?puid=ebf82fa4-5fb4-4115-b310-9e0c44c4ad6f&ttl=%%TTL%%

Request Chain 134

https://u.openx.net/w/1.0/pd?ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba HTTP 302
https://u.openx.net/w/1.0/pd?cc=1&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba

Request Chain 141

https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=12af3aa3-717f-48f7-b1f7-161f7b77d083&gdpr=0&gdpr_consent=

Request Chain 142

https://c1.adform.net/serving/cookie/match?party=1294&gdpr=0&gdpr_consent= HTTP 302
https://match.sharethrough.com/sync/v1?source_id=tYyXe2fcCnEgDUj176HQNZKu&source_user_id=8847348161013697134&gdpr=0&gdpr_consent=

Request Chain 144

https://secure.adnxs.com/getuid?https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3d3CnDml9Id2h6ampDTDJwSSUyRjlJUHlYVlFtYWslMkJuOElEaHJsanlYeGI3bm5yMExLTSUzRA%26u%3d%24UID&gdpr=0&gdpr_consent= HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fssp-sync.criteo.com%252fuser-sync%252fmatch%253fp%253d3CnDml9Id2h6ampDTDJwSSUyRjlJUHlYVlFtYWslMkJuOElEaHJsanlYeGI3bm5yMExLTSUzRA%2526u%253d%2524UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://ssp-sync.criteo.com/user-sync/match?p=3CnDml9Id2h6ampDTDJwSSUyRjlJUHlYVlFtYWslMkJuOElEaHJsanlYeGI3bm5yMExLTSUzRA&u=5678308702972638026&gdpr=0&gdpr_consent=

Request Chain 145

https://cm.g.doubleclick.net/pixel?google_nid=commerce_grid_dbm&google_hm=k--IRJ_dIr8sSkYfh2yeQMgIuMwEoXlxZR7hSwXQ&google_cm&google_redir=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dcrB1f19BJTJCYXdUUWppZ1l5U0IxMUlHRGdaMFRkQmtiQ1oyanZ0Wm52VVMlMkZkRjlTYyUzRA%26u%3d%25%25GOOGLE_GID%25%25&gdpr=0&gdpr_consent= HTTP 302
https://ssp-sync.criteo.com/user-sync/match?p=crB1f19BJTJCYXdUUWppZ1l5U0IxMUlHRGdaMFRkQmtiQ1oyanZ0Wm52VVMlMkZkRjlTYyUzRA&u=CAESEIp5WKu6_mR55fS9uHjRu4k&gdpr=0&gdpr_consent=&google_cver=1

Request Chain 169

https://unpkg.com/web-vitals@3/dist/web-vitals.attribution.iife.js HTTP 302
https://unpkg.com/web-vitals@3.5.2/dist/web-vitals.attribution.iife.js

265 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down Show response
winnipegsun.com/pmn/ 266 KB
52 KB 473ms
220ms Document
text/html 34.117.147.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.147.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

204.147.117.34.bc.googleusercontent.com

Software

istio-envoy /

Resource Hash

49a7be1606accecfa80ba2b1cf14eb4372cb0cb408b4ff509ebf9e2a4ceaf069

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=180
content-encoding: gzip
content-language: en
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
content-type: text/html; charset=utf-8
date: Fri, 10 Jan 2025 08:41:05 GMT
expires: Fri, 10 Jan 2025 08:43:41 GMT
last-modified: Fri, 10 Jan 2025 08:38:41 GMT
permissions-policy: autoplay=(*), camera=(*), display-capture=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), microphone=(*), payment=(*)
referrer-policy: strict-origin-when-cross-origin
server: istio-envoy
strict-transport-security: max-age=31536000
vary: Accept-Encoding,Cookie, Accept-Language
via: 1.1 google
x-content-type-options: nosniff
x-dcs-cache-page: MISS
x-envoy-decorator-operation: pmd-nginx-proxy.nginx-proxy.svc.cluster.local:80/*
x-envoy-upstream-service-time: 13
x-frame-options: SAMEORIGIN
x-pmd-backend: pmd-nginx-proxy-69894d75dd-5wvn2
x-pmd-cache: HIT

GET
H3 200 advertising.js Show response
www.npttech.com/ 6 KB
3 KB 174ms
90ms Script
application/javascript 172.67.155.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.npttech.com/advertising.js
Requested by: Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.155.215 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"df0e1827cd8f289a645f38d8fecaf6e0"
x-amz-version-id: AqISHxpKTQvORh8RqBdMoHK.Vq6tURDV
age: 3866
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zBLohVR5hNbKpiJNMJ%2FFzXdJP2V6nXT9hNye5udffOiHQQBpu09uIVMsAQlvC%2BCIz1ptyUGx6byXxLbW7CQcyTQF%2BuFdJPms8mINedaICwKjNHyksuTWtbiya6I6sSCEMvA%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=65689&min_rtt=65626&rtt_var=24737&sent=10&recv=7&lost=0&retrans=0&sent_bytes=4115&recv_bytes=4234&delivery_rate=48534&cwnd=12000&unsent_bytes=0&cid=0dbb8d907da5c0ea&ts=98&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 10 Jan 2025 08:41:05 GMT
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 13:20:01 GMT
vary: Accept-Encoding
priority: u=3,i=?0
x-amz-id-2: gh4cDlYmuPbX9Uaxp6y0UGhjBaoTPL6EneLBpeJMu5uQjw6awulhZ9+flUO0f+s87+MztQ7YWQk=
cache-control: max-age=28800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 9RFHBRMA69Q0G3G4
cf-ray: 8ffb5db36f697d9a-TLV
server: cloudflare

GET
H2 200 xlm501-the-associated-press-1.jpg
smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2024/12/ 49 KB
49 KB 490ms
278ms Image
image/webp 34.149.157.221
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2024/12/xlm501-the-associated-press-1.jpg?quality=90&strip=all&w=564&h=423&type=webp&sig=emac6Y01Eohjc--l0RxKNQ
Requested by: Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 221.157.149.34.bc.googleusercontent.com
Software: nginx/1.18.0 /
Resource Hash: 225d824297f9136dc522d211061ccba4e5a14b0f38741d0a776e3d070a7ba276

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

cache-control: max-age=31536000,public
etag: "0b9269fc67eabef50feec32ae87352d6a40f40ff"
via: 1.1 google
x-pmd-smart-cdn-proxy: thumbor-proxy-675b9bbb75-g7zfq
x-cache-hit: miss
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49878
date: Fri, 10 Jan 2025 08:41:06 GMT
content-type: image/webp
vary: Accept
server: nginx/1.18.0
x-pmd-smartcdn-requester: winnipegsun

GET
H2 200 css
fonts.googleapis.com/ 17 KB
2 KB 374ms
127ms Stylesheet
text/css 142.250.185.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap

Requested by

Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f10.1e100.net

Software

ESF /

Resource Hash

0fedd1639e6533aa7801d558cba0e3b2c5947b56b66cde29361f9b6cadbe91be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 10 Jan 2025 08:41:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 10 Jan 2025 08:41:06 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 10 Jan 2025 08:41:06 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 107 KB
33 KB 374ms
134ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e7b2fce3b02b83a0bd1ac4b04acf3fbdedfc3ddf4745609c4ea24e373dac6a0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

content-encoding: br
etag: 6 / 20098 / m202501030202 / config-hash: 16180932873871542571
x-content-type-options: nosniff
expires: Fri, 10 Jan 2025 08:41:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Fri, 10 Jan 2025 08:41:06 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 34197
x-xss-protection: 0
server: cafe

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 347 KB
85 KB 437ms
179ms Script
application/javascript 108.138.3.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.3.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-3-93.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9c234a39335c68efa876173f1af885a07eb982fde169e3627c70956ba0088313

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

vary: Accept-Encoding
cache-control: max-age=3600
content-encoding: gzip
etag: W/"7e51aa38db51fceb0afb5b4671f303d3"
age: 1612
via: 1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront), 1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: ZwtAfVGlioenAsgS2p0JCCf5X0zmITcwYfZK2por3kBqHSLuaIHcpg==
date: Fri, 10 Jan 2025 08:14:15 GMT
content-type: application/javascript
last-modified: Wed, 18 Dec 2024 21:58:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
x-amz-server-side-encryption: AES256

GET
H2 200 14648.js Show response
micro.rubiconproject.com/prebid/dynamic/ 584 KB
177 KB 411ms
141ms Script
text/javascript 104.102.34.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Requested by: Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.34.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-34-86.deploy.static.akamaitechnologies.com
Software: Apache/2.4.62 (Debian) PHP/8.3.13 OpenSSL/3.0.15 /
Resource Hash: 1fddb8641042855d7f8ea295e026ace6858e7d769a198e2ae5121ea5c100463a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

edge-cache-tag: prod-prebid-14648_The_Winnipeg_Sun.js
cache-control: public, must-revalidate, max-age=14400
content-encoding: gzip
expires: Fri, 10 Jan 2025 10:21:53 GMT
content-length: 180443
date: Fri, 10 Jan 2025 08:41:06 GMT
content-type: text/javascript;charset=UTF-8
vary: accept-encoding, referer
server: Apache/2.4.62 (Debian) PHP/8.3.13 OpenSSL/3.0.15

GET
H2 200 output.6e1442a4ed58.css
dcs-static.gprod.postmedia.digital/17.7.5/CACHE/css/ 29 KB
3 KB 365ms
145ms Stylesheet
text/css 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dcs-static.gprod.postmedia.digital/17.7.5/CACHE/css/output.6e1442a4ed58.css
Requested by: Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 6e1442a4ed58986cc47bc718ab9b6b434c367cf0e8f900309318b0bb78412076

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

x-goog-metageneration: 1
x-goog-meta-goog-reserved-file-mtime: 1734988310
x-goog-hash: crc32c=0StZFg==, md5=t6ZH0zqUL2aqGsE5kjZ0Bw==
content-encoding: br
etag: W/"b7a647d33a942f66aa1ac13992367407"
age: 224363
x-goog-stored-content-encoding: identity
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 29822
date: Tue, 07 Jan 2025 18:21:42 GMT
last-modified: Tue, 07 Jan 2025 17:58:18 GMT
content-type: text/css
vary: Accept-Encoding
x-guploader-uploadid: AFiumC73OvkCD9R-egpgGA8AwNo-24zTnUAEosA-fQId8yt_2J9RHgeihtv-OBeOY5OcxZGKRATrnKs
cache-control: public,max-age=31622400
x-goog-storage-class: STANDARD
accept-ranges: none
access-control-allow-origin: *
x-goog-generation: 1736272698452129
content-length: 2529
server: UploadServer

GET
H2 200 output.bfd67882219e.css
dcs-static.gprod.postmedia.digital/17.7.5/CACHE/css/ 102 KB
16 KB 369ms
150ms Stylesheet
text/css 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dcs-static.gprod.postmedia.digital/17.7.5/CACHE/css/output.bfd67882219e.css
Requested by: Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 59e6b689ca09da925938a7c9a640286e5ec72626d2d268645f5aef9f3ddd35bb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

x-goog-metageneration: 1
x-goog-meta-goog-reserved-file-mtime: 1734988310
x-goog-hash: crc32c=Lj3kKQ==, md5=3pHPE8GNdCse9TXfKB3CJw==
content-encoding: br
etag: W/"de91cf13c18d742b1ef535df281dc227"
age: 224149
x-goog-stored-content-encoding: identity
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 104181
date: Tue, 07 Jan 2025 18:25:16 GMT
last-modified: Tue, 07 Jan 2025 17:58:21 GMT
content-type: text/css
vary: Accept-Encoding
x-guploader-uploadid: AFiumC4cKGw2QuriH_-ESWbId4TjVuj7AB4xoPadi26kazzEZcddgN8RyWhMtZoHUMNyB4lsvh1JpQ
cache-control: public,max-age=31622400
x-goog-storage-class: STANDARD
accept-ranges: none
access-control-allow-origin: *
x-goog-generation: 1736272701505051
content-length: 16610
server: UploadServer

GET
H2 200 output.9bcce11ce524.css
dcs-static.gprod.postmedia.digital/17.7.5/CACHE/css/ 76 KB
8 KB 347ms
128ms Stylesheet
text/css 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dcs-static.gprod.postmedia.digital/17.7.5/CACHE/css/output.9bcce11ce524.css
Requested by: Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 282f6d959d04bcf2e14a672a4eb10405d65e51ea01f0349533971c3d0aab9f86

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

x-goog-metageneration: 1
x-goog-meta-goog-reserved-file-mtime: 1734988310
x-goog-hash: crc32c=eIpkOw==, md5=qIdNXrPgc2GDg+tgD2a49w==
content-encoding: br
etag: W/"a8874d5eb3e073618383eb600f66b8f7"
age: 224149
x-goog-stored-content-encoding: identity
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 77360
date: Tue, 07 Jan 2025 18:25:16 GMT
last-modified: Tue, 07 Jan 2025 17:58:20 GMT
content-type: text/css
vary: Accept-Encoding
x-guploader-uploadid: AFiumC4PcVp8vUtzmXkdbShNrHMVCllcZeDatzr5Oszkcn7KWJwTUz2W9S7wPPUX9jnjNJtjhRgkoIo
cache-control: public,max-age=31622400
x-goog-storage-class: STANDARD
accept-ranges: none
access-control-allow-origin: *
x-goog-generation: 1736272700052833
content-length: 8263
server: UploadServer

GET
H2 200 output.e87c97248f8a.css
dcs-static.gprod.postmedia.digital/17.7.5/CACHE/css/ 111 KB
17 KB 288ms
68ms Stylesheet
text/css 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dcs-static.gprod.postmedia.digital/17.7.5/CACHE/css/output.e87c97248f8a.css
Requested by: Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: df8ad882cbda3f8d8f2a58728609580727d916414c404280279ee7f0ba63f322

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

x-goog-metageneration: 1
x-goog-meta-goog-reserved-file-mtime: 1734988310
x-goog-hash: crc32c=RlNnig==, md5=JgWem/ozclRdoWZJ9R1QWg==
content-encoding: br
etag: W/"26059e9bfa3372545da16649f51d505a"
age: 224149
x-goog-stored-content-encoding: identity
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 113686
date: Tue, 07 Jan 2025 18:25:16 GMT
last-modified: Tue, 07 Jan 2025 17:58:22 GMT
content-type: text/css
vary: Accept-Encoding
x-guploader-uploadid: AFiumC4wFaA5bE_HzVKgDwfy7zySWjdDN1lOkNKfC2Ov1LY5NCmE-q7node5Lm6XF_iqO2gi7ME9fZ0
cache-control: public,max-age=31622400
x-goog-storage-class: STANDARD
accept-ranges: none
access-control-allow-origin: *
x-goog-generation: 1736272702945469
content-length: 16541
server: UploadServer

GET
H2 200 spm.v1.min.js Show response
ak.sail-horizon.com/spm/ 173 KB
56 KB 446ms
183ms Script
application/javascript 18.66.112.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by: Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-95.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d4ef66da786aac7a6ae7d165b5a6d9f7456ec786ddc04100449d53ab5cf796db

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

vary: Accept-Encoding
cache-control: max-age=600; must-revalidate
content-encoding: gzip
etag: W/"baf420a4fb632cc24e50dcdb1d7e984d"
age: 536
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: d2FW3vsKBzNgRZXRqNQHrneaxPuiRnnbvP6s6OD43OJVr259_XGL_A==
date: Fri, 10 Jan 2025 08:32:12 GMT
content-type: application/javascript
last-modified: Wed, 11 Dec 2024 09:49:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256

GET
H2 200 fem.js Show response
fem.gprod.postmedia.digital/v117.1/ 355 KB
85 KB 307ms
68ms Script
text/javascript 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fem.gprod.postmedia.digital/v117.1/fem.js
Requested by: Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 8d328b4e8b158dd415d0a33960ce27f66eb164d1756c0dc6a1fa0da5de4165e8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://winnipegsun.com
Referer

Response headers

x-goog-metageneration: 1
x-goog-meta-goog-reserved-file-mtime: 1734632400
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash: crc32c=3TQLDw==, md5=z+7LA8BzBCDjq2aS27nSAw==
content-encoding: br
etag: W/"cfeecb03c0730420e3ab6692dbb9d203"
age: 18448
x-goog-stored-content-encoding: identity
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 363797
date: Fri, 10 Jan 2025 03:33:37 GMT
last-modified: Thu, 19 Dec 2024 18:20:19 GMT
content-type: text/javascript
vary: Accept-Encoding
x-guploader-uploadid: AFiumC7MhfpoHsQ2wJvE9IApsoQrxukOjZczjuoxhfku6N-DhB5b6_299443gAdFOL4yyCg82ZLNSMM
cache-control: public,max-age=31622400
x-goog-storage-class: STANDARD
accept-ranges: none
access-control-allow-origin: *
x-goog-generation: 1734632419564325
content-length: 85892
server: UploadServer

GET
H2 200 bootstrapper Show response
tags.qortex.ai/ 29 KB
6 KB 565ms
302ms Script
application/javascript 172.67.73.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.qortex.ai/bootstrapper?group-id=mWG1MKwnUqyMj5mnvTfg&video-container=.jw-wrapper&continuous-load=true
Requested by: Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.73.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 9554b211b59cb46d8a4f37906b897d96928c4d591bbad5e7b37928a81155a964

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: REVALIDATED
etag: W/"145"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1rMqIuC3ezH9ANztDE7BOrneSlyFVL5WpRkECM8Yqrk20WrzQptR0sm9pbH5Mfmxs0SFX9R6rzSU2eDiUlpPmZH8wWOblwzWcN7pLuBQxMl4lnG1qluidAGQV5QXCm6b"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ffb5db72a3b6547-LHR
access-control-allow-origin: *
server-timing: cfL4;desc="?proto=TCP&rtt=57892&min_rtt=57837&rtt_var=9204&sent=8&recv=12&lost=0&retrans=0&sent_bytes=4032&recv_bytes=2257&delivery_rate=66777&cwnd=248&unsent_bytes=0&cid=019a80d7caccb8fc&ts=308&x=0"
date: Fri, 10 Jan 2025 08:41:06 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 09 Dec 2024 15:25:15 GMT
x-powered-by: Express
server: cloudflare
vary: Accept-Encoding

GET
H2 200 flipptag.js Show response
cdn-gateflipp.flippback.com/tag/js/ 87 KB
31 KB 780ms
509ms Script
application/javascript 13.35.58.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=%201179443
Requested by: Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-60.fra60.r.cloudfront.net
Software: envoy /
Resource Hash: 75d1bde46c2d3bcf9a81ddf025752ab9a1215a7248c8e3e182c055b093d320bc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

cache-control: no-store
content-encoding: gzip
x-envoy-upstream-service-time: 5
via: 1.1 83f879b9257b55a619d0b5d3165412a6.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: _O__Ns5Bqi4As-LluzjA_8Ge2Nk_lnWqBRjmwAs_ekJw2EsZuDLq0A==
date: Fri, 10 Jan 2025 08:41:06 GMT
content-type: application/javascript
vary: Origin,Origin, Accept-Encoding
server: envoy
x-amz-cf-pop: FRA60-P10

GET
H2 200 a78256cb32a2d8681dc2df9afa609931
secure.gravatar.com/avatar/ 7 KB
7 KB 359ms
116ms Image
image/png 192.0.73.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/a78256cb32a2d8681dc2df9afa609931?s=70&d=mp
Requested by: Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.73.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 7355909b93826a1a3d800d808f635650c7f7a364c6125e922152eca64d747cf3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

link: <https://gravatar.com/avatar/a78256cb32a2d8681dc2df9afa609931?s=70&d=mp>; rel="canonical"
cache-control: max-age=300
x-nc: HIT hhn 1
expires: Fri, 10 Jan 2025 08:46:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 6880
date: Fri, 10 Jan 2025 08:41:06 GMT
content-type: image/png
last-modified: Thu, 30 Nov 2017 18:24:08 GMT
server: nginx
content-disposition: inline; filename="a78256cb32a2d8681dc2df9afa609931.png"

GET
H2 200 icon-close-black.svg
dcs-static.gprod.postmedia.digital/17.7.5/websites/images/common-icon/ 378 B
648 B 69ms
67ms Image
image/svg+xml 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dcs-static.gprod.postmedia.digital/17.7.5/websites/images/common-icon/icon-close-black.svg
Requested by: Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 15b54a90686829d59ef0c2bc6a9e2e82b6a11536be56acf2b4ff414b081c891d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

x-goog-metageneration: 1
x-goog-meta-goog-reserved-file-mtime: 1734988311
x-goog-hash: crc32c=wbQwCg==, md5=a1F2R7db6sfO3k5jTqUQlA==
etag: "6b517647b75beac7cede4e634ea51094"
age: 225131
x-goog-stored-content-encoding: identity
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 378
date: Tue, 07 Jan 2025 18:08:55 GMT
last-modified: Tue, 07 Jan 2025 17:59:07 GMT
content-type: image/svg+xml
x-guploader-uploadid: AFiumC5fcaYDOk3Byxd67fRcvjkSGOBuzmrzUCUlcVncVn35nmt_8z1uZaBL4-Zt6QMyvpqnb6KUda4
cache-control: public,max-age=31622400
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1736272747681136
content-length: 378
server: UploadServer

GET
H2 200 LoginRadiusV2.js Show response
auth.lrcontent.com/v2/js/ 242 KB
56 KB 384ms
134ms Script
text/javascript 104.18.4.235
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.lrcontent.com/v2/js/LoginRadiusV2.js

Requested by

Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.4.235 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cebaf097795c8b1fa8f5c5e9989886acf843b7f7b78c8f0875a2850f1ee30d95

Security Headers

Name	Value
Strict-Transport-Security	max-age= 63072000; includeSubdomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"9f45bc4c2df3711eaaea6e1170e27314"
age: 664
expires: Fri, 10 Jan 2025 12:41:06 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: q-rKgA4KGDcxRvRJBGmajVG5Jq9KA5lXG_0omM0pRzlSPNUOARvk3Q==
date: Fri, 10 Jan 2025 08:41:06 GMT
content-type: text/javascript
last-modified: Tue, 24 Dec 2024 09:11:14 GMT
vary: Origin, Accept-Encoding
strict-transport-security: max-age= 63072000; includeSubdomains; preload
cache-control: public, max-age=14400
via: 1.1 edfa50bbeda89838b4ee2ce6eaea1b04.cloudfront.net (CloudFront)
cf-ray: 8ffb5db52d9ed206-FRA
x-amz-cf-pop: FRA56-P8
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 ms_auth_client.min.js Show response
edge-auth.microsoft.com/js/ 280 KB
281 KB 560ms
160ms Script
text/javascript 13.107.6.158
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://edge-auth.microsoft.com/js/ms_auth_client.min.js

Requested by

Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.6.158 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

bingforbusiness.com

Software

Resource Hash

33cc6e61cbb1addafa75cc8ed40216823ee7e50631bb8d2b71eda77ca81a77f3

Security Headers

Name	Value
Content-Security-Policy	script-src 'strict-dynamic' 'nonce-uoSvU3Jx40KbskrkdmOI7qBut9O+kmrrZUbmC1am4YNfvhaj/PMiMPt/LWJIEk54PWEjBoaHQ1MvuapVxBL2i0nQImXjS34Lu45beMT/pXrm5OcxXoh7UE2N+IWoBYh1DUB6zQp5eHR4SsHEzYJcEB+d/KGiA8VVDeRWgBNmHm8=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

content-security-policy: script-src 'strict-dynamic' 'nonce-uoSvU3Jx40KbskrkdmOI7qBut9O+kmrrZUbmC1am4YNfvhaj/PMiMPt/LWJIEk54PWEjBoaHQ1MvuapVxBL2i0nQImXjS34Lu45beMT/pXrm5OcxXoh7UE2N+IWoBYh1DUB6zQp5eHR4SsHEzYJcEB+d/KGiA8VVDeRWgBNmHm8=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';
cache-control: max-age=0, no-cache, no-store, must-revalidate
etag: "1db3b81182960c4"
x-msedge-ref: Ref A: 058ADC30B22A4CA89D31DFEBF95C322E Ref B: VIEEDGE4114 Ref C: 2025-01-10T08:41:06Z
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 286660
date: Fri, 10 Jan 2025 08:41:06 GMT
content-type: text/javascript
last-modified: Wed, 20 Nov 2024 19:19:18 GMT

GET
H2 200 main.837f1a1ddbbe.js Show response
dcs-static.gprod.postmedia.digital/17.7.5/CACHE/js/ 37 KB
13 KB 265ms
67ms Script
text/javascript 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dcs-static.gprod.postmedia.digital/17.7.5/CACHE/js/main.837f1a1ddbbe.js
Requested by: Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 8de02d0434a86c23a4dc13cd7a37aba8a1ee51a1d22b0da4ac0bed4f0b848003

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://winnipegsun.com
Referer: https://winnipegsun.com/

Response headers

x-goog-metageneration: 1
x-goog-meta-goog-reserved-file-mtime: 1734988310
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash: crc32c=v51cfg==, md5=2zUpzVstq14189BIHV2RgA==
content-encoding: br
etag: W/"db3529cd5b2dab5e35f3d0481d5d9180"
age: 224364
x-goog-stored-content-encoding: identity
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 38372
date: Tue, 07 Jan 2025 18:21:42 GMT
last-modified: Tue, 07 Jan 2025 17:58:23 GMT
content-type: text/javascript
vary: Accept-Encoding
x-guploader-uploadid: AFiumC5QHKMigYLCc_RTP8KqL-PDrJzzuZXQE8LjfbiWB5y_12ZEa2TbXFD_8xMohPKj0Vr03OoG4zM
cache-control: public,max-age=31622400
x-goog-storage-class: STANDARD
accept-ranges: none
access-control-allow-origin: *
x-goog-generation: 1736272703725298
content-length: 12646
server: UploadServer

GET
H2 200 css
fonts.googleapis.com/ 17 KB
0 0ms
0ms Stylesheet
text/css 142.250.185.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap

Requested by

Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f10.1e100.net

Software

ESF /

Resource Hash

0fedd1639e6533aa7801d558cba0e3b2c5947b56b66cde29361f9b6cadbe91be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 10 Jan 2025 08:41:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 10 Jan 2025 08:41:06 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 10 Jan 2025 08:41:06 GMT
x-frame-options: SAMEORIGIN
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/10276888/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

16 KB
6 KB

132ms
132ms

Script
text/javascript

18.244.18.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by: Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol: H2
Server: 18.244.18.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-38.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3f6004a6c9021e04ec32ca88df8f9a5785e53da23511f1bf0d56defc1b9759f8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

vary: accept-encoding
cache-control: max-age=86400
content-encoding: gzip
etag: W/"c22322b3d030360971584a98c60b6e0b"
age: 28321
via: 1.1 56837fe4941e707f9c6564d049ea12b6.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: YylSsIqXFzHAXXFQ1rWX8qtI424J44ZtF4b6OEglO9srU_zE6jCjeQ==
date: Fri, 10 Jan 2025 00:49:06 GMT
content-type: text/javascript
last-modified: Mon, 16 Dec 2024 11:25:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
x-amz-server-side-encryption: AES256

Redirect headers

location: /internal-cs/default/beacon.js
accept-ch: UA, Platform, Arch, Model, Mobile
via: 1.1 56837fe4941e707f9c6564d049ea12b6.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
content-length: 0
x-amz-cf-id: ocBnwi5xvBiDSHUH9Zyd0zcopOmqnOTCjpReiLpWmFL-8F_4t1dnFw==
date: Fri, 10 Jan 2025 08:41:06 GMT
x-amz-cf-pop: FRA56-P11

GET
H2 200 icon-close-black.svg
dcs-static.gprod.postmedia.digital/17.7.5/websites/images/common-icon/ 378 B
0 64ms
64ms Image
image/svg+xml 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dcs-static.gprod.postmedia.digital/17.7.5/websites/images/common-icon/icon-close-black.svg
Requested by: Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 15b54a90686829d59ef0c2bc6a9e2e82b6a11536be56acf2b4ff414b081c891d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

x-goog-metageneration: 1
x-goog-meta-goog-reserved-file-mtime: 1734988311
x-goog-hash: crc32c=wbQwCg==, md5=a1F2R7db6sfO3k5jTqUQlA==
etag: "6b517647b75beac7cede4e634ea51094"
age: 225131
x-goog-stored-content-encoding: identity
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 378
date: Tue, 07 Jan 2025 18:08:55 GMT
last-modified: Tue, 07 Jan 2025 17:59:07 GMT
content-type: image/svg+xml
x-guploader-uploadid: AFiumC5fcaYDOk3Byxd67fRcvjkSGOBuzmrzUCUlcVncVn35nmt_8z1uZaBL4-Zt6QMyvpqnb6KUda4
cache-control: public,max-age=31622400
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1736272747681136
content-length: 378
server: UploadServer

GET
H2 200 carousel-previous.svg
dcs-static.gprod.postmedia.digital/17.7.5/websites/images/common-icon/ 1 KB
744 B 67ms
66ms Image
image/svg+xml 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dcs-static.gprod.postmedia.digital/17.7.5/websites/images/common-icon/carousel-previous.svg
Requested by: Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/17.7.5/CACHE/css/output.9bcce11ce524.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e5bab9427ec1d36c811e3ca40b2a1014b330dea0fc48b787041c572e1fdc4f28

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://dcs-static.gprod.postmedia.digital/17.7.5/CACHE/css/output.9bcce11ce524.css

Response headers

x-goog-metageneration: 1
x-goog-meta-goog-reserved-file-mtime: 1734988311
x-goog-hash: crc32c=RxdKhw==, md5=I/vXzTESeaK262jY9gWQRw==
content-encoding: br
etag: W/"23fbd7cd311279a2b6eb68d8f6059047"
age: 224150
x-goog-stored-content-encoding: identity
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 1204
date: Tue, 07 Jan 2025 18:25:16 GMT
last-modified: Tue, 07 Jan 2025 17:59:07 GMT
content-type: image/svg+xml
vary: Accept-Encoding
x-guploader-uploadid: AFiumC7Fs_Lr4U49zxU3fUUMsdnwhk4d3s99w-JEO8Mrl8Q3owu2mf7wqzHuH7-jO4FXDIhKkLGp-aA
cache-control: public,max-age=31622400
x-goog-storage-class: STANDARD
accept-ranges: none
access-control-allow-origin: *
x-goog-generation: 1736272747299634
content-length: 519
server: UploadServer

GET
H2 200 carousel-next.svg
dcs-static.gprod.postmedia.digital/17.7.5/websites/images/common-icon/ 1 KB
735 B 67ms
67ms Image
image/svg+xml 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dcs-static.gprod.postmedia.digital/17.7.5/websites/images/common-icon/carousel-next.svg
Requested by: Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/17.7.5/CACHE/css/output.9bcce11ce524.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b510ee91066f77f938f78422378a73f44818d0ee661c0ccb5ad398cc7dd6b080

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://dcs-static.gprod.postmedia.digital/17.7.5/CACHE/css/output.9bcce11ce524.css

Response headers

x-goog-metageneration: 1
x-goog-meta-goog-reserved-file-mtime: 1734988311
x-goog-hash: crc32c=8FG2nQ==, md5=c1/bperW/ON3fpG/P+6N1g==
content-encoding: br
etag: W/"735fdba5ead6fce3777e91bf3fee8dd6"
age: 224150
x-goog-stored-content-encoding: identity
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 1204
date: Tue, 07 Jan 2025 18:25:16 GMT
last-modified: Tue, 07 Jan 2025 17:59:07 GMT
content-type: image/svg+xml
vary: Accept-Encoding
x-guploader-uploadid: AFiumC72BlqEhEFdcylUw_vqnEnJVQM-7GOSI-DhGBzzQZwpnRx323zu3tsDOIGf6IEqHwo0XM8hqBo
cache-control: public,max-age=31622400
x-goog-storage-class: STANDARD
accept-ranges: none
access-control-allow-origin: *
x-goog-generation: 1736272747284347
content-length: 520
server: UploadServer

GET
H2 200 save-article-button--default.svg
dcs-static.gprod.postmedia.digital/17.7.5/websites/images/save-article-buttons/ 239 B
494 B 71ms
71ms Image
image/svg+xml 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dcs-static.gprod.postmedia.digital/17.7.5/websites/images/save-article-buttons/save-article-button--default.svg
Requested by: Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/17.7.5/CACHE/css/output.bfd67882219e.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 497f053df078e16fc3614f2d1f04630846b2c7a9efe4ef5ce273baddc814415b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://dcs-static.gprod.postmedia.digital/17.7.5/CACHE/css/output.bfd67882219e.css

Response headers

x-goog-metageneration: 1
x-goog-meta-goog-reserved-file-mtime: 1734988312
x-goog-hash: crc32c=UejarA==, md5=j2W/cpjskpE/ahUC1VSfmg==
etag: "8f65bf7298ec92913f6a1502d5549f9a"
age: 224150
x-goog-stored-content-encoding: identity
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 239
date: Tue, 07 Jan 2025 18:25:16 GMT
last-modified: Tue, 07 Jan 2025 17:59:24 GMT
content-type: image/svg+xml
x-guploader-uploadid: AFiumC6QldVx0JMmU4d0PxqHAhfrwmPG4wjtiIRbafSEy5kVTwM_KZrBgyrwlkOU6SoWXYHx7zzniw4
cache-control: public,max-age=31622400
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1736272764960323
content-length: 239
server: UploadServer

GET
H2 200 icon-arrow-down-black.svg
dcs-static.gprod.postmedia.digital/17.7.5/websites/images/common-icon/ 277 B
504 B 68ms
67ms Image
image/svg+xml 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dcs-static.gprod.postmedia.digital/17.7.5/websites/images/common-icon/icon-arrow-down-black.svg
Requested by: Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/17.7.5/CACHE/css/output.bfd67882219e.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 36260e9cb231e00f7334eacc8a181329ba4c622cb50312342edb9e8512812cf7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://dcs-static.gprod.postmedia.digital/17.7.5/CACHE/css/output.bfd67882219e.css

Response headers

x-goog-metageneration: 1
x-goog-meta-goog-reserved-file-mtime: 1734988311
x-goog-hash: crc32c=BEI86Q==, md5=pd0wt4OdM3jVLvFFJaWqXw==
etag: "a5dd30b7839d3378d52ef14525a5aa5f"
age: 224149
x-goog-stored-content-encoding: identity
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 277
date: Tue, 07 Jan 2025 18:25:17 GMT
last-modified: Tue, 07 Jan 2025 17:59:07 GMT
content-type: image/svg+xml
x-guploader-uploadid: AFiumC5P4QQriCAAEKH4u9Wt6ZQMwiM2R0eFsmQedGsLQMx6C_Ly5tksxyXW-SXfESI04_XycCLNxa4
cache-control: public,max-age=31622400
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1736272747356211
content-length: 277
server: UploadServer

GET
H2 200 icon-fire.svg
dcs-static.gprod.postmedia.digital/17.7.5/websites/images/common-icon/ 835 B
1 KB 68ms
67ms Image
image/svg+xml 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dcs-static.gprod.postmedia.digital/17.7.5/websites/images/common-icon/icon-fire.svg
Requested by: Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/17.7.5/CACHE/css/output.9bcce11ce524.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: a345a18e5d3f6c07451cb14dd480bfad123f03663912b581265d617d4725fe9a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://dcs-static.gprod.postmedia.digital/17.7.5/CACHE/css/output.9bcce11ce524.css

