www.sasktoday.ca Open in urlscan Pro
2620:1ec:bdf::70  Public Scan

22 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 82

• https://secure.adnxs.com/ttj?inv_code=dm-pl-138225&member=1908&pt1=1190&pt2=0&pt3=5000000&pt4=0&pt5=0&cb=905273936 HTTP 307
• https://secure.adnxs.com/bounce?%2Fttj%3Finv_code%3Ddm-pl-138225%26member%3D1908%26pt1%3D1190%26pt2%3D0%26pt3%3D5000000%26pt4%3D0%26pt5%3D0%26cb%3D905273936

Request Chain 83

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1qpQGAOtrfJ1JOYIOPgSc&google_cver=1 HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1qpQGAOtrfJ1JOYIOPgSc&google_cver=1&C=1

Request Chain 84

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ybv5Zu1yPJrWxW1aGj5N1QAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1qpQGAOtrfJ1JOYIOPgSc&google_cver=1

Request Chain 85

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEMgx20UJF2r209ZQjy8uh-c&google_cver=1

Request Chain 86

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI4MzA0MTI0MjI5NTM2MjQ1Mw%3D%3D

Request Chain 99

• https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=123456&endpoint=us-west HTTP 301
• https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west

Request Chain 100

• https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Fsa%3D%5Bsas_uid%5D HTTP 302
• https://sync.smartadserver.com/getuid?url=https://sb.freeskreen.com/um?sa=[sas_uid]&cklb=1 HTTP 302
• https://sb.freeskreen.com/um?sa=1493118236525077279

Request Chain 101

• https://scm.publishers.tremorhub.com/pubsync?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D HTTP 302
• https://scm.publishers.tremorhub.com/pubsync/verify?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D HTTP 302
• https://sb.freeskreen.com/um?tlr=0f7a318073f44da58476165206f6907b

Request Chain 103

• https://loadeu.exelator.com/load/?p=204&g=1300&j=0 HTTP 302
• https://loadeu.exelator.com/load/?p=204&g=1300&j=0&xl8blockcheck=1 HTTP 302
• https://sb.freeskreen.com/um?ni=9662f738684e1ec595ebe915fc432766

Request Chain 114

• https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu HTTP 301
• https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu

Request Chain 132

• https://gcdn.2mdn.net/videoplayback/id/215db9d5cca936e4/itag/59/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3782420117/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/875D4E0A4565D670B9C854AAE184EF89A00E0E8D.19AC175C419CB716788A9734EA64756B3E6BBE1D/key/ck2/file/file.mp4 HTTP 302
• https://r2---sn-ab5sznld.c.2mdn.net/videoplayback/id/215db9d5cca936e4/itag/59/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3782420117/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/67F8B31375520DA8B0AB4325DA3817F0F71E1EE2.1C18DB52F8E9ECCCF16540E01F727EC661EB1D79/key/cms1/cms_redirect/yes/mh/Vi/mip/2a0d:5600:9:4b03:cf::1/mm/42/mn/sn-ab5sznld/ms/onc/mt/1639707946/mv/u/mvi/2/pl/49/file/file.mp4

Request Chain 133

• https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=123456&khaos=KX9SF6LP-A-5D87 HTTP 302
• https://sb.freeskreen.com/um?mg=KX9SF6LP-A-5D87

Request Chain 134

• https://pixel-eu.rubiconproject.com/exchange/sync.php?p=smartadserver&khaos=KX9SF6OA-28-BX9A HTTP 302
• https://rtb-csync.smartadserver.com/redir/?partnerid=104&partneruserid=KX9SF6OA-28-BX9A

Request Chain 135

• https://token.rubiconproject.com/token?pid=26594 HTTP 302
• https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KX9SF6OA-28-BX9A&sigv=1&esig=2~35c38f934983a30ea51c4e744247b891c990f860

Request Chain 136

• https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
• https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=Ybv5aAAMhoHJcgBR HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=Ybv5aAAMhoHJcgBR&_test=Ybv5aAAMhoHJcgBR

Request Chain 137

• https://match.adsrvr.org/track/cmf/rubicon HTTP 302
• https://match.adsrvr.org/track/cmb/rubicon HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=299604d7-a570-4e90-8092-a7b2773b92c8&gdpr=0&gdpr_consent=&expires=30

Request Chain 139

• https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=3d2f61bb-f968-4800-8b0a-3dcc8c775ac0

Request Chain 140

• https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAsFQHnIKC6_BfsMJ0AxdHU&google_cver=1

Request Chain 141

• https://token.rubiconproject.com/token?pid=25470 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1g5U0Y2T0EtMjgtQlg5QQ==

Request Chain 142

• https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzhiZTI0YTZiZDM2ZDQ4OWQzOTE5NTUyNDc3MzU4NGZjNTc2YTNmYg