Response headers

x-goog-metageneration: 1
x-goog-meta-goog-reserved-file-mtime: 1734988311
x-goog-hash: crc32c=0k5Zig==, md5=nG6ZMGpnHRltiUUnOyi/6A==
etag: "9c6e99306a671d196d8945273b28bfe8"
age: 224149
x-goog-stored-content-encoding: identity
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 835
date: Tue, 07 Jan 2025 18:25:17 GMT
last-modified: Tue, 07 Jan 2025 17:59:07 GMT
content-type: image/svg+xml
x-guploader-uploadid: AFiumC5iFtOzvweuVqTooQZd3D5I04C6-iTsVxKh1sQjBnucWCKxiyCPfQ002tKClfVM9IAbavTwvA
cache-control: public,max-age=31622400
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1736272747848792
content-length: 835
server: UploadServer

GET
H3 200 NGSpv5_NC0k9P_v6ZUCbLRAHxK1EbiusdUmm.woff2
fonts.gstatic.com/s/heebo/v26/ 12 KB
12 KB 300ms
168ms Font
font/woff2 216.58.206.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/heebo/v26/NGSpv5_NC0k9P_v6ZUCbLRAHxK1EbiusdUmm.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f3.1e100.net

Software

sffe /

Resource Hash

5b740b764c32da039868fb07780caa7d55401fb92c17adfff3e07e31f74e9464

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://winnipegsun.com
Referer: https://fonts.googleapis.com/

Response headers

age: 258219
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 07 Jan 2026 08:57:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 07 Jan 2025 08:57:27 GMT
last-modified: Wed, 31 Jan 2024 23:11:54 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12228
x-xss-protection: 0
server: sffe

GET
H3 200 KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
fonts.gstatic.com/s/roboto/v47/ 39 KB
39 KB 252ms
120ms Font
font/woff2 216.58.206.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f3.1e100.net

Software

sffe /

Resource Hash

20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://winnipegsun.com
Referer: https://fonts.googleapis.com/

Response headers

age: 10600
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 10 Jan 2026 05:44:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 10 Jan 2025 05:44:26 GMT
last-modified: Wed, 08 Jan 2025 18:23:10 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 40128
x-xss-protection: 0
server: sffe

GET
H3 200 PN_xRfK9oXHga0XdZsg_.woff2
fonts.gstatic.com/s/martel/v11/ 18 KB
18 KB 333ms
201ms Font
font/woff2 216.58.206.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/martel/v11/PN_xRfK9oXHga0XdZsg_.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f3.1e100.net

Software

sffe /

Resource Hash

b52af4f6849257bb609f2078d51dc45ad49c0f9b5ff217cf6f9c1c8afcb9a8df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://winnipegsun.com
Referer: https://fonts.googleapis.com/

Response headers

age: 292770
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 06 Jan 2026 23:21:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 06 Jan 2025 23:21:36 GMT
last-modified: Thu, 11 Apr 2024 18:31:43 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18860
x-xss-protection: 0
server: sffe

GET
DATA 200
OK truncated
/ 2 B
2 B Image
text/plain

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: text/plain;charset=US-ASCII

GET
H2 200 icon-circle-email.svg
dcs-static.gprod.postmedia.digital/17.7.5/websites/images/share-icons/ 976 B
1 KB 70ms
67ms Image
image/svg+xml 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dcs-static.gprod.postmedia.digital/17.7.5/websites/images/share-icons/icon-circle-email.svg
Requested by: Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 2a647bbfb5c6723ca10f9833ae08d3381b0061f982959571e56a55d7768cb7a5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

x-goog-metageneration: 1
x-goog-meta-goog-reserved-file-mtime: 1734988311
x-goog-hash: crc32c=ZVCajw==, md5=vvAq2LHxN7uzA87+hhS2nw==
etag: "bef02ad8b1f137bbb303cefe8614b69f"
age: 224109
x-goog-stored-content-encoding: identity
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 976
date: Tue, 07 Jan 2025 18:25:57 GMT
last-modified: Tue, 07 Jan 2025 17:59:25 GMT
content-type: image/svg+xml
x-guploader-uploadid: AFiumC5MmckzOnvcpjMQ9yvEONd0CZroLPb8CAGu0Vpfw61KejD9IOwFQynjz-J1WEFGjri4wE6qoVs
cache-control: public,max-age=31622400
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1736272765642928
content-length: 976
server: UploadServer

GET
H2 200 icon-soc-rdit.svg
dcs-static.gprod.postmedia.digital/17.7.5/websites/images/share-icons/ 2 KB
1 KB 81ms
78ms Image
image/svg+xml 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dcs-static.gprod.postmedia.digital/17.7.5/websites/images/share-icons/icon-soc-rdit.svg
Requested by: Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 1fb82c9bb456f6d5336430ebb3d5b1e596ceb303ee99690f0c9187aa13a0cd43

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

x-goog-metageneration: 1
x-goog-meta-goog-reserved-file-mtime: 1734988311
x-goog-hash: crc32c=GJubKw==, md5=AwS404cMwfT4iFdKFAItpA==
content-encoding: br
etag: W/"0304b8d3870cc1f4f888574a14022da4"
age: 224109
x-goog-stored-content-encoding: identity
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 2135
date: Tue, 07 Jan 2025 18:25:57 GMT
last-modified: Tue, 07 Jan 2025 17:59:25 GMT
content-type: image/svg+xml
vary: Accept-Encoding
x-guploader-uploadid: AFiumC7AqhtR6cXD8nBdMnbZURYk3WWPeKZgDRmtA2CsnnzxOzMMFyI474ur_n-dd1LMyvn06vqiUCo
cache-control: public,max-age=31622400
x-goog-storage-class: STANDARD
accept-ranges: none
access-control-allow-origin: *
x-goog-generation: 1736272765807430
content-length: 803
server: UploadServer

GET
H2 200 icon-soc-tw.svg
dcs-static.gprod.postmedia.digital/17.7.5/websites/images/share-icons/ 552 B
779 B 80ms
77ms Image
image/svg+xml 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dcs-static.gprod.postmedia.digital/17.7.5/websites/images/share-icons/icon-soc-tw.svg
Requested by: Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: bc9a2e7ebc802c54bae45191afd2da677c4b00d5b87ca635cfb267f322c2f2d9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

x-goog-metageneration: 1
x-goog-meta-goog-reserved-file-mtime: 1734988311
x-goog-hash: crc32c=S/UR6Q==, md5=TL1HJw3IXQd4/TQ2Tod1Mg==
etag: "4cbd47270dc85d0778fd34364e877532"
age: 224109
x-goog-stored-content-encoding: identity
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 552
date: Tue, 07 Jan 2025 18:25:57 GMT
last-modified: Tue, 07 Jan 2025 17:59:25 GMT
content-type: image/svg+xml
x-guploader-uploadid: AFiumC5l1B5fst2gSKyjdUTepRKIIY6pL2bdbKLH4w-hojsaPEYyIkGXOQ_yabB1oCiap0JqmoZsVw
cache-control: public,max-age=31622400
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1736272765983907
content-length: 552
server: UploadServer

GET
H2 200 icon-soc-li.svg
dcs-static.gprod.postmedia.digital/17.7.5/websites/images/share-icons/ 739 B
962 B 79ms
76ms Image
image/svg+xml 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dcs-static.gprod.postmedia.digital/17.7.5/websites/images/share-icons/icon-soc-li.svg
Requested by: Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 73f5cb8f7a137847e41aeb849588174535651b6e140d8b13575f46fff0c496a2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

x-goog-metageneration: 1
x-goog-meta-goog-reserved-file-mtime: 1734988311
x-goog-hash: crc32c=PfZM8A==, md5=Bx5cfy3189wrhWsldnUvHA==
etag: "071e5c7f2df5f3dc2b856b2576752f1c"
age: 224109
x-goog-stored-content-encoding: identity
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 739
date: Tue, 07 Jan 2025 18:25:57 GMT
last-modified: Tue, 07 Jan 2025 17:59:25 GMT
content-type: image/svg+xml
x-guploader-uploadid: AFiumC67WsbcQq_X1GN64t7enz9ZPaeOgIjy24ewPSSpLHtmppWcQ9E9Y5rBgjaz3WeD802zFsdsfTI
cache-control: public,max-age=31622400
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1736272765781652
content-length: 739
server: UploadServer

GET
H2 200 icon-circle-share.svg
dcs-static.gprod.postmedia.digital/17.7.5/websites/images/share-icons/ 518 B
742 B 78ms
75ms Image
image/svg+xml 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dcs-static.gprod.postmedia.digital/17.7.5/websites/images/share-icons/icon-circle-share.svg
Requested by: Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 9ecefd4787ce6dc9b10a91779b92a5e468220a9f4176ff08c48babf7a15b0ab8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

x-goog-metageneration: 1
x-goog-meta-goog-reserved-file-mtime: 1734988311
x-goog-hash: crc32c=Q2Sdgw==, md5=SnrUWsJlNFv6VrkVJCs41w==
etag: "4a7ad45ac265345bfa56b915242b38d7"
age: 224109
x-goog-stored-content-encoding: identity
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 518
date: Tue, 07 Jan 2025 18:25:57 GMT
last-modified: Tue, 07 Jan 2025 17:59:25 GMT
content-type: image/svg+xml
x-guploader-uploadid: AFiumC7cBPvnMpT-6K8lBSNgOMxoMtkN9liEpyweRzYZtdJ65l90Ot1DyLhp-_tFzr7POFUQQukFLaw
cache-control: public,max-age=31622400
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1736272765695485
content-length: 518
server: UploadServer

GET
H2 200 icon-spinner-animated.svg
dcs-static.gprod.postmedia.digital/17.7.5/websites/images/common/ 549 B
800 B 81ms
78ms Image
image/svg+xml 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dcs-static.gprod.postmedia.digital/17.7.5/websites/images/common/icon-spinner-animated.svg
Requested by: Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: efc22a4037d8a6a9ac365825a869a4c68374ab697e36d3f9728969a712fbf058

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

x-goog-metageneration: 1
x-goog-meta-goog-reserved-file-mtime: 1734988311
x-goog-hash: crc32c=Qkr99Q==, md5=jr5LqxbcuuBhbEF8AplZyg==
etag: "8ebe4bab16dcbae0616c417c029959ca"
age: 224149
x-goog-stored-content-encoding: identity
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 549
date: Tue, 07 Jan 2025 18:25:17 GMT
last-modified: Tue, 07 Jan 2025 17:59:06 GMT
content-type: image/svg+xml
x-guploader-uploadid: AFiumC4XTEBhTUH2Fg0Fkiyq8RX21EQcGG51xwx9qCxgPs-AMx5_y8aDNkIXuSdc2XYi-BE7kuw4Ow
cache-control: public,max-age=31622400
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1736272746343200
content-length: 549
server: UploadServer

POST
H2 200 segment Show response
api.permutive.com/ctx/v1/ 263 B
384 B 15720ms
219ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/ctx/v1/segment?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by: Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v117.1/fem.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: /
Resource Hash: c56cea6c87388bc3f2c6158a8219434c9cfab7d9a96c4deec276ef9d65e45aaf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://winnipegsun.com/

Response headers

via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 263
date: Fri, 10 Jan 2025 08:41:21 GMT
content-type: application/json

GET 23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/ 0
0

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202501030202/ 494 KB
154 KB 121ms
120ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202501030202/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e430ac99d48aa7aa291fe9ef82398d2e7f599643dd1732d026947ba15edf718f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

content-encoding: br
etag: 4755344281006871465
age: 83609
x-content-type-options: nosniff
expires: Fri, 09 Jan 2026 09:27:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Thu, 09 Jan 2025 09:27:37 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 157521
x-xss-protection: 0
server: cafe

GET
H2 200 3528 Show response
config.aps.amazon-adsystem.com/configs/ 531 B
807 B 360ms
118ms Script
application/javascript 18.245.31.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/3528
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.31.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-31-65.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: d40d2b502ad7d52c94e018a940aec4eefd17c2890d9173e50fe32dfe9107e45c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

cache-control: max-age=3600
age: 89
via: 1.1 a4079c0a5989b4b7af98433fdd07f680.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
content-length: 531
x-amz-cf-id: M6ZP-MQZV7KAWuGvVgc_paU4xNTRt5oKL9zxUwEzkeL7hYrqZv3fyA==
date: Fri, 10 Jan 2025 08:39:37 GMT
content-type: application/javascript
x-amz-cf-pop: FRA56-P8
server: CloudFront

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 2 KB
2 KB 216ms
215ms XHR
application/json 108.138.3.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3528&u=https%3A%2F%2Fwinnipegsun.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.3.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-3-93.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 43430345ff39208aded96d7d9afeb2f6563e70af6d912226d5ec467158cb3d29

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
via: 1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
access-control-allow-origin: https://winnipegsun.com
x-cache: Miss from cloudfront
content-length: 2163
x-amz-cf-id: CJbuqj5umPFHRh3B_EzZmvMVfU-259QEhxKgR7rUIevgpxQ0ZZFmFQ==
date: Fri, 10 Jan 2025 08:41:06 GMT
content-type: application/json;charset=UTF-8
x-amz-cf-pop: FRA56-P6
server: Server

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 3431ms
173ms XHR
application/javascript 108.138.3.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.3.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-3-93.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
etag: W/"a4d296427fc806b21335359e398c025c"
age: 23751
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: TIedbiKRk9OWe-PiF3yM2HOPh8dcsb760Bd0vGeA3zjiqLkfaujoMA==
date: Fri, 10 Jan 2025 07:53:53 GMT
content-type: application/javascript
vary: Origin,accept-encoding
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
cache-control: public, max-age=86400
via: 1.1 e75bff6012758ccb55ff41b176b32342.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA56-P6
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202501090101/ 63 KB
23 KB 125ms
124ms Other
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/dict/m202501090101/gpt

Requested by

Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

83fb91b7a817bee2666baef516fc7a7b4c7ed560f6cbd2ad20ac0e2654d30818

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 5018452012333894652
age: 56403
x-content-type-options: nosniff
expires: Fri, 10 Jan 2025 17:01:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Thu, 09 Jan 2025 17:01:03 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=86400, stale-while-revalidate=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 23289
x-xss-protection: 0
server: cafe
use-as-dictionary: match="/gampad/ads", id="m202501090101"

GET
H3 200 d6979342ee56c56e77d711.js Show response
dcs-static.gprod.postmedia.digital/17.7.5/websites/js/ 2 KB
1015 B 68ms
67ms Script
text/javascript 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dcs-static.gprod.postmedia.digital/17.7.5/websites/js/d6979342ee56c56e77d711.js
Requested by: Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/17.7.5/CACHE/js/main.837f1a1ddbbe.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 87a3b03ac7eeb0d3a15535c4430219e50dedb287de7d746e93d97b561649a1d2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

x-goog-metageneration: 1
x-goog-meta-goog-reserved-file-mtime: 1734988313
x-goog-hash: crc32c=g8jIJg==, md5=LpJzqmgiqf3pwfqGo68WBg==
content-encoding: br
etag: W/"2e9273aa6822a9fde9c1fa86a3af1606"
age: 224749
x-goog-stored-content-encoding: identity
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 2239
date: Tue, 07 Jan 2025 18:15:17 GMT
last-modified: Tue, 07 Jan 2025 17:59:29 GMT
content-type: text/javascript
vary: Accept-Encoding
x-guploader-uploadid: AFiumC5t6EsXOUBA1vRmGc4Z_7IOy16I5IkdATSWKRr1DHQgoN4jEFeGluSSQYpc2YZIgzEzTskExg
cache-control: public,max-age=31622400
x-goog-storage-class: STANDARD
accept-ranges: none
access-control-allow-origin: *
x-goog-generation: 1736272769896689
content-length: 984
server: UploadServer

GET
H3 200 9049d1380ab9bab7868738.js Show response
dcs-static.gprod.postmedia.digital/17.7.5/websites/js/ 1 KB
708 B 77ms
75ms Script
text/javascript 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dcs-static.gprod.postmedia.digital/17.7.5/websites/js/9049d1380ab9bab7868738.js
Requested by: Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/17.7.5/CACHE/js/main.837f1a1ddbbe.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: fb133c6bbf1d1d01f0df05aa69d2a127caf07dc3d8170b1140d7345c762c2b46

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

x-goog-metageneration: 1
x-goog-meta-goog-reserved-file-mtime: 1734988313
x-goog-hash: crc32c=tmEhng==, md5=ZHBDLNzEpkOIeLJhGt5oGg==
content-encoding: br
etag: W/"6470432cdcc4a6438878b2611ade681a"
age: 65518
x-goog-stored-content-encoding: identity
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 1466
date: Thu, 09 Jan 2025 14:29:08 GMT
last-modified: Tue, 07 Jan 2025 17:59:29 GMT
content-type: text/javascript
vary: Accept-Encoding
x-guploader-uploadid: AFiumC5gWC3IS2XoRp01ygUGbLxtrQf-6lvnXE_XTE5dyboAsdvz3HSLjcuaV9FHD_xXbJL45z7bAFc
cache-control: public,max-age=31622400
x-goog-storage-class: STANDARD
accept-ranges: none
access-control-allow-origin: *
x-goog-generation: 1736272769021109
content-length: 677
server: UploadServer

GET
H3 200 02376d3adb495b730e3d43.js Show response
dcs-static.gprod.postmedia.digital/17.7.5/websites/js/ 7 KB
2 KB 74ms
71ms Script
text/javascript 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dcs-static.gprod.postmedia.digital/17.7.5/websites/js/02376d3adb495b730e3d43.js
Requested by: Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/17.7.5/CACHE/js/main.837f1a1ddbbe.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f8f4692ed07c1c243b5f3e6601fc9c31bd4d811dd8334cf951e4b16936121eb4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

x-goog-metageneration: 1
x-goog-meta-goog-reserved-file-mtime: 1734988313
x-goog-hash: crc32c=e4UeVw==, md5=4cNNMrCEp28m2EBjDsAhYA==
content-encoding: br
etag: W/"e1c34d32b084a76f26d840630ec02160"
age: 224749
x-goog-stored-content-encoding: identity
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 6931
date: Tue, 07 Jan 2025 18:15:17 GMT
last-modified: Tue, 07 Jan 2025 17:59:27 GMT
content-type: text/javascript
vary: Accept-Encoding
x-guploader-uploadid: AFiumC5OkXjoUwiDLXnUxfW2IgrO3GBUPOB89S6oE4tWP8jX7WUghOLRpPD5g8ygg7k98FgytnXJuO0
cache-control: public,max-age=31622400
x-goog-storage-class: STANDARD
accept-ranges: none
access-control-allow-origin: *
x-goog-generation: 1736272767744548
content-length: 2374
server: UploadServer

GET
H3 200 41ef077657681c52c6372.js Show response
dcs-static.gprod.postmedia.digital/17.7.5/websites/js/ 14 KB
4 KB 73ms
70ms Script
text/javascript 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dcs-static.gprod.postmedia.digital/17.7.5/websites/js/41ef077657681c52c6372.js
Requested by: Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/17.7.5/CACHE/js/main.837f1a1ddbbe.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 1413cc79bcd47b4af0fe4fe72237f906e31ca8d335314ff0ddb1ffca3c1b7afe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

x-goog-metageneration: 1
x-goog-meta-goog-reserved-file-mtime: 1734988313
x-goog-hash: crc32c=70FT1g==, md5=zlZVFMCKgOteB8Lp0RHiwg==
content-encoding: br
etag: W/"ce565514c08a80eb5e07c2e9d111e2c2"
age: 76845
x-goog-stored-content-encoding: identity
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 14165
date: Thu, 09 Jan 2025 11:20:21 GMT
last-modified: Tue, 07 Jan 2025 17:59:28 GMT
content-type: text/javascript
vary: Accept-Encoding
x-guploader-uploadid: AFiumC5gpWRf2yiv5NoW3ERLE3RfEAlYzg3s2bsCveRTBcZeE5FL5Zzt2i6r4kZ8JyVyYhvjhqQ1z2A
cache-control: public,max-age=31622400
x-goog-storage-class: STANDARD
accept-ranges: none
access-control-allow-origin: *
x-goog-generation: 1736272768481290
content-length: 3795
server: UploadServer

GET
H3 200 d7f8a9cb4ceb9af8694860.js Show response
dcs-static.gprod.postmedia.digital/17.7.5/websites/js/ 222 B
261 B 94ms
90ms Script
text/javascript 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dcs-static.gprod.postmedia.digital/17.7.5/websites/js/d7f8a9cb4ceb9af8694860.js
Requested by: Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/17.7.5/CACHE/js/main.837f1a1ddbbe.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 01e1bc5277aa20bf535587ea7bb9af229daac3ae1463f43638d355a9885d930a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

x-goog-metageneration: 1
x-goog-meta-goog-reserved-file-mtime: 1734988313
x-goog-hash: crc32c=3LlnSQ==, md5=0vIRtLzDo6KIorKBlqGQfw==
etag: "d2f211b4bcc3a3a288a2b28196a1907f"
age: 11183
x-goog-stored-content-encoding: identity
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 222
date: Fri, 10 Jan 2025 05:34:43 GMT
last-modified: Tue, 07 Jan 2025 17:59:29 GMT
content-type: text/javascript
x-guploader-uploadid: AFIdbgSTuAm9tPu9KodTu3IjQopWJsGXqo-MjjoCmQ_XlMXgl2XE8ILjDK6o_cDXIVa4oD2Huzaq2h8
cache-control: public,max-age=31622400
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1736272769924115
content-length: 222
server: UploadServer

GET
H3 200 50b8deee2c283751244145.js Show response
dcs-static.gprod.postmedia.digital/17.7.5/websites/js/ 6 KB
2 KB 89ms
86ms Script
text/javascript 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dcs-static.gprod.postmedia.digital/17.7.5/websites/js/50b8deee2c283751244145.js
Requested by: Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/17.7.5/CACHE/js/main.837f1a1ddbbe.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 6a704edd26f24a02229a8e792d403c17a6e9b3f34fc682e6156374f04385884b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

x-goog-metageneration: 1
x-goog-meta-goog-reserved-file-mtime: 1734988313
x-goog-hash: crc32c=9+KIgA==, md5=+ViVEAn43iPjsx8M7tGZRw==
content-encoding: br
etag: W/"f958951009f8de23e3b31f0ceed19947"
age: 37636
x-goog-stored-content-encoding: identity
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 6248
date: Thu, 09 Jan 2025 22:13:50 GMT
last-modified: Tue, 07 Jan 2025 17:59:28 GMT
content-type: text/javascript
vary: Accept-Encoding
x-guploader-uploadid: AFIdbgQL4InrMnn4Y4WGCKTDPUwZOFL3sxxhVRezJvkdUeJU0yUDRnOUW1sNgklEu7El1BzGkieEOYQ
cache-control: public,max-age=31622400
x-goog-storage-class: STANDARD
accept-ranges: none
access-control-allow-origin: *
x-goog-generation: 1736272768502905
content-length: 2122
server: UploadServer

GET
H3 200 b39ce5664d264d0e3e9c14.js Show response
dcs-static.gprod.postmedia.digital/17.7.5/websites/js/ 9 KB
2 KB 85ms
82ms Script
text/javascript 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dcs-static.gprod.postmedia.digital/17.7.5/websites/js/b39ce5664d264d0e3e9c14.js
Requested by: Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/17.7.5/CACHE/js/main.837f1a1ddbbe.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c1544db2a2f5cdfa75336a02ad5a64b5f56ea06643afdbbebba79d01847b3eca

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

x-goog-metageneration: 1
x-goog-meta-goog-reserved-file-mtime: 1734988313
x-goog-hash: crc32c=d2chFA==, md5=FGze/aNexbL7qBCCvVqzgw==
content-encoding: br
etag: W/"146cdefda35ec5b2fba81082bd5ab383"
age: 224616
x-goog-stored-content-encoding: identity
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 8870
date: Tue, 07 Jan 2025 18:17:30 GMT
last-modified: Tue, 07 Jan 2025 17:59:29 GMT
content-type: text/javascript
vary: Accept-Encoding
x-guploader-uploadid: AFiumC6VnowD5uGeQL8TH7h19CVEea6LGTISX5f-FpCe6PpPOK5ZnQyPb1pzA8TiL8j3w9HvKXbVjg
cache-control: public,max-age=31622400
x-goog-storage-class: STANDARD
accept-ranges: none
access-control-allow-origin: *
x-goog-generation: 1736272769441633
content-length: 2250
server: UploadServer

GET
H3 200 c8cfd9e98a93b789aa8617.js Show response
dcs-static.gprod.postmedia.digital/17.7.5/websites/js/ 3 KB
1 KB 91ms
88ms Script
text/javascript 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dcs-static.gprod.postmedia.digital/17.7.5/websites/js/c8cfd9e98a93b789aa8617.js
Requested by: Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/17.7.5/CACHE/js/main.837f1a1ddbbe.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: bedafe4415f6abb6dfa8c6c63335c65422bb883ada266557b90421e63fbb8d0b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

x-goog-metageneration: 1
x-goog-meta-goog-reserved-file-mtime: 1734988313
x-goog-hash: crc32c=t6bfvg==, md5=exFJp09OlAizetvWlWVlrQ==
content-encoding: br
etag: W/"7b1149a74f4e9408b37adbd6956565ad"
age: 224749
x-goog-stored-content-encoding: identity
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 3008
date: Tue, 07 Jan 2025 18:15:17 GMT
last-modified: Tue, 07 Jan 2025 17:59:29 GMT
content-type: text/javascript
vary: Accept-Encoding
x-guploader-uploadid: AFiumC6yZBDCHbBFJH5ZaNgxi2CDhNyQT_teEhh0MKz-MQjQn_vWtcwp866esM1-DJ1AJi9lZgqTmng
cache-control: public,max-age=31622400
x-goog-storage-class: STANDARD
accept-ranges: none
access-control-allow-origin: *
x-goog-generation: 1736272769702044
content-length: 1009
server: UploadServer

GET
H3 200 b4e6a490ed15ed478a0434.js Show response
dcs-static.gprod.postmedia.digital/17.7.5/websites/js/ 5 KB
2 KB 76ms
73ms Script
text/javascript 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dcs-static.gprod.postmedia.digital/17.7.5/websites/js/b4e6a490ed15ed478a0434.js
Requested by: Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/17.7.5/CACHE/js/main.837f1a1ddbbe.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0f97eebe9b035d72c9c9462a56085aff61ae9150c3e64d67845841622f688455

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

x-goog-metageneration: 1
x-goog-meta-goog-reserved-file-mtime: 1734988313
x-goog-hash: crc32c=Esb4Ag==, md5=5XEx9cIo6dEl57W1o3yGcA==
content-encoding: br
etag: W/"e57131f5c228e9d125e7b5b5a37c8670"
age: 224749
x-goog-stored-content-encoding: identity
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 5537
date: Tue, 07 Jan 2025 18:15:17 GMT
last-modified: Tue, 07 Jan 2025 17:59:29 GMT
content-type: text/javascript
vary: Accept-Encoding
x-guploader-uploadid: AFiumC6FYgiCHtG2rFf3Y213xySHN9CvsLxliitEE5cdPpYFjGUwqmBmW-xyrkhQzyc3mHmWXkFS2xI
cache-control: public,max-age=31622400
x-goog-storage-class: STANDARD
accept-ranges: none
access-control-allow-origin: *
x-goog-generation: 1736272769551930
content-length: 1798
server: UploadServer

GET
H2 200 WS20230214KK21-scaled.jpg
smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2024/03/ 5 KB
6 KB 205ms
201ms Image
image/webp 34.149.157.221
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2024/03/WS20230214KK21-scaled.jpg?quality=90&strip=all&w=150&type=webp&sig=OeetFYlrQeLJwg4OuGRCLA
Requested by: Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 221.157.149.34.bc.googleusercontent.com
Software: nginx/1.18.0 /
Resource Hash: e1910cd8e59c60679b19d3d2c4272aea5fef192268ad9d9f4d683ad3df8b7906

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

cache-control: max-age=31536000,public
etag: "9463cc455ea3069ea814373716165282047e8758"
age: 28698
via: 1.1 google
x-pmd-smart-cdn-proxy: thumbor-proxy-675b9bbb75-5jw7v
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5562
date: Fri, 10 Jan 2025 00:42:48 GMT
content-type: image/webp
x-pmd-smartcdn-requester: winnipegsun
server: nginx/1.18.0
vary: Accept

GET
H2 200 2176983995-scaled.jpg
smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2024/10/ 8 KB
8 KB 211ms
208ms Image
image/webp 34.149.157.221
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2024/10/2176983995-scaled.jpg?quality=90&strip=all&w=150&type=webp&sig=UMb-DqTzPYmGYL-TeJIFhw
Requested by: Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 221.157.149.34.bc.googleusercontent.com
Software: nginx/1.18.0 /
Resource Hash: a9822bca09e58a31a93f8386988f808567a9a8c3ebcc361f6a8276695f4a5ef5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

cache-control: max-age=31536000,public
etag: "61529ffb2b9ff952333ac6c9c733c209effee374"
age: 18816
via: 1.1 google
x-pmd-smart-cdn-proxy: thumbor-proxy-675b9bbb75-cwdvj
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8386
date: Fri, 10 Jan 2025 03:27:30 GMT
content-type: image/webp
x-pmd-smartcdn-requester: winnipegsun
server: nginx/1.18.0
vary: Accept

GET
H2 200 ws20240715cp09-wp.jpg
smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2024/07/ 5 KB
5 KB 210ms
207ms Image
image/webp 34.149.157.221
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2024/07/ws20240715cp09-wp.jpg?quality=90&strip=all&w=150&type=webp&sig=PyqZp2wnG6ZZuoz2QI3DZw
Requested by: Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 221.157.149.34.bc.googleusercontent.com
Software: nginx/1.18.0 /
Resource Hash: 218c23100c35167e717018fb3858a56f1448774eef33c1a158b693ade236de33

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

cache-control: max-age=31536000,public
etag: "e9186d0bfeaaacda562904b9b6e689355ca502ad"
age: 34370
via: 1.1 google
x-pmd-smart-cdn-proxy: thumbor-proxy-675b9bbb75-5jw7v
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5398
date: Thu, 09 Jan 2025 23:08:16 GMT
content-type: image/webp
x-pmd-smartcdn-requester: winnipegsun
server: nginx/1.18.0
vary: Accept

GET
H2 200 WS20230626CP10.WP-scaled-e1688664877565.jpg
smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2023/07/ 8 KB
8 KB 217ms
214ms Image
image/webp 34.149.157.221
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2023/07/WS20230626CP10.WP-scaled-e1688664877565.jpg?quality=90&strip=all&w=150&type=webp&sig=n6mQgQTeg_ZBMo1cA0x5qA
Requested by: Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 221.157.149.34.bc.googleusercontent.com
Software: nginx/1.18.0 /
Resource Hash: 6e978bb57938d8edec7071a704f5223243171b07f0dc7f0a1c6c8d3d89535ebe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

cache-control: max-age=31536000,public
etag: "83392835f92896ebe181060a14cc395d87c6f366"
age: 46742
via: 1.1 google
x-pmd-smart-cdn-proxy: thumbor-proxy-675b9bbb75-pfdvz
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7732
date: Thu, 09 Jan 2025 19:42:04 GMT
content-type: image/webp
x-pmd-smartcdn-requester: winnipegsun
server: nginx/1.18.0
vary: Accept

GET
H3 200 e7d36b88f06c728f701544.js Show response
dcs-static.gprod.postmedia.digital/17.7.5/websites/js/ 9 KB
3 KB 78ms
77ms Script
text/javascript 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dcs-static.gprod.postmedia.digital/17.7.5/websites/js/e7d36b88f06c728f701544.js
Requested by: Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/17.7.5/CACHE/js/main.837f1a1ddbbe.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: ad6df05b9bad19726766b223f220c28ceb8b108f774fbe0aa6f212b0f7cfed44

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

x-goog-metageneration: 1
x-goog-meta-goog-reserved-file-mtime: 1734988313
x-goog-hash: crc32c=Vm6IPA==, md5=bQfhFpXW0yQIM6844llOCw==
content-encoding: br
etag: W/"6d07e11695d6d3240833af38e2594e0b"
age: 224749
x-goog-stored-content-encoding: identity
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 9442
date: Tue, 07 Jan 2025 18:15:17 GMT
last-modified: Tue, 07 Jan 2025 17:59:30 GMT
content-type: text/javascript
vary: Accept-Encoding
x-guploader-uploadid: AFiumC7mvml6CeCDNHwJuR2qV57_jK7x9Qx_GJb5qR0IVt0USOM96jJM1ilbel8AMnbxCvUJJwXTmUo
cache-control: public,max-age=31622400
x-goog-storage-class: STANDARD
accept-ranges: none
access-control-allow-origin: *
x-goog-generation: 1736272770062334
content-length: 3220
server: UploadServer

GET
H2 200 6805e7de-4f8f-46af-a2fc-5299f6b25680.js Show response
cdn.pbxai.com/ 26 KB
9 KB 378ms
130ms Script
application/javascript 169.150.247.38
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pbxai.com/6805e7de-4f8f-46af-a2fc-5299f6b25680.js
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.38 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: 169-150-247-38.bunnyinfra.net
Software: BunnyCDN-DE1-1081 /
Resource Hash: 3873e5114afbc6d6098ec9b76fbc7ca5960eb6947284a71ba27ea5101a4d4e61

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

cdn-status: 200
content-encoding: br
etag: W/"ec41c861860b1d62753813806f81943a"
age: 33377
x-amz-version-id: f.k6tX3XCM5GHs3khtPR6sdILUlLgUFT
x-cache: Hit from cloudfront
x-amz-cf-id: NYZDet4TUZ4pJiVqd78EqNhxD2WFOnHTo7lwK7GkLYJ90AVtr_pU9Q==
date: Fri, 10 Jan 2025 08:41:06 GMT
last-modified: Mon, 30 Sep 2024 17:34:46 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-cache: MISS
cdn-requestpullcode: 200
cdn-cachedat: 01/10/2025 08:41:06
cache-control: max-age=3600
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 4a85839a-607a-4d8b-a11a-d8c0c2f0f828
cdn-requestid: 1b96dbcb9b2973507d850a9132ba6035
cdn-pullzone: 2227704
via: 1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
cdn-tag: e5a2b9a8-f773-4dac-a9b2-ffde62f50562
cdn-proxyver: 1.06
cdn-edgestorageid: 1081
x-amz-cf-pop: FRA56-C2
server: BunnyCDN-DE1-1081
cdn-requestcountrycode: IL
x-amz-server-side-encryption: AES256

GET /
floor.pbxai.com/ 0
0

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 607ms
115ms Fetch
application/json 151.101.1.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20250110

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

970216e0ff0a73434ee81d9e4b686a17503913112c33bde65b66674e8ce2579b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://winnipegsun.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"637-Hvuh2kaI1d19HK9OZhXajOZMuZI"
age: 16812
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Fri, 10 Jan 2025 08:41:06 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-fra-eddf8230126-FRA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 831
x-jsd-version: 1.0.2296

GET
H2 200 fed Show response
ups.analytics.yahoo.com/ups/58877/ 2 B
229 B 1498ms
208ms Fetch
application/json 87.248.119.252
YAHOO-DEB Yahoo-U...

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/58877/fed?v=1&1p=0&gdpr=0&gdpr_consent=&us_privacy=&url=https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down&pixelId=58877

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.252 , United Kingdom, ASN203220 (YAHOO-DEB Yahoo-UK Limited, GB),

Reverse DNS

e2-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://winnipegsun.com/

Response headers

strict-transport-security: max-age=31536000
age: 0
access-control-allow-credentials: true
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: https://winnipegsun.com
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date: Fri, 10 Jan 2025 08:41:07 GMT
content-type: application/json
vary: Origin
server: ATS

GET envelope
lexicon.33across.com/v1/ 0
0

POST
H2 200 prebid Show response
id5-sync.com/api/config/ 195 B
664 B 2373ms
128ms Fetch
application/json 162.19.138.120
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

30d272b85536201e2048467cbae2d9b2deecc1cec8ebe1831dd217cb5801a03d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://winnipegsun.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://winnipegsun.com
p3p: CP="CAO PSA OUR"
date: Fri, 10 Jan 2025 08:41:08 GMT
content-type: application/json;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials: true

GET
H2 200 id5PrebidModule.js Show response
cdn.id5-sync.com/api/1.0/ 88 KB
26 KB 426ms
182ms Script
text/javascript 104.22.53.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5PrebidModule.js

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.53.86 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4401aae4b15569fbacfc877c1004bbd8ac7c168343e1a82c60b58af392d8b37

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

x-amz-id-2: NFNaN6NVSBuGI83R4btggLZDpXsWza3zRUw9j3uGs8Lbk4IIi5u/ow9qBMbz3TXuuqnvZlF0q4qbTAmECIy6xg==
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=3600
content-encoding: br
cf-cache-status: HIT
etag: W/"903277a5e756877c659058d6ce6ce5ab"
age: 1925
x-amz-request-id: NC7HQTKEFMZNN9FC
cf-ray: 8ffb5db8eb323662-FRA
date: Fri, 10 Jan 2025 08:41:06 GMT
content-type: text/javascript;charset=utf-8
last-modified: Wed, 04 Dec 2024 13:37:28 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-server-side-encryption: AES256

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET simple
api.sail-personalize.com/v1/personalize/ 0
0

OPTIONS simple
api.sail-personalize.com/v1/personalize/ Frame 0
0

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 3496ms
185ms Script
application/javascript 23.215.23.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.215.23.172 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-215-23-172.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

cache-control: max-age=900
content-encoding: gzip
etag: "d734-5f2f3919e751f-gzip"
expires: Fri, 10 Jan 2025 08:56:09 GMT
accept-ranges: bytes
content-length: 17407
date: Fri, 10 Jan 2025 08:41:09 GMT
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
content-type: application/javascript
server: Apache
vary: Accept-Encoding

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ 43 KB
13 KB 382ms
137ms Script
text/javascript 65.9.66.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-104.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5fd7fc4b8be9c2eeb3efb728f0483d444e4a8db80f0597e4ef7950105638bb08

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

vary: Accept-Encoding
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"ad78eaf46246cac6849005eb8b50ae6f"
age: 26928
via: 1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: 0wCIruP9E-ghLRRcUk27x20D3w5AjzYg6tFViaYLlaq61XljQTJtsQ==
date: Fri, 10 Jan 2025 01:12:19 GMT
content-type: text/javascript
last-modified: Tue, 20 Aug 2024 18:47:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256

GET
H3 200 config.js Show response
cdn.confiant-integrations.net/dqzP001U6CvfmEQNxKTyCMgOlPA/gpt_and_prebid/ 217 KB
46 KB 373ms
214ms Script
text/javascript 172.64.144.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/dqzP001U6CvfmEQNxKTyCMgOlPA/gpt_and_prebid/config.js
Requested by: Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.166 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b2725ed4dc7c34ea3a8b71a63dcbcba26896649970aa2646c2c5f9e0dbd9750

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "f132ad998f1afbde5515756806f4668a"
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 10 Jan 2025 08:41:06 GMT
content-type: text/javascript
last-modified: Fri, 10 Jan 2025 08:23:04 GMT
vary: Accept-Encoding
priority: u=3,i=?0
x-amz-id-2: efzHLm0oknb/cPOhjl6wNPOQD0btUgfn9s59YvO7bNXt1PxqMc32mKDWLBQSimwa0HQ7Egmf7eqUkeQ013AkEbWkIjqQJ17swvSI6MHFBOU=
cache-control: public, max-age=900, stale-while-revalidate=3600
x-amz-request-id: ECVNYNCKPDGPA9PD
cf-ray: 8ffb5db99a89c233-TLV
accept-ranges: bytes
content-length: 46512
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 100 KB
29 KB 136ms
122ms Script
text/javascript 104.22.53.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.53.86 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04c7f536471e1a16bb37c13fb4959de30d7e897ba4f6d66335b3c25d26289616

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"4d852428cba0ba1a5108520745060d6e"
age: 3
expires: Fri, 10 Jan 2025 09:41:06 GMT
date: Fri, 10 Jan 2025 08:41:06 GMT
content-type: text/javascript;charset=utf-8
last-modified: Wed, 04 Dec 2024 13:37:28 GMT
vary: Accept-Encoding
x-amz-id-2: qcl8qkMr2asDo+u2986p5XIzzxFMk9heSSn+iebFxNJt8iiHRycdo0shbxkz7/qnFwvCO5JGeMkKr5yV/ufLLw==
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=3600
x-amz-request-id: ZKBD3CPQ6P271SX3
cf-ray: 8ffb5db8eb343662-FRA
server: cloudflare
x-amz-server-side-encryption: AES256

POST
H2 200 player-event
events.qortex.ai/api/v1/ 0
0 16134ms
282ms Fetch 172.67.73.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://events.qortex.ai/api/v1/player-event
Requested by: Host: tags.qortex.ai
URL: https://tags.qortex.ai/bootstrapper?group-id=mWG1MKwnUqyMj5mnvTfg&video-container=.jw-wrapper&continuous-load=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.73.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://winnipegsun.com/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EbyLRaxmEp7PT9S%2FXzFZMM0%2F5GsEMqo%2FQ%2FQDOE9zj6i724WjxiV4S9qdIOf4%2BG07f7NY%2FHN1X2S5rJfasV%2BIdFPv1DMdG%2BarBaiVeyxiz0KNBFvvLqjq6%2B4D2%2F8T85lo4NE%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ffb5e1caa7acd45-LHR
access-control-allow-origin: *
server-timing: cfL4;desc="?proto=TCP&rtt=56524&min_rtt=56481&rtt_var=15957&sent=9&recv=10&lost=0&retrans=0&sent_bytes=4011&recv_bytes=3053&delivery_rate=68144&cwnd=253&unsent_bytes=0&cid=acdaac920b8f3a96&ts=304&x=0"
content-length: 0
date: Fri, 10 Jan 2025 08:41:22 GMT
server: cloudflare

GET
H2 200 cx-bootstrapper-init Show response
tags.qortex.ai/cxo/ 71 KB
13 KB 132ms
132ms Script
application/javascript 172.67.73.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.qortex.ai/cxo/cx-bootstrapper-init
Requested by: Host: tags.qortex.ai
URL: https://tags.qortex.ai/bootstrapper?group-id=mWG1MKwnUqyMj5mnvTfg&video-container=.jw-wrapper&continuous-load=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.73.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: ee7c52f0029a6dc2e912c877609e2cbd0b4412b900316c24b65fbc4a453e9bcb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"145"
age: 118
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7e5p93eqyevZ8ZjPYo5Bp9v8ZfagIQxJMf2T2pgJ5esO8PcxoNydjzk%2B9rfjyxB8kgtx0BQZHoLklSkyOKB9CqQ2vvKHke5vYuy7HGdEac%2FkHdqQ%2BnRBGT%2BF6y%2Bi%2FAwp"}],"group":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=TCP&rtt=57889&min_rtt=57837&rtt_var=2918&sent=17&recv=17&lost=0&retrans=0&sent_bytes=10128&recv_bytes=2324&delivery_rate=177081&cwnd=251&unsent_bytes=0&cid=019a80d7caccb8fc&ts=473&x=0"
date: Fri, 10 Jan 2025 08:41:06 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 09 Dec 2024 15:25:15 GMT
vary: Accept-Encoding
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ffb5db93c656547-LHR
access-control-allow-origin: *
x-powered-by: Express
server: cloudflare

GET
H2 200 xd.html
fem.gprod.postmedia.digital/v117.1/ Frame 7791 0
0 516ms
68ms Document
text/html 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fem.gprod.postmedia.digital/v117.1/xd.html
Requested by: Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v117.1/fem.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash

Request headers

Referer: https://winnipegsun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 18784
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public,max-age=31622400
content-length: 166
content-type: text/html
date: Fri, 10 Jan 2025 03:28:03 GMT
etag: "e671213be7f8f8669153e2ff6ff6ec29"
last-modified: Thu, 19 Dec 2024 18:20:20 GMT
server: UploadServer
x-cache-hit: hit
x-goog-generation: 1734632420403406
x-goog-hash: crc32c=Vv0REw== md5=5nEhO+f4+GaRU+L/b/bsKQ==
x-goog-meta-goog-reserved-file-mtime: 1734632400
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 166
x-guploader-uploadid: AFiumC5qDvEJSzH4SdMJ2-jljkMLKsp2qypDdFo1CDVw02LVsFkLpgdHLvje47GYm95j4VmOsA_orhQ

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 223 B
539 B 827ms
289ms XHR
text/javascript 108.138.11.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=3528&u=https%3A%2F%2Fwinnipegsun.com%2Fpmn%2Fun-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down&pid=OkZo5rEUXx7UH&cb=0&ws=1600x1200&v=24.1212.711&t=2000&slots=%5B%7B%22sd%22%3A%22ad-1%22%2C%22s%22%3A%5B%221200x90%22%2C%22970x90%22%2C%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22ad-2%22%2C%22s%22%3A%5B%226x6%22%2C%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-3%22%2C%22s%22%3A%5B%227x7%22%2C%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-4%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&sm=ab2df085-61ab-45c0-926f-fb4023c56cc8&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.11.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-11-78.fra56.r.cloudfront.net
Software: Server /
Resource Hash: fec8b010fe878920231fad6f2d6b728d273452c78261e5213ab8b4d94077e639

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

content-encoding: gzip
access-control-allow-credentials: true
via: 1.1 5c0a79476717d213b9c559bafee1c65e.cloudfront.net (CloudFront)
access-control-allow-origin: https://winnipegsun.com
x-cache: Miss from cloudfront
content-length: 206
x-amz-cf-id: 22CTkiouIwJ0ppxsArNIqMyt_l4xPVQkbohhiMwCxTQWtiehlkk-jA==
date: Fri, 10 Jan 2025 08:41:06 GMT
content-type: text/javascript;charset=UTF-8
x-amz-cf-pop: FRA56-P6
server: Server

GET
H3 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 3B7F 0
0 360ms
115ms Document
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202501030202/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winnipegsun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 689
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 29517
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Jan 2025 08:29:38 GMT
expires: Fri, 10 Jan 2025 09:19:38 GMT
last-modified: Mon, 06 Jan 2025 20:43:01 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 43 KB
13 KB 187ms
185ms Script
text/javascript 65.9.66.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202501030202/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-104.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 30b32e97f2e3e06deb742bf2e19daeb4f4657a956e836c2a25a7df2bc72f7500

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

vary: Accept-Encoding
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"7db46e1255a018ecf02f47b2c19c26c4"
age: 15766
via: 1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: 3JIoaAqEkdJa0TN376kqfrzPZDt49Nwko8aG7SWVyrqNvZJL8pMncw==
date: Fri, 10 Jan 2025 04:18:21 GMT
content-type: text/javascript
last-modified: Tue, 20 Aug 2024 18:47:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 208ms
71ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202501030202/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

x-goog-metageneration: 1
content-encoding: gzip
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
etag: "df5542b88bc0e368c6999754a5b9e2ba"
age: 153975
x-goog-stored-content-encoding: gzip
expires: Thu, 08 Jan 2026 13:54:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 7927
date: Wed, 08 Jan 2025 13:54:51 GMT
last-modified: Thu, 27 May 2021 18:30:51 GMT
content-type: application/javascript
x-guploader-uploadid: AFiumC6zS5SrG8c9u7fAfDrlqHPBpi7_Zk11ANoEdjCX_r2gr-LTxJg5EhfQE91gXFBJvRl5
cache-control: no-transform
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
x-goog-generation: 1622140251693895
content-length: 7927
server: UploadServer

GET ob.js
cdn-ima.33across.com/ 0
0

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
833 B 352ms
117ms Script
application/javascript 151.101.1.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202501030202/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
age: 28387
x-content-type-options: nosniff
x-jsd-version-type: branch
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Fri, 10 Jan 2025 08:41:07 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230064-FRA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 394
x-jsd-version: master

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 459ms
197ms Script
text/javascript 178.250.1.3
ASN-CRITEO-EUROPE...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202501030202/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

nginx /

Resource Hash

1635d2075d3343c86490d2229c1fb868ad59d92958ef65e04cb65767c703e9f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: max-age=86400, public
timing-allow-origin: *
content-encoding: gzip
etag: W/"670e3454-a69c"
cross-origin-resource-policy: cross-origin
expires: Sat, 11 Jan 2025 08:41:07 GMT
access-control-allow-origin: *
date: Fri, 10 Jan 2025 08:41:07 GMT
content-type: text/javascript
last-modified: Tue, 15 Oct 2024 09:22:28 GMT
server: nginx

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 2 KB
2 KB 1385ms
136ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202501030202/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 5d8dac2d4ae43a0b541c160f30e8238951b42b13bb5f01ca2697271b3a804ad2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

etag: e8fb4c5e5648d4012fd13b4c454df319
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1558
date: Fri, 10 Jan 2025 08:41:08 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 11 Dec 2024 20:03:09 GMT
server: Google Frontend
x-cloud-trace-context: 0bee507f6d3611fd30e5158678a60d8d

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=10276888&cs_fpcu=c0ac32b533d8413797863bf90da11e51&cs_it=b1&cv=4.12.0%2B2412121612&ns__t=1736498466748&ns_c=UTF-8&cs_cfg=1111110&cs_ucfr=&c7=https%3A%2F%2F...
https://sb.scorecardresearch.com/b2?c1=2&c2=10276888&cs_fpcu=c0ac32b533d8413797863bf90da11e51&cs_it=b1&cv=4.12.0%2B2412121612&ns__t=1736498466748&ns_c=UTF-8&cs_cfg=1111110&cs_ucfr=&c7=https%3A%2F%2...

0
226 B

126ms
126ms

Image
text/plain

18.244.18.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=10276888&cs_fpcu=c0ac32b533d8413797863bf90da11e51&cs_it=b1&cv=4.12.0%2B2412121612&ns__t=1736498466748&ns_c=UTF-8&cs_cfg=1111110&cs_ucfr=&c7=https%3A%2F%2Fwinnipegsun.com%2Fpmn%2Fun-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down&c8=UN%20human%20rights%20office%20in%20Venezuela%20partially%20resumes%20work%20months%20after%20government%20shut%20it%20down%20%7C%20Winnipeg%20Sun&c9=
Requested by: Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol: H2
Server: 18.244.18.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-38.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

via: 1.1 56837fe4941e707f9c6564d049ea12b6.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: vdMPTpbyTsCAfRX_XJxswa8_IzNX1lpJ0p8ZuuPRZRO7jxb5vs5yhA==
date: Fri, 10 Jan 2025 08:41:06 GMT
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA56-P11

Redirect headers

location: /b2?c1=2&c2=10276888&cs_fpcu=c0ac32b533d8413797863bf90da11e51&cs_it=b1&cv=4.12.0%2B2412121612&ns__t=1736498466748&ns_c=UTF-8&cs_cfg=1111110&cs_ucfr=&c7=https%3A%2F%2Fwinnipegsun.com%2Fpmn%2Fun-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down&c8=UN%20human%20rights%20office%20in%20Venezuela%20partially%20resumes%20work%20months%20after%20government%20shut%20it%20down%20%7C%20Winnipeg%20Sun&c9=
accept-ch: UA, Platform, Arch, Model, Mobile
via: 1.1 56837fe4941e707f9c6564d049ea12b6.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
content-length: 0
x-amz-cf-id: u_pp2hx8BLYHhf1pngJsnTo5qBxJzAAM7ayQ2vYDCQ-Hlt4WXbjQQQ==
date: Fri, 10 Jan 2025 08:41:06 GMT
x-amz-cf-pop: FRA56-P11

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 235 B
586 B 1411ms
146ms XHR
application/json 34.248.19.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.19.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-19-126.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ec09cc63cdb57a4f9317f5a2671ba05626305b798395e9f9c8da1c65c08995e0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://winnipegsun.com/

Response headers

cache-control: no-cache
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://winnipegsun.com
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length: 235
date: Fri, 10 Jan 2025 08:41:08 GMT
content-type: application/json;charset=utf-8
x-server: 10.45.18.39

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 235 B
586 B 1381ms
173ms XHR
application/json 34.248.19.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.19.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-19-126.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 5229e3299d3529956e8b2bf799ffe569b9b52b1d62fd1681ca4e9bebed4843cc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://winnipegsun.com/

Response headers

cache-control: no-cache
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://winnipegsun.com
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length: 235
date: Fri, 10 Jan 2025 08:41:08 GMT
content-type: application/json;charset=utf-8
x-server: 10.45.28.226

POST
H2 204 beacons
p.flipp.com/ 0
0 715ms
210ms Fetch 3.161.82.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.flipp.com/beacons
Requested by: Host: cdn-gateflipp.flippback.com
URL: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=%201179443
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-122.fra56.r.cloudfront.net
Software: istio-envoy /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain; charset=UTF-8
Referer: https://winnipegsun.com/

Response headers

x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
via: 1.1 c6e8f008a950e08db9c0a054276fe95e.cloudfront.net (CloudFront)
access-control-allow-origin: https://winnipegsun.com
x-cache: Miss from cloudfront
x-amz-cf-id: NvdhtUSX84jZXCfyGpG9Vuxy0EmS2me_rnNKTjpVCuRyCT4em8_KKw==
date: Fri, 10 Jan 2025 08:41:07 GMT
x-amz-cf-pop: FRA56-P10
vary: Origin
server: istio-envoy

GET 712559.gif
idsync.rlcdn.com/ 0
0

GET esp
oajs.openx.net/ 0
0

GET
H3 200 wrap.js Show response
cdn.confiant-integrations.net/gptprebidnative/202410301053/ 301 KB
108 KB 79ms
78ms Script
application/javascript 172.64.144.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/gptprebidnative/202410301053/wrap.js
Requested by: Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/dqzP001U6CvfmEQNxKTyCMgOlPA/gpt_and_prebid/config.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.166 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f619cf57dca7918f00dc75994dd6895895b7b5b03487754ac3beaf6b929bdd10

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "d0b0bc4f725f8e2c71589dc3208c484d"
age: 2438935
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 10 Jan 2025 08:41:07 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 30 Oct 2024 14:54:35 GMT
vary: Accept-Encoding
priority: u=3,i=?0
x-amz-id-2: ENQTZ5tbl78UXdPUXLO/3qs2F+xkbjLbcTlbP7VS4vk1b75pn3g7/g86SNvVAGOkV1nirJW7u3Q=
cache-control: public, max-age=31536000
x-amz-request-id: A0A2PVYE6TYWYYV3
cf-ray: 8ffb5dbbdd35c233-TLV
accept-ranges: bytes
content-length: 110098
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 syncframe
gum.criteo.com/ Frame 2728 0
0 378ms
129ms Document
text/html 178.250.1.11
ASN-CRITEO-EUROPE...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=winnipegsun.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://winnipegsun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 10 Jan 2025 08:41:07 GMT
server: Kestrel
server-processing-duration-in-ticks: 308198
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 bounce Show response
id5-sync.com/ 29 B
453 B 1369ms
122ms Fetch
text/plain 162.19.138.120
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/bounce

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

aca701811d62eb608d12b174231be1ceae3449fe0f4bc847469ff22aab8ca9a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://winnipegsun.com
p3p: CP="CAO PSA OUR"
date: Fri, 10 Jan 2025 08:41:08 GMT
content-type: text/plain;charset=utf-8
vary: Origin

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 45 B
287 B 606ms
114ms Fetch
application/json 162.19.138.83
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

44a38609df6a1771423fa8a15eb23ea4495a8e1ac3a6c59f336b1aa77b4355da

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://winnipegsun.com
date: Fri, 10 Jan 2025 08:41:07 GMT
content-type: application/json;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 482ms
130ms Preflight 34.252.120.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.120.72 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-120-72.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://winnipegsun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-openrtb-version,Content-Type
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://winnipegsun.com
access-control-max-age: 3600
allow: OPTIONS,POST
content-length: 0
date: Fri, 10 Jan 2025 08:41:07 GMT

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 482ms
130ms Preflight 34.252.120.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.120.72 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-120-72.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://winnipegsun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-openrtb-version,Content-Type
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://winnipegsun.com
access-control-max-age: 3600
allow: OPTIONS,POST
content-length: 0
date: Fri, 10 Jan 2025 08:41:07 GMT

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 483ms
132ms Preflight 34.252.120.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.120.72 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-120-72.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://winnipegsun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-openrtb-version,Content-Type
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://winnipegsun.com
access-control-max-age: 3600
allow: OPTIONS,POST
content-length: 0
date: Fri, 10 Jan 2025 08:41:07 GMT

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 482ms
131ms Preflight 34.252.120.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.120.72 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-120-72.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://winnipegsun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-openrtb-version,Content-Type
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://winnipegsun.com
access-control-max-age: 3600
allow: OPTIONS,POST
content-length: 0
date: Fri, 10 Jan 2025 08:41:07 GMT

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
400 B 1411ms
140ms Fetch
application/json 34.252.120.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c2shb.pubgw.yahoo.com/bidRequest

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.252.120.72 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-252-120-72.eu-west-1.compute.amazonaws.com

Software

Resource Hash

35c8cd145c46547397db1922a731233a9b51a3aca25e71f53e7a70c78a6e9d13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

x-openrtb-version: 2.5
Referer: https://winnipegsun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json

Response headers

x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
access-control-max-age: 3600
access-control-allow-credentials: true
access-control-allow-methods: OPTIONS,POST
allow: OPTIONS,POST
x-content-type-options: nosniff
access-control-allow-origin: https://winnipegsun.com
content-length: 66
date: Fri, 10 Jan 2025 08:41:09 GMT
content-type: application/json
access-control-allow-headers: x-openrtb-version,Content-Type

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
399 B 1468ms
195ms Fetch
application/json 34.252.120.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c2shb.pubgw.yahoo.com/bidRequest

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.252.120.72 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-252-120-72.eu-west-1.compute.amazonaws.com

Software

Resource Hash

a6d0482d4793f721012dca225f18553093f708f17b2da4b07ee689c0b149ff8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

x-openrtb-version: 2.5
Referer: https://winnipegsun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json

Response headers

x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
access-control-max-age: 3600
access-control-allow-credentials: true
access-control-allow-methods: OPTIONS,POST
allow: OPTIONS,POST
x-content-type-options: nosniff
access-control-allow-origin: https://winnipegsun.com
content-length: 66
date: Fri, 10 Jan 2025 08:41:09 GMT
content-type: application/json
access-control-allow-headers: x-openrtb-version,Content-Type

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
399 B 1411ms
140ms Fetch
application/json 34.252.120.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c2shb.pubgw.yahoo.com/bidRequest

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.252.120.72 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-252-120-72.eu-west-1.compute.amazonaws.com

Software

Resource Hash

af3b8944e4967d6aa6e78185b3b530b536df9f4fd34dc025d3db545e5a0cfa7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

x-openrtb-version: 2.5
Referer: https://winnipegsun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json

Response headers

x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
access-control-max-age: 3600
access-control-allow-credentials: true
access-control-allow-methods: OPTIONS,POST
allow: OPTIONS,POST
x-content-type-options: nosniff
access-control-allow-origin: https://winnipegsun.com
content-length: 66
date: Fri, 10 Jan 2025 08:41:09 GMT
content-type: application/json
access-control-allow-headers: x-openrtb-version,Content-Type

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
399 B 1469ms
197ms Fetch
application/json 34.252.120.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c2shb.pubgw.yahoo.com/bidRequest

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.252.120.72 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-252-120-72.eu-west-1.compute.amazonaws.com

Software

Resource Hash

2633c756f7488f4543cf9b0a7a4b868677e65cb86e2c1feb4fbff7f7bcbdcb71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

x-openrtb-version: 2.5
Referer: https://winnipegsun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json

Response headers

x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
access-control-max-age: 3600
access-control-allow-credentials: true
access-control-allow-methods: OPTIONS,POST
allow: OPTIONS,POST
x-content-type-options: nosniff
access-control-allow-origin: https://winnipegsun.com
content-length: 66
date: Fri, 10 Jan 2025 08:41:09 GMT
content-type: application/json
access-control-allow-headers: x-openrtb-version,Content-Type

POST request
grid-bidder.criteo.com/openrtb_2_5/pbjs/auction/ 0
0

POST prebid
prebid.media.net/rtb/ 0
0

POST
H2 200 bid Show response
s.seedtag.com/c/hb/ 120 B
896 B 723ms
326ms Fetch
application/json 34.149.50.64
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/c/hb/bid
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: openresty /
Resource Hash: 50ea5136d36ab29011709a8046d1c35b1243e24ee4130665b1707599f51b182d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://winnipegsun.com/

Response headers

content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
observe-browsing-topics: ?1
via: 1.1 google
access-control-allow-origin: https://winnipegsun.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 10 Jan 2025 08:41:08 GMT
content-type: application/json; charset=utf-8
vary: X-HTTP-Method-Override
server: openresty
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

POST pbjs
htlb.casalemedia.com/openrtb/ 0
0

POST prebidjs
rtb.openx.net/openrtbb/ 0
0

POST prebid
ib.adnxs.com/ut/v3/ 0
0

POST translator
hbopenbid.pubmatic.com/ 0
0

GET fastlane.json
fastlane.rubiconproject.com/a/api/ 0
0

POST
H2 200 v1 Show response
btlr.sharethrough.com/universal/ 709 B
768 B 1477ms
189ms Fetch
application/json 3.72.78.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.72.78.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-78-234.eu-central-1.compute.amazonaws.com

Software

Resource Hash

dfae089e3d1a3f3ca5322123721f7e13f4c22633737091ffeb334063bb8b2409

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://winnipegsun.com/

Response headers

x-openrtb-version: 2.5
strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://winnipegsun.com
content-encoding: gzip
content-length: 406
content-type: application/json; charset=utf-8
access-control-allow-credentials: true

POST
H2 200 v1 Show response
btlr.sharethrough.com/universal/ 677 B
732 B 1481ms
193ms Fetch
application/json 3.72.78.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.72.78.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-78-234.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0486126a3b39556c7923f21e2808e8a95666727f384453480745662da942e916

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://winnipegsun.com/

Response headers

x-openrtb-version: 2.5
strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://winnipegsun.com
content-encoding: gzip
content-length: 371
content-type: application/json; charset=utf-8
access-control-allow-credentials: true

POST
H2 200 v1 Show response
btlr.sharethrough.com/universal/ 536 B
656 B 1478ms
191ms Fetch
application/json 3.72.78.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.72.78.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-78-234.eu-central-1.compute.amazonaws.com

Software

Resource Hash

c563d1fd09b2252e88f76e781a24dde6b659532755c2d730b9ec96c20f1a2386

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://winnipegsun.com/

Response headers

x-openrtb-version: 2.5
strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://winnipegsun.com
content-encoding: gzip
content-length: 295
content-type: application/json; charset=utf-8
access-control-allow-credentials: true

GET
H/1.1

200
OK

iu3
aax-eu.amazon-adsystem.com/s/ Frame 1F0B
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_n-minuteMedia_pm-db5_n-Ogury_rbd_n-MediaNet_ox-db5_an-db5
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_n-minuteMedia_pm-db5_n-Ogury_rbd_n-MediaNet_ox-db5_an-db5&dcc=t

0
0

285ms
285ms

Document
text/html

52.95.125.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_n-minuteMedia_pm-db5_n-Ogury_rbd_n-MediaNet_ox-db5_an-db5&dcc=t

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://winnipegsun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 352
Content-Type: text/html;charset=ISO-8859-1
Date: Fri, 10 Jan 2025 08:41:08 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: B7DX42DEX7SHGD3R8M9N

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Fri, 10 Jan 2025 08:41:07 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_n-minuteMedia_pm-db5_n-Ogury_rbd_n-MediaNet_ox-db5_an-db5&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: H9BNGW37YM7S78NGEC7S

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 369 B
634 B 315ms
139ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 3a86807c90f50f9766b250597adf9c71b79f387c1c4cbb8481ecb96fd71a0c3d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://winnipegsun.com/

Response headers

access-control-allow-credentials: true
access-control-allow-methods: POST
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 369
date: Fri, 10 Jan 2025 08:41:08 GMT
content-type: application/json
x-cloud-trace-context: ba539da46d62747d4fb18086000692b6
server: Google Frontend
access-control-allow-headers: X-Requested-With

POST
H2 200 v3 Show response
id5-sync.com/gm/ 921 B
1 KB 125ms
122ms XHR
application/json 162.19.138.120
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/gm/v3

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

6c59b4ca69ef7f50e0c2b5ef0a78f992ca2083ed5f05c260e5e6f1d6e31c1b4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://winnipegsun.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://winnipegsun.com
p3p: CP="CAO PSA OUR"
date: Fri, 10 Jan 2025 08:41:08 GMT
content-type: application/json
vary: Origin

GET
H/1.1

204
No Content

token
token.rubiconproject.com/
Redirect Chain

https://id5-sync.com/i/1674/8.gif?o=api&id5id=ID5*6UOJ5N5yu-p-BVEqtNcOjNlQqRau2YfgW-9xixg5Vi7sQnM9gysgeBwn371OAprG&gdpr_consent=undefined&gdpr=false
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
https://id5-sync.com/k/264.gif?puid=12af3aa3-717f-48f7-b1f7-161f7b77d083&ttl=%%TTL%%
https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-59b7AghQOaJ_uvloreVfBSpCxXKjbDOHlZpYxEO9_Q&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F1674%2F3%2F6%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26...
https://id5-sync.com/c/1674/3/6/3.gif?puid=4f6c6780-dd26-4500-ae36-bd834ede992d&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F1674%2F10%2F5%2F4.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F1674%2F10%2F5%2F4.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
https://id5-sync.com/c/1674/10/5/4.gif?puid=8847348161013697134&gdpr=0&gdpr_consent=
https://token.rubiconproject.com/token?pid=49266&puid={ID5UID}&gdpr=0&gdpr_consent=

0
1 KB

770ms
130ms

Image
text/plain

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=49266&puid={ID5UID}&gdpr=0&gdpr_consent=
Requested by: Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: e06182bf224d96e6550f4595601cdb0b
Pragma: no-cache

Redirect headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
location: https://token.rubiconproject.com/token?pid=49266&puid={ID5UID}&gdpr=0&gdpr_consent=
p3p: CP="CAO PSA OUR"
date: Fri, 10 Jan 2025 08:41:10 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2 200 bounce Show response
id5-sync.com/ 30 B
233 B 122ms
121ms Fetch
text/plain 162.19.138.120
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/bounce

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

b04cd869cfd41a48c006458f71969a0eb26f33fec12f3cfe00408f8b73bf3ff8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://winnipegsun.com
date: Fri, 10 Jan 2025 08:41:08 GMT
content-type: text/plain;charset=utf-8
vary: Origin
access-control-allow-credentials: true

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 45 B
286 B 115ms
114ms Fetch
application/json 162.19.138.83
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

a9571055c3c6075298ed2e6bc57972dc56e602a229ac0f4507588199bfc919d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://winnipegsun.com
date: Fri, 10 Jan 2025 08:41:08 GMT
content-type: application/json;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H2 200 v3 Show response
id5-sync.com/gm/ 2 KB
2 KB 124ms
122ms XHR
application/json 162.19.138.120
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/gm/v3

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

e0d3622e8446373caf7e39d6aa894fe3144af9dbffe3438e46f65e6a0235b29b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://winnipegsun.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://winnipegsun.com
p3p: CP="CAO PSA OUR"
date: Fri, 10 Jan 2025 08:41:09 GMT
content-type: application/json
vary: Origin

GET
H2

404

264.gif
id5-sync.com/k/
Redirect Chain

https://id5-sync.com/i/1674/8.gif?o=api&id5id=ID5*NutbNgHaaTihrYP4a3_cXgb4e8RxcVUyhEejWceRhPzsQva699LK7hqdQWq5ACka&gdpr_consent=undefined&gdpr=false
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
https://id5-sync.com/k/264.gif?puid=ebf82fa4-5fb4-4115-b310-9e0c44c4ad6f&ttl=%%TTL%%

43 B
43 B

122ms
122ms

Image
text/html

162.19.138.120
OVH OVH SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/k/264.gif?puid=ebf82fa4-5fb4-4115-b310-9e0c44c4ad6f&ttl=%%TTL%%

Requested by

Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down

Protocol

Server

162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

5f789ccae156b160492d89a6146b1974d15128790b74abb995d8e89fa44cde5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 10 Jan 2025 08:41:09 GMT
content-type: text/html;charset=utf-8
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding

Redirect headers

location: https://id5-sync.com/k/264.gif?puid=ebf82fa4-5fb4-4115-b310-9e0c44c4ad6f&ttl=%%TTL%%
content-length: 199
date: Fri, 10 Jan 2025 08:41:09 GMT
server: Kestrel

OPTIONS
H2 204 appInfo
config.lrcontent.com/ciam/ Frame 0
0 1651ms
157ms Preflight 104.18.5.235
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://config.lrcontent.com/ciam/appInfo?apikey=1a9a7ccf-c3f1-4ec9-a65f-2c3e8d9510a5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.5.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: GET
Origin: https://winnipegsun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: x-requested-with
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://winnipegsun.com
allow: GET, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 8ffb5dd3af251294-MRS
date: Fri, 10 Jan 2025 08:41:11 GMT
server: cloudflare
vary: Origin

GET
H2 200 / Show response
floor.pbxai.com/ 121 B
254 B 22775ms
187ms Fetch
application/json 3.123.90.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://floor.pbxai.com/?pubxId=6805e7de-4f8f-46af-a2fc-5299f6b25680&page=https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Requested by: Host: cdn.pbxai.com
URL: https://cdn.pbxai.com/6805e7de-4f8f-46af-a2fc-5299f6b25680.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.123.90.23 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-90-23.eu-central-1.compute.amazonaws.com
Software: uvicorn /
Resource Hash: cb0800306143344cad5233fab2e86bb4637053cf58bc89a8dbc46ce76a4848fc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

cache-control: public, max-age=60
access-control-allow-origin: *
content-length: 121
date: Fri, 10 Jan 2025 08:41:32 GMT
content-type: application/json
server: uvicorn

POST
H2 200 log Show response
navvy.media.net/ 35 B
113 B 717ms
318ms Fetch
image/gif 34.160.55.127
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://navvy.media.net/log

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.160.55.127 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

127.55.160.34.bc.googleusercontent.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://winnipegsun.com/

Response headers

strict-transport-security: max-age=63072000
cache-control: max-age=0, no-cache, no-store
accept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform-Version
pragma: no-cache
via: 1.1 google
expires: Sun, 05 Jan 2025 05:56:43 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
date: Fri, 10 Jan 2025 08:41:09 GMT
content-type: image/gif

GET
H2 200 appInfo Show response
config.lrcontent.com/ciam/ 5 KB
2 KB 148ms
147ms XHR
application/json 104.18.5.235
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://config.lrcontent.com/ciam/appInfo?apikey=1a9a7ccf-c3f1-4ec9-a65f-2c3e8d9510a5
Requested by: Host: auth.lrcontent.com
URL: https://auth.lrcontent.com/v2/js/LoginRadiusV2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.5.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e70c4ca9d435e42a0401220dffc2ee0ab7f0ae5a4a019e83ec0b394445c9101

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/
X-Requested-With: XMLHttpRequest

Response headers

cache-control: max-age=86400
content-encoding: gzip
cf-cache-status: DYNAMIC
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
cf-ray: 8ffb5dd4989f1294-MRS
access-control-allow-origin: https://winnipegsun.com
date: Fri, 10 Jan 2025 08:41:11 GMT
content-type: application/json
vary: Origin
server: cloudflare