141 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
5 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request outlook Show response www.sasktoday.ca/central/	51 KB 52 KB	172ms 65ms	Document text/html	2620:1ec:bdf::70 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.sasktoday.ca/central/outlook Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:bdf::70 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash d89f1637f9049908681c5f5296b75f8d176d9f0d8cc50cf1bd1b4164ba142a05 Security Headers Name Value Strict-Transport-Security max-age=63072000; X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language en-CA,en;q=0.9 Response headers cache-control public, max-age=90 content-length 52297 content-type text/html; charset=utf-8 expires Fri, 17 Dec 2021 02:45:18 GMT last-modified Fri, 17 Dec 2021 02:43:48 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=63072000; x-cache CONFIG_NOCACHE x-azure-ref 0ZPm7YQAAAADDiX3bHwIXRpqaIDo7zccQWU1RMDFFREdFMDkxNgA1OGM3YmY2ZC05YjNmLTQxNTgtYTZmYS0yY2FhOTY4ZWE1ODQ= date Fri, 17 Dec 2021 02:43:48 GMT
GET H2	200	template_glacier www.sasktoday.ca/cssb/	90 KB 90 KB	46ms 45ms	Stylesheet text/css	2620:1ec:bdf::70 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.sasktoday.ca/cssb/template_glacier?v=Eo-Hn33Ux9l6Yr6SlCF_o7SBwKky69CAlfUP2mKg1rg1 Requested by Host: www.sasktoday.ca URL: https://www.sasktoday.ca/central/outlook Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:bdf::70 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 4dfc47cfb181d371f16bf461d809417b614f653b004b194054d22c7b16e50eed Security Headers Name Value Strict-Transport-Security max-age=63072000; Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=63072000; last-modified Fri, 17 Dec 2021 02:43:48 GMT date Fri, 17 Dec 2021 02:43:48 GMT vary User-Agent x-cache CONFIG_NOCACHE content-type text/css; charset=utf-8 cache-control public x-azure-ref 0ZPm7YQAAAAAn254MPgWxSbwLkwX1rk7pWU1RMDFFREdFMDkxNgA1OGM3YmY2ZC05YjNmLTQxNTgtYTZmYS0yY2FhOTY4ZWE1ODQ= content-length 91670 expires Sat, 17 Dec 2022 02:43:48 GMT
GET H2	200	head Show response www.sasktoday.ca/jsb/	3 KB 3 KB	38ms 37ms	Script text/javascript	2620:1ec:bdf::70 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.sasktoday.ca/jsb/head?v=jhxbwXXQa3JYU5N_WTC1IyuRQhf9lZjjb3a2aLfG1fg1 Requested by Host: www.sasktoday.ca URL: https://www.sasktoday.ca/central/outlook Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:bdf::70 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash bd03e726072bf8962ce15004dff9f0c44fb874c743471e44adb5c1d0e6934c7b Security Headers Name Value Strict-Transport-Security max-age=63072000; Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=63072000; last-modified Fri, 17 Dec 2021 02:43:48 GMT date Fri, 17 Dec 2021 02:43:48 GMT vary User-Agent x-cache CONFIG_NOCACHE content-type text/javascript; charset=utf-8 cache-control public x-azure-ref 0ZPm7YQAAAABYv/6rKkWAQ7YRLWzAw5QDWU1RMDFFREdFMDkxNgA1OGM3YmY2ZC05YjNmLTQxNTgtYTZmYS0yY2FhOTY4ZWE1ODQ= content-length 3289 expires Sat, 17 Dec 2022 02:43:48 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	77ms 21ms	Script text/javascript	2607:f8b0:4006:806::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.sasktoday.ca URL: https://www.sasktoday.ca/central/outlook Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 1315 date Fri, 17 Dec 2021 02:21:54 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Fri, 17 Dec 2021 04:21:54 GMT
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	78 KB 27 KB	170ms 64ms	Script text/javascript	142.250.65.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: www.sasktoday.ca URL: https://www.sasktoday.ca/central/outlook Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.65.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s71-in-f2.1e100.net Software sffe / Resource Hash 38258a3aa023ee5b5f45a8c149fd28449112dc4bf60411d2c88a4a6e33506df4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Fri, 17 Dec 2021 02:43:49 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1073 / 749 of 1000 / last-modified: 1639397097" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 26911 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Fri, 17 Dec 2021 02:43:49 GMT
GET H2	200	sasktoday-green-logo.svg www.vmcdn.ca/files/sasktoday/images/sasktoday/	4 KB 2 KB	107ms 29ms	Image image/svg+xml	13.225.223.92 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.vmcdn.ca/files/sasktoday/images/sasktoday/sasktoday-green-logo.svg Requested by Host: www.sasktoday.ca URL: https://www.sasktoday.ca/central/outlook Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.223.92 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-223-92.jfk51.r.cloudfront.net Software CloudFront / Resource Hash ba59b7c379544b6951809e43f3d9f0a4a3dc337ea9a5b55aecd4f7aafe59f159 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Wed, 24 Nov 2021 15:23:40 GMT content-encoding gzip server CloudFront age 1941608 vary Accept-Encoding x-cache Hit from cloudfront content-type image/svg+xml via 1.1 4cb1c715abfea3c2d99c87070fbe2f27.cloudfront.net (CloudFront) cache-control public content-disposition inline; filename=sasktoday-green-logo.svg x-amz-cf-pop JFK51-C1 access-control-allow-origin * x-amz-cf-id cjr0a4Ve4t_4BFjDf2mmtcKUbJ3aUed3PGaBtHzEFrl7Z7MIlGDjrA== expires Fri, 24 Dec 2021 15:23:16 GMT
GET H2	200	blank.gif www.sasktoday.ca/images/	42 B 232 B	48ms 46ms	Image image/gif	2620:1ec:bdf::70 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.sasktoday.ca/images/blank.gif Requested by Host: www.sasktoday.ca URL: https://www.sasktoday.ca/central/outlook Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:bdf::70 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 2dd2ef26debf40e0edd9a62277cddf59a939b4026c8805af018fbea29496a62b Security Headers Name Value Strict-Transport-Security max-age=63072000; Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=63072000; last-modified Thu, 02 Dec 2021 17:17:17 GMT etag "8832575a0e7d71:0" x-azure-ref 0Zfm7YQAAAAD9kBQ/BksQTY4IumXVZgM1WU1RMDFFREdFMDkxNgA1OGM3YmY2ZC05YjNmLTQxNTgtYTZmYS0yY2FhOTY4ZWE1ODQ= x-cache CONFIG_NOCACHE content-type image/gif cache-control max-age=2592000 date Fri, 17 Dec 2021 02:43:48 GMT accept-ranges bytes content-length 42
GET H2	200	template Show response www.sasktoday.ca/jsb/	159 KB 159 KB	143ms 142ms	Script text/javascript	2620:1ec:bdf::70 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.sasktoday.ca/jsb/template?v=1fzxWfmkzuBZRwAM0pQ-gDdDfTo7scuEQ3brZH3LlW81 Requested by Host: www.sasktoday.ca URL: https://www.sasktoday.ca/central/outlook Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:bdf::70 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash a6597aeb9b17dd25e8c66fc56f68a7cd5d27c3240771763c091e0e10e15622cc Security Headers Name Value Strict-Transport-Security max-age=63072000; Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=63072000; last-modified Fri, 17 Dec 2021 02:43:49 GMT date Fri, 17 Dec 2021 02:43:48 GMT vary User-Agent x-cache CONFIG_NOCACHE content-type text/javascript; charset=utf-8 cache-control public x-azure-ref 0ZPm7YQAAAACmq3Z6kotqTq/s5o0/HWhWWU1RMDFFREdFMDkxNgA1OGM3YmY2ZC05YjNmLTQxNTgtYTZmYS0yY2FhOTY4ZWE1ODQ= content-length 162451 expires Sat, 17 Dec 2022 02:43:49 GMT