GET
H3 200 c3ab324c1607ea2900c3.js Show response
fem.gprod.postmedia.digital/v117.1/chunks/ 3 KB
1 KB 68ms
68ms Script
text/javascript 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fem.gprod.postmedia.digital/v117.1/chunks/c3ab324c1607ea2900c3.js
Requested by: Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v117.1/fem.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 51e1536475859c28a616c56f420bdd7ed68f10c5903c26136e1734d5aca9c7fb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

x-goog-metageneration: 1
x-goog-meta-goog-reserved-file-mtime: 1734632400
x-goog-hash: crc32c=G+v9Ew==, md5=rJ101PKJDdQdFxRXnVgB3Q==
content-encoding: br
etag: W/"ac9d74d4f2890dd41d1714579d5801dd"
age: 33594
x-goog-stored-content-encoding: identity
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 3187
date: Thu, 09 Jan 2025 23:21:15 GMT
last-modified: Thu, 19 Dec 2024 18:20:19 GMT
content-type: text/javascript
vary: Accept-Encoding
x-guploader-uploadid: AFIdbgQ7sStE_LkFVka5FBEy9g6c77i9QkgnWgxNbsZGJ3VPrLqR_eNOLudR-IkXpGQdctzYZe4pL5s
cache-control: public,max-age=31622400
x-goog-storage-class: STANDARD
accept-ranges: none
access-control-allow-origin: *
x-goog-generation: 1734632419259629
content-length: 1102
server: UploadServer

POST
H2 200 log Show response
navvy.media.net/ 35 B
295 B 692ms
315ms Fetch
image/gif 34.160.55.127
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://navvy.media.net/log

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.160.55.127 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

127.55.160.34.bc.googleusercontent.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://winnipegsun.com/

Response headers

strict-transport-security: max-age=63072000
cache-control: max-age=0, no-cache, no-store
accept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform-Version
pragma: no-cache
via: 1.1 google
expires: Sun, 05 Jan 2025 05:55:06 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
date: Fri, 10 Jan 2025 08:41:09 GMT
content-type: image/gif

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 3 KB
584 B 405ms
405ms Fetch
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2329155634510011&correlator=1760809443968798&eid=31089452%2C31084129%2C31089253&output=ldjh&gdfp_req=1&vrg=202501030202&ptt=17&impl=fifs&iu_parts=3081%2CSMCO_ENUR_WSUN_EN_WEB%2Cpmn%2Cstory&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=1200x90%7C970x90%7C728x90%2C6x6%7C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C7x7%7C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250&ifi=1&sfv=1-0-40&eri=1&sc=1&lrm=25&cookie_enabled=1&abxe=1&dt=1736498469456&lmt=1736498321&adxs=200%2C797%2C797%2C200&adys=154%2C1548%2C3096%2C3916&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C2%7C3&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwinnipegsun.com%2Fpmn%2Fun-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down&vis=1&psz=1600x90%7C1600x250%7C1600x250%7C1600x250&msz=1600x-1%7C1600x-1%7C1600x-1%7C1600x-1&fws=0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0&topics=3&tps=3&htps=10&a3p=ElYKDGlkNS1zeW5jLmNvbRJESUQ1KmNWckU5RVpyOXZybUhCdzZMTTVEbkVGSjVBWTJ3TXJ3d19ZOG00QWdHejdzUWg1aHBaa1MyenVBd2VpLU1Ob0tYARI7CgpwdWJjaWQub3JnEiQ5ZTQ2NTVlMS03NTFiLTRlNWMtOTg5ZS1jMzI3MGYwOTYxNmEYmKP_-sQySAASWgoNY3J3ZGNudHJsLm5ldBJAZDZjYTc1N2VmODhiY2E3YzJhOWU4MGY5OTBiNDE4NWNhMDJjMzRiNjJjMTZjMGIwZmNhZjY5YTU0ZGQ2N2Y2Yxjjq__6xDJIABIdCg5lc3AuY3JpdGVvLmNvbRi4n__6xDJIAFICCGQSFAoFb3BlbngYuJ__-sQySABSAghkEhsKDDMzYWNyb3NzLmNvbRi4n__6xDJIAFICCGQS1gIKCHJ0YmhvdXNlEsACclpZYWtncGE5VnRxaVVIVXFXdktNU1ZneFhDaUVWeGRNSHZSMGRwOFNpL2xJRTJsSWljSTNuYlZiUXBWUitPN1pBbUl4OVB5empPMFI5Y1BTN0dESTYvV01KTzdBdW8vUkpMYitTNmVVbFNVR0ZHZEU0b0xIc2NkUFp3clJsMVJmVS9zdDRhYzExd3BZOFJwNVoxWEV4dlZFYTBQM1pZbkJZR1hUaGtqRzBLSk9DRFE4MWVHUDRldFQ3MnRpVnRzNk9mbWVicXR4Nk5yRU9pYlNtOGZ3MWdRcnVCbUl5MFMxTkhLS1d3Slh6bW1rY3ZNWVVLeTZTenRvMnF3T2xsN29JVjRTMTk3a3A5WmxhYksrQ1BCUDIrK1pEU0JwcVpvckZ6a1ZBZmlmNEJ1S3p2Yjd4L0ZvOHBDd3p5Z1dpVzcY8K3_-sQySAA.&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1736498465676&idt=943&prev_scp=loc%3D1%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26pubx-a%3Don%26pubx-floor%3Dpbx_a0d_n%26pubx-m_v%3Dz%26pubx-floor-mv%3Dpbx_a0d_n-z%7Cloc%3D2%252Cinterscroller%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26pubx-a%3Don%26pubx-floor%3Dpbx_a0d_n%26pubx-m_v%3Dz%26pubx-floor-mv%3Dpbx_a0d_n-z%7Cloc%3D3%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26pubx-a%3Don%26pubx-floor%3Dpbx_a0d_n%26pubx-m_v%3Dz%26pubx-floor-mv%3Dpbx_a0d_n-z%7Cloc%3D4%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26pubx-a%3Don%26pubx-floor%3Dpbx_a0d_n%26pubx-m_v%3Dz%26pubx-floor-mv%3Dpbx_a0d_n-z&cust_params=permutive%3D%26prmtvvid%3Ddb49c710-e732-4917-bc1d-3191da02161c%26prmtvwid%3D23dc09d6-b664-425a-a76e-0eed6a6cc102%26aid%3D5d02763c-de84-431d-8b2b-66ff429b0ecf%252C831658%26author%3DAssociated%2520Press%26no_pol%3Dtrue%26page%3Dstory%26pr%3Dwsun%26sensitive%3Dy%26sct%3Dprovoking_murder_injury%252Cpolitics_global%26topics%3Dpmn%26negative%3Dy%26nkb%3DGM%252COntarioSecuritiesCommission%252CLandRover%252CCIBC%252CBRP%252CCartier%252CJPMORGAN%252CQuestTradePositive%252CQuestTradeNegative%252CHyundaiNegative%252CSamsung%252CBLM%252CJLR%252CStarbucks%26asrc%3Dwsun%26et%3Dsm%26ck%3Dpmn&adks=2189315267%2C2018098756%2C2951124467%2C8629029&frm=20&eoidce=1&td=1&egid=43724&tan=66972242-21dc-4828-9cf4-8db72da4adb2%2C66972242-21dc-4828-9cf4-8db72da4adb3%2C66972242-21dc-4828-9cf4-8db72da4adb4%2C66972242-21dc-4828-9cf4-8db72da4adb5&tdf=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202501030202/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

df48e5260043acee1c670ae20c6d1063720278ddcd4c2e9fbb920028ee6c7117

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

content-encoding: dcb
google-lineitem-id: -2,-2,-2,-2
observe-browsing-topics: ?1
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2,-2,-2,-2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Fri, 10 Jan 2025 08:41:09 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -2,-2,-2,-2
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://winnipegsun.com
content-length: 553
x-xss-protection: 0
server: cafe

GET container.html
c247440e8a4afbe1294a171ebfbf9473.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D58D 0
0

OPTIONS
H/1.1 204
No Content login
postmedia.hub.loginradius.com/ssologin/ Frame 0
0 3467ms
153ms Preflight 54.246.81.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://postmedia.hub.loginradius.com/ssologin/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.246.81.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-246-81-101.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://winnipegsun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS POST, GET, PUT, OPTIONS, DELETE
Access-Control-Allow-Origin: https://winnipegsun.com
Cache-Control: no-cache
Connection: keep-alive
Date: Fri, 10 Jan 2025 08:41:12 GMT
Expires: -1
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Requestid: 1f244abd-8d3c-4a07-a71f-8272b4a0ce23
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-LoginRadius-Server: EU-West Primary - IDX - AWS
X-Server: ms_idx_primary

GET
H/1.1 200
OK login Show response
postmedia.hub.loginradius.com/ssologin/ 38 B
738 B 669ms
158ms Fetch
application/json 54.246.81.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://postmedia.hub.loginradius.com/ssologin/login

Requested by

Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v117.1/fem.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.246.81.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-246-81-101.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
Referer: https://winnipegsun.com/

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Cache-Control: no-cache
X-LoginRadius-Server: EU-West, Primary - IDX - AWS
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS, POST, GET, PUT, OPTIONS, DELETE
Expires: -1
Access-Control-Allow-Origin: https://winnipegsun.com
Requestid: 54539c45-5fdb-4775-a6b1-c93226715f3c
Content-Length: 38
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date: Fri, 10 Jan 2025 08:41:13 GMT
Content-Type: application/json
Server: nginx
X-Server: ms_idx_primary

OPTIONS
H2 200 event
prebid-a.rubiconproject.com/ Frame 0
0 378ms
121ms Preflight 3.67.242.141
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.242.141 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-242-141.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://winnipegsun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Fri, 10 Jan 2025 08:41:10 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 204 event Show response
prebid-a.rubiconproject.com/ 0
125 B 189ms
185ms Fetch 3.67.242.141
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.242.141 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-242-141.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
Referer: https://winnipegsun.com/

Response headers

date: Fri, 10 Jan 2025 08:41:10 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: *

GET
H2 200 14359 Show response
check.analytics.rlcdn.com/check/ 25 B
386 B 371ms
139ms Fetch
application/json 18.173.205.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://check.analytics.rlcdn.com/check/14359
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.205.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-205-8.fra56.r.cloudfront.net
Software: /
Resource Hash: 8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://winnipegsun.com/

Response headers

x-amz-apigw-id: EKd-SGETjoEENow=
x-amzn-trace-id: Root=1-6780dd27-7c2768bc005eead67c931053
x-amzn-requestid: 0acaa817-479b-4c96-94ae-69ebeb5438d8
via: 1.1 8d70d51432f10e2eca684af448a5f99e.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 25
x-amz-cf-id: TCIVjVhy--1JUeCzFFhl7_T2epxmkROmplMIqXDDgwANxlYQuOU6Dg==
date: Fri, 10 Jan 2025 08:41:11 GMT
content-type: application/json
x-amz-cf-pop: FRA56-P12

GET
H2 200 usync.html
eus.rubiconproject.com/ Frame 1686 0
0 118ms
117ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.4.62 (Debian) /
Resource Hash

Request headers

Referer: https://winnipegsun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 224
content-type: text/html
date: Fri, 10 Jan 2025 08:41:12 GMT
etag: "10d-629840acea280-gzip"
last-modified: Wed, 18 Dec 2024 04:42:34 GMT
server: Apache/2.4.62 (Debian)
vary: Accept-Encoding

GET
H3

200

pd
u.openx.net/w/1.0/ Frame AF9E
Redirect Chain

https://u.openx.net/w/1.0/pd?ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
https://u.openx.net/w/1.0/pd?cc=1&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba

0
0

122ms
122ms

Document
text/html

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd?cc=1&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Referer: https://winnipegsun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0, no-cache
content-length: 784
content-type: text/html
date: Fri, 10 Jan 2025 08:41:12 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
vary: Accept, Accept-Encoding
via: 1.1 google
x-forwarded-for: 31.187.78.206

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0, no-cache
content-length: 0
content-type: text/plain; charset=utf-8
date: Fri, 10 Jan 2025 08:41:12 GMT
location: https://u.openx.net/w/1.0/pd?cc=1&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
vary: Accept, Accept-Encoding
via: 1.1 google
x-forwarded-for: 31.187.78.206

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/dmp/ Frame 437D 0
0 15847ms
118ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://winnipegsun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 73350
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 10 Jan 2025 08:41:28 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 01 Jan 2025 12:18:41 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 1065070, 283654
X-Served-By: cache-lga21982-LGA, cache-fra-eddf8230034-FRA
X-Timer: S1736498488.222701,VS0,VE0

GET
H2 200 syncframe
gum.criteo.com/ Frame 8048 0
0 132ms
131ms Document
text/html 178.250.1.11
ASN-CRITEO-EUROPE...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=criteoPrebidAdapter&topUrl=winnipegsun.com&gpp=

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://winnipegsun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 10 Jan 2025 08:41:12 GMT
server: Kestrel
server-processing-duration-in-ticks: 785737
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H3 200 cs.html
cs.seedtag.com/ Frame 6771 0
0 167ms
81ms Document
text/html 104.16.185.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.seedtag.com/cs.html?pt=5169-5177-01&pc=CA&uid=1fce2cfd-0a6a-4fdb-8cd8-4268aab1cfe4
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.185.87 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://winnipegsun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 77
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=86400
cf-cache-status: HIT
cf-ray: 8ffb5ddd8e637da0-TLV
content-encoding: gzip
content-length: 15865
content-type: text/html
date: Fri, 10 Jan 2025 08:41:12 GMT
etag: "2d9085044785f61bf209aa4bd640ae66"
expires: Sat, 11 Jan 2025 08:41:12 GMT
last-modified: Thu, 09 Jan 2025 08:03:27 GMT
priority: u=0,i
server: cloudflare
server-timing: cfExtPri
vary: Accept-Encoding
x-goog-generation: 1736409807754944
x-goog-hash: crc32c=3WDR3Q== md5=LZCFBEeF9hvyCapL1kCuZg==
x-goog-metageneration: 1
x-goog-storage-class: REGIONAL
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 15865
x-guploader-uploadid: AFiumC6EBkEGrnwrLxUyLIKJgpyxityvcqNmn7Nak8AGDNN-mg0JDK8R-5d6f2DMDP9bQHw

GET
H2 200 ixmatch.html
js-sec.indexww.com/um/ Frame 46A0 0
0 15805ms
136ms Document
text/html 104.18.24.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://winnipegsun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age: 275
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 8ffb5e3f5b24c231-TLV
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 10 Jan 2025 08:41:28 GMT
expires: Fri, 10 Jan 2025 12:41:28 GMT
last-modified: Mon, 25 Jul 2022 19:18:19 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2 200 user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7B42 0
0 128ms
126ms Document
text/html 184.28.88.244
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.28.88.244 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-28-88-244.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Referer: https://winnipegsun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=141382
content-encoding: gzip
content-length: 6694
content-type: text/html
date: Fri, 10 Jan 2025 08:41:12 GMT
expires: Sat, 11 Jan 2025 23:57:34 GMT
last-modified: Wed, 13 Nov 2024 05:14:24 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET sync
ssbsync.smartadserver.com/api/ 0
0

GET
H2

204

v1
match.sharethrough.com/sync/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=12af3aa3-717f-48f7-b1f7-161f7b77d083&gdpr=0&gdpr_consent=

0
58 B

2449ms
121ms

Image
text/plain

18.184.206.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=12af3aa3-717f-48f7-b1f7-161f7b77d083&gdpr=0&gdpr_consent=

Requested by

Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down

Protocol

Server

18.184.206.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-184-206-66.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;

Redirect headers

location: https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=12af3aa3-717f-48f7-b1f7-161f7b77d083&gdpr=0&gdpr_consent=
content-length: 323
date: Fri, 10 Jan 2025 08:41:12 GMT
server: Kestrel

GET
H2

204

v1
match.sharethrough.com/sync/
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1294&gdpr=0&gdpr_consent=
https://match.sharethrough.com/sync/v1?source_id=tYyXe2fcCnEgDUj176HQNZKu&source_user_id=8847348161013697134&gdpr=0&gdpr_consent=

0
57 B

2446ms
121ms

Image
text/plain

18.184.206.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.sharethrough.com/sync/v1?source_id=tYyXe2fcCnEgDUj176HQNZKu&source_user_id=8847348161013697134&gdpr=0&gdpr_consent=

Requested by

Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down

Protocol

Server

18.184.206.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-184-206-66.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
location: https://match.sharethrough.com/sync/v1?source_id=tYyXe2fcCnEgDUj176HQNZKu&source_user_id=8847348161013697134&gdpr=0&gdpr_consent=
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET
expires: -1
access-control-allow-origin: *
content-length: 0
date: Fri, 10 Jan 2025 08:41:12 GMT
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET sync
x.bidswitch.net/ 0
0

GET
H2

204

match
ssp-sync.criteo.com/user-sync/
Redirect Chain

https://secure.adnxs.com/getuid?https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3d3CnDml9Id2h6ampDTDJwSSUyRjlJUHlYVlFtYWslMkJuOElEaHJsanlYeGI3bm5yMExLTSUzRA%26u%3d%24UID&gdpr=0&gdpr_consent=
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fssp-sync.criteo.com%252fuser-sync%252fmatch%253fp%253d3CnDml9Id2h6ampDTDJwSSUyRjlJUHlYVlFtYWslMkJuOElEaHJsanlYeGI3bm5yMExLTSUzRA%2526...
https://ssp-sync.criteo.com/user-sync/match?p=3CnDml9Id2h6ampDTDJwSSUyRjlJUHlYVlFtYWslMkJuOElEaHJsanlYeGI3bm5yMExLTSUzRA&u=5678308702972638026&gdpr=0&gdpr_consent=

0
142 B

1444ms
133ms

Image
text/plain

178.250.1.57
ASN-CRITEO-EUROPE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssp-sync.criteo.com/user-sync/match?p=3CnDml9Id2h6ampDTDJwSSUyRjlJUHlYVlFtYWslMkJuOElEaHJsanlYeGI3bm5yMExLTSUzRA&u=5678308702972638026&gdpr=0&gdpr_consent=

Requested by

Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down

Protocol

Server

178.250.1.57 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-store,max-age=0
date: Fri, 10 Jan 2025 08:41:14 GMT
cross-origin-resource-policy: cross-origin
server: Kestrel

Redirect headers

cache-control: no-store, no-cache, private
location: https://ssp-sync.criteo.com/user-sync/match?p=3CnDml9Id2h6ampDTDJwSSUyRjlJUHlYVlFtYWslMkJuOElEaHJsanlYeGI3bm5yMExLTSUzRA&u=5678308702972638026&gdpr=0&gdpr_consent=
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 31.187.78.206; 31.187.78.206; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: 142905f6-38f4-423f-8a25-d2dacc43745e
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Fri, 10 Jan 2025 08:41:13 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.23.4

GET
H2

204

match
ssp-sync.criteo.com/user-sync/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=commerce_grid_dbm&google_hm=k--IRJ_dIr8sSkYfh2yeQMgIuMwEoXlxZR7hSwXQ&google_cm&google_redir=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3...
https://ssp-sync.criteo.com/user-sync/match?p=crB1f19BJTJCYXdUUWppZ1l5U0IxMUlHRGdaMFRkQmtiQ1oyanZ0Wm52VVMlMkZkRjlTYyUzRA&u=CAESEIp5WKu6_mR55fS9uHjRu4k&gdpr=0&gdpr_consent=&google_cver=1

0
141 B

550ms
134ms

Image
text/plain

178.250.1.57
ASN-CRITEO-EUROPE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssp-sync.criteo.com/user-sync/match?p=crB1f19BJTJCYXdUUWppZ1l5U0IxMUlHRGdaMFRkQmtiQ1oyanZ0Wm52VVMlMkZkRjlTYyUzRA&u=CAESEIp5WKu6_mR55fS9uHjRu4k&gdpr=0&gdpr_consent=&google_cver=1

Requested by

Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down

Protocol

Server

178.250.1.57 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-store,max-age=0
date: Fri, 10 Jan 2025 08:41:14 GMT
cross-origin-resource-policy: cross-origin
server: Kestrel

Redirect headers

cache-control: no-cache, must-revalidate
location: https://ssp-sync.criteo.com/user-sync/match?p=crB1f19BJTJCYXdUUWppZ1l5U0IxMUlHRGdaMFRkQmtiQ1oyanZ0Wm52VVMlMkZkRjlTYyUzRA&u=CAESEIp5WKu6_mR55fS9uHjRu4k&gdpr=0&gdpr_consent=&google_cver=1
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 398
date: Fri, 10 Jan 2025 08:41:14 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)

GET
H2 200 signinprompt
edge-auth.microsoft.com/v0.5/ Frame E436 0
0 1553ms
161ms Document
text/html 13.107.6.158
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://edge-auth.microsoft.com/v0.5/signinprompt?uuid=18b2726d-5015-44a6-8ed5-601ed07f754a&send_session_started=true&client_id=a2f5b229-db73-4076-8a05-f85b0fd8a6e8&locale=en-US&context=signin

Requested by

Host: edge-auth.microsoft.com
URL: https://edge-auth.microsoft.com/js/ms_auth_client.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.6.158 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

bingforbusiness.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'strict-dynamic' 'nonce-OBEWOY2luV47PnT5i2S1kUXWe7aq/gghfG2DZqLWRzOtKj6h/Jk6mAtfyc8sVKKAiUeM4A8HK7159LsnTMP+jY4cA5MLx+/vWiDufHeFW2nKP6V0/1CXSb78NAbCwCC0k6dWkxoU9J2MyjwCvcB6kxVL2L6VouqsVsiUESz2q6I=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';

Request headers

Referer: https://winnipegsun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: max-age=0, no-cache, no-store, must-revalidate
content-security-policy: script-src 'strict-dynamic' 'nonce-OBEWOY2luV47PnT5i2S1kUXWe7aq/gghfG2DZqLWRzOtKj6h/Jk6mAtfyc8sVKKAiUeM4A8HK7159LsnTMP+jY4cA5MLx+/vWiDufHeFW2nKP6V0/1CXSb78NAbCwCC0k6dWkxoU9J2MyjwCvcB6kxVL2L6VouqsVsiUESz2q6I=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';
content-type: text/html; charset=utf-8
date: Fri, 10 Jan 2025 08:41:15 GMT
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 77D6865CBFB04D66BB6E129B495C22FA Ref B: VIEEDGE2815 Ref C: 2025-01-10T08:41:15Z

GET
H3 200 load Show response
experience.tinypass.com/xbuilder/experience/ 4 KB
2 KB 606ms
524ms Script
application/javascript 104.18.223.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.tinypass.com/xbuilder/experience/load?aid=RpxZ9l1H1l

Requested by

Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v117.1/fem.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.223.248 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53074eb539662d6dd23262b633cb65fbaaacfe73306052110039e1ff3f6b5b57

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

x-request-id: 539s2zijm1
content-encoding: gzip
cf-cache-status: EXPIRED
expires: Fri, 10 Jan 2025 09:11:14 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 10 Jan 2025 08:41:14 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
last-modified: Fri, 10 Jan 2025 08:41:14 GMT
priority: u=3,i=?0
strict-transport-security: max-age=86400; includeSubDomains
cache-control: public, max-age=1800, s-maxage=1800
pragma
cf-ray: 8ffb5de51e6bc222-TLV
server: cloudflare

GET
H2 200 vf-v2.js Show response
cdn.viafoura.net/ 623 KB
163 KB 1651ms
146ms Script
application/javascript 18.66.102.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/vf-v2.js
Requested by: Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v117.1/fem.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.102.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-31.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 18ac553998984630151a214773542a4f5e68c54050e458d941e42207997b09bf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

content-encoding: br
x-amz-version-id: L2FRhnBM9LAmjg1F_D45wQnw8AnlFcu_
etag: W/"1a83309b04bed5af6256b723a4035921"
age: 169
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: RKpQSKp_VyjKJF6XkOZ8ntMJ-ronK5T9dEZdYjQBzWQMpBxzc-AX0g==
date: Fri, 10 Jan 2025 08:38:26 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding, Origin
last-modified: Thu, 09 Jan 2025 16:09:54 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=300
via: 1.1 80a51c83bb9479e2a3aa1ea59b366458.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 6bd63a8d665922db35b3.js Show response
fem.gprod.postmedia.digital/v117.1/chunks/ 1 KB
547 B 68ms
68ms Script
text/javascript 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fem.gprod.postmedia.digital/v117.1/chunks/6bd63a8d665922db35b3.js
Requested by: Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v117.1/fem.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 2614f69f1941ba6c764aa1ef37758143d584c6d999627588671be7fb86b2c6ad

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

x-goog-metageneration: 1
x-goog-meta-goog-reserved-file-mtime: 1734632400
x-goog-hash: crc32c=VoEMWQ==, md5=KNnC4wa6Oqb4fHAoyT3fSw==
content-encoding: br
etag: W/"28d9c2e306ba3aa6f87c7028c93ddf4b"
age: 224401
x-goog-stored-content-encoding: identity
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 1212
date: Tue, 07 Jan 2025 18:21:12 GMT
last-modified: Thu, 19 Dec 2024 18:20:19 GMT
content-type: text/javascript
vary: Accept-Encoding
x-guploader-uploadid: AFiumC5gtG_hVphwIUYmvUROdTNm4-Ic57Fiv7f4j5CIf0_9M2Hc2M30dAzGM4LJ1uN2ETN3_nbFHcE
cache-control: public,max-age=31622400
x-goog-storage-class: STANDARD
accept-ranges: none
access-control-allow-origin: *
x-goog-generation: 1734632419082141
content-length: 506
server: UploadServer

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 528 KB
152 KB 1329ms
330ms Script
application/javascript 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer

Requested by

Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v117.1/fem.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

1ed92e25c87f0892c9632c92c61448cd57fc502b77109bf83166cdb266a78dd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

content-encoding: gzip
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Fri, 10 Jan 2025 08:41:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 10 Jan 2025 08:41:14 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 10 Jan 2025 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 155768
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 16 KB
6 KB 133ms
132ms Script
text/javascript 18.244.18.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v117.1/fem.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-38.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3f6004a6c9021e04ec32ca88df8f9a5785e53da23511f1bf0d56defc1b9759f8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

vary: accept-encoding
cache-control: max-age=86400
content-encoding: gzip
etag: W/"c22322b3d030360971584a98c60b6e0b"
age: 17403
via: 1.1 56837fe4941e707f9c6564d049ea12b6.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: zAptTdCQldcnoTet3xjmB6cPMEL5IfOhNI_XuOUhbxepvOfd1FCfUw==
date: Fri, 10 Jan 2025 03:51:11 GMT
content-type: text/javascript
last-modified: Mon, 16 Dec 2024 11:22:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK fullcontact.js Show response
tags.fullcontact.com/anon/ 140 KB
49 KB 1405ms
136ms Script
application/javascript 13.35.58.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.fullcontact.com/anon/fullcontact.js
Requested by: Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v117.1/fem.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-87.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d04c0e3e88947ddf1538e3315df91b065380ea97a9a5cb40c2f89574e5fb3067

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

Transfer-Encoding: chunked
Vary: accept-encoding
Content-Encoding: gzip
ETag: W/"589a3abd624b7629bac443359ab32e9e"
Age: 21552
Connection: keep-alive
Via: 1.1 0ccdc706b9b907d47a4960eec0e95f2a.cloudfront.net (CloudFront)
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: 3cDWM6gmTzZYu3ZiLALQfTteJhLrmu5m846XglefBs9L8QQxjZWguA==
Date: Fri, 10 Jan 2025 02:42:21 GMT
Content-Type: application/javascript
Last-Modified: Tue, 05 Nov 2024 23:51:56 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P10
x-amz-server-side-encryption: AES256

GET
H2 200 mparticle.js Show response
jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/ 359 KB
127 KB 374ms
119ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Requested by: Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v117.1/fem.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 5d453e516e29b01c713046d1f0cf716ef46bee2a97e6f560af7093b9b8e779f1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

cache-control: public, max-age=3600
content-encoding: gzip
x-timer: S1736498474.179381,VS0,VE1
age: 24
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
x-origin-name: fastlyshield--shield_ssl_cache_iad_kcgs7200117_IAD
x-cache: HIT, HIT
content-length: 129745
date: Fri, 10 Jan 2025 08:41:14 GMT
content-type: application/javascript
x-served-by: cache-iad-kcgs7200117-IAD, cache-lon420111-LON
server: Kestrel
x-cache-hits: 8, 1
vary: Accept, Accept-Encoding

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 236 KB
77 KB 612ms
136ms Script
application/javascript 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer

Requested by

Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v117.1/fem.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

5bd5748413e88c4373355a2ad4374b50109a8ecfecb5c61300d44792b855ab8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Fri, 10 Jan 2025 08:41:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 10 Jan 2025 08:41:14 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 10 Jan 2025 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 77648
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 tinypass.min.js Show response
cdn.tinypass.com/api/ 415 KB
122 KB 100ms
92ms Script
application/javascript 104.18.223.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.tinypass.com/api/tinypass.min.js?version=2

Requested by

Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=RpxZ9l1H1l

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.223.248 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

041cc6d14059807e52f1e55c338730e1cb7549d3d085e788237c876bc1737cf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"68b547660a53c91c1ef66463bb0190c2"
x-amz-version-id: 2CziI1GViUGEJAT6hAZ.SNRwf5XCfYsi
age: 2163
expires: Fri, 10 Jan 2025 12:41:14 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 10 Jan 2025 08:41:14 GMT
content-type: application/javascript
last-modified: Thu, 09 Jan 2025 11:35:31 GMT
vary: Accept-Encoding
priority: u=3,i=?0
x-amz-id-2: FPsvxasOBTpU22KYJRW9vrLyD54Y0WllqMr+xU5IasDWjGY0eDr+YebWSGm5CdIg0zZERE4Kw93ALjnMNSCyH7f6QM2p1o7ITZVylzk1Boc=
strict-transport-security: max-age=86400; includeSubDomains
x-amz-replication-status: REPLICA
cache-control: public, max-age=14400
x-amz-request-id: QJ9JWYNBJGHFKN6F
cf-ray: 8ffb5de96beac222-TLV
server: cloudflare
x-amz-server-side-encryption: AES256

OPTIONS
H2 204 identify
identity.mparticle.com/v1/ Frame 0
0 369ms
116ms Preflight 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.mparticle.com/v1/identify

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-mp-key
Access-Control-Request-Method: POST
Origin: https://winnipegsun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: content-type,x-mp-key
access-control-allow-methods: POST
access-control-allow-origin: *
age: 985
date: Fri, 10 Jan 2025 08:41:14 GMT
server: Kestrel
strict-transport-security: max-age=900
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 237
x-fastly-trace-id: 2469038851
x-origin-name: 4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by: cache-fra-eddf8230041-FRA
x-timer: S1736498475.747188,VS0,VE0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 281 KB
82 KB 253ms
237ms Script
application/javascript 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5KMC8ND&l=dl_mparticle

Requested by

Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

c97f94ea2247637361fb5e03faff175145d25fc8b64c7f8df4c753fc09dff5f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Fri, 10 Jan 2025 08:41:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 10 Jan 2025 08:41:14 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 10 Jan 2025 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 83982
x-xss-protection: 0
server: Google Tag Manager

POST
H2 200 identify Show response
identity.mparticle.com/v1/ 175 B
333 B 223ms
222ms Fetch
application/json 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.mparticle.com/v1/identify

Requested by

Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Kestrel /

Resource Hash

de097098eff0abc6816e83a9bcf41304a92229e938273c168af51d4206c2b868

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

x-mp-key: us1-99b65fde89a1a145894d2d51d283cc83
Referer: https://winnipegsun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: text/plain;charset=UTF-8
Content-Type: application/json

Response headers

access-control-expose-headers: X-MP-Max-Age
content-encoding: gzip
x-fastly-trace-id: 2469040117
x-cache: MISS
date: Fri, 10 Jan 2025 08:41:14 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-fra-eddf8230041-FRA
x-cache-hits: 0
vary: Accept-Encoding
x-mp-max-age: 86400
strict-transport-security: max-age=900
x-timer: S1736498475.865683,VS0,VE105
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-origin-name: 4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
server: Kestrel

GET
H/1.1 200
OK cx.cce.js Show response
cdn.cxense.com/ 25 KB
7 KB 385ms
132ms Script
application/x-javascript 104.102.38.221
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.cce.js
Requested by: Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js?version=2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.38.221 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-38-221.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: bf0c89a6d466325e7481eca13bbecf43daa80644400723d47e43457bc14985f2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

Cache-Control: max-age=3600
Content-Encoding: gzip
Connection: keep-alive
Expires: Fri, 10 Jan 2025 09:41:15 GMT
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 6352
Date: Fri, 10 Jan 2025 08:41:15 GMT
Last-Modified: Mon, 08 Apr 2024 13:13:58 GMT
Content-Type: application/x-javascript
Server: AkamaiNetStorage
Vary: Accept-Encoding

POST
H3 200 execute Show response
c2.piano.io/xbuilder/experience/ 9 KB
3 KB 291ms
211ms XHR
application/json 104.16.143.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c2.piano.io/xbuilder/experience/execute?aid=RpxZ9l1H1l

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js?version=2

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.143.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7ee40ad883813f90fdff413134733484e1c41db6615f307890268056557a529

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://winnipegsun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/x-www-form-urlencoded

Response headers

x-request-id: 2vv6tnj50r
access-control-expose-headers: Composer-Request-Control-Policy
content-encoding: gzip
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 10 Jan 2025 08:41:15 GMT
content-type: application/json
vary: Accept-Encoding, Origin
priority: u=1,i
strict-transport-security: max-age=86400; includeSubDomains
cache-control: no-cache, no-store
pragma: no-cache
access-control-allow-credentials: true
cf-ray: 8ffb5dec0df8c21f-TLV
access-control-allow-origin: https://winnipegsun.com
server: cloudflare

POST
H2 200 identify Show response
identity.mparticle.com/v1/ 175 B
265 B 231ms
229ms Fetch
application/json 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.mparticle.com/v1/identify

Requested by

Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Kestrel /

Resource Hash

de097098eff0abc6816e83a9bcf41304a92229e938273c168af51d4206c2b868

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

x-mp-key: us1-99b65fde89a1a145894d2d51d283cc83
Referer: https://winnipegsun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: text/plain;charset=UTF-8
Content-Type: application/json

Response headers

access-control-expose-headers: X-MP-Max-Age
content-encoding: gzip
x-fastly-trace-id: 2469042731
x-cache: MISS
date: Fri, 10 Jan 2025 08:41:15 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-fra-eddf8230041-FRA
x-cache-hits: 0
vary: Accept-Encoding
x-mp-max-age: 86400
strict-transport-security: max-age=900
x-timer: S1736498475.101356,VS0,VE112
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-origin-name: 4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
server: Kestrel

POST
H2 202 Forwarding
jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 0
0 392ms
117ms Fetch 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/Forwarding
Requested by: Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash

Request headers

Referer: https://winnipegsun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: text/plain;charset=UTF-8
Content-Type: text/plain;charset=UTF-8

Response headers

x-timer: S1736498475.380719,VS0,VE2
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-origin-name: 7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache: MISS
content-length: 0
date: Fri, 10 Jan 2025 08:41:15 GMT
x-served-by: cache-fra-eddf8230158-FRA
server: Kestrel
x-cache-hits: 0

POST
H3 200 loadTemplateContext Show response
buy.tinypass.com/api/v3/anon/template/ 671 B
674 B 312ms
230ms XHR
application/json 104.18.176.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=RpxZ9l1H1l

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js?version=2

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.176.126 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4dff47c365f6de8b8b152d41c46651008bf01ef8720de8721d14c1e76aa66298

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://winnipegsun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/x-www-form-urlencoded

Response headers

x-request-id: Mrs6vpsypjt
content-encoding: gzip
cf-cache-status: DYNAMIC
expires: 0
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 10 Jan 2025 08:41:15 GMT
content-type: application/json
vary: Accept-Encoding
priority: u=1,i
strict-transport-security: max-age=86400; includeSubDomains
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cf-ray: 8ffb5dedfbc7c227-TLV
access-control-allow-origin: *
server: cloudflare

GET
H3 200 cacheableShow
buy.tinypass.com/checkout/template/ Frame 4238 0
0 327ms
256ms Document
text/html 104.18.239.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/template/cacheableShow?aid=RpxZ9l1H1l&templateId=OTEHRB8JJDBG&offerId=fakeOfferId&experienceId=EXZS44KN41XP&iframeId=offer_23447bbcdaa3f7fe692c-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwinnipegsun.com

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js?version=2

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.239.248 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://winnipegsun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-methods: *
access-control-allow-origin: https://dashboard.piano.io
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=900
cf-cache-status: MISS
cf-ray: 8ffb5dedfdb5c224-TLV
content-encoding: gzip
content-length: 2856
content-type: text/html;charset=UTF-8
date: Fri, 10 Jan 2025 08:41:15 GMT
expires: Fri, 10 Jan 2025 08:56:15 GMT
last-modified: Fri, 10 Jan 2025 08:41:15 GMT
p3p: CP="NON DSP COR OUR IND"
pragma
priority: u=0,i
server: cloudflare
server-time: 0.019
server-timing: cfExtPri
strict-transport-security: max-age=86400; includeSubDomains
vary: accept-encoding
wn: prod-dash-10-0-123-206
x-forwarded-https: on
x-request-id: Mrs6vps4zWp
x-xss-protection: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 278 KB
99 KB 137ms
136ms Script
application/javascript 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MDBQXCK&l=gtm_data_layer&gtm=45He5190v854392465za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

c296f9ff16fea84f6ad669e74f3b29a34a811c9e95be932150cbda02acbf6e67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Fri, 10 Jan 2025 08:41:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 10 Jan 2025 08:41:15 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 10 Jan 2025 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 101421
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 324 KB
98 KB 145ms
145ms Script
application/javascript 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer&gtm=45He5190v854392465za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

0164452ed5f5b6cae0db3c73850a63be312d921cc198dc64e5fab89c0a8db423

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Fri, 10 Jan 2025 08:41:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 10 Jan 2025 08:41:15 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 10 Jan 2025 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 99949
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 420 KB
136 KB 139ms
138ms Script
application/javascript 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RT9GKF97XT&l=dl_mparticle&cx=c&gtm=45He5190v9134303430za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5KMC8ND&l=dl_mparticle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

f951044a5f99078227d54f68134aa087ef7a2a6df142bb967595b197116834f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 10 Jan 2025 08:41:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 10 Jan 2025 08:41:15 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 138526
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 319 KB
107 KB 142ms
142ms Script
application/javascript 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-72QH41ZTMR&l=dataLayer&cx=c&gtm=45He5190v79194588za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

5ab3eb07a735e54a328b84a998c4f75556dc17b3602027c6af03b2cb3a8a27d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 10 Jan 2025 08:41:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 10 Jan 2025 08:41:15 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 109719
x-xss-protection: 0
server: Google Tag Manager

GET
H2

200

web-vitals.attribution.iife.js Show response
unpkg.com/web-vitals@3.5.2/dist/
Redirect Chain

https://unpkg.com/web-vitals@3/dist/web-vitals.attribution.iife.js
https://unpkg.com/web-vitals@3.5.2/dist/web-vitals.attribution.iife.js

10 KB
5 KB

79ms
78ms

Script
application/javascript

104.17.247.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@3.5.2/dist/web-vitals.attribution.iife.js

Requested by

Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down

Protocol

Server

104.17.247.203 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

834855b0c8387a3ba457811b0e664777e79fa712722c962f12efb129b60c47b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: "28bb-wwZ82D9Sng4EXAJwcNpWRMvXVbg"
age: 2361301
x-content-type-options: nosniff
date: Fri, 10 Jan 2025 08:41:15 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01JF1A2P7RPWEDFTJBB2CVZD9S-cdg
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8ffb5defcab77da4-TLV
access-control-allow-origin: *
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, s-maxage=600, max-age=60
location: /web-vitals@3.5.2/dist/web-vitals.attribution.iife.js
content-encoding: br
cf-cache-status: HIT
age: 148
x-content-type-options: nosniff
via: 1.1 fly.io
cf-ray: 8ffb5def09f17da4-TLV
access-control-allow-origin: *
date: Fri, 10 Jan 2025 08:41:15 GMT
content-type: text/plain; charset=utf-8
vary: Accept, Accept-Encoding
fly-request-id: 01JH7NVBQ916MGH09P1X7N4YH4-fra
server: cloudflare

GET
H2 200 did-004q.min.js Show response
d-code.liadm.com/ 136 KB
46 KB 1502ms
171ms Script
application/javascript 143.204.98.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d-code.liadm.com/did-004q.min.js
Requested by: Host: tags.fullcontact.com
URL: https://tags.fullcontact.com/anon/fullcontact.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-115.fra50.r.cloudfront.net
Software: /
Resource Hash: c4f082a77de46468897b02a19fe987868ea4e09205a3526dd8b0ed810ed898ae

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

cache-control: public,max-age=86400
content-encoding: gzip
age: 30012
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: xtiRLR-mbTn6ZJkr742d6LonKXLjd5N0pmiSJnjlxR3e-CsW3m5Mrw==
date: Fri, 10 Jan 2025 00:21:04 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-cf-pop: FRA50-C1

POST
H2 202 events Show response
jssdks.mparticle.com/v3/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 41 B
148 B 136ms
120ms Fetch
application/json 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://jssdks.mparticle.com/v3/JS/us1-99b65fde89a1a145894d2d51d283cc83/events
Requested by: Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 29ec0c2f1e42c4c34f66358c811719e6d7b7471d4b3c1d6dfeb6818430f82712

Request headers

Referer: https://winnipegsun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: text/plain;charset=UTF-8
Content-Type: text/plain;charset=UTF-8

Response headers

content-encoding: gzip
x-timer: S1736498475.382707,VS0,VE4
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-origin-name: 7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache: MISS
date: Fri, 10 Jan 2025 08:41:15 GMT
content-type: application/json
x-served-by: cache-fra-eddf8230158-FRA
server: Kestrel
x-cache-hits: 0
vary: Accept-Encoding

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 317 KB
107 KB 138ms
138ms Script
application/javascript 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H792QCFZPV&l=gtm_data_layer&cx=c&gtm=45He5190v854753396za200zb854392465

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer&gtm=45He5190v854392465za200

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

8fe3ceb76dc9c415d416f510a6283d46f9dfbf09a4387e3968ae2c91af5ffe3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 10 Jan 2025 08:41:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 10 Jan 2025 08:41:15 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 109262
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 marfeel-sdk.js Show response
sdk.mrf.io/statics/ 171 KB
46 KB 341ms
243ms Script
application/javascript 104.21.50.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Requested by: Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.50.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95865777854f7bf31ec37194acbe1d4fc310ac5ee6954b61f310afc60d36d6bf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://winnipegsun.com
Referer: https://winnipegsun.com/

Response headers

content-encoding: gzip
cf-cache-status: EXPIRED
x-response-time: 1ms
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 10 Jan 2025 08:41:15 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 10 Jan 2025 08:41:15 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=1800
x-envoy-upstream-service-time: 7
cf-ray: 8ffb5defdb667d9b-TLV
accept-ranges: bytes
access-control-allow-origin: *
content-length: 47175
server: cloudflare

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 259ms
129ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

5332fd32d8be28eb2531721220e8c3c561000378988be4b4d7f97568f0b3f224

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-QfdqwyR7' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 10 Jan 2025 08:41:15 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-QfdqwyR7' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=125, rtx=0, c=24, mss=1232, tbw=8244, tp=13, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: c0YOOR1iNJ4fU09Tlk25bfqOHDJR5Pm+eZNJAOBAyUOpjn2x6Iuz/+5G7+9Awi76e2ei1HTG/x1l0qmIwmQrHg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62279
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H3 200 collect
www.google.com/ccm/ 0
0 362ms
124ms Ping
text/plain 142.250.185.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwinnipegsun.com%2Fpmn%2Fun-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down&scrsrc=www.googletagmanager.com&frm=0&rnd=1935033959.1736498475&dt=UN%20human%20rights%20office%20in%20Venezuela%20partially%20resumes%20work%20months%20after%20government%20shut%20it%20down%20%7C%20Winnipeg%20Sun&auid=146133835.1736498475&navt=n&npa=0&gtm=45He5190v854747130za200zb854392465&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tft=1736498475441&tfd=10243&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MDBQXCK&l=gtm_data_layer&gtm=45He5190v854392465za200
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s52-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

GET
H2 200 p.js Show response
cdn.parsely.com/keys/winnipegsun.com/ 60 KB
22 KB 3484ms
205ms Script
application/javascript 3.161.77.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/winnipegsun.com/p.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer&gtm=45He5190v854392465za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.77.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-77-50.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 22432b141f6c05fe8f026a9955f1f3a695c3f853e640d57174ddac8357078c0e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

cache-control: max-age=86400, public
content-encoding: gzip
pragma: public
etag: W/"66e43812-f023"
age: 18157
via: 1.1 b61ff825a3ca0ff851caf7741034ca52.cloudfront.net (CloudFront)
expires: Sat, 11 Jan 2025 03:38:41 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: 6zs_GFUWJTle0F46E7wKm9xeCaOoNEwvPRDOgxsZEzquq7-QqZIBYw==
date: Fri, 10 Jan 2025 03:38:41 GMT
content-type: application/javascript
last-modified: Fri, 13 Sep 2024 13:03:14 GMT
server: nginx
x-amz-cf-pop: FRA56-P10

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ 115 KB
38 KB 3475ms
207ms Script
application/x-javascript 104.102.38.221
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.cce.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.38.221 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-38-221.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5f359af7d8b47457476b400d721101f3c28e4a82cbc4aebf35be806ea49511b2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

Cache-Control: max-age=3600
Content-Encoding: gzip
Connection: keep-alive
Expires: Fri, 10 Jan 2025 09:41:18 GMT
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 38112
Date: Fri, 10 Jan 2025 08:41:18 GMT
Last-Modified: Thu, 09 Jan 2025 08:09:32 GMT
Content-Type: application/x-javascript
Server: AkamaiNetStorage
Vary: Accept-Encoding

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 453ms
126ms Fetch
text/plain 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-RT9GKF97XT&gtm=45je5190v9135149014z89134303430za200zb9134303430&_p=1736498474434&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=800241550.1736498475&ul=he-il&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1736498475&sct=1&seg=0&dl=https%3A%2F%2Fwinnipegsun.com%2Fpmn%2Fun-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down&dt=UN%20human%20rights%20office%20in%20Venezuela%20partially%20resumes%20work%20months%20after%20government%20shut%20it%20down%20%7C%20Winnipeg%20Sun&en=page_view&_fv=1&_nsi=1&_ss=1&ep.article_tags=ap&ep.article_authors=Associated%20Press&epn.character_count=2269&ep.main_category=pmn&ep.metered_content=true&ep.nlp_category=Politics&ep.nlp_entity=Associations%20%26%20groups%2CPolitical%20NGO%2FAssociation%2CU.N.%2C0.9648%7CPeople%2Cperson%2CNicolas%20Maduro%2C0.94%7CCountries%2Clocation%2CVenezuela%2C0.9236%7CPeople%2Cperson%20name%2CVolker%20Turk%2C0.9078%7CAssociations%20%26%20groups%2Cgroup%2CHuman%20Rights%20Council%2C0.2938&ep.nlp_topic=U.N.%20office%2C1%7Cauthorities%2C1%7CMaduro%27s%20government%2C0.8345%7CVenezuela%2C0.7248%7CVolker%20Turk%2C0.6927&ep.originating_property=true&ep.project_type=Wired&ep.publish_timestamp=1734105508&ep.wire_content=true&epn.word_count=405&ep.is_premium=false&ep.article_id=5d02763c-de84-431d-8b2b-66ff429b0ecf&ep.publish_date=2024-12-13&ep.ad_blocker_enabled=false&ep.browser=Chrome&ep.browser_language=en-US&ep.brand=Winnipeg%20Sun&ep.device_type=desktop&ep.division=suns&ep.domain=winnipegsun.com&ep.fem_version=v117.1&ep.page_url=https%3A%2F%2Fwinnipegsun.com%2Fpmn%2Fun-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down&ep.page_type=story&ep.platform=Cheetah&ep.platform_version=17.7.5&ep.user_status=anonymous&ep.view_type=HTML&up.mpid=4656624455536695908&tfd=10308
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RT9GKF97XT&l=dl_mparticle&cx=c&gtm=45He5190v9134303430za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://winnipegsun.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 10 Jan 2025 08:41:15 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/5190/ Frame D4A0 0
0 376ms
123ms Document
text/html 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/5190/sw_iframe.html?origin=https%3A%2F%2Fwinnipegsun.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MDBQXCK&l=gtm_data_layer&gtm=45He5190v854392465za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f8.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 48663
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Thu, 09 Jan 2025 19:10:12 GMT
expires: Fri, 09 Jan 2026 19:10:12 GMT
last-modified: Thu, 09 Jan 2025 17:38:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 v2
api.viafoura.co/v2/winnipegsun.com/bootstrap/ Frame 0
0 1095ms
198ms Preflight 54.236.195.58
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viafoura.co/v2/winnipegsun.com/bootstrap/v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.236.195.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-195-58.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://winnipegsun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://winnipegsun.com
access-control-max-age: 86400
cache-control: max-age=0
date: Fri, 10 Jan 2025 08:41:16 GMT
expires: Fri, 10 Jan 2025 08:41:16 GMT
pragma: no-cache
server: nginx/1.18.0 (Ubuntu)
x-instance-id: i-0c822acab57ee104f

POST
H2 200 v2 Show response
api.viafoura.co/v2/winnipegsun.com/bootstrap/ 8 KB
3 KB 1608ms
202ms XHR
application/json 54.236.195.58
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viafoura.co/v2/winnipegsun.com/bootstrap/v2
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.236.195.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-195-58.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b4d7f6bd421fdd11fef6cabf22b7a67fad6121480f510ef9c33519a9297f6c95

Request headers

Referer: https://winnipegsun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Content-Type: application/json;charset=UTF-8

Response headers

access-control-max-age: 86400
cache-control: max-age=0
content-encoding: gzip
pragma: no-cache
x-instance-id: i-08e2591b2267916cd
access-control-allow-credentials: true
expires: Fri, 10 Jan 2025 08:41:18 GMT
access-control-allow-origin: https://winnipegsun.com
date: Fri, 10 Jan 2025 08:41:18 GMT
content-type: application/json;charset=UTF-8
vary: Accept-Encoding
server: nginx/1.18.0 (Ubuntu)

POST
H2 204 collect
analytics.google.com/g/ 0
0 16008ms
180ms Fetch
text/plain 216.239.34.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-72QH41ZTMR&gtm=45je5190v880952817z879194588za200zb79194588&_p=1736498473744&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=800241550.1736498475&ul=he-il&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1736498475&sct=1&seg=0&dl=https%3A%2F%2Fwinnipegsun.com%2Fpmn%2Fun-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down&dt=UN%20human%20rights%20office%20in%20Venezuela%20partially%20resumes%20work%20months%20after%20government%20shut%20it%20down%20%7C%20Winnipeg%20Sun&en=FCP&_fv=1&_ss=1&ep.web_vitals_measurement_name=FCP&ep.web_vitals_measurement_id=v3-1736498475655-8683933968853&epn.web_vitals_measurement_value=995.5&epn.value=995.5&tfd=10470
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-72QH41ZTMR&l=dataLayer&cx=c&gtm=45He5190v79194588za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://winnipegsun.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 10 Jan 2025 08:41:31 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
545 B 553ms
140ms Ping
text/plain 142.251.173.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-72QH41ZTMR&cid=800241550.1736498475&gtm=45je5190v880952817z879194588za200zb79194588&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-72QH41ZTMR&l=dataLayer&cx=c&gtm=45He5190v79194588za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.173.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: wi-in-f154.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://winnipegsun.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 10 Jan 2025 08:41:16 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 8F76 0
0 1396ms
137ms Document
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-72QH41ZTMR&gacid=800241550.1736498475&gtm=45je5190v880952817z879194588za200zb79194588&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=587483099

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-72QH41ZTMR&l=dataLayer&cx=c&gtm=45He5190v79194588za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winnipegsun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 10 Jan 2025 08:41:17 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.co.il/ads/ 42 B
107 B 388ms
136ms Image
image/gif 216.58.206.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.il/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-72QH41ZTMR&cid=800241550.1736498475&gtm=45je5190v880952817z879194588za200zb79194588&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tag_exp=101925629~102067555~102067808~102081485~102198178&z=2111985793

Requested by

Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 10 Jan 2025 08:41:15 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H2 204 collect
analytics.google.com/g/ 0
0 15873ms
181ms Fetch
text/plain 216.239.34.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-H792QCFZPV&gtm=45je5190v880952819z8854753396za200zb854753396&_p=1736498473750&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=800241550.1736498475&ul=he-il&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EA&_s=1&dl=https%3A%2F%2Fwinnipegsun.com%2Fpmn%2Fun-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down&sid=1736498475&sct=1&seg=0&dt=UN%20human%20rights%20office%20in%20Venezuela%20partially%20resumes%20work%20months%20after%20government%20shut%20it%20down%20%7C%20Winnipeg%20Sun&tfd=10606
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H792QCFZPV&l=gtm_data_layer&cx=c&gtm=45He5190v854753396za200zb854392465
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://winnipegsun.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://winnipegsun.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 10 Jan 2025 08:41:31 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
57 B 415ms
141ms Ping
text/plain 142.251.173.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-H792QCFZPV&cid=800241550.1736498475&gtm=45je5190v880952819z8854753396za200zb854753396&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H792QCFZPV&l=gtm_data_layer&cx=c&gtm=45He5190v854753396za200zb854392465
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.173.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: wi-in-f154.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://winnipegsun.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 10 Jan 2025 08:41:16 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 35F3 0
0 1239ms
137ms Document
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-H792QCFZPV&gacid=800241550.1736498475&gtm=45je5190v880952819z8854753396za200zb854753396&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=984799243

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H792QCFZPV&l=gtm_data_layer&cx=c&gtm=45He5190v854753396za200zb854392465

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winnipegsun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 10 Jan 2025 08:41:17 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.co.il/ads/ 42 B
408 B 252ms
137ms Image
image/gif 216.58.206.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.il/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-H792QCFZPV&cid=800241550.1736498475&gtm=45je5190v880952819z8854753396za200zb854753396&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tag_exp=101925629~102067555~102067808~102081485~102198178&z=569016636

Requested by

Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 10 Jan 2025 08:41:15 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 1685973801652415 Show response
connect.facebook.net/signals/config/ 81 KB
17 KB 230ms
229ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1685973801652415?v=2.9.179&r=stable&domain=winnipegsun.com&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

83620b1acfb345ac8c92b8167e8ae32e6021b9161daf42056217105f8934105a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-xmaismSI' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 10 Jan 2025 08:41:16 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-xmaismSI' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=126, rtx=0, c=80, mss=1232, tbw=74344, tp=71, tpl=0, uplat=99, ullat=0
pragma: public
x-fb-debug: dQr1LJBNUB22eNGv6wh+Hf1V07zH5iZHqMs6NyhI3Dti4R/zcJxi7qzMY1qvwxKwjN840TpYSOffauQmf1Wylg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H2 200 ingest.php Show response
events.newsroom.bi/ 89 B
884 B 3504ms
178ms Fetch
application/json 57.129.37.202
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/ingest.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 57.129.37.202 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: haproxy02.cl15.ovh.mrf.io
Software: istio-envoy /
Resource Hash: 16c6db2264fc4692b56c6684fc47601ab5f09dd4110f3f8e1497fb223e1e1240

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://winnipegsun.com/

Response headers

access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
content-encoding: gzip
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://winnipegsun.com
content-length: 99
date: Fri, 10 Jan 2025 08:41:19 GMT
content-type: application/json
server: istio-envoy
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H3 200 a340cef41648d3498e93.js Show response
sdk.mrf.io/statics/ 72 KB
16 KB 277ms
277ms Script
application/javascript 104.21.50.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.mrf.io/statics/a340cef41648d3498e93.js
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.50.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c63a5fab67a589cdc1cec7c59aa464608f48a96e95fccd375ea7dafb4288815

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://winnipegsun.com
Referer: https://winnipegsun.com/

Response headers

access-control-max-age: 3600
content-encoding: br
cf-cache-status: REVALIDATED
etag: W/"69c26bc1c430b90b1abc35e0689788c6"
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
x-cache: RefreshHit from cloudfront
x-amz-cf-id: IGmP7nkmJRZWlpLx_6WvIUgclo_jGbCqWW-kIL7RVXma4QPBQ7Te3Q==
date: Fri, 10 Jan 2025 08:41:16 GMT
content-type: application/javascript;charset=UTF-8
last-modified: Tue, 07 Jan 2025 09:42:12 GMT
vary: accept-encoding
priority: u=1,i=?0
server-timing: cfExtPri
cache-control: max-age=3600
timing-allow-origin: *
x-envoy-upstream-service-time: 68
via: 1.1 0a3248cb2729105e64fb474faf90e3b2.cloudfront.net (CloudFront)
cf-ray: 8ffb5df28e167d9b-TLV
access-control-allow-origin: *
x-amz-cf-pop: AMS58-P3
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 242ms
119ms Image
text/plain 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1685973801652415&ev=PageView&dl=https%3A%2F%2Fwinnipegsun.com%2Fpmn%2Fun-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down&rl=&if=false&ts=1736498476106&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1736498476101.126811245589302113&cs_est=true&ler=empty&cdl=API_unavailable&it=1736498475842&coo=false&rqm=GET

Requested by

Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=117, rtx=0, c=24, mss=1232, tbw=8286, tp=14, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 10 Jan 2025 08:41:16 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
195 B 412ms
289ms Image
image/png 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1685973801652415&ev=PageView&dl=https%3A%2F%2Fwinnipegsun.com%2Fpmn%2Fun-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down&rl=&if=false&ts=1736498476106&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1736498476101.126811245589302113&cs_est=true&ler=empty&cdl=API_unavailable&it=1736498475842&coo=false&rqm=FGET

Requested by

Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7458204165043147871"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xac7a3da4b6a2a6df","source_keys":["1"]}],"aggregatable_values":{"1":10922},"aggregatable_source_registration_time":"exclude","filters":{"3":["1248673751829361"]},"debug_reporting":true,"debug_key":"2119534261796365737"}
date: Fri, 10 Jan 2025 08:41:16 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: Ak52TDdBCMs4jdNadCj0ggtcNXEJftGmAqkXN1WS9zbjix7gQAdoT8JlxX5fc/FdDxfOSERE5v70YA3gGJqPmQ==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7458204165043147871", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: GOOD; q=0.7, rtt=117, rtx=0, c=26, mss=1232, tbw=8857, tp=22, tpl=0, uplat=168, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 204 any Show response
idx.liadm.com/idex/did-004q/ 0
371 B 1643ms
192ms XHR
text/plain 18.210.235.203
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://idx.liadm.com/idex/did-004q/any?duid=0cdb85fccdd3--01jh7nzxt5fqntjvtrq1g5gmjh&did=did-004q&cd=.winnipegsun.com&pu=https%3A%2F%2Fwinnipegsun.com%2F&pv=0b37e1ae-bc2d-4922-9c55-dce8f5650fe9&_pubcid=33c7c3c9-3948-4ab7-b138-5b34e8c5e4d8

Requested by

Host: d-code.liadm.com
URL: https://d-code.liadm.com/did-004q.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.210.235.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-210-235-203.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=3599, private
trace-id: e5c9b5dfbedb1fe7
request-time: 1
access-control-allow-credentials: true
expires: Fri, 10 Jan 2025 09:41:18 GMT
access-control-allow-origin: https://winnipegsun.com
date: Fri, 10 Jan 2025 08:41:18 GMT
vary: Origin

GET
H3 200 sdk-runtime-config.js Show response
buy.tinypass.com/api/v3/anon/assets/ 266 B
448 B 147ms
146ms XHR
application/json 104.18.176.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/assets/sdk-runtime-config.js?aid=RpxZ9l1H1l

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js?version=2

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.176.126 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2aa19e5d776ea59a7b82f5108f90be0a3cfcbacb06c44d76b67ae821a55b15d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json
Referer: https://winnipegsun.com/

Response headers

x-request-id: M4bzupsZBUS
content-encoding: gzip
cf-cache-status: HIT
expires: Fri, 10 Jan 2025 12:41:18 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 10 Jan 2025 08:41:18 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Fri, 10 Jan 2025 05:59:28 GMT
priority: u=1,i
strict-transport-security: max-age=86400; includeSubDomains
cache-control: public, max-age=14400
cf-ray: 8ffb5e002c49c227-TLV
access-control-allow-origin: *
server: cloudflare

GET
H3 200 52.fe516ab6620ef754efa3.js Show response
cdn.viafoura.net/chunks/ 40 KB
12 KB 232ms
113ms Script
application/javascript 18.66.102.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/52.fe516ab6620ef754efa3.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.102.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-31.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e8348f85019c4116a8898d2ddadd8413d47b43983e15efe33544759ae707e58e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

content-encoding: br
x-amz-version-id: VjJtxT4JcgHA9MXpDdiO_QjQB5S3Y8xD
age: 59467
etag: W/"5a0010502dc798b204c962c39fbcf6f4"
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: tuWhncrPXz2GbRgW5pTXwUM1T3qpq74Be9dY9lE3Kee0k-p3oPAMDA==
date: Thu, 09 Jan 2025 16:10:12 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding, Origin
last-modified: Thu, 09 Jan 2025 16:09:48 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=31536000
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 56.9ee985023cb450e3f33d.js Show response
cdn.viafoura.net/chunks/ 20 KB
5 KB 234ms
116ms Script
application/javascript 18.66.102.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/56.9ee985023cb450e3f33d.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.102.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-31.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5a46c7c77d907ba22f639440e46aa77f468b6723aecf5af9efc0932ca3ff05b0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

content-encoding: br
x-amz-version-id: adGCD6MJfdEgL4CjgQXWPVlHFe91f6_7
age: 59467
etag: W/"76694199b661dba82f1d395ec446d0ec"
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: Z5-K18IQkmdV3pnYgbe5v6-ATWrcQH-Vn8WEV07ECEefTGXn2Zisdw==
date: Thu, 09 Jan 2025 16:10:12 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding, Origin
last-modified: Thu, 09 Jan 2025 16:09:48 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=31536000
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

OPTIONS
H/1.1 200
OK webtag.resolve
api.fullcontact.com/v3/ Frame 0
0 7910ms
216ms Preflight
text/plain 52.202.2.12
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.fullcontact.com/v3/webtag.resolve?webtagKey=yY2pOf77RzG1E3grWXhBFn9ZtGmt6vYa

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.202.2.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-202-2-12.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src: 'self'; navigate-to: 'self'; block-all-mixed-content
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://winnipegsun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, PUT, PATCH, POST, DELETE, HEAD, OPTIONS
Access-Control-Allow-Origin: https://winnipegsun.com
Access-Control-Max-Age: 3600
Allow: POST,OPTIONS
Connection: keep-alive
Content-Length: 13
Content-Security-Policy: default-src: 'self'; navigate-to: 'self'; block-all-mixed-content
Content-Type: text/plain
Date: Fri, 10 Jan 2025 08:41:26 GMT
Referrer-Policy: same-origin
Vary: Origin
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
X-FullContact-RateDelay: 16
X-Robots-Tag: noindex,nofollow
X-XSS-Protection: 1

POST
H/1.1 204
No Content webtag.domain
api.fullcontact.com/v3/ 0
0 7875ms
203ms Fetch 52.202.2.12
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.fullcontact.com/v3/webtag.domain?webtagKey=yY2pOf77RzG1E3grWXhBFn9ZtGmt6vYa

Requested by

Host: tags.fullcontact.com
URL: https://tags.fullcontact.com/anon/fullcontact.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.202.2.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-202-2-12.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src: 'self'; navigate-to: 'self'; block-all-mixed-content
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://winnipegsun.com/

Response headers

X-Robots-Tag: noindex,nofollow
Content-Security-Policy: default-src: 'self'; navigate-to: 'self'; block-all-mixed-content
X-FullContact-RateDelay: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Access-Control-Allow-Origin: https://winnipegsun.com
Date: Fri, 10 Jan 2025 08:41:26 GMT
X-XSS-Protection: 1
Vary: Origin, Origin
X-Frame-Options: sameorigin

GET
H2 200 j Show response
rp.liadm.com/ 13 B
383 B 1853ms
194ms XHR
application/json 34.231.219.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rp.liadm.com/j?dtstmp=1736498478517&did=did-004q&se=e30&duid=0cdb85fccdd3--01jh7nzxt5fqntjvtrq1g5gmjh&tv=v3.6.0&pu=https%3A%2F%2Fwinnipegsun.com%2Fpmn%2Fun-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down&ext__pubcid=33c7c3c9-3948-4ab7-b138-5b34e8c5e4d8&wpn=lc-bundle&wpv=v3.6.0&cd=.winnipegsun.com&c=PHRpdGxlPlVOIGh1bWFuIHJpZ2h0cyBvZmZpY2UgaW4gVmVuZXp1ZWxhIHBhcnRpYWxseSByZXN1bWVzIHdvcmsgbW9udGhzIGFmdGVyIGdvdmVybm1lbnQgc2h1dCBpdCBkb3duIHwgV2lubmlwZWcgU3VuPC90aXRsZT48bWV0YSBjb250ZW50PSJDQVJBQ0FTLCBWZW5lenVlbGEgKEFQKSDigJQgVGhlIFUuTi4gb2ZmaWNlIG9uIGh1bWFuIHJpZ2h0cyBpbiBWZW5lenVlbGEgcGFydGlhbGx5IHJlc3VtZWQgb3BlcmF0aW9ucyBpbiByZWNlbnQgd2Vla3MsIHRoZSBhZ2VuY3nigJlzIGNoaWVmIHNhaWQgRnJpZGF5LCBtb250aHMgYWZ0ZXIgdGjigKYiIG5hbWU9ImRlc2NyaXB0aW9uIj48bGluayBocmVmPSJodHRwczovL3dpbm5pcGVnc3VuLmNvbS9wbW4vdW4taHVtYW4tcmlnaHRzLW9mZmljZS1pbi12ZW5lenVlbGEtcGFydGlhbGx5LXJlc3VtZXMtd29yay1tb250aHMtYWZ0ZXItZ292ZXJubWVudC1zaHV0LWl0LWRvd24iIHJlbD0iY2Fub25pY2FsIj48dGl0bGUgaWQ9IndzdW5Mb2dvIj5XaW5uaXBlZyBTdW48L3RpdGxlPjx0aXRsZT5Vc2VyPC90aXRsZT48aDEgY2xhc3M9ImFydGljbGUtdGl0bGUiIGRhdGEtdGItdGl0bGU9IiIgaWQ9ImFydGljbGVUaXRsZSI-VU4gaHVtYW4gcmlnaHRzIG9mZmljZSBpbiBWZW5lenVlbGEgcGFydGlhbGx5IHJlc3VtZXMgd29yayBtb250aHMgYWZ0ZXIgZ292ZXJubWVudCBzaHV0IGl0IGRvd248L2gxPg&pv=0b37e1ae-bc2d-4922-9c55-dce8f5650fe9
Requested by: Host: d-code.liadm.com
URL: https://d-code.liadm.com/did-004q.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.231.219.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-231-219-101.compute-1.amazonaws.com
Software: /
Resource Hash: efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

x-pixel-event-id: d5edb93e-8e27-4247-9d2e-201e901cda3c
access-control-max-age: 86400
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://winnipegsun.com
content-length: 13
date: Fri, 10 Jan 2025 08:41:20 GMT
content-type: application/json

POST
H/1.1 204
No Content webtag.resolve
api.fullcontact.com/v3/ 0
0 193ms
191ms Fetch 52.202.2.12
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.fullcontact.com/v3/webtag.resolve?webtagKey=yY2pOf77RzG1E3grWXhBFn9ZtGmt6vYa

Requested by

Host: tags.fullcontact.com
URL: https://tags.fullcontact.com/anon/fullcontact.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.202.2.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-202-2-12.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src: 'self'; navigate-to: 'self'; block-all-mixed-content
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://winnipegsun.com/

Response headers

X-Robots-Tag: noindex,nofollow
Content-Security-Policy: default-src: 'self'; navigate-to: 'self'; block-all-mixed-content
X-FullContact-RateDelay: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Access-Control-Allow-Origin: https://winnipegsun.com
Date: Fri, 10 Jan 2025 08:41:26 GMT
X-XSS-Protection: 1
Vary: Origin, Origin
X-Frame-Options: sameorigin

GET
H3 200 188.e0524ab2bf2e2c63079e.css
cdn.viafoura.net/ 92 KB
12 KB 113ms
112ms Stylesheet
text/css 18.66.102.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/188.e0524ab2bf2e2c63079e.css
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.102.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-31.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a051dc387f650bd120bf5aa65404a29baac0ef0327fe3a7bcc3bba0165df8f7b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

content-encoding: br
x-amz-version-id: Jc6ksCMCu1w1nhGo1K4x6sVqYXLXt68z
age: 59467
etag: W/"3886b506836b69add2f5078c414043ba"
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: KbUM8Y0K3XQVOxWshtu1moaT96AbRU1T5Z0W6P_2ZD9HA_6Jl_eEBA==
date: Thu, 09 Jan 2025 16:10:12 GMT
content-type: text/css; charset=utf-8
vary: accept-encoding, Origin
last-modified: Thu, 09 Jan 2025 16:09:53 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=31536000
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 188.e0524ab2bf2e2c63079e.js Show response
cdn.viafoura.net/chunks/ 83 B
505 B 116ms
116ms Script
application/javascript 18.66.102.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/188.e0524ab2bf2e2c63079e.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.102.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-31.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0538ac32be227e4ad02ba085ea9dafdad1c35f703407f8e8d5b3412d2ca72ba2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

etag: "043c3e71536b28f145f8322d94fc94ba"
x-amz-version-id: J2XcjWL6bC2a.7pTkMsEHerYRxApjk_O
age: 59467
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: bNhLvV7O8lVdHfro0yzVgRTVxse3KzcU35MiGH-YuSCGbR_GcZMk5w==
date: Thu, 09 Jan 2025 16:10:12 GMT
content-type: application/javascript; charset=utf-8
vary: Origin
last-modified: Thu, 09 Jan 2025 16:09:38 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=31536000
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 83
x-amz-cf-pop: FRA56-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 LoginRadiusV2.js Show response
auth.lrcontent.com/v2/ 242 KB
56 KB 7705ms
194ms Script
text/javascript 104.18.4.235
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.lrcontent.com/v2/LoginRadiusV2.js

Requested by

Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.4.235 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cebaf097795c8b1fa8f5c5e9989886acf843b7f7b78c8f0875a2850f1ee30d95