GET H2	200	p.js Show response cdn.parsely.com/keys/sasktoday.ca/	66 KB 23 KB	124ms 49ms	Script application/javascript	13.225.226.39 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.parsely.com/keys/sasktoday.ca/p.js Requested by Host: www.sasktoday.ca URL: https://www.sasktoday.ca/central/outlook Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.226.39 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-226-39.jfk51.r.cloudfront.net Software nginx / Resource Hash 5f3664c3494ab99a73dfee84cf1ec8cba260cc835fd8e34681d54c2fdaf1a2e5 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma public date Thu, 16 Dec 2021 21:39:37 GMT content-encoding gzip last-modified Tue, 13 Apr 2021 21:44:17 GMT server nginx age 18252 etag W/"607610b1-10707" x-cache Hit from cloudfront content-type application/javascript via 1.1 d3ab4cd494305c2d222c92f599e3c7c7.cloudfront.net (CloudFront) cache-control max-age=86400, public x-amz-cf-pop JFK51-C1 x-amz-cf-id LcClU-9Uc_CQnsaral5bTz-qCmzHXKJ6r7VU9_jWjsrEh_-8z1JZPg== expires Fri, 17 Dec 2021 21:39:37 GMT
GET H2	200	d7o6qoz7.js Show response l.getsitecontrol.com/	504 B 1 KB	125ms 64ms	Script text/javascript	195.181.168.47 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://l.getsitecontrol.com/d7o6qoz7.js Requested by Host: www.sasktoday.ca URL: https://www.sasktoday.ca/central/outlook Protocol H2 Security TLS 1.3, , AES_256_GCM Server 195.181.168.47 New York, United States, ASN60068 (CDN77 ^_^, GB), Reverse DNS edge-742.bunnyinfra.net Software BunnyCDN-NY1-742 / Resource Hash 9f0976fa8ebd4847b46467ac6ec87089afcb5ecc1a53ea14c38eae09d2175b5a Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Fri, 17 Dec 2021 02:43:49 GMT content-encoding br cdn-edgestorageid 742 x-amz-request-id 18SFK0FMEPDTFWP1 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-cachedat 11/27/2021 13:42:38 cdn-pullzone 89704 access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match x-amz-id-2 ls6N2F7DAVjytPcc3HfVUfrTxolXRa7Zxq/9wQ/SA3piBy9rdGmmTUt4+Xv9mxi2IuRfb3ltUpU= server BunnyCDN-NY1-742 access-control-allow-origin * last-modified Tue, 05 Oct 2021 21:11:42 GMT cdn-proxyver 1.0 cdn-requestpullcode 200 vary Accept-Encoding content-type text/javascript; charset=utf-8 cdn-cache HIT cdn-uid e3a1246b-2fdd-4153-9207-6ca707c9379d cache-control public, max-age=2592000 cdn-requestid 5aacab81b66a550da519b1527ddb3a30 cdn-requestcountrycode RO cdn-status 200 cdn-requestpullsuccess True
GET H/1.1	200 OK	services Show response sr.studiostack.com/v3/	24 KB 24 KB	190ms 35ms	Script application/x-javascript	20.49.104.19 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://sr.studiostack.com/v3/services Requested by Host: www.sasktoday.ca URL: https://www.sasktoday.ca/central/outlook Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.49.104.19 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash aceb79996d366f7e38f9c6971bed02d1bddc9e115305e0f40a17812a5469fb3e Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Pragma no-cache Date Fri, 17 Dec 2021 02:43:48 GMT Access-Control-Allow-Methods GET, POST, OPTIONS, HEAD, PUT Content-Type application/x-javascript Access-Control-Allow-Origin * Expires 0 Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Content-Length 24454 request-context appId=cid-v1:c374023b-8354-459d-b51b-039919730c2c
GET H2	200	v2iuf8pCLrGbSUDfK6Mq0wWL2m-KyS8lmN1NGxMNAjLDR5i9_klc-7mZt801mGtW5 Show response hollowafterthought.com/	88 KB 26 KB	140ms 57ms	Script text/javascript	35.190.74.222 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://hollowafterthought.com/v2iuf8pCLrGbSUDfK6Mq0wWL2m-KyS8lmN1NGxMNAjLDR5i9_klc-7mZt801mGtW5 Requested by Host: www.sasktoday.ca URL: https://www.sasktoday.ca/central/outlook Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.74.222 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 222.74.190.35.bc.googleusercontent.com Software / Resource Hash b85aae1321e96c39be1e3427055ce420905eca6212636b70abf740c1ac94d7a6 Security Headers Name Value Strict-Transport-Security max-age=15724800; preload Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=15724800; preload content-encoding br x-datacenter gce-us-east1 etag "6f3a31d40533f83f6ddfc9028aeadbba1f259006f4232ee3dc61c18f4eb7cf8a" vary Accept-Encoding, Accept-Language x-hostname 2a12bd2a content-type text/javascript; charset=utf-8 cache-control private, must-revalidate, max-age=21600 date Fri, 17 Dec 2021 02:43:49 GMT timing-allow-origin *
GET H2	200	user-o.svg www.vmcdn.ca/files/ui/icons/	715 B 1 KB	103ms 29ms	Image image/svg+xml	13.225.223.92 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.vmcdn.ca/files/ui/icons/user-o.svg Requested by Host: www.sasktoday.ca URL: https://www.sasktoday.ca/cssb/template_glacier?v=Eo-Hn33Ux9l6Yr6SlCF_o7SBwKky69CAlfUP2mKg1rg1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.223.92 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-223-92.jfk51.r.cloudfront.net Software CloudFront / Resource Hash 20c91e8fbcd29044b6c5f439edc4e293ee0821944202bdbc801d02303a6f72a1 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 29 Nov 2021 01:34:42 GMT via 1.1 4cb1c715abfea3c2d99c87070fbe2f27.cloudfront.net (CloudFront) server CloudFront age 1559346 x-cache Hit from cloudfront content-type image/svg+xml access-control-allow-origin * cache-control public content-disposition inline; filename=user-o.svg x-amz-cf-pop JFK51-C1 content-length 715 x-amz-cf-id KsLOBHHpSgMoPMXAfqJyItjGJauUI4YQgvmq7YXFIijPDVP1kJhmbQ== expires Wed, 29 Dec 2021 01:34:43 GMT
GET H2	200	opensans-regular.woff2 www.sasktoday.ca/css/fonts/	19 KB 19 KB	42ms 42ms	Font application/font-woff2	2620:1ec:bdf::70 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.sasktoday.ca/css/fonts/opensans-regular.woff2 Requested by Host: www.sasktoday.ca URL: https://www.sasktoday.ca/cssb/template_glacier?v=Eo-Hn33Ux9l6Yr6SlCF_o7SBwKky69CAlfUP2mKg1rg1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:bdf::70 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash bb83e6c7cf4aa041bcc51c81777e0e24484164c096c675bc0c8728f507eb943f Security Headers Name Value Strict-Transport-Security max-age=63072000; Request headers Referer https://www.sasktoday.ca/cssb/template_glacier?v=Eo-Hn33Ux9l6Yr6SlCF_o7SBwKky69CAlfUP2mKg1rg1 Origin https://www.sasktoday.ca Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=63072000; last-modified Thu, 02 Dec 2021 17:17:17 GMT etag "b5faf574a0e7d71:0" x-azure-ref 0Zfm7YQAAAAAuRN3xHpr+RIyFVMabWwJaWU1RMDFFREdFMDkxNgA1OGM3YmY2ZC05YjNmLTQxNTgtYTZmYS0yY2FhOTY4ZWE1ODQ= x-cache CONFIG_NOCACHE content-type application/font-woff2 cache-control max-age=2592000 date Fri, 17 Dec 2021 02:43:48 GMT accept-ranges bytes content-length 19020
GET DATA	200 OK	truncated /	204 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 4bbada45fd68ad952c7630330f2a543b374aa0dff02b612ed8637b09b6cef8ae Request headers Accept-Language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Content-Type image/gif