Security Headers

Name	Value
Strict-Transport-Security	max-age= 63072000; includeSubdomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"9f45bc4c2df3711eaaea6e1170e27314"
age: 4402
expires: Fri, 10 Jan 2025 12:41:26 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: pX9f2anOXLE2KZAfDCpjm1OedTQ-6pFYJLz1JXPK3kMzbHPdozJryQ==
date: Fri, 10 Jan 2025 08:41:26 GMT
content-type: text/javascript
last-modified: Tue, 24 Dec 2024 09:11:13 GMT
vary: Origin, Accept-Encoding
strict-transport-security: max-age= 63072000; includeSubdomains; preload
cache-control: public, max-age=14400
via: 1.1 c8d7a354d7a20d6a1ce079386bfa92e0.cloudfront.net (CloudFront)
cf-ray: 8ffb5e32fc28edf3-LHR
x-amz-cf-pop: MAD53-P2
server: cloudflare
x-amz-server-side-encryption: AES256

OPTIONS
H2 200 id
livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-e5c2592d5bfc/contentcontainer/ Frame 0
0 576ms
190ms Preflight 18.209.41.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-e5c2592d5bfc/contentcontainer/id?container_id=5d02763c-de84-431d-8b2b-66ff429b0ecf
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.41.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-41-108.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://winnipegsun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,X-REQUEST-SIGNATURE,content-type,X-UNIQUE-ID
access-control-allow-methods: PATCH,DELETE,POST,GET,PUT
access-control-allow-origin: https://winnipegsun.com
access-control-max-age: 43200
content-length: 0
date: Fri, 10 Jan 2025 08:41:19 GMT

GET
H3 200 68.3951690993d1358da17a.js Show response
cdn.viafoura.net/chunks/ 18 KB
5 KB 113ms
113ms Script
application/javascript 18.66.102.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/68.3951690993d1358da17a.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.102.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-31.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 432f852c46baa5036a5e314ff7c2af1c38e19ce4ffab4642ecb65a9ea4df3f3d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

content-encoding: br
x-amz-version-id: L8g9JPGWwnEfVydkdtiRnYL2HdMmphfV
age: 59467
etag: W/"0f5b4339fe1e13ac1d84d2438ead9d33"
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: QvXggQvbWPVhVytRCZ8KIoNG3gYrLDda3zvonNGnT9R72N4b3jbLmQ==
date: Thu, 09 Jan 2025 16:10:12 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding, Origin
last-modified: Thu, 09 Jan 2025 16:09:43 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=31536000
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 0.26253884bb7474d65257.css
cdn.viafoura.net/ 78 KB
10 KB 112ms
112ms Stylesheet
text/css 18.66.102.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/0.26253884bb7474d65257.css
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.102.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-31.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 84a412955997dccb761bc700da8fa6472686fbd7d78cbfc9da96102108fbf81c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

content-encoding: br
x-amz-version-id: lgBiRxTHaEueinjlEX7j3Y8hItIQBvZl
age: 59467
etag: W/"1c83913e77b0dc1233913d5239759bf5"
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: kmN3TLKFQAqfdrR7TT_P8R29sWSgGO_NV_t0-N_6wxjchQZ93kcu7A==
date: Thu, 09 Jan 2025 16:10:12 GMT
content-type: text/css; charset=utf-8
vary: accept-encoding, Origin
last-modified: Thu, 09 Jan 2025 16:09:54 GMT
x-amz-replication-status: PENDING
cache-control: max-age=31536000
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 da.26253884bb7474d65257.js Show response
cdn.viafoura.net/chunks/ 137 KB
32 KB 116ms
115ms Script
application/javascript 18.66.102.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/da.26253884bb7474d65257.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.102.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-31.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7cc912b654cf4b81418b28aebdf7e360e14f790880336e4c071b792b539e08f5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

content-encoding: br
x-amz-version-id: 0aEyOseup3xhju6ho6v8D6vxlJL5r6nL
age: 59467
etag: W/"9c5decdc3a7013977105c8b8e827206d"
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: CiO2ges0min0Gy7lW_pBzRIUW137-B3sldEA0Aujl5x7_llDN0Nnkg==
date: Thu, 09 Jan 2025 16:10:12 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding, Origin
last-modified: Thu, 09 Jan 2025 16:09:45 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=31536000
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 32.b05e457ee2820bb0b60a.js Show response
cdn.viafoura.net/chunks/ 4 KB
2 KB 117ms
117ms Script
application/javascript 18.66.102.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/32.b05e457ee2820bb0b60a.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.102.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-31.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 95b079951892299c6a77df3971de38a90ae9f6609e23ed294188713bc0772783

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

content-encoding: br
x-amz-version-id: TYb92uBY_Nhp84S61PqJMh8lyxsV0vco
age: 59467
etag: W/"fdc96a5cced4b59a72debd66628625f9"
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: aJyKu3HIvcwxKZ1Lakz1fH5GgAp19VuwRRtYVsNXoi6xFNylu7fS9w==
date: Thu, 09 Jan 2025 16:10:12 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding, Origin
last-modified: Thu, 09 Jan 2025 16:09:45 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=31536000
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 128.1df71458fc09bf50fe06.js Show response
cdn.viafoura.net/chunks/ 1 KB
860 B 116ms
115ms Script
application/javascript 18.66.102.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/128.1df71458fc09bf50fe06.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.102.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-31.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0a276a7e6b4d9c3bff4311f47a2763506b85c2ea87a7781b4cec6023a3932544

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

content-encoding: br
x-amz-version-id: ftHhhyY_LA63.3fHxLr156k1AwyjwyEA
age: 59466
etag: W/"fca805c0bc2cde5f2838f4960b1f89ae"
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: ma2_zwkVOa6CeBYqRj9MrZNax4sI389oAvq09oeFoWnWyHcX7vwfBQ==
date: Thu, 09 Jan 2025 16:10:13 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding, Origin
last-modified: Thu, 09 Jan 2025 16:09:39 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=31536000
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 39.64bd09f73f7534782a13.js Show response
cdn.viafoura.net/chunks/ 2 KB
1 KB 115ms
115ms Script
application/javascript 18.66.102.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/39.64bd09f73f7534782a13.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.102.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-31.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 20bb99e76396f09b8d866aebfaf157b5a5f96e68366dd83a6e1a0ee237815db4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

content-encoding: br
x-amz-version-id: S5Bog9XTTZKYjtIDN5yw4JfWFAsfdoPv
age: 59467
etag: W/"c6d92c37f6f88f122f4e46a7695e6a9c"
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: Ob3W6LzXqCt79ge7WTjT58oNjvyOIlbpNq3T37-1hGgCKK9npUJ5Ag==
date: Thu, 09 Jan 2025 16:10:12 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding, Origin
last-modified: Thu, 09 Jan 2025 16:09:50 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=31536000
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 id Show response
livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-e5c2592d5bfc/contentcontainer/ 1 KB
545 B 6114ms
229ms XHR
application/json 18.209.41.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-e5c2592d5bfc/contentcontainer/id?container_id=5d02763c-de84-431d-8b2b-66ff429b0ecf
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.41.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-41-108.compute-1.amazonaws.com
Software: /
Resource Hash: c0950ffdf918b602d6c350b35a2f11a3ac253873ff319b5aae96b268c4b269e8

Request headers

Referer: https://winnipegsun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json;charset=utf-8

Response headers

access-control-allow-origin: https://winnipegsun.com
content-length: 379
content-encoding: gzip
date: Fri, 10 Jan 2025 08:41:25 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true

POST
H2 200 ingest
i.viafoura.co/v3/winnipegsun.com/ 67 B
267 B 7766ms
257ms Ping
image/png 54.146.51.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://i.viafoura.co/v3/winnipegsun.com/ingest
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.146.51.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-146-51-79.compute-1.amazonaws.com
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://winnipegsun.com/

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://winnipegsun.com
cache-control: no-cache, no-store, must-revalidate
content-length: 67
date: Fri, 10 Jan 2025 08:41:26 GMT
content-type: image/png
access-control-allow-credentials: true

GET
H3 200 31.40e7cc4f3b0b65fcbafb.js Show response
cdn.viafoura.net/chunks/ 14 KB
4 KB 116ms
116ms Script
application/javascript 18.66.102.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/31.40e7cc4f3b0b65fcbafb.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.102.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-31.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f2e041a9ba43af2d35157e839b782c227dc75426ab79bd2c80d9f85f6b911580

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

content-encoding: br
x-amz-version-id: .LFdrVReggkYFAtB0qEV0gGXl0kBBh1g
age: 59467
etag: W/"602d5cb76374df25751087484c6aa281"
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: s8RrI-Ll7UGe_zUgkxVSqWRlasag8aiRecvEzAYbnIP0d32SqdEHHA==
date: Thu, 09 Jan 2025 16:10:12 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding, Origin
last-modified: Thu, 09 Jan 2025 16:09:41 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=31536000
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
257 B 15849ms
129ms Image
image/gif 63.34.81.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1736498478984&plid=d895889b-56a5-4884-8cdd-c86bb83ba112&idsite=winnipegsun.com&url=https%3A%2F%2Fwinnipegsun.com%2Fpmn%2Fun-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22login_status%22%3A%22anonymous%22%7D&sid=1&surl=https%3A%2F%2Fwinnipegsun.com%2Fpmn%2Fun-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down&sref=&sts=1736498478981&slts=0&title=UN+human+rights+office+in+Venezuela+partially+resumes+work+months+after+government+shut+it+down+%7C+Winnipeg+Sun&date=Fri+Jan+10+2025+10%3A41%3A18+GMT%2B0200+(%D7%A9%D7%A2%D7%95%D7%9F+%D7%99%D7%A9%D7%A8%D7%90%D7%9C+(%D7%97%D7%95%D7%A8%D7%A3))&action=pageview&pvid=fd07c6f4-97cd-444d-9e03-362254adbe88&u=pid%3D73f71a01-5637-4236-a571-bf80e3c1a733
Requested by: Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.34.81.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-81-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

Cache-Control: no-cache
Content-Length: 43
Date: Fri, 10 Jan 2025 08:41:34 GMT
Content-Type: image/gif
Last-Modified: Friday, 10-Jan-2025 08:41:34 GMT
Server: nginx
Connection: keep-alive

GET
H/1.1 200
OK sp1.html
cdn.cxense.com/ Frame EAD1 0
0 7478ms
120ms Document
text/html 104.102.38.221
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/sp1.html
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.38.221 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-38-221.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

Referer: https://winnipegsun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 289
Content-Type: text/html
Date: Fri, 10 Jan 2025 08:41:26 GMT
Expires: Mon, 20 Jan 2025 08:41:26 GMT
Last-Modified: Thu, 30 Nov 2023 11:55:50 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding

GET
H2 200 all Show response
notifications.viafoura.co/v5/notifications/00000000-0000-4000-8000-e5c2592d5bfc/ 36 B
224 B 7720ms
249ms XHR
application/json 18.209.41.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://notifications.viafoura.co/v5/notifications/00000000-0000-4000-8000-e5c2592d5bfc/all
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.41.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-41-108.compute-1.amazonaws.com
Software: /
Resource Hash: b6dc85459fbb9d03f478d91eae99e6627e04c8f805b08e4b97423ffbc3870d9d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://winnipegsun.com/

Response headers

access-control-allow-origin: https://winnipegsun.com
content-length: 59
content-encoding: gzip
date: Fri, 10 Jan 2025 08:41:26 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true

POST
H2 200 rfv.php Show response
events.newsroom.bi/data/ 27 B
470 B 119ms
118ms Fetch
application/json 57.129.37.202
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/data/rfv.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 57.129.37.202 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: haproxy02.cl15.ovh.mrf.io
Software: istio-envoy /
Resource Hash: 79df73fd1377483384f7b7565e98c4a430889f0388db05634271f9f302faeac7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://winnipegsun.com/

Response headers

access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
content-encoding: gzip
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://winnipegsun.com
content-length: 42
date: Fri, 10 Jan 2025 08:41:19 GMT
content-type: application/json
server: istio-envoy
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H3 200 1.9e9829884301e96ad53d.js Show response
cdn.viafoura.net/chunks/ 15 KB
5 KB 464ms
464ms Script
application/javascript 18.66.102.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/1.9e9829884301e96ad53d.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.102.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-31.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3a2dbb0ee96218c634e1ef740224b357034d75cb86ff16213ba58b289afde6b7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

content-encoding: br
x-amz-version-id: DKzOmd_dJ15OQDfNdQOzx..oiKVXxO6Y
age: 59472
etag: W/"1a24ce2d78d22f89416e9769846e7401"
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 1HJlU1S4lMna21aUn0pKAyLkpJf3Vang6zz4P1PrSOEdfdDjeX1RyA==
date: Thu, 09 Jan 2025 16:10:12 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding, Origin
last-modified: Thu, 09 Jan 2025 16:09:46 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=31536000
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 176.02ccdff7736a002ca159.css
cdn.viafoura.net/ 9 KB
2 KB 234ms
233ms Stylesheet
text/css 18.66.102.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/176.02ccdff7736a002ca159.css
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.102.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-31.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1e3f9842d3481ff3cb99434e68378cd842744c0e05553602c70d69bdf420fa65

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

content-encoding: br
x-amz-version-id: cy3IczkXEc0PZM8oopkn7RTdkmlq6GTs
age: 59472
etag: W/"8adbd6d23b488762c235ea318bc6ee6b"
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: Bj0zsM_VTHdgxnG5-Z9nQ226Ypy4CCLXH4wX6W6blZ-AabS2w-w3yg==
date: Thu, 09 Jan 2025 16:10:12 GMT
content-type: text/css; charset=utf-8
vary: accept-encoding, Origin
last-modified: Thu, 09 Jan 2025 16:09:52 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=31536000
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 176.02ccdff7736a002ca159.js Show response
cdn.viafoura.net/chunks/ 18 KB
6 KB 464ms
463ms Script
application/javascript 18.66.102.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/176.02ccdff7736a002ca159.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.102.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-31.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee1e23564fd3f0b276f53bf02be5fa8992e6c68835ec69f8baad88651f319991

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

content-encoding: br
x-amz-version-id: bo_eI30rMBfOo1VPYu7J8STraCe5_1YN
age: 59472
etag: W/"384bab499704de90a8170cc1a875ac50"
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: tx5BqXwBULzKqRCjrCDQ3jbEU0lKlsz0owLuqMlZFxpAILKoB3WiEA==
date: Thu, 09 Jan 2025 16:10:12 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding, Origin
last-modified: Thu, 09 Jan 2025 16:09:37 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=31536000
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 50.f99ace28237c49d23795.js Show response
cdn.viafoura.net/chunks/ 3 KB
2 KB 476ms
475ms Script
application/javascript 18.66.102.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/50.f99ace28237c49d23795.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.102.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-31.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: daa7dea3a1e42c03d13f9c0216f1ddb2b413761615102118f84f207b9d60c712

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

content-encoding: br
x-amz-version-id: V9LgOvp_kM0JV5wYalOy4FY9FlCJHgs9
age: 59472
etag: W/"078226d272c7701d0a2903f59d5412aa"
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 6ZEa2uM9Xd-MsqcPgWaO3-Xok7CpBlSJznu3ImIW-KktcNN91Hj1yQ==
date: Thu, 09 Jan 2025 16:10:12 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding, Origin
last-modified: Thu, 09 Jan 2025 16:09:47 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=31536000
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 trendingrecommended Show response
livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-e5c2592d5bfc/ 5 KB
2 KB 915ms
231ms XHR
application/json 18.209.41.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-e5c2592d5bfc/trendingrecommended?limit=6&content_container_window_days=7&content_window_hours=3&sorted_by=total_visible_contents
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.41.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-41-108.compute-1.amazonaws.com
Software: /
Resource Hash: bf2c42c876ed7cff3e395fd05e31c9ba63c5e9f3a3ff6769cfceff056f7847f4

Request headers

X-UNIQUE-ID: 07834ae0-d3a7-4b4d-a860-11166e2ec53c
Referer: https://winnipegsun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json;charset=utf-8

Response headers

access-control-allow-origin: https://winnipegsun.com
content-length: 1809
content-encoding: gzip
date: Fri, 10 Jan 2025 08:41:25 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true

OPTIONS
H2 200 trendingrecommended
livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-e5c2592d5bfc/ Frame 0
0 190ms
190ms Preflight 18.209.41.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-e5c2592d5bfc/trendingrecommended?limit=6&content_container_window_days=7&content_window_hours=3&sorted_by=total_visible_contents
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.41.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-41-108.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-unique-id
Access-Control-Request-Method: GET
Origin: https://winnipegsun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,X-REQUEST-SIGNATURE,content-type,X-UNIQUE-ID
access-control-allow-methods: PATCH,DELETE,POST,GET,PUT
access-control-allow-origin: https://winnipegsun.com
access-control-max-age: 43200
content-length: 0
date: Fri, 10 Jan 2025 08:41:24 GMT

GET
H3 200 261.b24a09d49abde66680f9.css
cdn.viafoura.net/ 21 KB
5 KB 115ms
115ms Stylesheet
text/css 18.66.102.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/261.b24a09d49abde66680f9.css
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.102.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-31.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 81067eb0635feeb5a5f7f65ffadecd0e0b379fed520cc27cdbee959de5527dd1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

content-encoding: br
x-amz-version-id: izzuT1jl4TniPt.Rib1y2RkOhhxAehh3
age: 59474
etag: W/"a7830f5c61c14236b79ead5571a12fcb"
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: _rF7AU1-EuyF_YtWU0JI5uO2Tq_OoS-81ioSiuSeVU79vp7ILzTMTg==
date: Thu, 09 Jan 2025 16:10:12 GMT
content-type: text/css; charset=utf-8
vary: accept-encoding, Origin
last-modified: Thu, 09 Jan 2025 16:09:54 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=31536000
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 261.b24a09d49abde66680f9.js Show response
cdn.viafoura.net/chunks/ 147 KB
37 KB 114ms
113ms Script
application/javascript 18.66.102.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/261.b24a09d49abde66680f9.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.102.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-31.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ab305f44736e9edae4707e896a88714f09b76f063b515d617820cdec2ae28dd9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

content-encoding: br
x-amz-version-id: x1xcHMLKrU.WlMSm_D.wg8GUwxYUNHDN
age: 59474
etag: W/"e543b0900adf56510ef55d7b0b37e2a3"
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: j_cjff1QWuutiB8WxD0nfXoigHOn7fo8eAje-oXqupxCO2NwPk2MkA==
date: Thu, 09 Jan 2025 16:10:12 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding, Origin
last-modified: Thu, 09 Jan 2025 16:09:34 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=31536000
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 ONT-US-Canada-Summit-20240611.jpg
smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2025/01/ 3 KB
3 KB 202ms
201ms Image
image/webp 34.149.157.221
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2025/01/ONT-US-Canada-Summit-20240611.jpg?w=210&type=webp
Requested by: Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 221.157.149.34.bc.googleusercontent.com
Software: nginx/1.18.0 /
Resource Hash: ce6ae452e0ac529730fe5a2f5f2e19e5fab0839c3bd3fa83dd4babb87ed1a2e9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

cache-control: max-age=31536000,public
etag: "fd7039018d359768303ac7ec77ba51ab9d89279e"
age: 19779
via: 1.1 google
x-pmd-smart-cdn-proxy: thumbor-proxy-675b9bbb75-g7zfq
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2838
date: Fri, 10 Jan 2025 03:11:46 GMT
content-type: image/webp
x-pmd-smartcdn-requester: winnipegsun
server: nginx/1.18.0
vary: Accept

GET
H3 200 canadian-arm-0109-e1736430057860.jpg
smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2025/01/ 4 KB
4 KB 70ms
69ms Image
image/webp 34.149.157.221
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2025/01/canadian-arm-0109-e1736430057860.jpg?w=210&type=webp
Requested by: Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 221.157.149.34.bc.googleusercontent.com
Software: nginx/1.18.0 /
Resource Hash: 4ba81b274188acdb49d918a7d1d83258c8d2068f79d916dd5f74804aeb23b6ad

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

cache-control: max-age=31536000,public
etag: "1f254f8bcf38811d5ce0dc524d3a38f3c062f867"
age: 64885
via: 1.1 google
x-pmd-smart-cdn-proxy: thumbor-proxy-675b9bbb75-tm6sg
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3786
date: Thu, 09 Jan 2025 14:40:00 GMT
content-type: image/webp
x-pmd-smartcdn-requester: winnipegsun
server: nginx/1.18.0
vary: Accept

GET
H3 200 gif2-ezgif.com-optimize.gif
smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2025/01/ 545 KB
546 KB 203ms
202ms Image
image/gif 34.149.157.221
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2025/01/gif2-ezgif.com-optimize.gif?w=210&type=webp
Requested by: Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 221.157.149.34.bc.googleusercontent.com
Software: nginx/1.18.0 /
Resource Hash: 8694bdd054cfb5793c323627b44788947249456dfb18d614e66f5f4b9762c0cd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

cache-control: max-age=31536000,public
etag: "7fe250f9766d247b7b4c96c34a9ac53450df0464"
age: 27546
via: 1.1 google
x-pmd-smart-cdn-proxy: thumbor-proxy-675b9bbb75-g7zfq
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 558092
date: Fri, 10 Jan 2025 01:02:19 GMT
content-type: image/gif
x-pmd-smartcdn-requester: winnipegsun
server: nginx/1.18.0

GET
H3 200 macdonald-2-e1691110761126.jpg
smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2025/01/ 5 KB
5 KB 251ms
251ms Image
image/webp 34.149.157.221
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2025/01/macdonald-2-e1691110761126.jpg?w=210&type=webp
Requested by: Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 221.157.149.34.bc.googleusercontent.com
Software: nginx/1.18.0 /
Resource Hash: 34387220bd3fcb5cc79f87417f02a17a0fb63e3f8e09ae39547106922b08ef8b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

cache-control: max-age=31536000,public
etag: "481af3186eba022eb4ddd9962390b6d57b5e1128"
via: 1.1 google
x-pmd-smart-cdn-proxy: thumbor-proxy-675b9bbb75-zv9l2
x-cache-hit: miss
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5494
date: Fri, 10 Jan 2025 08:41:26 GMT
content-type: image/webp
vary: Accept
server: nginx/1.18.0
x-pmd-smartcdn-requester: winnipegsun

GET
H3 200 ws20230911kk04-wp.jpg
smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2023/09/ 3 KB
3 KB 202ms
202ms Image
image/webp 34.149.157.221
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2023/09/ws20230911kk04-wp.jpg?w=210&type=webp
Requested by: Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 221.157.149.34.bc.googleusercontent.com
Software: nginx/1.18.0 /
Resource Hash: a1928a42c6916b227a45449b6c6e68a2affc1f7e6e2ca4a2c4ab9e476d98adcd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

cache-control: max-age=31536000,public
etag: "d18d820509141365a90a772a8f334f71baea187a"
age: 30695
via: 1.1 google
x-pmd-smart-cdn-proxy: thumbor-proxy-675b9bbb75-5jw7v
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3298
date: Fri, 10 Jan 2025 00:09:50 GMT
content-type: image/webp
x-pmd-smartcdn-requester: winnipegsun
server: nginx/1.18.0
vary: Accept

GET
H3 200 48.4fe333ee5b012ddc8be1.js Show response
cdn.viafoura.net/chunks/ 6 KB
3 KB 115ms
114ms Script
application/javascript 18.66.102.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/48.4fe333ee5b012ddc8be1.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.102.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-31.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4a54220a122d4ed52307f80c807429c3129bcc76b8ecb5a10e2b856d36456ce1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

content-encoding: br
x-amz-version-id: LvitCMkf6WchaIFdPpqy3jWwk9b4Pt23
age: 59474
etag: W/"b614cd1ec6abf868618cd58189745f9e"
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: Hie8JPZuvfkfuPsalI_BaaXlGuTd1q-4Si_BcOfifk1juFre95T-kQ==
date: Thu, 09 Jan 2025 16:10:13 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding, Origin
last-modified: Thu, 09 Jan 2025 16:09:45 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=31536000
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 appInfo Show response
config.lrcontent.com/ciam/ 5 KB
0 0ms
0ms XHR
application/json 104.18.5.235
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://config.lrcontent.com/ciam/appInfo?apikey=1a9a7ccf-c3f1-4ec9-a65f-2c3e8d9510a5
Requested by: Host: auth.lrcontent.com
URL: https://auth.lrcontent.com/v2/LoginRadiusV2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.5.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e70c4ca9d435e42a0401220dffc2ee0ab7f0ae5a4a019e83ec0b394445c9101

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/
X-Requested-With: XMLHttpRequest

Response headers

cache-control: max-age=86400
content-encoding: gzip
cf-cache-status: DYNAMIC
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
cf-ray: 8ffb5dd4989f1294-MRS
access-control-allow-origin: https://winnipegsun.com
date: Fri, 10 Jan 2025 08:41:11 GMT
content-type: application/json
vary: Origin
server: cloudflare

OPTIONS
H2 204 appInfo
config.lrcontent.com/ciam/ Frame 0
0 372ms
135ms Preflight 104.18.5.235
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://config.lrcontent.com/ciam/appInfo?apikey=1a9a7ccf-c3f1-4ec9-a65f-2c3e8d9510a5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.5.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: GET
Origin: https://winnipegsun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: x-requested-with
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://winnipegsun.com
allow: GET, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 8ffb5e36d923cd5c-LHR
date: Fri, 10 Jan 2025 08:41:26 GMT
server: cloudflare
vary: Origin

GET
H/1.1 200
OK login Show response
postmedia.hub.loginradius.com/ssologin/ 38 B
738 B 417ms
156ms XHR
application/json 54.246.81.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://postmedia.hub.loginradius.com/ssologin/login

Requested by

Host: auth.lrcontent.com
URL: https://auth.lrcontent.com/v2/LoginRadiusV2.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.246.81.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-246-81-101.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/
X-Requested-With: XMLHttpRequest

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Cache-Control: no-cache
X-LoginRadius-Server: EU-West, Primary - IDX - AWS
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS, POST, GET, PUT, OPTIONS, DELETE
Expires: -1
Access-Control-Allow-Origin: https://winnipegsun.com
Requestid: d5549b53-d6a5-43f3-a569-12478c5be5f8
Content-Length: 38
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date: Fri, 10 Jan 2025 08:41:30 GMT
Content-Type: application/json
Server: nginx
X-Server: ms_idx_primary

OPTIONS
H/1.1 204
No Content login
postmedia.hub.loginradius.com/ssologin/ Frame 0
0 3446ms
155ms Preflight 54.246.81.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://postmedia.hub.loginradius.com/ssologin/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.246.81.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-246-81-101.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: GET
Origin: https://winnipegsun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: x-requested-with
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS POST, GET, PUT, OPTIONS, DELETE
Access-Control-Allow-Origin: https://winnipegsun.com
Cache-Control: no-cache
Connection: keep-alive
Date: Fri, 10 Jan 2025 08:41:30 GMT
Expires: -1
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Requestid: 11b5f67b-b80a-4977-b103-110d757d7c98
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-LoginRadius-Server: EU-West Primary - IDX - AWS
X-Server: ms_idx_primary

GET
H2 200 id Show response
id.cxense.com/public/user/ 101 B
593 B 406ms
132ms Script
text/javascript 167.235.124.61
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22m5qicuf270th46ol%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%22ip98gn8b5yw71jlviktjr9eqm%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%22ip98gn8b5yw71jlviktjr9eqm%22%7D%5D%7D&callback=cXJsonpCB1

Requested by

Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.235.124.61 Bühl, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),

Reverse DNS

nue0039.cxense.com

Software

Jetty(9.4.28.v20200408) /

Resource Hash

fc74b5ebd20ec1324a99ccac7f6e4ee0336579d4fc215a4630f5e3823d3fa74f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-content-type-options: nosniff
expires: Mon, 26 Jul 1997 05:00:00 GMT
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 101
date: Fri, 10 Jan 2025 08:41:27 GMT
content-type: text/javascript;charset=utf-8
server: Jetty(9.4.28.v20200408)

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
966 B 126ms
126ms Script
text/javascript 142.250.185.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: auth.lrcontent.com
URL: https://auth.lrcontent.com/v2/LoginRadiusV2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f4.1e100.net

Software

ESF /

Resource Hash

89f66e695eeeb6fccacb707b14ae4ee31f74049c947985ff215bed85838371d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Fri, 10 Jan 2025 08:41:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Fri, 10 Jan 2025 08:41:28 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 recaptcha__iw.js Show response
www.gstatic.com/recaptcha/releases/RTbEo8_aWOvLbjGuoA8Hj2oS/ 551 KB
220 KB 377ms
122ms Script
text/javascript 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/RTbEo8_aWOvLbjGuoA8Hj2oS/recaptcha__iw.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

97285620104fcde8d9737849edd3aba62fc6ecd59ed3d4dc98e643b6feeab3ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://winnipegsun.com
Referer: https://winnipegsun.com/

Response headers

content-encoding: gzip
age: 245178
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Wed, 07 Jan 2026 12:35:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 07 Jan 2025 12:35:10 GMT
last-modified: Mon, 06 Jan 2025 05:01:14 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 224266
x-xss-protection: 0
server: sffe

GET
H3 200 2.af4214722db29b423238.js Show response
cdn.viafoura.net/chunks/ 9 KB
3 KB 113ms
112ms Script
application/javascript 18.66.102.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/2.af4214722db29b423238.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.102.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-31.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dfe959c805c91a9512d1f2ef75e87452bbb7f18610f935fca29b83e1b221f585

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

content-encoding: br
x-amz-version-id: E9LtQNYh0VqsQxdImEB2Tk.TjutHKzBW
age: 59477
etag: W/"69586a442009578cc461807e9f7de7d9"
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: TgnDKIOzMKk1uYEzDo_GYYOMHcBNI-H6Do4CceYbmHvqTk2N3OZwaw==
date: Thu, 09 Jan 2025 16:10:12 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding, Origin
last-modified: Thu, 09 Jan 2025 16:09:46 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=31536000
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 9.3654ca45dc6b2f131cdf.js Show response
cdn.viafoura.net/chunks/ 13 KB
5 KB 114ms
113ms Script
application/javascript 18.66.102.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/9.3654ca45dc6b2f131cdf.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.102.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-31.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 41ed91f3547b1da37c247f8d49add529b49a44ae9dc2c50ee0d935a95d583cd2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

content-encoding: br
x-amz-version-id: y.j0RwcyS3SgqQsxfiqXxl5HoCaEbZe3
age: 59477
etag: W/"80a859016893697397eca5b21e387731"
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: DUztCDFGP3MYY0nxFM6h6RA-PFsmXP_oaI2poyAUXMIm-Cxv_uRx9w==
date: Thu, 09 Jan 2025 16:10:12 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding, Origin
last-modified: Thu, 09 Jan 2025 16:09:36 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=31536000
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 8.c4a060fa5634e8a2efd9.js Show response
cdn.viafoura.net/chunks/ 59 KB
15 KB 114ms
113ms Script
application/javascript 18.66.102.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/8.c4a060fa5634e8a2efd9.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.102.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-31.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9e648ae8f7897107d3ec3d941880959b22ef10a92d4746e395aec292fe6d938e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

content-encoding: br
x-amz-version-id: buYBk9oQxPV_oqkCIWtUpnGg3HkziLgg
age: 59477
etag: W/"30b2616c770d2e5d96a4f54598b56a94"
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: Mz2-I2DAY0bZugr1oeWBeBRBbpSgS-u83Nb24FBu8MZcj6ysL4FeHg==
date: Thu, 09 Jan 2025 16:10:12 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding, Origin
last-modified: Thu, 09 Jan 2025 16:09:43 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=31536000
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 6.0b352befaa148b1c373d.js Show response
cdn.viafoura.net/chunks/ 138 KB
37 KB 117ms
116ms Script
application/javascript 18.66.102.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/6.0b352befaa148b1c373d.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.102.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-31.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 78241a32796ea0e5c6fd70efef7697350fbbdf4e001a8593ec5b87a0f7b77301

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

content-encoding: br
x-amz-version-id: 5Sqmjnm9AKGgU8G_Ip7R7HMJrmaJdZZj
age: 59477
etag: W/"4ae4400e2067497389347526839be38b"
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: ybO91KI-V69OUDcUb3C6J80ikH-gSEn51emI-mnfrXZGHHCwFVSamA==
date: Thu, 09 Jan 2025 16:10:12 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding, Origin
last-modified: Thu, 09 Jan 2025 16:09:39 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=31536000
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 3.e6a7b2c38df886c0079f.js Show response
cdn.viafoura.net/chunks/ 21 KB
6 KB 120ms
118ms Script
application/javascript 18.66.102.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/3.e6a7b2c38df886c0079f.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.102.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-31.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0be668a53431c686f23a918874fa88290c7eb7a1d7c9da0d38410848273b4bc4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

content-encoding: br
x-amz-version-id: Qh1UjcGvD.NVSPCjfiow.ZAN72HRBLSB
age: 59477
etag: W/"0d611ae2139b464cf5a73dffc482ae30"
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 0rkS6zLScJZwWMvMFzg-rxVDmhkgTDTL66-97ep2jx7KlPT0Kh-JPQ==
date: Thu, 09 Jan 2025 16:10:12 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding, Origin
last-modified: Thu, 09 Jan 2025 16:09:41 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=31536000
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 5.5d01ceb414f411c75702.css
cdn.viafoura.net/ 60 KB
9 KB 118ms
117ms Stylesheet
text/css 18.66.102.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/5.5d01ceb414f411c75702.css
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.102.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-31.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b1948a120e1ca5f01b733aacc6e48db5697cc2fd57bb8880c9990be301fdd144

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

content-encoding: br
x-amz-version-id: b4mzlcGDhCdLUJ0.C23kf2SFRux82vHq
age: 59477
etag: W/"97a647519cb1749ef7a488d832096760"
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: W4mf2guEJf3do3NEBltS988ZfltpLHA3WJNpYqiWimBUU7yTCQ2LGw==
date: Thu, 09 Jan 2025 16:10:12 GMT
content-type: text/css; charset=utf-8
vary: accept-encoding, Origin
last-modified: Thu, 09 Jan 2025 16:09:53 GMT
x-amz-replication-status: PENDING
cache-control: max-age=31536000
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 5.5d01ceb414f411c75702.js Show response
cdn.viafoura.net/chunks/ 147 KB
29 KB 122ms
121ms Script
application/javascript 18.66.102.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/5.5d01ceb414f411c75702.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.102.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-31.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8bf4930663b2355ccd58a97bdb797462025c6af07e7bec4aa9f15c1ce3014703

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

content-encoding: br
x-amz-version-id: AVM3lETbOzcb09J9AqRBblxwvZ.hkQVB
age: 59477
etag: W/"4b7558b0aa4bb130add920dcceafc962"
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: BBmouzZisUYS-c_VdrT7MXXNi8GqrerSILE57p3WkyN5dk4gP00gVg==
date: Thu, 09 Jan 2025 16:10:12 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding, Origin
last-modified: Thu, 09 Jan 2025 16:09:42 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=31536000
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 13.b252d6b4a9ecd366c289.js Show response
cdn.viafoura.net/chunks/ 92 KB
17 KB 122ms
121ms Script
application/javascript 18.66.102.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/13.b252d6b4a9ecd366c289.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.102.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-31.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d728c1f11d459720fe004bb296115d9f5e9a814b76b1a363ac254d93a1619285

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

content-encoding: br
x-amz-version-id: 4m9.yGy064_Iwf3iZI.gjtH7alpMsYy3
age: 59477
etag: W/"b6f7fa0c4ac7671ab6f7197ad413db91"
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 6oRfIBFVHEfSeCM7j05KtJq6jfOpvmk1FnZpwoNUHpSg2tGK5pwaWA==
date: Thu, 09 Jan 2025 16:10:12 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding, Origin
last-modified: Thu, 09 Jan 2025 16:09:40 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=31536000
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 14.5581581872092132313f.js Show response
cdn.viafoura.net/chunks/ 11 KB
5 KB 128ms
127ms Script
application/javascript 18.66.102.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/14.5581581872092132313f.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.102.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-31.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4a8f67a9519aa431a2c9b7135a6c6cf5b76380ebe9096ac8dda0d7bc2cd7486c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

content-encoding: br
x-amz-version-id: eR_RjG.mRXNYKTe67Wovyq9_yKyPEf4d
age: 59477
etag: W/"1ae823e3359948c3d5543652396f5b13"
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: V1a_w6uTBgAhflCBoeszQNXimcRoRGNeoohWagUjgB8kMGRADM2OtA==
date: Thu, 09 Jan 2025 16:10:12 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding, Origin
last-modified: Thu, 09 Jan 2025 16:09:35 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=31536000
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 174.80c809e3cdf41cc84b83.css
cdn.viafoura.net/ 29 KB
5 KB 130ms
129ms Stylesheet
text/css 18.66.102.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/174.80c809e3cdf41cc84b83.css
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.102.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-31.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7750ed00365da75d3b3c4be839fb46b4e29e6d7ce04697ccec15346540ec62c8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

content-encoding: br
x-amz-version-id: .FIq2551hAe0lFsu4j.kWMnaXVatCaz8
age: 59477
etag: W/"f7db1f6bbf275a86506fb543d9bb2071"
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: ZOO3mX_qPxYN8k5xYHcZStf2JIHv-GEnKuwXwG1Kf74sUVN7JIbzUw==
date: Thu, 09 Jan 2025 16:10:12 GMT
content-type: text/css; charset=utf-8
vary: accept-encoding, Origin
last-modified: Thu, 09 Jan 2025 16:09:51 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=31536000
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 174.80c809e3cdf41cc84b83.js Show response
cdn.viafoura.net/chunks/ 45 KB
11 KB 130ms
129ms Script
application/javascript 18.66.102.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/174.80c809e3cdf41cc84b83.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.102.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-31.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1c9641d3c4af6ff989cb21de82d7a54c9be9c07cecbe705dd230264978910273

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

content-encoding: br
x-amz-version-id: vaWc.TadHgT1XDYSC_NQ3JKIca2pOAGT
age: 59477
etag: W/"88e102080c6e85f1dc94ca47ef78658e"
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: ufULUUALOQaomTqRalOGNHx6hg9zyqhn4ZoCAW_EvQG5Npy6c8-yGw==
date: Thu, 09 Jan 2025 16:10:12 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding, Origin
last-modified: Thu, 09 Jan 2025 16:09:42 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=31536000
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 7.a34e496d0956a0a62e5f.js Show response
cdn.viafoura.net/chunks/ 14 KB
4 KB 125ms
125ms Script
application/javascript 18.66.102.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/7.a34e496d0956a0a62e5f.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.102.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-31.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c7416b50a20852c4cd99814b4214f5482bd1700a626b1ea3d40ac2c8cef39c4c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

content-encoding: br
x-amz-version-id: rt1AH.CbtV07jDGpgKl2ilN8g35DWTzV
age: 59477
etag: W/"f8525a4fb76bf8775ed6d94d2e341dde"
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: BCx6ig_dcEScATjZQnuTN-zX4T_YDdfjdAEXZRSuAufwJu6mc-8G6A==
date: Thu, 09 Jan 2025 16:10:12 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding, Origin
last-modified: Thu, 09 Jan 2025 16:09:39 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=31536000
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 42.f9387e67f0984c1d24f6.js Show response
cdn.viafoura.net/chunks/ 18 KB
5 KB 125ms
125ms Script
application/javascript 18.66.102.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/42.f9387e67f0984c1d24f6.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.102.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-31.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b00b56f89fb1332dd54f41fa37136ac9eefeecfb195b594209d152b8543ce404

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

content-encoding: br
x-amz-version-id: GKV4uShpqTVLjHHU685W4QquqFtbEGUY
age: 59477
etag: W/"b44945bdbc40b622dcee5f104d33a13c"
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: O-BNYkbr5fX62yrNVDEMZ1GiOq23z_BZZcCt9fUTEe_q7L8beiTE6Q==
date: Thu, 09 Jan 2025 16:10:12 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding, Origin
last-modified: Thu, 09 Jan 2025 16:09:33 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=31536000
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 49.767f1284a0f850181a63.js Show response
cdn.viafoura.net/chunks/ 11 KB
3 KB 130ms
130ms Script
application/javascript 18.66.102.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/49.767f1284a0f850181a63.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.102.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-31.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4a99d9375a754f7161428055c5e6d00bcdc12301e0f339925c335a0eba72a5b1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

content-encoding: br
x-amz-version-id: QWEZE.PJ9yyJXNt62VSNE8z4BUISPCTQ
age: 59477
etag: W/"4bb6b4ec4b8642252db9efde2310ebac"
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: ps9Dn-7MTGb9wPYp57ITRE-DAKxwZ5dfl2_ynzSP4Fcl4GLcpx89-w==
date: Thu, 09 Jan 2025 16:10:12 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding, Origin
last-modified: Thu, 09 Jan 2025 16:09:37 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=31536000
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 40.48cc29db4569167fc87f.js Show response
cdn.viafoura.net/chunks/ 860 B
1 KB 126ms
126ms Script
application/javascript 18.66.102.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/40.48cc29db4569167fc87f.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.102.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-31.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fe757fcaf024109ed8dd35aa53722f42edc6946828bb66982a6886af9341823a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

etag: "f9f445d33c73d2f8f84e5d2f4787913c"
x-amz-version-id: 46wnfDdnLvqLseFG3.BxvgL.la9MpDPl
age: 59477
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: AO1iLnlF4YdljYpXCnO_OXCyxJpflcdHFIw73uLdvRrnUCjX7cQtqQ==
date: Thu, 09 Jan 2025 16:10:12 GMT
content-type: application/javascript; charset=utf-8
vary: Origin
last-modified: Thu, 09 Jan 2025 16:09:43 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=31536000
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 860
x-amz-cf-pop: FRA56-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 00000000-0000-4000-8000-e5c2592d5bfc Show response
livecomments.viafoura.co/v4/livecomments/ 1 KB
573 B 205ms
205ms XHR
application/json 18.209.41.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-e5c2592d5bfc?limit=8&container_id=5d02763c-de84-431d-8b2b-66ff429b0ecf&reply_limit=0&sorted_by=newest
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.41.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-41-108.compute-1.amazonaws.com
Software: /
Resource Hash: 56d76d06754b7c73fcc4c56c179de28462042a8795584c1e0feebb404570bc9d

Request headers

Referer: https://winnipegsun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json;charset=utf-8

Response headers

access-control-allow-origin: https://winnipegsun.com
content-length: 408
content-encoding: gzip
date: Fri, 10 Jan 2025 08:41:29 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true

OPTIONS
H2 200 00000000-0000-4000-8000-e5c2592d5bfc
livecomments.viafoura.co/v4/livecomments/ Frame 0
0 190ms
190ms Preflight 18.209.41.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-e5c2592d5bfc?limit=8&container_id=5d02763c-de84-431d-8b2b-66ff429b0ecf&reply_limit=0&sorted_by=newest
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.41.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-41-108.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://winnipegsun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,X-REQUEST-SIGNATURE,content-type,X-UNIQUE-ID
access-control-allow-methods: PATCH,DELETE,POST,GET,PUT
access-control-allow-origin: https://winnipegsun.com
access-control-max-age: 43200
content-length: 0
date: Fri, 10 Jan 2025 08:41:28 GMT

POST
H2 200 ingest
i.viafoura.co/v3/winnipegsun.com/ 67 B
266 B 199ms
197ms Ping
image/png 54.146.51.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://i.viafoura.co/v3/winnipegsun.com/ingest
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.146.51.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-146-51-79.compute-1.amazonaws.com
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://winnipegsun.com/

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://winnipegsun.com
cache-control: no-cache, no-store, must-revalidate
content-length: 67
date: Fri, 10 Jan 2025 08:41:29 GMT
content-type: image/png
access-control-allow-credentials: true

GET
H2 200 comments Show response
livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-e5c2592d5bfc/de8a1f2a-d469-494c-9d39-4af582be66fa/ 38 B
228 B 197ms
197ms XHR
application/json 18.209.41.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-e5c2592d5bfc/de8a1f2a-d469-494c-9d39-4af582be66fa/comments?limit=8&reply_limit=0&sorted_by=newest&filtered_by=is_picked
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.41.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-41-108.compute-1.amazonaws.com
Software: /
Resource Hash: accb30e351050abbd11d2f4211022c2118844bae7889c1ff506b27c29bc374e5

Request headers

Referer: https://winnipegsun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json;charset=utf-8

Response headers

access-control-allow-origin: https://winnipegsun.com
content-length: 64
content-encoding: gzip
date: Fri, 10 Jan 2025 08:41:29 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true

OPTIONS
H2 200 comments
livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-e5c2592d5bfc/de8a1f2a-d469-494c-9d39-4af582be66fa/ Frame 0
0 189ms
189ms Preflight 18.209.41.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-e5c2592d5bfc/de8a1f2a-d469-494c-9d39-4af582be66fa/comments?limit=8&reply_limit=0&sorted_by=newest&filtered_by=is_picked
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.41.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-41-108.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://winnipegsun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,X-REQUEST-SIGNATURE,content-type,X-UNIQUE-ID
access-control-allow-methods: PATCH,DELETE,POST,GET,PUT
access-control-allow-origin: https://winnipegsun.com
access-control-max-age: 43200
content-length: 0
date: Fri, 10 Jan 2025 08:41:29 GMT

GET
H3 200 140.139ca183a3fe8f191bfe.js Show response
cdn.viafoura.net/chunks/ 1 KB
885 B 113ms
113ms Script
application/javascript 18.66.102.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/140.139ca183a3fe8f191bfe.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.102.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-31.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5c7b92f76bb7051341a258dec14cda8d81466f00d8e7d10475bec70a5b7e3cd2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

content-encoding: br
x-amz-version-id: 2xeFrWOwqhGzfCUjaw0YjFSx7nLu5R6H
age: 59478
etag: W/"3e4348504dc92dc3afcfbcf8cb35a516"
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: f74smiVJG85ZaNDQsWQPM1auN8FNa3bblD9xVUbM3nMvmpxEOEDdVg==
date: Thu, 09 Jan 2025 16:10:11 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding, Origin
last-modified: Thu, 09 Jan 2025 16:09:34 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=31536000
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 defaultavatar.913f94a2fa72a280b0374131f1c9b175.png
cdn.viafoura.net/assets/ 676 B
1 KB 115ms
114ms Image
image/png 18.66.102.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.viafoura.net/assets/defaultavatar.913f94a2fa72a280b0374131f1c9b175.png
Requested by: Host: winnipegsun.com
URL: https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.102.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-31.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e29a5291812a4e579ffa44abe6fe64763dc17fa2104fdc064e410f75f8dee8e0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

etag: "28fea6b8b2b5fdb61025943a5aac4c45"
x-amz-version-id: 6cyPjsfgHDgRRCylVpZ_ilm.326SIilG
age: 59478
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: uf27Yj70D-kyNUMCZ1kLjodOjJ0dsszLTrunYqa458xyWjxQakyUow==
date: Thu, 09 Jan 2025 16:10:12 GMT
content-type: image/png
vary: Origin
last-modified: Thu, 09 Jan 2025 16:09:31 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=31536000
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 676
x-amz-cf-pop: FRA56-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H3 200 log
buy.tinypass.com/api/v3/anon/error/ 0
0 286ms
218ms Ping
application/json 104.18.176.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://buy.tinypass.com/api/v3/anon/error/log?type=console-error-message&srcType=ts&log_message=%5B%7B%22userAgent%22%3A%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20HeadlessChrome%2F131.0.0.0%20Safari%2F537.36%22%2C%22stack%22%3A%22TypeError%3A%20Cannot%20read%20properties%20of%20null%20(reading%20%27addEventListener%27)%5Cn%20%20%20%20at%20https%3A%2F%2Fbuy.tinypass.com%2Fcheckout%2Ftemplate%2FcacheableShow%3Faid%3DRpxZ9l1H1l%26templateId%3DOTEHRB8JJDBG%26offerId%3DfakeOfferId%26experienceId%3DEXZS44KN41XP%26iframeId%3Doffer_23447bbcdaa3f7fe692c-0%26displayMode%3Dinline%26pianoIdUrl%3Dhttps%253A%252F%252Fid.tinypass.com%252Fid%252F%26widget%3Dtemplate%26url%3Dhttps%253A%252F%252Fwinnipegsun.com%3A93%3A40%22%2C%22message%22%3A%22Cannot%20read%20properties%20of%20null%20(reading%20%27addEventListener%27)%22%2C%22parentUrl%22%3A%22https%253A%252F%252Fwinnipegsun.com%22%2C%22iframeSrc%22%3A%22https%253A%252F%252Fbuy.tinypass.com%252Fcheckout%252Ftemplate%252FcacheableShow%253Faid%253DRpxZ9l1H1l%2526templateId%253DOTEHRB8JJDBG%2526offerId%253DfakeOfferId%2526experienceId%253DEXZS44KN41XP%2526iframeId%253Doffer_23447bbcdaa3f7fe692c-0%2526displayMode%253Dinline%2526pianoIdUrl%253Dhttps%25253A%25252F%25252Fid.tinypass.com%25252Fid%25252F%2526widget%253Dtemplate%2526url%253Dhttps%25253A%25252F%25252Fwinnipegsun.com%22%2C%22experienceId%22%3A%22EXZS44KN41XP%22%2C%22tags%22%3A%5B%22template%22%2C%22wgt_err%22%2C%22desktop%22%2C%22OTEHRB8JJDBG%22%2Cnull%2C%22RpxZ9l1H1l%22%5D%2C%22aid%22%3A%22RpxZ9l1H1l%22%2C%22v%22%3A%221.12.45%22%7D%5D
Requested by: Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js?version=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.176.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://winnipegsun.com/

Response headers

GET
H2 200 pd
google-bidout-d.openx.net/w/1.0/ Frame 553B 0
0 284ms
122ms Document
text/html 35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Referer: https://winnipegsun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0, no-cache
content-length: 539
content-type: text/html
date: Fri, 10 Jan 2025 08:41:35 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
vary: Accept, Accept-Encoding
via: 1.1 google
x-forwarded-for: 31.187.78.206

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js

Domain: floor.pbxai.com
URL: https://floor.pbxai.com/?pubxId=6805e7de-4f8f-46af-a2fc-5299f6b25680&page=https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down

Domain: lexicon.33across.com
URL: https://lexicon.33across.com/v1/envelope?pid=0015a0000344KfnAAE&gdpr=0&src=pbjs&ver=9.25.0&coppa=0

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=14359

Domain: api.sail-personalize.com
URL: https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0

Domain: api.sail-personalize.com
URL: https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0

Domain: cdn-ima.33across.com
URL: https://cdn-ima.33across.com/ob.js

Domain: idsync.rlcdn.com
URL: https://idsync.rlcdn.com/712559.gif?partner_uid=48073360-bec5-4cab-bb65-59440e373aa5

Domain: oajs.openx.net
URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwinnipegsun.com%2Fpmn%2Fun-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down&rid=esp

Domain: grid-bidder.criteo.com
URL: https://grid-bidder.criteo.com/openrtb_2_5/pbjs/auction/request?profileId=207&av=37&wv=9.25.0&cb=61851341089&lsavail=1&networkId=6498

Domain: prebid.media.net
URL: https://prebid.media.net/rtb/prebid?cid=8CUKB9454

Domain: htlb.casalemedia.com
URL: https://htlb.casalemedia.com/openrtb/pbjs?s=613271

Domain: rtb.openx.net
URL: https://rtb.openx.net/openrtbb/prebidjs

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/ut/v3/prebid

Domain: hbopenbid.pubmatic.com
URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client

Domain: fastlane.rubiconproject.com
URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14648&site_id=359816&zone_id=1939094&size_id=2%3B15%3B15%3B15&alt_size_ids=55%3B2%2C55%2C57%3B2%2C55%2C57%3B2%2C55%2C57&eid_pubcid.org=9e4655e1-751b-4e5c-989e-c3270f09616a%5E1%5E%5E%5E%5E%5E&rf=https%3A%2F%2Fwinnipegsun.com%2Fpmn%2Fun-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down&kw=AP&tg_i.domain=winnipegsun.com&tg_i.page=https%3A%2F%2Fwinnipegsun.com%2Fpmn%2Fun-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down&tg_i.aupname=%2F3081%2FSMCO_ENUR_WSUN_EN_WEB%2Fpmn&tg_i.pbadslot=%2F3081%2FSMCO_ENUR_WSUN_EN_WEB%2Fpmn%2Fstory%23ad-1%3B%2F3081%2FSMCO_ENUR_WSUN_EN_WEB%2Fpmn%2Fstory%23ad-2%3B%2F3081%2FSMCO_ENUR_WSUN_EN_WEB%2Fpmn%2Fstory%23ad-3%3B%2F3081%2FSMCO_ENUR_WSUN_EN_WEB%2Fpmn%2Fstory%23ad-4&tk_flint=dmpbjs_v9.25.0&x_source.tid=3d4fcae1-45b2-43de-a040-58ab24f8de19&l_pb_bid_id=67a524a331bc4f%3B68f892a6f686a87%3B693dfd04c0965fc%3B70f36df86c0471c&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=955bd020-c6c2-45f5-bb71-13b190f81a1b%3Bfcf9d270-64a0-458c-8bd3-bdb180e03815%3B9a4bc8aa-38ef-4737-9bfa-5fc9de4d9be0%3Be2a57c8f-424d-43db-ae69-544aceab5b13&rp_hard_floor=0.007&rp_maxbids=1&p_gpid=%2F3081%2FSMCO_ENUR_WSUN_EN_WEB%2Fpmn%2Fstory%23ad-1%3B%2F3081%2FSMCO_ENUR_WSUN_EN_WEB%2Fpmn%2Fstory%23ad-2%3B%2F3081%2FSMCO_ENUR_WSUN_EN_WEB%2Fpmn%2Fstory%23ad-3%3B%2F3081%2FSMCO_ENUR_WSUN_EN_WEB%2Fpmn%2Fstory%23ad-4&m_ch_mobile=%3F0&slots=4&rand=0.17425673032530664

Domain: c247440e8a4afbe1294a171ebfbf9473.safeframe.googlesyndication.com
URL: https://c247440e8a4afbe1294a171ebfbf9473.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Domain: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=47&gdpr=0&gdpr_consent=

Domain: x.bidswitch.net
URL: https://x.bidswitch.net/sync?ssp=criteo&custom_data=m7F-Hl9jUzZzU05YJTJGWVpWcjBIQ2klMkJ1YkJrNjNobDVRc1VubFFVNUZDd1l5eXBjVSUzRA&gpp=&gpp_sid=&gdpr=0&gdpr_consent=&us_privacy=&cr_user_id=k--IRJ_dIr8sSkYfh2yeQMgIuMwEoXlxZR7hSwXQ