GET H2	200	search.svg www.vmcdn.ca/files/ui/icons/	442 B 793 B	81ms 28ms	Image image/svg+xml	13.225.223.92 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.vmcdn.ca/files/ui/icons/search.svg Requested by Host: www.sasktoday.ca URL: https://www.sasktoday.ca/cssb/template_glacier?v=Eo-Hn33Ux9l6Yr6SlCF_o7SBwKky69CAlfUP2mKg1rg1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.223.92 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-223-92.jfk51.r.cloudfront.net Software CloudFront / Resource Hash ab33bb269f5d469aaa053c29777d536ee3579be104a6e16d922c95af5f40ba1d Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 29 Nov 2021 01:34:22 GMT via 1.1 4cb1c715abfea3c2d99c87070fbe2f27.cloudfront.net (CloudFront) server CloudFront age 1559366 x-cache Hit from cloudfront content-type image/svg+xml access-control-allow-origin * cache-control public content-disposition inline; filename=search.svg x-amz-cf-pop JFK51-C1 content-length 442 x-amz-cf-id J0AVxVFn9rSPF2TjAH1fXnCl4zO92mLue_wUsLKfqKgno99RJPHmMg== expires Tue, 28 Dec 2021 10:33:07 GMT
GET H2	200	opensans-bold.woff2 www.sasktoday.ca/css/fonts/	19 KB 19 KB	38ms 38ms	Font application/font-woff2	2620:1ec:bdf::70 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.sasktoday.ca/css/fonts/opensans-bold.woff2 Requested by Host: www.sasktoday.ca URL: https://www.sasktoday.ca/cssb/template_glacier?v=Eo-Hn33Ux9l6Yr6SlCF_o7SBwKky69CAlfUP2mKg1rg1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:bdf::70 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 7188423c548d0761358ba2b6570354989e3f98f7318ed998adfb04e063c05915 Security Headers Name Value Strict-Transport-Security max-age=63072000; Request headers Referer https://www.sasktoday.ca/cssb/template_glacier?v=Eo-Hn33Ux9l6Yr6SlCF_o7SBwKky69CAlfUP2mKg1rg1 Origin https://www.sasktoday.ca Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=63072000; last-modified Thu, 02 Dec 2021 17:17:17 GMT etag "54b2f374a0e7d71:0" x-azure-ref 0Zfm7YQAAAAA9+9wVFxR7RrY0WlCC1KO+WU1RMDFFREdFMDkxNgA1OGM3YmY2ZC05YjNmLTQxNTgtYTZmYS0yY2FhOTY4ZWE1ODQ= x-cache CONFIG_NOCACHE content-type application/font-woff2 cache-control max-age=2592000 date Fri, 17 Dec 2021 02:43:48 GMT accept-ranges bytes content-length 19724
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 443 B	195ms 63ms	XHR text/plain	2607:f8b0:4023:1404::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-37383801-16&cid=274001203.1639709029&jid=639521364&gjid=1378350742&_gid=1026566717.1639709029&_u=IGDAgEABAAAAAE~&z=2006956038 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4023:1404::9a Columbus, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.sasktoday.ca/central/outlook Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Fri, 17 Dec 2021 02:43:49 GMT content-type text/plain access-control-allow-origin https://www.sasktoday.ca cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 69 B	192ms 63ms	XHR text/plain	2607:f8b0:4023:1404::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-155627007-5&cid=274001203.1639709029&jid=442346576&gjid=721487593&_gid=1026566717.1639709029&_u=IGDAgEABAAAAAE~&z=1775115696 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4023:1404::9a Columbus, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.sasktoday.ca/central/outlook Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Fri, 17 Dec 2021 02:43:49 GMT content-type text/plain access-control-allow-origin https://www.sasktoday.ca cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	collect www.google-analytics.com/	35 B 193 B	20ms 18ms	Image image/gif	2607:f8b0:4006:806::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j96&a=1062118692&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sasktoday.ca%2Fcentral%2Foutlook&ul=en-us&de=UTF-8&dt=Outlook%20-%20All%20News%20-%20SaskToday.ca&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGDAgEAB~&jid=639521364&gjid=1378350742&cid=274001203.1639709029&tid=UA-37383801-16&_gid=1026566717.1639709029&cd1=87&z=1245942606 Requested by Host: www.sasktoday.ca URL: https://www.sasktoday.ca/central/outlook Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Fri, 17 Dec 2021 02:15:07 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 1722 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	collect www.google-analytics.com/	35 B 91 B	19ms 19ms	Image image/gif	2607:f8b0:4006:806::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j96&a=1062118692&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sasktoday.ca%2Fcentral%2Foutlook&ul=en-us&de=UTF-8&dt=Outlook%20-%20All%20News%20-%20SaskToday.ca&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGDAgEABAAAAAE~&jid=442346576&gjid=721487593&cid=274001203.1639709029&tid=UA-155627007-5&_gid=1026566717.1639709029&cd1=87&z=2123132581 Requested by Host: www.sasktoday.ca URL: https://www.sasktoday.ca/central/outlook Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Fri, 17 Dec 2021 02:15:07 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 1722 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	/ p1.parsely.com/plogger/	43 B 257 B	113ms 27ms	Image image/gif	34.194.161.83 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://p1.parsely.com/plogger/?rand=1639709029224&plid=55857708&idsite=sasktoday.ca&url=https%3A%2F%2Fwww.sasktoday.ca%2Fcentral%2Foutlook&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.sasktoday.ca%2Fcentral%2Foutlook&sref=&sts=1639709029210&slts=0&title=Outlook+-+All+News+-+SaskToday.ca&date=Fri+Dec+17+2021+02%3A43%3A49+GMT%2B0000+(GMT)&action=pageview&pvid=23839106&u=pid%3D5cf8573d918dec3ee28ecbf747897380 Requested by Host: www.sasktoday.ca URL: https://www.sasktoday.ca/central/outlook Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.194.161.83 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-194-161-83.compute-1.amazonaws.com Software nginx / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Fri, 17 Dec 2021 02:43:49 GMT Cache-Control no-cache Last-Modified Friday, 17-Dec-2021 02:43:49 GMT Server nginx Connection keep-alive Content-Length 43 Content-Type image/gif
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	98 KB 26 KB	142ms 44ms	Script application/x-javascript	2a03:2880:f03a:1c:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: www.sasktoday.ca URL: https://www.sasktoday.ca/central/outlook Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f03a:1c:face:b00c:0:3 Minneapolis, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600 content-length 25965 x-xss-protection 0 pragma public x-fb-debug rXYrInSdDXqQzOMpI32cDVQ3uvJt6cjANeUn+x/2y7ilr968sKaa6m7IVMvpGOoGXrHB4RAaHGf4ZnHPxIJdPQ== x-fb-trip-id 1425083115 x-frame-options DENY date Fri, 17 Dec 2021 02:43:49 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
POST H2	200	weatherwidget Show response www.sasktoday.ca/external/	0 184 B	96ms 96ms	XHR text/html	2620:1ec:bdf::70 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.sasktoday.ca/external/weatherwidget Requested by Host: www.sasktoday.ca URL: https://www.sasktoday.ca/jsb/template?v=1fzxWfmkzuBZRwAM0pQ-gDdDfTo7scuEQ3brZH3LlW81 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:bdf::70 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; Request headers Accept */* Referer https://www.sasktoday.ca/central/outlook X-Requested-With XMLHttpRequest Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=63072000; last-modified Fri, 17 Dec 2021 02:31:48 GMT date Fri, 17 Dec 2021 02:43:48 GMT x-azure-ref 0Zfm7YQAAAAAsRj6DQiv3QaLm4XJGqcfwWU1RMDFFREdFMDkxNgA1OGM3YmY2ZC05YjNmLTQxNTgtYTZmYS0yY2FhOTY4ZWE1ODQ= x-cache CONFIG_NOCACHE content-type text/html cache-control public, max-age=178 content-length 0 expires Fri, 17 Dec 2021 02:46:48 GMT
GET H2	200	poll Show response www.sasktoday.ca/jsb/	20 KB 20 KB	97ms 96ms	XHR text/javascript	2620:1ec:bdf::70 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.sasktoday.ca/jsb/poll?v=oG8YSB4dyGKTFHX_-m-MrcyI-ykYr-_Pv7CFGKVEzoI1 Requested by Host: www.sasktoday.ca URL: https://www.sasktoday.ca/jsb/template?v=1fzxWfmkzuBZRwAM0pQ-gDdDfTo7scuEQ3brZH3LlW81 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:bdf::70 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 256df061c262c1f1daaafab04edf15993728da544e58bd6b57e82f29c1c74c99 Security Headers Name Value Strict-Transport-Security max-age=63072000; Request headers Accept text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01 Referer https://www.sasktoday.ca/central/outlook X-Requested-With XMLHttpRequest Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=63072000; last-modified Fri, 17 Dec 2021 02:43:49 GMT date Fri, 17 Dec 2021 02:43:48 GMT vary User-Agent x-cache CONFIG_NOCACHE content-type text/javascript; charset=utf-8 cache-control public x-azure-ref 0Zfm7YQAAAAAYuAv+A066S6Hkfxxe/oklWU1RMDFFREdFMDkxNgA1OGM3YmY2ZC05YjNmLTQxNTgtYTZmYS0yY2FhOTY4ZWE1ODQ= content-length 20721 expires Sat, 17 Dec 2022 02:43:49 GMT
GET H2	200	384298 Show response www.sasktoday.ca/widgets/	3 KB 3 KB	220ms 220ms	XHR text/html	2620:1ec:bdf::70 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.sasktoday.ca/widgets/384298 Requested by Host: www.sasktoday.ca URL: https://www.sasktoday.ca/jsb/template?v=1fzxWfmkzuBZRwAM0pQ-gDdDfTo7scuEQ3brZH3LlW81 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:bdf::70 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash f07cba12592c903dbf3b6a272bb53efe30fc2de7fe7a5c8cbfb9f1fbd9ff0d2d Security Headers Name Value Strict-Transport-Security max-age=63072000; X-Frame-Options SAMEORIGIN Request headers Accept */* Referer https://www.sasktoday.ca/central/outlook X-Requested-With XMLHttpRequest Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=63072000; date Fri, 17 Dec 2021 02:43:48 GMT x-frame-options SAMEORIGIN x-cache CONFIG_NOCACHE content-type text/html; charset=utf-8 cache-control private x-azure-ref 0Zfm7YQAAAAAFn7KC1iffSbqMauQxHKUFWU1RMDFFREdFMDkxNgA1OGM3YmY2ZC05YjNmLTQxNTgtYTZmYS0yY2FhOTY4ZWE1ODQ= content-length 2660
GET H2	200	384299 Show response www.sasktoday.ca/widgets/	5 KB 5 KB	97ms 97ms	XHR text/html	2620:1ec:bdf::70 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.sasktoday.ca/widgets/384299 Requested by Host: www.sasktoday.ca URL: https://www.sasktoday.ca/jsb/template?v=1fzxWfmkzuBZRwAM0pQ-gDdDfTo7scuEQ3brZH3LlW81 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:bdf::70 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 1b97b7dbcbb2bf4113f2cacdb24a0bcfd1a02f9b8e86f9abd88072d1892abf57 Security Headers Name Value Strict-Transport-Security max-age=63072000; Request headers Accept */* Referer https://www.sasktoday.ca/central/outlook X-Requested-With XMLHttpRequest Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=63072000; cache-control private date Fri, 17 Dec 2021 02:43:48 GMT content-length 4938 x-azure-ref 0Zfm7YQAAAAD+JQjS/JGTR5SnFwxD/WtlWU1RMDFFREdFMDkxNgA1OGM3YmY2ZC05YjNmLTQxNTgtYTZmYS0yY2FhOTY4ZWE1ODQ= x-cache CONFIG_NOCACHE content-type text/html; charset=utf-8
GET H2	200	hi-rcmp-new-1206.jpg;w=480;h=320;mode=crop www.vmcdn.ca/f/files/sasktoday/files/	33 KB 33 KB	47ms 47ms	Image image/jpeg	13.225.223.92 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.vmcdn.ca/f/files/sasktoday/files/hi-rcmp-new-1206.jpg;w=480;h=320;mode=crop Requested by Host: www.sasktoday.ca URL: https://www.sasktoday.ca/central/outlook Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.223.92 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-223-92.jfk51.r.cloudfront.net Software CloudFront / Resource Hash 10ea89d3f0ef712a4ec958da56c4443bc317f11dafd9b4f9b898727b0314f27c Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 13 Dec 2021 10:55:41 GMT via 1.1 4cb1c715abfea3c2d99c87070fbe2f27.cloudfront.net (CloudFront) server CloudFront age 316088 x-cache Hit from cloudfront content-type image/jpeg access-control-allow-origin * cache-control public x-amz-cf-pop JFK51-C1 content-length 33801 x-amz-cf-id bcmRKTRKwNX0JEqDzU22wdUz6jnngie-EYHAhzuUgAbQWUgiqQIxNA== expires Tue, 13 Dec 2022 10:55:41 GMT
GET H2	200	santaclausdisplay.JPG;w=480;h=320;mode=crop www.vmcdn.ca/f/files/sasktoday/files/	39 KB 39 KB	53ms 52ms	Image image/jpeg	13.225.223.92 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.vmcdn.ca/f/files/sasktoday/files/santaclausdisplay.JPG;w=480;h=320;mode=crop Requested by Host: www.sasktoday.ca URL: https://www.sasktoday.ca/central/outlook Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.223.92 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-223-92.jfk51.r.cloudfront.net Software CloudFront / Resource Hash 6c98345206ef1846e91b7edf0dc1493275bf330ce9a254779bcdd16c74fe6f14 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Thu, 16 Dec 2021 02:16:33 GMT via 1.1 4cb1c715abfea3c2d99c87070fbe2f27.cloudfront.net (CloudFront) server CloudFront age 88036 x-cache Hit from cloudfront content-type image/jpeg access-control-allow-origin * cache-control public x-amz-cf-pop JFK51-C1 content-length 40008 x-amz-cf-id xcZSoaM9lHnFL9X-kv1MJ5U9o29g4UTjNmN_t5UiiVbIFBJmCOcdag== expires Fri, 16 Dec 2022 02:16:33 GMT
GET H2	200	town-offices.jpg;w=480;h=320;mode=crop www.vmcdn.ca/f/files/sasktoday/files/	28 KB 28 KB	36ms 36ms	Image image/jpeg	13.225.223.92 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.vmcdn.ca/f/files/sasktoday/files/town-offices.jpg;w=480;h=320;mode=crop Requested by Host: www.sasktoday.ca URL: https://www.sasktoday.ca/central/outlook Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.223.92 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-223-92.jfk51.r.cloudfront.net Software CloudFront / Resource Hash 461327a744699edcaf595d7244516fa15d88f52232abe48d4ada29ba0b72a091 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 13 Dec 2021 10:55:31 GMT via 1.1 4cb1c715abfea3c2d99c87070fbe2f27.cloudfront.net (CloudFront) server CloudFront age 316098 x-cache Hit from cloudfront content-type image/jpeg access-control-allow-origin * cache-control public x-amz-cf-pop JFK51-C1 content-length 28437 x-amz-cf-id kw4oL3RAFYhBFmLt2L5dK_kPNrhK_JcqUQUxYdn6vTfUaBQUhtKHOA== expires Tue, 13 Dec 2022 10:55:31 GMT
GET H2	200	d7o6qoz7.json Show response l.getsitecontrol.com/	144 KB 7 KB	153ms 113ms	XHR application/json	195.181.168.47 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://l.getsitecontrol.com/d7o6qoz7.json Requested by Host: l.getsitecontrol.com URL: https://l.getsitecontrol.com/d7o6qoz7.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 195.181.168.47 New York, United States, ASN60068 (CDN77 ^_^, GB), Reverse DNS edge-742.bunnyinfra.net Software BunnyCDN-NY1-742 / Resource Hash 54435b010dd37f1e0e93dcb24bcbd1d848679a247b116938ba690a5ff2f90626 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Fri, 17 Dec 2021 02:43:49 GMT content-encoding br vary Accept-Encoding cdn-edgestorageid 742 x-amz-request-id 7E8GBHAJM9X1RNTV access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-cachedat 11/10/2021 18:29:40 cdn-pullzone 89704 access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match x-amz-id-2 7wcDicurKxyONk+L77rgs1kV9ntC8IGyHJcIZMwSnLHtxuCPlaXnjzichh2MAZUDBiMVfCEHrxE= server BunnyCDN-NY1-742 access-control-allow-origin * last-modified Tue, 05 Oct 2021 21:11:42 GMT cdn-proxyver 1.0 cdn-requestpullcode 200 access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/json; charset=utf-8 cdn-cache REVALIDATED cdn-uid e3a1246b-2fdd-4153-9207-6ca707c9379d cache-control public, max-age=5 cdn-requestid eab6c6c32fc8d863ab82bd175a527e5d cdn-requestcountrycode RO cdn-status 200 cdn-requestpullsuccess True