Verdicts & Comments Add Verdict or Comment

401 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

165 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.liadm.com/j	1970-01-21 11:57:38	Name: lidid Value: 0320d4a0-4a9a-459f-863d-d3869b547b89
winnipegsun.com/	1970-01-21 11:05:48	Name: csrftoken Value: qgdNNQobbELUXpqV0nI3uCAJl16Hptd5r43q6LMQu58tffki49i3IZGoplyBwuAp
.winnipegsun.com/	1970-01-21 03:04:50	Name: pbjs_sharedId Value: 9e4655e1-751b-4e5c-989e-c3270f09616a
.winnipegsun.com/	1970-01-21 03:04:50	Name: pbjs_sharedId_cst Value: zix7LPQsHA%3D%3D
winnipegsun.com/	1970-01-21 02:21:42	Name: _lr_retry_request Value: true
winnipegsun.com/	1970-01-21 03:04:50	Name: _lr_env_src_ats Value: false
winnipegsun.com/	1970-01-21 02:21:40	Name: sailthru_pageviews Value: 1
.winnipegsun.com/	1970-01-21 11:43:14	Name: _scor_uid Value: c0ac32b533d8413797863bf90da11e51
.scorecardresearch.com/	1970-01-21 11:43:14	Name: UID Value: 15F7baf13b0d8975032246a1736498466
.scorecardresearch.com/	1970-01-21 11:43:14	Name: XID Value: 15F7baf13b0d8975032246a1736498466
winnipegsun.com/	1970-01-21 02:21:38	Name: __adblocker Value: false
winnipegsun.com/	1970-01-21 11:07:14	Name: flipp-uid Value: 48073360-bec5-4cab-bb65-59440e373aa5
winnipegsun.com/	1970-01-21 02:31:43	Name: political-ad-opt-out Value: {"data":false,"exp":604800000,"ts":1736498467370,"mac":1367418518}
.p.flipp.com/	1970-01-21 11:57:38	Name: gid Value: "oq/K5AAAbtFRwXRZArsa1Q=="
.criteo.com/	1970-01-21 11:43:14	Name: uid Value: d0dbfeea-3ed5-45a6-b89c-974977a7f183
.criteo.com/	1970-01-21 11:43:14	Name: receive-cookie-deprecation Value: 1
.seedtag.com/	1970-01-21 11:07:14	Name: st_uid Value: 50d471f8-5e69-4613-93c2-c5868fc04c4f
.seedtag.com/	1970-01-21 03:04:50	Name: st_ssp Value: Y291bnRyeV9uYW1lPUlzcmFlbCZjb3VudHJ5X2lzbzI9SUwmY291bnRyeV9pc28zPUlTUiZyZWdpb25fbmFtZT1UZWwgQXZpdiZyZWdpb25faXNvMj1UQSZjaXR5X25hbWU9VGVsIEF2aXYmbG9uZ2l0dWRlPTM0Ljc4MDUmbGF0aXR1ZGU9MzIuMDgwMyZ6aXA9Ti9B
.amazon-adsystem.com/	1970-01-21 08:41:48	Name: ad-id Value: A5JE_oanEkelvT7vU-vZLEY
.amazon-adsystem.com/	1970-01-21 11:57:38	Name: ad-privacy Value: 0
.crwdcntrl.net/	1970-01-21 08:50:24	Name: _cc_id Value: b96e1b25d71393ae259ba0bdfaf0d6e8
.winnipegsun.com/	1970-01-21 08:50:26	Name: _cc_id Value: b96e1b25d71393ae259ba0bdfaf0d6e8
.winnipegsun.com/	1970-01-21 02:31:43	Name: panoramaId Value: d6ca757ef88bca7c2a9e80f990b4185ca02c34b62c16c0b0fcaf69a54dd67f6c
.winnipegsun.com/	1970-01-21 02:31:43	Name: panoramaIdType Value: panoDevice
.winnipegsun.com/	1970-01-21 02:31:43	Name: panoramaId_expiry Value: 1737103268245
.casalemedia.com/	1970-01-21 11:07:14	Name: CMID Value: Z4DdJIsFVgoAAA-pBIT24wAA
.casalemedia.com/	1970-01-21 04:31:14	Name: CMPS Value: 4930
.casalemedia.com/	1970-01-21 04:31:14	Name: CMPRO Value: 4930
.sharethrough.com/	1970-01-21 03:04:50	Name: stx_user_id Value: 50cd5956-cfee-4246-b500-c254cffb6823
.media.net/	1970-01-21 11:07:14	Name: visitor-id Value: 3795000686910282000V10
.id5-sync.com/	1970-01-21 04:31:14	Name: id5 Value: c5ef37c5-a189-72ab-b64b-9d41fc5e2007#1736498468713#5
.pubmatic.com/	1970-01-21 11:07:14	Name: KADUSERCOOKIE Value: 3BFB3556-5D3F-4C47-B3F3-457878D66C84
.doubleclick.net/	1970-01-21 11:57:38	Name: IDE Value: AHWqTUmaAm2UhkBheNX2Ady1t9mgwljg_nzf9ul5zdfbm7dnee2n5M2sMPNs7ddhNZs
.turn.com/	1970-01-21 06:40:50	Name: uid Value: 4530028993563810767
.winnipegsun.com/	1970-01-21 11:43:14	Name: __gads Value: ID=12eaf38e05fc97cd:T=1736498469:RT=1736498469:S=ALNI_MZm274btK9CTXqmFSTDP5FZL8JWJA
.winnipegsun.com/	1970-01-21 11:43:14	Name: __gpi Value: UID=00000fb1459e6950:T=1736498469:RT=1736498469:S=ALNI_MYW1oCqaldWpKu6UIiIBVUtR3WBuQ
.adsrvr.org/	1970-01-21 11:07:14	Name: TDID Value: 12af3aa3-717f-48f7-b1f7-161f7b77d083
.winnipegsun.com/	1970-01-21 06:40:50	Name: __eoi Value: ID=75321af250e800f9:T=1736498469:RT=1736498469:S=AA-AfjaLXypXCfdM3BBXEQOrW806
.simpli.fi/	1970-01-21 11:08:40	Name: suid Value: 781DA081F68244F8A31E7FFB057D1766
.demdex.net/	1970-01-21 06:40:50	Name: demdex Value: 82876327002437890552125878602492934033
.mathtag.com/	1970-01-21 11:47:33	Name: uuid Value: 4f6c6780-dd26-4500-ae36-bd834ede992d
.adnxs.com/	1970-01-21 11:57:38	Name: receive-cookie-deprecation Value: 1
.dpm.demdex.net/	1970-01-21 06:40:50	Name: dpm Value: 82876327002437890552125878602492934033
.adform.net/	1970-01-21 03:06:16	Name: C Value: 1
.adform.net/	1970-01-21 03:48:02	Name: uid Value: 8847348161013697134
.id5-sync.com/	1970-01-21 04:31:14	Name: 3pi Value: 3#1736498470809#-114433745\|264#1736498469672#463155422#12af3aa3-717f-48f7-b1f7-161f7b77d083\|10#1736498471729#99552056#8847348161013697134
.id5-sync.com/	1970-01-21 02:21:38	Name: cf Value: gif
.id5-sync.com/	1970-01-21 02:21:38	Name: cip Value: 1674
.id5-sync.com/	1970-01-21 02:21:38	Name: cnac Value: 4
.id5-sync.com/	1970-01-21 02:21:38	Name: car Value: 5
.id5-sync.com/	1970-01-21 02:21:38	Name: gdpr Value: 0\|
winnipegsun.com/	1970-01-21 02:31:43	Name: _lr_sampling_rate Value: 100
.pubmatic.com/	1970-01-21 04:31:14	Name: DPSync4 Value: 1737676800%3A197_219_226_227_245
.openx.net/	1970-01-21 11:07:14	Name: i Value: 158cedc5-e04f-4262-abda-f2ca19a79758\|1736498472
.rubiconproject.com/	1970-01-21 11:07:14	Name: khaos Value: M5QICSOX-1R-BUMJ
.rubiconproject.com/	1970-01-21 11:07:14	Name: khaos_p Value: M5QICSOX-1R-BUMJ
.openx.net/	1970-01-21 02:43:14	Name: pd Value: v2\|1736498472\|n0gevQiyvNgu
.winnipegsun.com/	1970-01-21 11:43:14	Name: cto_bundle Value: ru_1dl9pZTYlMkJOUDQwOWJqMHJqM2syTzJvQmZlNU9KYWp6OSUyRnU5MXV0VWowYkhxa1BBNFo5NFUwNDRucDlLVndrbWJnZkppYVZwSno2SFZyMXQ5Yk5ydDJwUVRldjA4Tk55WXRuWk0lMkY0MElJV2owQ0paYTB2SFh6cElVSm9tQ3l4UllLNXgyZlpwTDJYRXF1OFVTNnE0JTJCeXBVc0xIYXBmbVZXVG16amR3dHZDQ0EzWSUzRA
.onaudience.com/	1970-01-21 11:07:14	Name: cookie Value: 34fdb53ec7ecfdc6
.onaudience.com/	1970-01-21 02:23:04	Name: done_redirects147 Value: 1
.onaudience.com/	1970-01-21 02:23:04	Name: done_redirects252 Value: 1
.rubiconproject.com/	1970-01-21 04:31:14	Name: receive-cookie-deprecation Value: 1
.zemanta.com/	1970-01-21 11:07:14	Name: zuid Value: mBkOEk7Y3ovAE_EIN37L
.adnxs.com/	1970-01-21 04:31:14	Name: XANDR_PANID Value: LjS6lSRl_EEMGO35VRrX0KeuB5PU_xBE5SxCri5a3WIBjgBiMt4u-lhQn4P7TLpiF1Vj0FFvQmqbqPQ7DHyPqd4JyzNNtq7479aGK5KnPAI.
.adnxs.com/	1970-01-21 04:31:14	Name: uuid2 Value: 5678308702972638026
.blismedia.com/	1970-01-21 11:07:18	Name: b Value: 6780DD29AFCA0B9F9A5E6E70_
.ipredictive.com/	1970-01-21 11:07:14	Name: cu Value: 8c29eb10-592a-4e60-9986-80cf6481715f\|1736498473547
.yahoo.com/	1970-01-21 11:07:36	Name: A3 Value: d=AQABBCndgGcCED2Logq7H7boNlVIB7n4jGwFEgEBAQEugmeKZwAAAAAA_eMAAA&S=AQAAAmOjvuHDsnmHq1r-4f2hslI
winnipegsun.com/	1970-01-21 02:31:43	Name: x-id Value: {"data":{"id":"rfqgsax365eiw418p5av7csbt6713ff3q","updated":1736498473736,"adLightDisabled":true,"adLight":false,"printSubscriber":false},"exp":604800000,"ts":1736498473736,"mac":490031487}
fem.gprod.postmedia.digital/	1970-01-21 02:31:43	Name: x-id Value: {"data":{"id":"rfqgsax365eiw418p5av7csbt6713ff3q","updated":1736498473736,"adLightDisabled":true,"adLight":false,"printSubscriber":false},"exp":604800000,"ts":1736498473737,"mac":490031518}
.primis.tech/	1970-01-21 02:57:38	Name: csuuid Value: 6780dd29b5bb9
.smartadserver.com/	1970-01-21 04:31:14	Name: pid Value: 6439128336501934561
.bidswitch.net/	1970-01-21 11:07:14	Name: c Value: 1736498474
.bidswitch.net/	1970-01-21 11:07:14	Name: tuuid_lu Value: 1736498474
.bidswitch.net/	1970-01-21 11:07:14	Name: tuuid Value: a914a787-59d2-4384-884b-9e3512e70375
.ymmobi.com/	1970-01-21 11:00:02	Name: ym_user_cookie Value: ym_user_41915068-3eed-4dac-98d6-a7548b2c584b
.rubiconproject.com/	1970-01-21 11:07:14	Name: audit_p Value: 1\|7YFyW2n19KxZkE6OFN7pJ1Oulo6Zg2IA5uS6KbFUalh+4SNCS7h+YyyGU0f6BvnkBysHyb1mLm4iZ07GJqnMnujPGTiJ9gcmpmvllXEtYN4=
.rubiconproject.com/	1970-01-21 11:07:14	Name: audit Value: 1\|7YFyW2n19KxZkE6OFN7pJ1Oulo6Zg2IA5uS6KbFUalh+4SNCS7h+YyyGU0f6BvnkBysHyb1mLm4iZ07GJqnMnujPGTiJ9gcmpmvllXEtYN4=
.lijit.com/	1970-01-21 11:07:14	Name: ljt_reader Value: J-kJAQZHF0Yy7yjpTAaVlN7B
.lijit.com/	1970-01-21 11:07:14	Name: _ljtrtb_80 Value: M5QICSOX-1R-BUMJ
.winnipegsun.com/	1970-01-21 11:50:26	Name: _pctx Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAEzIEYOAWDgTgDsvPgGYRADgECOQgKwAmEAF8gA
.winnipegsun.com/	1970-01-21 11:50:26	Name: _pcid Value: %7B%22browserId%22%3A%22m5qicuf270th46ol%22%7D
winnipegsun.com/	1970-01-21 04:31:10	Name: __pnahc Value: 0
.outbrain.com/	1970-01-21 11:07:14	Name: obuid Value: c6874e62-84c7-40af-b976-d69352998afd
.winnipegsun.com/	1970-01-21 11:57:38	Name: __tbc Value: %7Bkpex%7DeSrVSHqzQuBJf0uYinA_oYoVu1dLWtaAFmoFJqLDg6XLAljYNG1ZlmCUlm2OTCWM
.winnipegsun.com/	1970-01-21 03:04:50	Name: __pat Value: -18000000
.winnipegsun.com/	1970-01-21 02:23:04	Name: __pvi Value: eyJpZCI6InYtbTVxaWN1Zjg4a203Ynd5dSIsImRvbWFpbiI6Ii53aW5uaXBlZ3N1bi5jb20iLCJ0aW1lIjoxNzM2NDk4NDc1MDY3fQ%3D%3D
.winnipegsun.com/	1970-01-21 11:57:38	Name: xbc Value: %7Bkpex%7DekXdwhYSkZBsc2I606zqMQZnfsbKdxtRGsloy220opM87xHYoPEIFCinBcQ26LKe7ij3G_j1ppU_ebw82e3IIw
.winnipegsun.com/	1970-01-21 11:57:38	Name: fc_storage_location Value: cookie
.winnipegsun.com/	1970-01-21 11:57:38	Name: fc_pid_variable Value: fc_pid
.winnipegsun.com/	1970-01-21 11:07:14	Name: mprtcl-v4_4662F03F Value: {'gs':{'ie':1\|'dt':'us1-99b65fde89a1a145894d2d51d283cc83'\|'av':'1.0.0'\|'cgid':'4f3dc4dd-502a-4be6-bee7-89203cf1c09a'\|'das':'39c01ca2-f245-4e9a-9da9-0ff3123d71a7'\|'csm':'WyI0NjU2NjI0NDU1NTM2Njk1OTA4Il0='\|'sid':'4E6A7645-EFE4-448F-26B0-BF2D4A431A8A'\|'les':1736498475303\|'ssd':1736498474434}\|'l':0\|'4656624455536695908':{'fst':1736498475030\|'ui':'eyIxMSI6InJmcWdzYXgzNjVlaXc0MThwNWF2N2NzYnQ2NzEzZmYzcSJ9'}\|'cu':'4656624455536695908'}
.tinypass.com/	1970-01-21 11:57:38	Name: LANG Value: en_US
.winnipegsun.com/	1970-01-21 04:31:14	Name: _gcl_au Value: 1.1.146133835.1736498475
.winnipegsun.com/	1970-01-21 11:57:38	Name: _ga_RT9GKF97XT Value: GS1.1.1736498475.1.0.1736498475.0.0.0
.winnipegsun.com/	1970-01-21 11:57:38	Name: _ga Value: GA1.1.800241550.1736498475
.winnipegsun.com/	1970-01-21 11:57:38	Name: _ga_72QH41ZTMR Value: GS1.1.1736498475.1.0.1736498475.60.0.0
.winnipegsun.com/	1970-01-21 11:57:38	Name: _ga_H792QCFZPV Value: GS1.1.1736498475.1.0.1736498475.60.0.0
.winnipegsun.com/	1970-01-21 06:42:13	Name: ___nrbic Value: %7B%22isNewUser%22%3Atrue%2C%22previousVisit%22%3A1736498475%2C%22currentVisitStarted%22%3A1736498475%2C%22sessionId%22%3A%22700582ed-3c63-4285-9b94-9d0bfa46a20c%22%2C%22sessionVars%22%3A%5B%5D%2C%22visitedInThisSession%22%3Atrue%2C%22pagesViewed%22%3A1%2C%22landingPage%22%3A%22https%3A//winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down%22%2C%22referrer%22%3A%22%22%2C%22lpti%22%3A%222024-12-13T15%3A58%3A28+0000%22%7D
.winnipegsun.com/	1970-01-21 06:42:13	Name: ___nrbi Value: %7B%22firstVisit%22%3A1736498475%2C%22userId%22%3A%22e24ec0d7-8609-4a5b-a1e3-3e7fc2d68189%22%2C%22userVars%22%3A%5B%5D%2C%22futurePreviousVisit%22%3A1736498475%2C%22timesVisited%22%3A1%7D
.winnipegsun.com/	1970-01-21 06:42:13	Name: compass_uid Value: e24ec0d7-8609-4a5b-a1e3-3e7fc2d68189
.tinypass.com/	1970-01-21 02:23:04	Name: LANG_CHANGED Value: en_US
.pubmatic.com/	1970-01-21 04:31:14	Name: SyncRTB4 Value: 1737676800%3A271_55_56_220_201_270_266_88_254_54_22_238_176_203_233_214_21_81_71_249_161_8_3_46_264_165_13_166_234_99_251%7C1737072000%3A2_223_15%7C1737763200%3A35%7C1737331200%3A63%7C1741651200%3A69
.sitescout.com/	1970-01-21 11:07:14	Name: ssi Value: abaed84c-ead8-4018-a27e-d17ed434fdaa#1736498475964
.minutemedia-prebid.com/	1970-01-21 03:04:50	Name: wrvUserID Value: Yk49FZc9Cp_mm
.winnipegsun.com/	1970-01-21 04:31:14	Name: _fbp Value: fb.1.1736498476101.126811245589302113
.sitescout.com/	1970-01-21 03:04:50	Name: _ssuma Value: eyI0NSI6MTczNjQ5ODQ3NjA5NX0
.tribalfusion.com/	1970-01-21 04:31:14	Name: ANON_ID Value: aFnoeUrZcAQpBqErd2lIZcQqccTV4qyyHbN2wZaPDhk
.rfihub.com/	1970-01-21 11:43:14	Name: rud Value: H4sIAAAAAAAA_-MSNjU0NjY2sjQ1NjE2MzEFQmMDIT5DXeewzBz3sDCv0DDzAACy6dGoJQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0NjY2sjQ1NjE2MzEFQmMDIT5DXeewzBz3sDCv0DDzAACy6dGoJQAAAA
.rfihub.com/	1970-01-21 11:43:14	Name: eud Value: H4sIAAAAAAAA_9vEyGtobmxmYmlhYm5mYmIAACtjLDMQAAAA
.eskimi.com/	1970-01-21 03:04:50	Name: __eConsent Value: 1
.eskimi.com/	1970-01-21 03:04:50	Name: __eDId Value: a3318e51-fcf5-4217-880d-4490821bd733
.winnipegsun.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .winnipegsun.com
.winnipegsun.com/	1970-01-21 11:57:38	Name: _lc2_fpi Value: 0cdb85fccdd3--01jh7nzxt5fqntjvtrq1g5gmjh
.zeotap.com/	1970-01-21 11:07:14	Name: zc Value: 685a2f27-c677-4c9e-55d5-1327f1c9b980
.quantserve.com/	1970-01-21 11:51:52	Name: mc Value: 6780dd2d-151ba-ac445-174e0
.taptapnetworks.com/	1970-01-21 11:07:14	Name: SONATA_ID Value: csonata_b715f975-d40e-4420-8aba-948d6808dd29
.adfarm1.adition.com/	1970-01-21 04:31:14	Name: UserID1 Value: 7458204168287484269
sync.srv.stackadapt.com/	1970-01-21 11:07:14	Name: sa-user-id Value: s%3A0-c2d3a6a0-6084-5be7-7f7a-7b490cd53900.%2Fgz%2Be1dPsTnKd%2BFSdBgNjuYjDxMb%2FfsF8tXNyFp4AMI
.srv.stackadapt.com/	1970-01-21 11:07:14	Name: sa-user-id Value: s%3A0-c2d3a6a0-6084-5be7-7f7a-7b490cd53900.%2Fgz%2Be1dPsTnKd%2BFSdBgNjuYjDxMb%2FfsF8tXNyFp4AMI
sync.srv.stackadapt.com/	1970-01-21 11:07:14	Name: sa-user-id-v2 Value: s%3AwtOmoGCEW-d_entJDNU5AB-7Ts4.mu4wBbm61yiwZX%2BHTGjGZkygceAKMvOby22oAm2x9wU
.srv.stackadapt.com/	1970-01-21 11:07:14	Name: sa-user-id-v2 Value: s%3AwtOmoGCEW-d_entJDNU5AB-7Ts4.mu4wBbm61yiwZX%2BHTGjGZkygceAKMvOby22oAm2x9wU
sync.srv.stackadapt.com/	1970-01-21 11:07:14	Name: sa-user-id-v3 Value: s%3AAQAKIHStKQTL4jQqdSoef5uGoWa2dgYFqc1C4-0Tco_uFxKhEGcYBCCtuoO8BjABOgSAOSS3QgTNHZe4.u%2BIVMDx0Ut2IfeK1f61AHTxGGFzqcikpvY6DsAvmm6s
.srv.stackadapt.com/	1970-01-21 11:07:14	Name: sa-user-id-v3 Value: s%3AAQAKIHStKQTL4jQqdSoef5uGoWa2dgYFqc1C4-0Tco_uFxKhEGcYBCCtuoO8BjABOgSAOSS3QgTNHZe4.u%2BIVMDx0Ut2IfeK1f61AHTxGGFzqcikpvY6DsAvmm6s
pool.admedo.com/	1970-01-21 11:07:14	Name: tuuid Value: 3342fe25-4c1f-4059-9792-43d6f2215061
pool.admedo.com/	1970-01-21 11:07:14	Name: c Value: 1736498477
pool.admedo.com/	1970-01-21 11:07:14	Name: tuuid_lu Value: 1736498477
.liadm.com/	1970-01-21 11:57:38	Name: lidid Value: 0320d4a0-4a9a-459f-863d-d3869b547b89
.winnipegsun.com/	1970-01-21 02:21:40	Name: _vfb Value: winnipegsun%2Ecom.00000000-0000-4000-8000-e5c2592d5bfc.1..1736498479....
winnipegsun.com/	1970-01-21 02:21:38	Name: _vfz Value: winnipegsun%2Ecom.00000000-0000-4000-8000-e5c2592d5bfc.1736498479.1.medium=direct\|source=\|sharer_uuid=\|terms=
.winnipegsun.com/	1970-01-21 11:07:14	Name: _vfa Value: winnipegsun%2Ecom.00000000-0000-4000-8000-e5c2592d5bfc.07834ae0-d3a7-4b4d-a860-11166e2ec53c.1736498479.1736498479.1736498479.1
.pubmatic.com/	1970-01-21 04:31:14	Name: chkChromeAb67Sec Value: 5
.pubmatic.com/	1970-01-21 02:23:04	Name: pi Value: 160305:4
.ads.pubmatic.com/	1970-01-21 02:23:04	Name: pubsyncexp Value: 1736520078827
.winnipegsun.com/	1970-01-21 02:21:40	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://winnipegsun.com/pmn/un-human-rights-office-in-venezuela-partially-resumes-work-months-after-government-shut-it-down%22%2C%22sref%22:%22%22%2C%22sts%22:1736498478981%2C%22slts%22:0}
.winnipegsun.com/	1970-01-21 11:51:02	Name: _parsely_visitor Value: {%22id%22:%22pid=73f71a01-5637-4236-a571-bf80e3c1a733%22%2C%22session_count%22:1%2C%22last_session_ts%22:1736498478981}
.winnipegsun.com/	1970-01-21 11:50:26	Name: cX_P Value: m5qicuf270th46ol
events.newsroom.bi/	1970-01-21 06:40:50	Name: 1528_u Value: e24ec0d7-8609-4a5b-a1e3-3e7fc2d68189
events.newsroom.bi/	1969-12-31 23:59:59	Name: 1528_s Value: 700582ed-3c63-4285-9b94-9d0bfa46a20c
events.newsroom.bi/	1970-01-21 03:04:50	Name: 1528_lv Value: null
events.newsroom.bi/	1970-01-21 03:04:50	Name: 1528_ut Value: 0
.winnipegsun.com/	1970-01-21 02:21:40	Name: fc_session Value: nopid
.cxense.com/	1970-01-21 11:07:14	Name: gckp Value: 2l9smgcoo7kva10eqk8s19lsvj
.winnipegsun.com/	1970-01-21 11:50:26	Name: cX_G Value: cx%3At1s3hf46rwzf3s52r1fhnk9if%3Awn1d8zcv6tz9
.creativecdn.com/	1970-01-21 11:07:14	Name: ts Value: 1736498488
.creativecdn.com/	1970-01-21 11:07:14	Name: g Value: aFI2P85DExlXtHWvsNxt_1736498488066
.quantserve.com/	1970-01-21 04:31:14	Name: sp Value: CggIiQ0SAxCrDgoJCIX_AhIDEKsO
.adsrvr.org/	1970-01-21 11:07:14	Name: TDCPM Value: CAESFwoIcHVibWF0aWMSCwiqk76HktfYPRAFEhsKDHNoYXJldGhyb3VnaBILCJyFiqGS19g9EAUSFQoGY2FzYWxlEgsIqOu4vZPX2D0QBRgBIAIoAjILCOLev9Ko19g9EAU4AVoHeGtzdzlsYWAC
.ctnsnet.com/	1970-01-21 11:07:14	Name: cid_dd0060ac834a44d8b1d264f2f137d706 Value: 1
.bidr.io/	1970-01-21 11:50:08	Name: bitoIsSecure Value: ok
.adx.opera.com/	1970-01-21 11:07:14	Name: UID Value: OPUd100a1f70a0f48579241b3f101d56eaf
.bidr.io/	1970-01-21 11:50:08	Name: bito Value: AAIvCk7PAboAABZ1b6aU2A
.smartadserver.com/	1970-01-21 04:31:14	Name: csync Value: 127:AAIvCk7PAboAABZ1b6aU2A
.360yield.com/	1970-01-21 04:31:14	Name: tuuid Value: 6aad0d0d-3632-402b-b01e-b7f3bad204f6
.360yield.com/	1970-01-21 04:31:14	Name: tuuid_lu Value: 1736498491
.contextweb.com/	1970-01-21 11:00:02	Name: V Value: aVm77FJPmYqD
.contextweb.com/	1970-01-21 11:00:02	Name: VP Value: part_aVm77FJPmYqD
.contextweb.com/	1970-01-21 11:07:14	Name: pb_rtb_ev Value: 3-1vtf\|8o4.0.1
.contextweb.com/	1970-01-21 11:07:14	Name: pb_rtb_ev_part Value: 3-1vtf\|8o4.0.1
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 536dfb458fe80242
.seedtag.com/	1970-01-21 11:00:02	Name: st_cs Value: TmXNAc1EvXOEOFcdZqrGt07qj6qjWzIYqWnYmJL3sbIucQUsJd7SUWZjUW451P/vlm57Pnij8RprP6yPzddWCwYYPEejE99JNuUQHhO0p2vn7ax7efBjyhk7+zTrWtVjV5f8ejttK7CG0ovWrSPGnjaVc2rEYxx5HkAgUX21BCTZBbx0lpFJkjSovVaInRX/i11Yvr1LhnvQiFomSo/7c/m+IbYCvtI9Nzvgkh4jQU2xhBKCqzp/o9izDqYN1QC2Za/b6MiDPi5oKPfb1rUiXRoYnIiKwPHva17iCPR2sc7g3dS5fm+5QUoyRy/LgkjuSiJDppgDQqxwscOI2CM3b3ccH6/yiIXTQIlNNqRQ693VEPNBAdoap0gb6bG7S0bblExsKq83iYBEW8vfFxg+9xQMLBLN15qis8WvBTpWkwUhXp4xsawCI1rtsCA8+B348OGuDJQm99+Aq2aVE1qU3H3e/1/NHi9MmGPsZgxsEe9DsVIz5rNMqvbRdeBdjiu/78vcCI+TuhANPXFDH9hefZt63XW2hLAQvzgSxGXxWvTL1BdpzYfFC8ljqtfOXFgV5eZSweZbacjdFcxgrWG6nltzeMHjDmsdHEVDkZvt4ZWsqLDWuhd2L+5HAQDl7Z7yUloWIeSFf/rWnF7u3Xm7uHqtarIruzvWkZqQg88mqbEvEjiGPhfr6Z2Pf2t/UqLo
.seedtag.com/	1970-01-21 11:00:02	Name: st_csd Value: 1736498491785:1736498491785
.onaudience.com/	1970-01-21 02:23:04	Name: done_redirects200 Value: 1
.bidberry.net/	1970-01-21 11:07:14	Name: cookie Value: 34fdb53ec7ecfdc6
.bidberry.net/	1970-01-21 02:23:04	Name: done_redirects280414 Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://id5-sync.com/k/264.gif?puid=ebf82fa4-5fb4-4115-b310-9e0c44c4ad6f&ttl=%%TTL%% Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ads.pubmatic.com
ak.sail-horizon.com
analytics.google.com
api.fullcontact.com
api.permutive.com
api.rlcdn.com
api.sail-personalize.com
api.viafoura.co
auth.lrcontent.com
bcp.crwdcntrl.net
btlr.sharethrough.com
buy.tinypass.com
c.amazon-adsystem.com
c1.adform.net
c2.piano.io
c247440e8a4afbe1294a171ebfbf9473.safeframe.googlesyndication.com
c2shb.pubgw.yahoo.com
cdn-gateflipp.flippback.com
cdn-ima.33across.com
cdn.confiant-integrations.net
cdn.cxense.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.parsely.com
cdn.pbxai.com
cdn.tinypass.com
cdn.viafoura.net
check.analytics.rlcdn.com
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
config.lrcontent.com
connect.facebook.net
cs.seedtag.com
d-code.liadm.com
dcs-static.gprod.postmedia.digital
edge-auth.microsoft.com
esp.rtbhouse.com
eus.rubiconproject.com
events.newsroom.bi
events.qortex.ai
experience.tinypass.com
fastlane.rubiconproject.com
fem.gprod.postmedia.digital
floor.pbxai.com
fonts.googleapis.com
fonts.gstatic.com
google-bidout-d.openx.net
grid-bidder.criteo.com
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.viafoura.co
ib.adnxs.com
id.cxense.com
id5-sync.com
identity.mparticle.com
idsync.rlcdn.com
idx.liadm.com
invstatic101.creativecdn.com
js-sec.indexww.com
jssdkcdns.mparticle.com
jssdks.mparticle.com
lb.eu-1-id5-sync.com
lexicon.33across.com
livecomments.viafoura.co
match.adsrvr.org
match.sharethrough.com
micro.rubiconproject.com
navvy.media.net
notifications.viafoura.co
oa.openxcdn.net
oajs.openx.net
p.flipp.com
p1.parsely.com
postmedia.hub.loginradius.com
prebid-a.rubiconproject.com
prebid.media.net
rp.liadm.com
rtb.openx.net
s.seedtag.com
sb.scorecardresearch.com
sdk.mrf.io
secure.adnxs.com
secure.cdn.fastclick.net
secure.gravatar.com
securepubads.g.doubleclick.net
smartcdn.gprod.postmedia.digital
ssbsync.smartadserver.com
ssp-sync.criteo.com
static.criteo.net
stats.g.doubleclick.net
sync.mathtag.com
tags.crwdcntrl.net
tags.fullcontact.com
tags.qortex.ai
td.doubleclick.net
token.rubiconproject.com
u.openx.net
unpkg.com
ups.analytics.yahoo.com
winnipegsun.com
www.facebook.com
www.google-analytics.com
www.google.co.il
www.google.com
www.googletagmanager.com
www.gstatic.com
www.npttech.com
x.bidswitch.net
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
api.rlcdn.com
api.sail-personalize.com
c247440e8a4afbe1294a171ebfbf9473.safeframe.googlesyndication.com
cdn-ima.33across.com
fastlane.rubiconproject.com
floor.pbxai.com
grid-bidder.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
idsync.rlcdn.com
lexicon.33across.com
oajs.openx.net
prebid.media.net
rtb.openx.net
ssbsync.smartadserver.com
x.bidswitch.net
104.102.34.86
104.102.38.221
104.16.143.111
104.16.185.87
104.17.247.203
104.18.176.126
104.18.223.248
104.18.239.248
104.18.24.18
104.18.4.235
104.18.5.235
104.21.50.90
104.22.53.86
108.138.11.78
108.138.3.93
13.107.6.158
13.35.58.60
13.35.58.87
142.250.181.232
142.250.185.194
142.250.185.196
142.250.185.202
142.250.185.67
142.250.185.78
142.250.186.98
142.251.173.154
143.204.98.115
15.197.193.217
151.101.1.229
151.101.130.133
151.101.193.108
151.101.194.133
151.101.2.133
157.240.253.1
157.240.253.35
162.19.138.120
162.19.138.83
167.235.124.61
169.150.247.38
172.64.144.166
172.67.155.215
172.67.73.177
178.250.1.11
178.250.1.3
178.250.1.57
18.173.205.8
18.184.206.66
18.209.41.108
18.210.235.203
18.244.18.38
18.245.31.65
18.66.102.31
18.66.112.95
184.28.88.244
184.30.22.30
185.89.210.46
192.0.73.2
216.200.232.249
216.239.34.181
216.58.206.67
23.215.23.172
3.123.90.23
3.161.77.50
3.161.82.122
3.67.242.141
3.72.78.234
34.102.146.192
34.107.254.252
34.117.147.204
34.117.54.29
34.149.157.221
34.149.50.64
34.160.55.127
34.231.219.101
34.248.19.126
34.252.120.72
34.96.70.87
35.190.39.111
35.244.159.8
37.157.4.29
52.202.2.12
52.95.125.22
54.146.51.79
54.236.195.58
54.246.81.101
57.129.37.202
63.34.81.234
65.9.66.104
69.173.144.139
87.248.119.252
0164452ed5f5b6cae0db3c73850a63be312d921cc198dc64e5fab89c0a8db423
01e1bc5277aa20bf535587ea7bb9af229daac3ae1463f43638d355a9885d930a
041cc6d14059807e52f1e55c338730e1cb7549d3d085e788237c876bc1737cf1
0486126a3b39556c7923f21e2808e8a95666727f384453480745662da942e916
04c7f536471e1a16bb37c13fb4959de30d7e897ba4f6d66335b3c25d26289616
0538ac32be227e4ad02ba085ea9dafdad1c35f703407f8e8d5b3412d2ca72ba2
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0a276a7e6b4d9c3bff4311f47a2763506b85c2ea87a7781b4cec6023a3932544
0be668a53431c686f23a918874fa88290c7eb7a1d7c9da0d38410848273b4bc4
0c63a5fab67a589cdc1cec7c59aa464608f48a96e95fccd375ea7dafb4288815
0f97eebe9b035d72c9c9462a56085aff61ae9150c3e64d67845841622f688455
0fedd1639e6533aa7801d558cba0e3b2c5947b56b66cde29361f9b6cadbe91be
1413cc79bcd47b4af0fe4fe72237f906e31ca8d335314ff0ddb1ffca3c1b7afe
15b54a90686829d59ef0c2bc6a9e2e82b6a11536be56acf2b4ff414b081c891d
1635d2075d3343c86490d2229c1fb868ad59d92958ef65e04cb65767c703e9f6
16c6db2264fc4692b56c6684fc47601ab5f09dd4110f3f8e1497fb223e1e1240
18ac553998984630151a214773542a4f5e68c54050e458d941e42207997b09bf
1c9641d3c4af6ff989cb21de82d7a54c9be9c07cecbe705dd230264978910273
1e3f9842d3481ff3cb99434e68378cd842744c0e05553602c70d69bdf420fa65
1ed92e25c87f0892c9632c92c61448cd57fc502b77109bf83166cdb266a78dd6
1fb82c9bb456f6d5336430ebb3d5b1e596ceb303ee99690f0c9187aa13a0cd43
1fddb8641042855d7f8ea295e026ace6858e7d769a198e2ae5121ea5c100463a
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2
20bb99e76396f09b8d866aebfaf157b5a5f96e68366dd83a6e1a0ee237815db4
218c23100c35167e717018fb3858a56f1448774eef33c1a158b693ade236de33
22432b141f6c05fe8f026a9955f1f3a695c3f853e640d57174ddac8357078c0e
225d824297f9136dc522d211061ccba4e5a14b0f38741d0a776e3d070a7ba276
2614f69f1941ba6c764aa1ef37758143d584c6d999627588671be7fb86b2c6ad
2633c756f7488f4543cf9b0a7a4b868677e65cb86e2c1feb4fbff7f7bcbdcb71
282f6d959d04bcf2e14a672a4eb10405d65e51ea01f0349533971c3d0aab9f86
29ec0c2f1e42c4c34f66358c811719e6d7b7471d4b3c1d6dfeb6818430f82712
2a647bbfb5c6723ca10f9833ae08d3381b0061f982959571e56a55d7768cb7a5
30b32e97f2e3e06deb742bf2e19daeb4f4657a956e836c2a25a7df2bc72f7500
30d272b85536201e2048467cbae2d9b2deecc1cec8ebe1831dd217cb5801a03d
33cc6e61cbb1addafa75cc8ed40216823ee7e50631bb8d2b71eda77ca81a77f3
34387220bd3fcb5cc79f87417f02a17a0fb63e3f8e09ae39547106922b08ef8b
35c8cd145c46547397db1922a731233a9b51a3aca25e71f53e7a70c78a6e9d13
36260e9cb231e00f7334eacc8a181329ba4c622cb50312342edb9e8512812cf7
3873e5114afbc6d6098ec9b76fbc7ca5960eb6947284a71ba27ea5101a4d4e61
3a2dbb0ee96218c634e1ef740224b357034d75cb86ff16213ba58b289afde6b7
3a86807c90f50f9766b250597adf9c71b79f387c1c4cbb8481ecb96fd71a0c3d
3e70c4ca9d435e42a0401220dffc2ee0ab7f0ae5a4a019e83ec0b394445c9101
3f6004a6c9021e04ec32ca88df8f9a5785e53da23511f1bf0d56defc1b9759f8
41ed91f3547b1da37c247f8d49add529b49a44ae9dc2c50ee0d935a95d583cd2
432f852c46baa5036a5e314ff7c2af1c38e19ce4ffab4642ecb65a9ea4df3f3d
43430345ff39208aded96d7d9afeb2f6563e70af6d912226d5ec467158cb3d29
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44a38609df6a1771423fa8a15eb23ea4495a8e1ac3a6c59f336b1aa77b4355da
497f053df078e16fc3614f2d1f04630846b2c7a9efe4ef5ce273baddc814415b
49a7be1606accecfa80ba2b1cf14eb4372cb0cb408b4ff509ebf9e2a4ceaf069
4a54220a122d4ed52307f80c807429c3129bcc76b8ecb5a10e2b856d36456ce1
4a8f67a9519aa431a2c9b7135a6c6cf5b76380ebe9096ac8dda0d7bc2cd7486c
4a99d9375a754f7161428055c5e6d00bcdc12301e0f339925c335a0eba72a5b1
4b2725ed4dc7c34ea3a8b71a63dcbcba26896649970aa2646c2c5f9e0dbd9750
4ba81b274188acdb49d918a7d1d83258c8d2068f79d916dd5f74804aeb23b6ad
4dff47c365f6de8b8b152d41c46651008bf01ef8720de8721d14c1e76aa66298
50ea5136d36ab29011709a8046d1c35b1243e24ee4130665b1707599f51b182d
51e1536475859c28a616c56f420bdd7ed68f10c5903c26136e1734d5aca9c7fb
5229e3299d3529956e8b2bf799ffe569b9b52b1d62fd1681ca4e9bebed4843cc
53074eb539662d6dd23262b633cb65fbaaacfe73306052110039e1ff3f6b5b57
5332fd32d8be28eb2531721220e8c3c561000378988be4b4d7f97568f0b3f224
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
56d76d06754b7c73fcc4c56c179de28462042a8795584c1e0feebb404570bc9d
59e6b689ca09da925938a7c9a640286e5ec72626d2d268645f5aef9f3ddd35bb
5a46c7c77d907ba22f639440e46aa77f468b6723aecf5af9efc0932ca3ff05b0
5ab3eb07a735e54a328b84a998c4f75556dc17b3602027c6af03b2cb3a8a27d7
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1
5b740b764c32da039868fb07780caa7d55401fb92c17adfff3e07e31f74e9464
5bd5748413e88c4373355a2ad4374b50109a8ecfecb5c61300d44792b855ab8b
5c7b92f76bb7051341a258dec14cda8d81466f00d8e7d10475bec70a5b7e3cd2
5d453e516e29b01c713046d1f0cf716ef46bee2a97e6f560af7093b9b8e779f1
5d8dac2d4ae43a0b541c160f30e8238951b42b13bb5f01ca2697271b3a804ad2
5f359af7d8b47457476b400d721101f3c28e4a82cbc4aebf35be806ea49511b2
5f789ccae156b160492d89a6146b1974d15128790b74abb995d8e89fa44cde5e
5fd7fc4b8be9c2eeb3efb728f0483d444e4a8db80f0597e4ef7950105638bb08
6a704edd26f24a02229a8e792d403c17a6e9b3f34fc682e6156374f04385884b
6c59b4ca69ef7f50e0c2b5ef0a78f992ca2083ed5f05c260e5e6f1d6e31c1b4d
6e1442a4ed58986cc47bc718ab9b6b434c367cf0e8f900309318b0bb78412076
6e978bb57938d8edec7071a704f5223243171b07f0dc7f0a1c6c8d3d89535ebe
7355909b93826a1a3d800d808f635650c7f7a364c6125e922152eca64d747cf3
73f5cb8f7a137847e41aeb849588174535651b6e140d8b13575f46fff0c496a2
75d1bde46c2d3bcf9a81ddf025752ab9a1215a7248c8e3e182c055b093d320bc
7750ed00365da75d3b3c4be839fb46b4e29e6d7ce04697ccec15346540ec62c8
78241a32796ea0e5c6fd70efef7697350fbbdf4e001a8593ec5b87a0f7b77301
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
79df73fd1377483384f7b7565e98c4a430889f0388db05634271f9f302faeac7
7cc912b654cf4b81418b28aebdf7e360e14f790880336e4c071b792b539e08f5
81067eb0635feeb5a5f7f65ffadecd0e0b379fed520cc27cdbee959de5527dd1
834855b0c8387a3ba457811b0e664777e79fa712722c962f12efb129b60c47b4
83620b1acfb345ac8c92b8167e8ae32e6021b9161daf42056217105f8934105a
83fb91b7a817bee2666baef516fc7a7b4c7ed560f6cbd2ad20ac0e2654d30818
84a412955997dccb761bc700da8fa6472686fbd7d78cbfc9da96102108fbf81c
8694bdd054cfb5793c323627b44788947249456dfb18d614e66f5f4b9762c0cd
87a3b03ac7eeb0d3a15535c4430219e50dedb287de7d746e93d97b561649a1d2
89f66e695eeeb6fccacb707b14ae4ee31f74049c947985ff215bed85838371d6
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335
8bf4930663b2355ccd58a97bdb797462025c6af07e7bec4aa9f15c1ce3014703
8d328b4e8b158dd415d0a33960ce27f66eb164d1756c0dc6a1fa0da5de4165e8
8de02d0434a86c23a4dc13cd7a37aba8a1ee51a1d22b0da4ac0bed4f0b848003
8fe3ceb76dc9c415d416f510a6283d46f9dfbf09a4387e3968ae2c91af5ffe3d
9554b211b59cb46d8a4f37906b897d96928c4d591bbad5e7b37928a81155a964
95865777854f7bf31ec37194acbe1d4fc310ac5ee6954b61f310afc60d36d6bf
95b079951892299c6a77df3971de38a90ae9f6609e23ed294188713bc0772783
970216e0ff0a73434ee81d9e4b686a17503913112c33bde65b66674e8ce2579b
97285620104fcde8d9737849edd3aba62fc6ecd59ed3d4dc98e643b6feeab3ab
9c234a39335c68efa876173f1af885a07eb982fde169e3627c70956ba0088313
9e648ae8f7897107d3ec3d941880959b22ef10a92d4746e395aec292fe6d938e
9ecefd4787ce6dc9b10a91779b92a5e468220a9f4176ff08c48babf7a15b0ab8
a051dc387f650bd120bf5aa65404a29baac0ef0327fe3a7bcc3bba0165df8f7b
a1928a42c6916b227a45449b6c6e68a2affc1f7e6e2ca4a2c4ab9e476d98adcd
a2aa19e5d776ea59a7b82f5108f90be0a3cfcbacb06c44d76b67ae821a55b15d
a345a18e5d3f6c07451cb14dd480bfad123f03663912b581265d617d4725fe9a
a4401aae4b15569fbacfc877c1004bbd8ac7c168343e1a82c60b58af392d8b37
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a6d0482d4793f721012dca225f18553093f708f17b2da4b07ee689c0b149ff8d
a9571055c3c6075298ed2e6bc57972dc56e602a229ac0f4507588199bfc919d1
a9822bca09e58a31a93f8386988f808567a9a8c3ebcc361f6a8276695f4a5ef5
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab305f44736e9edae4707e896a88714f09b76f063b515d617820cdec2ae28dd9
aca701811d62eb608d12b174231be1ceae3449fe0f4bc847469ff22aab8ca9a5
accb30e351050abbd11d2f4211022c2118844bae7889c1ff506b27c29bc374e5
ad6df05b9bad19726766b223f220c28ceb8b108f774fbe0aa6f212b0f7cfed44
af3b8944e4967d6aa6e78185b3b530b536df9f4fd34dc025d3db545e5a0cfa7e
b00b56f89fb1332dd54f41fa37136ac9eefeecfb195b594209d152b8543ce404
b04cd869cfd41a48c006458f71969a0eb26f33fec12f3cfe00408f8b73bf3ff8
b1948a120e1ca5f01b733aacc6e48db5697cc2fd57bb8880c9990be301fdd144
b4d7f6bd421fdd11fef6cabf22b7a67fad6121480f510ef9c33519a9297f6c95
b510ee91066f77f938f78422378a73f44818d0ee661c0ccb5ad398cc7dd6b080
b52af4f6849257bb609f2078d51dc45ad49c0f9b5ff217cf6f9c1c8afcb9a8df
b6dc85459fbb9d03f478d91eae99e6627e04c8f805b08e4b97423ffbc3870d9d
bc9a2e7ebc802c54bae45191afd2da677c4b00d5b87ca635cfb267f322c2f2d9
bedafe4415f6abb6dfa8c6c63335c65422bb883ada266557b90421e63fbb8d0b
bf0c89a6d466325e7481eca13bbecf43daa80644400723d47e43457bc14985f2
bf2c42c876ed7cff3e395fd05e31c9ba63c5e9f3a3ff6769cfceff056f7847f4
c0950ffdf918b602d6c350b35a2f11a3ac253873ff319b5aae96b268c4b269e8
c1544db2a2f5cdfa75336a02ad5a64b5f56ea06643afdbbebba79d01847b3eca
c296f9ff16fea84f6ad669e74f3b29a34a811c9e95be932150cbda02acbf6e67
c4f082a77de46468897b02a19fe987868ea4e09205a3526dd8b0ed810ed898ae
c563d1fd09b2252e88f76e781a24dde6b659532755c2d730b9ec96c20f1a2386
c56cea6c87388bc3f2c6158a8219434c9cfab7d9a96c4deec276ef9d65e45aaf
c7416b50a20852c4cd99814b4214f5482bd1700a626b1ea3d40ac2c8cef39c4c
c97f94ea2247637361fb5e03faff175145d25fc8b64c7f8df4c753fc09dff5f4
cb0800306143344cad5233fab2e86bb4637053cf58bc89a8dbc46ce76a4848fc
ce6ae452e0ac529730fe5a2f5f2e19e5fab0839c3bd3fa83dd4babb87ed1a2e9
cebaf097795c8b1fa8f5c5e9989886acf843b7f7b78c8f0875a2850f1ee30d95
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d04c0e3e88947ddf1538e3315df91b065380ea97a9a5cb40c2f89574e5fb3067
d40d2b502ad7d52c94e018a940aec4eefd17c2890d9173e50fe32dfe9107e45c
d4ef66da786aac7a6ae7d165b5a6d9f7456ec786ddc04100449d53ab5cf796db
d728c1f11d459720fe004bb296115d9f5e9a814b76b1a363ac254d93a1619285
d7ee40ad883813f90fdff413134733484e1c41db6615f307890268056557a529
daa7dea3a1e42c03d13f9c0216f1ddb2b413761615102118f84f207b9d60c712
de097098eff0abc6816e83a9bcf41304a92229e938273c168af51d4206c2b868
df48e5260043acee1c670ae20c6d1063720278ddcd4c2e9fbb920028ee6c7117
df8ad882cbda3f8d8f2a58728609580727d916414c404280279ee7f0ba63f322
dfae089e3d1a3f3ca5322123721f7e13f4c22633737091ffeb334063bb8b2409
dfe959c805c91a9512d1f2ef75e87452bbb7f18610f935fca29b83e1b221f585
e0d3622e8446373caf7e39d6aa894fe3144af9dbffe3438e46f65e6a0235b29b
e1910cd8e59c60679b19d3d2c4272aea5fef192268ad9d9f4d683ad3df8b7906
e29a5291812a4e579ffa44abe6fe64763dc17fa2104fdc064e410f75f8dee8e0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e430ac99d48aa7aa291fe9ef82398d2e7f599643dd1732d026947ba15edf718f
e5bab9427ec1d36c811e3ca40b2a1014b330dea0fc48b787041c572e1fdc4f28
e7b2fce3b02b83a0bd1ac4b04acf3fbdedfc3ddf4745609c4ea24e373dac6a0d
e8348f85019c4116a8898d2ddadd8413d47b43983e15efe33544759ae707e58e
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ec09cc63cdb57a4f9317f5a2671ba05626305b798395e9f9c8da1c65c08995e0
ee1e23564fd3f0b276f53bf02be5fa8992e6c68835ec69f8baad88651f319991
ee7c52f0029a6dc2e912c877609e2cbd0b4412b900316c24b65fbc4a453e9bcb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
efc22a4037d8a6a9ac365825a869a4c68374ab697e36d3f9728969a712fbf058
f2e041a9ba43af2d35157e839b782c227dc75426ab79bd2c80d9f85f6b911580
f619cf57dca7918f00dc75994dd6895895b7b5b03487754ac3beaf6b929bdd10
f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9
f8f4692ed07c1c243b5f3e6601fc9c31bd4d811dd8334cf951e4b16936121eb4
f951044a5f99078227d54f68134aa087ef7a2a6df142bb967595b197116834f5
fb133c6bbf1d1d01f0df05aa69d2a127caf07dc3d8170b1140d7345c762c2b46
fc74b5ebd20ec1324a99ccac7f6e4ee0336579d4fc215a4630f5e3823d3fa74f
fe757fcaf024109ed8dd35aa53722f42edc6946828bb66982a6886af9341823a
fec8b010fe878920231fad6f2d6b728d273452c78261e5213ab8b4d94077e639

winnipegsun.com Open in urlscan Pro 34.117.147.204 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

265 Requests

89 %HTTPS

0 %IPv6

67 Domains

113 Subdomains

87 IPs

8 Countries

4351 kBTransfer

12545 kBSize

165 Cookies

28 Outgoing links

Redirected requests

265 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

winnipegsun.com Open in urlscan Pro
34.117.147.204 Public Scan

Screenshot
Live screenshot

Full Image

265
Requests

89 %
HTTPS

0 %
IPv6

67
Domains

113
Subdomains

87
IPs

8
Countries

4351 kB
Transfer

12545 kB
Size

165
Cookies

265 HTTP transactions
1 data transactions