GET H2	200	skeleton.gif static.adsafeprotected.com/	43 B 481 B	199ms 35ms	Image image/gif	2600:9000:21ec:7800:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.adsafeprotected.com/skeleton.gif Requested by Host: www.sasktoday.ca URL: https://www.sasktoday.ca/central/outlook Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21ec:7800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Fri, 09 Apr 2021 18:48:18 GMT via 1.1 ab95c5a0dcf51f52101ed4d59d15a2a3.cloudfront.net (CloudFront) age 21714932 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED content-length 43 last-modified Mon, 17 Aug 2020 23:55:15 GMT server AmazonS3 etag "45cf913e5d9d3c9b2058033056d3dd23" x-amz-version-id iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja cache-control max-age=315360000 x-amz-cf-pop JFK51-C1 accept-ranges bytes content-type image/gif x-amz-cf-id a4s9DXIynCAu1cT3AjFFU7LZVeqtopms48BU5-vDBD_Ztx2FEUTPGw==
OPTIONS H/1.1	200 OK	attention-event sr.studiostack.com/track/ Frame	0 0	147ms 50ms	Preflight text/html	20.49.104.19 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://sr.studiostack.com/track/attention-event Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.49.104.19 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://www.sasktoday.ca User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Sec-Fetch-Mode cors Response headers Cache-Control no-cache, no-store, must-revalidate Pragma no-cache Allow POST Content-Length 4 Content-Type text/html; charset=utf-8 Expires 0 ETag W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ" request-context appId=cid-v1:c374023b-8354-459d-b51b-039919730c2c Access-Control-Allow-Origin * Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Access-Control-Allow-Methods GET, POST, OPTIONS, HEAD, PUT Date Fri, 17 Dec 2021 02:43:48 GMT
POST H/1.1	200 OK	attention-event Show response sr.studiostack.com/track/	0 396 B	117ms 116ms	XHR text/plain	20.49.104.19 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://sr.studiostack.com/track/attention-event Requested by Host: sr.studiostack.com URL: https://sr.studiostack.com/v3/services Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.49.104.19 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.sasktoday.ca/central/outlook Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type application/json;charset=UTF-8 Response headers Pragma no-cache Date Fri, 17 Dec 2021 02:43:48 GMT Access-Control-Allow-Methods GET, POST, OPTIONS, HEAD, PUT Access-Control-Allow-Origin * Expires 0 Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Content-Length 0 request-context appId=cid-v1:c374023b-8354-459d-b51b-039919730c2c
GET H3	200	pubads_impl_2021120601.js Show response securepubads.g.doubleclick.net/gpt/	348 KB 117 KB	67ms 40ms	Script text/javascript	142.250.65.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.65.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s71-in-f2.1e100.net Software sffe / Resource Hash 2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Fri, 17 Dec 2021 02:43:49 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 119476 x-xss-protection 0 last-modified Mon, 06 Dec 2021 09:34:20 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Fri, 17 Dec 2021 02:43:49 GMT
GET H3	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	93 B 111 B	61ms 34ms	XHR application/json	142.250.65.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.sasktoday.ca Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.65.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s71-in-f2.1e100.net Software cafe / Resource Hash e2552964fe7c93f21d185d5278169ba54a471b823ed5715189eff4fed3cac47f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers timing-allow-origin * date Fri, 17 Dec 2021 02:43:49 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 86 x-xss-protection 0 expires Fri, 17 Dec 2021 02:43:49 GMT
GET H/1.1	200 OK	attention-data Show response sr.studiostack.com/track/	123 B 610 B	212ms 112ms	XHR application/json	20.49.104.19 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://sr.studiostack.com/track/attention-data?media=250814&ref=https%3A%2F%2Fwww.sasktoday.ca%2Fcentral%2Foutlook Requested by Host: sr.studiostack.com URL: https://sr.studiostack.com/v3/services Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.49.104.19 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash f328d039a7333ddea4462d10ada5ced0ec8ebabc2068aa4bd145db5ecaadb2ef Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Pragma no-cache Date Fri, 17 Dec 2021 02:43:49 GMT ETag W/"7b-UDuPXuH+Id6CWfVUzWZs2YRSZJc" Access-Control-Allow-Methods GET, POST, OPTIONS, HEAD, PUT Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin * Expires 0 Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Content-Length 123 request-context appId=cid-v1:c374023b-8354-459d-b51b-039919730c2c
GET H2	200	picture-o.svg www.vmcdn.ca/files/ui/icons/	475 B 827 B	22ms 22ms	Image image/svg+xml	13.225.223.92 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.vmcdn.ca/files/ui/icons/picture-o.svg Requested by Host: www.sasktoday.ca URL: https://www.sasktoday.ca/cssb/template_glacier?v=Eo-Hn33Ux9l6Yr6SlCF_o7SBwKky69CAlfUP2mKg1rg1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.223.92 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-223-92.jfk51.r.cloudfront.net Software CloudFront / Resource Hash 361a44881097f7833bbf4346278ea77c9c56033682fdab64feffe9bb57b5eaf5 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 29 Nov 2021 01:34:43 GMT via 1.1 4cb1c715abfea3c2d99c87070fbe2f27.cloudfront.net (CloudFront) server CloudFront age 1559346 x-cache Hit from cloudfront content-type image/svg+xml access-control-allow-origin * cache-control public content-disposition inline; filename=picture-o.svg x-amz-cf-pop JFK51-C1 content-length 475 x-amz-cf-id Ja_9caNFD_vE5b-4JVsDceOFyv6r18NY99t4-UpwGV9hfLix34zRhA== expires Wed, 29 Dec 2021 01:34:43 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 501 B	91ms 37ms	Image image/gif	2607:f8b0:4006:809::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-37383801-16&cid=274001203.1639709029&jid=639521364&_u=IGDAgEABAAAAAE~&z=1171870912 Requested by Host: www.sasktoday.ca URL: https://www.sasktoday.ca/central/outlook Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:809::2004 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Fri, 17 Dec 2021 02:43:49 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.ca/ads/	42 B 501 B	92ms 37ms	Image image/gif	2607:f8b0:4006:81d::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-37383801-16&cid=274001203.1639709029&jid=639521364&_u=IGDAgEABAAAAAE~&z=1171870912 Requested by Host: www.sasktoday.ca URL: https://www.sasktoday.ca/central/outlook Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Fri, 17 Dec 2021 02:43:49 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	230610384243630 Show response connect.facebook.net/signals/config/	305 KB 87 KB	75ms 37ms	Script application/x-javascript	2a03:2880:f03a:1c:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/230610384243630?v=2.9.48&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f03a:1c:face:b00c:0:3 Minneapolis, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash eaedd5e230ed1a09c312e9b9b09b48ea6cef03f6591222f49dbda801115ccd93 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600 content-length 88827 x-xss-protection 0 pragma public x-fb-debug IeCpf1LCZMe4EZz6ulWhj4sK7SuAWV3BJQwREiC9QPdCouCEadAJz1O+wJiOCuF1/gL5Nqj1FnWl58stKc/30A== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Fri, 17 Dec 2021 02:43:49 GMT strict-transport-security max-age=31536000; preload; includeSubDomains report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	integrator.js Show response adservice.google.ca/adsid/	107 B 792 B	159ms 52ms	Script application/javascript	2607:f8b0:4006:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.ca/adsid/integrator.js?domain=www.sasktoday.ca Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers timing-allow-origin * date Fri, 17 Dec 2021 02:43:49 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 549 B	87ms 36ms	Script application/javascript	2607:f8b0:4006:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.sasktoday.ca Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers timing-allow-origin * date Fri, 17 Dec 2021 02:43:49 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	81 KB 21 KB	519ms 519ms	XHR text/plain	142.250.65.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2355642185113648&correlator=4440217979230839&output=ldjh&impl=fifs&eid=31061815%2C31063378%2C31063246&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20211217&iu_parts=4326737%2Catex_GNG-SK_site_section_subsection_3to1_S1_RON_GNG-network%2Catex_GNG-SK_site_section_subsection_wallpaper_S1_RON_GNG-network%2Catex_GNG-SK_site_section_subsection_1to2_S1_RON_GNG-network%2Catex_GNG-SK_site_section_subsection_1to1_S2_RON_GNG-network&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=1x1%7C728x90%7C900x150%7C900x300%7C970x250%2C1x2%2C300x600%7C300x250%7C300x300%7C300x120%2C300x250%7C300x300&eri=1&cust_params=site%3Dwww.sasktoday.ca%252Csasktoday.ca%26ContentCategory%3DCentral%252COutlook%26TemplateType%3DCategory&cookie_enabled=1&bc=31&abxe=1&lmt=1639709028&dt=1639709029478&dlt=1639709028911&idt=506&frm=20&biw=1600&bih=1200&oid=2&adxs=305%2C-12245933%2C980%2C980&adys=129%2C-12245933%2C274%2C712&adks=3880896073%2C4062377684%2C3952705426%2C1148640810&ucis=1%7C2%7C3%7C4&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sasktoday.ca%2Fcentral%2Foutlook&vis=1&dmc=8&scr_x=0&scr_y=0&psz=990x90%7C0x0%7C300x0%7C300x0&msz=0x0%7C0x0%7C0x0%7C0x0&ga_vid=274001203.1639709029&ga_sid=1639709029&ga_hid=1062118692&ga_fc=true&fws=4%2C132%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600&btvi=0%7C-1%7C0%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.65.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s71-in-f2.1e100.net Software cafe / Resource Hash 38a8e0143b1a1b35b603aa1272db27d7c799fb0aad1621201a79a227d9520838 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Fri, 17 Dec 2021 02:43:49 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2,-2,-2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 21131 x-xss-protection 0 google-lineitem-id 5823864690,158299897,5554618779,-1 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138375244438,50868982897,138374640154,-1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.sasktoday.ca cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response ce7168510b8aa18bdee2234806ee910c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D452	6 KB 4 KB	157ms 52ms	Document text/html	2607:f8b0:4006:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ce7168510b8aa18bdee2234806ee910c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} timing-allow-origin * content-length 3108 date Fri, 17 Dec 2021 02:43:49 GMT expires Sat, 17 Dec 2022 02:43:49 GMT cache-control public, immutable, max-age=31536000 last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	runtime.15e1c5b.js Show response s2.getsitecontrol.com/widgets/es6/	172 KB 54 KB	33ms 19ms	Script text/javascript	195.181.168.47 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://s2.getsitecontrol.com/widgets/es6/runtime.15e1c5b.js Requested by Host: l.getsitecontrol.com URL: https://l.getsitecontrol.com/d7o6qoz7.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 195.181.168.47 New York, United States, ASN60068 (CDN77 ^_^, GB), Reverse DNS edge-742.bunnyinfra.net Software BunnyCDN-NY1-742 / Resource Hash 745ad43cd385b9536d7263ae1c4793a2043d530c03e6f50baaf2ef18473e2980 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Fri, 17 Dec 2021 02:43:49 GMT content-encoding br cdn-edgestorageid 742 x-amz-request-id P7J797HBCVRD6FAN cdn-cachedat 09/29/2021 14:53:46 cdn-pullzone 83560 access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match x-amz-id-2 j88avqdO0gqLTniw5qMLwSYB4fzO9A2dkud3vmaTYW0KBtGjVylIMHyUc9rlNJ1YQcG0EGYwSZc= server BunnyCDN-NY1-742 access-control-allow-origin * last-modified Wed, 29 Sep 2021 14:34:17 GMT cdn-proxyver 1.0 cdn-requestpullcode 200 vary Accept-Encoding, Accept-Encoding content-type text/javascript; charset=utf-8 cdn-cache HIT access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=22809600 cdn-uid e3a1246b-2fdd-4153-9207-6ca707c9379d cdn-requestid 06db557fae56624cd336150ec9dffd76 cdn-requestcountrycode RO cdn-status 200 cdn-requestpullsuccess True
GET H2	200	/ www.facebook.com/tr/	44 B 409 B	141ms 42ms	Image image/gif	2a03:2880:f13a:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=230610384243630&ev=PageView&dl=https%3A%2F%2Fwww.sasktoday.ca%2Fcentral%2Foutlook&rl=&if=false&ts=1639709029692&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1639709029690.1590908268&it=1639709029399&coo=false&exp=p1&rqm=GET Requested by Host: www.sasktoday.ca URL: https://www.sasktoday.ca/central/outlook Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f13a:83:face:b00c:0:25de Minneapolis, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Fri, 17 Dec 2021 02:43:49 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600, h3-29=":443"; ma=3600 content-length 44 expires Fri, 17 Dec 2021 02:43:49 GMT
POST H2	200	v2gtm_nF-zfaJlc8zbjH182jfHJFg4HiZQvO8z9eYp3Jh1hgRoyDGAGf7ReIoYlYyyW6LPoQKRdraY1gGVg Show response hollowafterthought.com/	219 B 614 B	98ms 39ms	Fetch application/json	35.190.74.222 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://hollowafterthought.com/v2gtm_nF-zfaJlc8zbjH182jfHJFg4HiZQvO8z9eYp3Jh1hgRoyDGAGf7ReIoYlYyyW6LPoQKRdraY1gGVg Requested by Host: hollowafterthought.com URL: https://hollowafterthought.com/v2iuf8pCLrGbSUDfK6Mq0wWL2m-KyS8lmN1NGxMNAjLDR5i9_klc-7mZt801mGtW5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.74.222 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 222.74.190.35.bc.googleusercontent.com Software / Resource Hash 685a21dccb923c29479351ce8fd66a10074b0f61b15bde3fc4d059e015f6a485 Security Headers Name Value Strict-Transport-Security max-age=15724800; preload Request headers Referer https://www.sasktoday.ca/central/outlook Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers strict-transport-security max-age=15724800; preload x-datacenter gce-us-east1 date Fri, 17 Dec 2021 02:43:49 GMT vary Accept-Encoding, Origin access-control-allow-methods POST, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin https://www.sasktoday.ca cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true x-hostname 2a12bd2a timing-allow-origin * access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie content-length 219 expires Fri, 17 Dec 2021 02:43:48 GMT
GET H2	200	events Show response pop1.getsitecontrol.com/api/v1/	595 B 843 B	93ms 26ms	Fetch text/plain	52.86.134.216 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://pop1.getsitecontrol.com/api/v1/events Requested by Host: s2.getsitecontrol.com URL: https://s2.getsitecontrol.com/widgets/es6/runtime.15e1c5b.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.86.134.216 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-86-134-216.compute-1.amazonaws.com Software Getsitecontrol / Resource Hash b6df52872625c93ab46bb06f09f5be14305ec4ac13724373d3281289dca8b7a2 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Fri, 17 Dec 2021 02:43:49 GMT server Getsitecontrol access-control-allow-methods GET,POST content-type text/plain; charset=utf-8 access-control-allow-origin * cache-control private, no-cache access-control-allow-credentials false access-control-allow-headers Content-Type,X-Requested-With content-length 595
POST H2	200	me Show response www.sasktoday.ca/account/	124 B 303 B	131ms 130ms	XHR application/json	2620:1ec:bdf::70 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.sasktoday.ca/account/me Requested by Host: www.sasktoday.ca URL: https://www.sasktoday.ca/jsb/head?v=jhxbwXXQa3JYU5N_WTC1IyuRQhf9lZjjb3a2aLfG1fg1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:bdf::70 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 173c678f8859fc92740b04d67dea1e099315e2983fe4656108bf17df70514feb Security Headers Name Value Strict-Transport-Security max-age=63072000; X-Frame-Options SAMEORIGIN Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=63072000; date Fri, 17 Dec 2021 02:43:49 GMT x-frame-options SAMEORIGIN x-cache CONFIG_NOCACHE content-type application/json; charset=utf-8 cache-control private x-azure-ref 0Zfm7YQAAAAANW8eMw1TJQbqk0jmB1BnjWU1RMDFFREdFMDkxNgA1OGM3YmY2ZC05YjNmLTQxNTgtYTZmYS0yY2FhOTY4ZWE1ODQ= content-length 124
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	11 KB 9 KB	91ms 41ms	XHR application/json	2607:f8b0:4006:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120601&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 6ea739711c63518f7ae66730d4f73221c47d64f2fd283084b0a9e03a8996fcbe Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers timing-allow-origin * date Fri, 17 Dec 2021 02:43:49 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8629 x-xss-protection 0
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	46ms 45ms	Script text/javascript	2607:f8b0:4006:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Fri, 17 Dec 2021 02:43:49 GMT content-encoding gzip x-content-type-options nosniff server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6386 x-xss-protection 0 expires Fri, 17 Dec 2021 02:43:49 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame DF03	13 KB 5 KB	78ms 31ms	Document text/html	2607:f8b0:4006:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-length 5046 date Tue, 14 Dec 2021 06:54:57 GMT expires Wed, 14 Dec 2022 06:54:57 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 244133 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	aframe Show response www.google.com/recaptcha/api2/ Frame EAEC	783 B 534 B	78ms 38ms	Document text/html	2607:f8b0:4006:809::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:809::2004 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 7def86085e8edfdc3932c08b46ebd8501fd517390a220a5f8325487d272418d8 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-epEfiRfZEbgzHoGIRPT8RA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook Response headers cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} expires Fri, 17 Dec 2021 02:43:50 GMT date Fri, 17 Dec 2021 02:43:50 GMT cache-control private, max-age=300 content-type text/html; charset=utf-8 content-security-policy script-src 'report-sample' 'nonce-epEfiRfZEbgzHoGIRPT8RA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 512 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame D944	0 0	43ms 43ms	Fetch image/gif	142.250.65.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssz38kZPg_dPLThhMfc4zQ5_lk7B43XQ3RcFLhfOyjjES1dFIJ78yH5ppkwnX__uJf7th0IYT4jXAGE7jokvFNSwjEo3ym-70QQ6yBPZCcDtwn0Nnwl3EnALBrt7Vn5CVTPbpbAzwoCk2W7o_powFSDJ19xEHr7uG4Wrr3H0DIZD1Oe8__aUvtwxNEBrOdOpz2O7pZyZGi4VjtCSSI68d_GiZHarK8Ho9jnksHfmuDXuloKD8cxEHlDZG_eMOpzneFRRgv3E4HXZVkePubfeD-QJrZGW2LcKVkRNyQHeF_O1SfD0DFY-nna44tc8DtqIZHBGEKIEXtJvEfiF9jGmBIzvuo59G38n8f8BF_ST6LX0ILOZ_4Mn2lJig&sai=AMfl-YT_Zud7ruYEe_RtpbVTNen1zfheyuOcHQq1Yax8UG2vvk6a4VqhDUoRYfP2wLiSg8jKWKe2HTEe98ghPw_rd6Hx6wUegPM2LPL4eqvXk4EJqbWH7EdQMbzGDWY_0OeF&sig=Cg0ArKJSzNpSl1yWovxnEAE&uach_m=[UACH]&urlfix=1&adurl= Requested by Host: www.sasktoday.ca URL: https://www.sasktoday.ca/central/outlook Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.65.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s71-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers timing-allow-origin * date Fri, 17 Dec 2021 02:43:50 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe expires Fri, 17 Dec 2021 02:43:50 GMT
GET H/1.1	200 OK	freeskreen.min.js Show response static.freeskreen.com/ba/206/ Frame D944	24 KB 9 KB	288ms 46ms	Script text/javascript	13.225.223.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.freeskreen.com/ba/206/freeskreen.min.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 13.225.223.126 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-223-126.jfk51.r.cloudfront.net Software AmazonS3 / Resource Hash 8f3da4847f0a4941ceb3287a4b574a7f7383848ae791c2b3d189ba0ae2b0923a Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers x-amz-version-id dckSO0DUn0RFLwD3BBFBFJAIbwYM0Pla Content-Encoding gzip Last-Modified Tue, 23 Feb 2021 19:53:51 GMT Server AmazonS3 Age 4838 ETag "9e0931585824aace25cb8e0d85cd8961" X-Cache Hit from cloudfront Content-Type text/javascript Via 1.1 671b6837b1f5908956524bc8798dab1f.cloudfront.net (CloudFront) Connection keep-alive Date Fri, 17 Dec 2021 01:31:49 GMT X-Amz-Cf-Pop JFK51-C1 Accept-Ranges bytes Content-Length 8866 X-Amz-Cf-Id IaIIt-48gXPt_qIeYXpbnvHvQa52Tmaaim4UDj2-bwTwWf-EB-hbFQ==
GET H2	200	skin.js Show response cdn.districtm.ca/ Frame D944	1 KB 952 B	74ms 26ms	Script text/javascript	2606:4700::6812:633c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.districtm.ca/skin.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:633c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5797f6bbd13dbf5c749504ae691aa6c0bff608de605746b17129dfaeab3433a4 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Fri, 17 Dec 2021 02:43:50 GMT content-encoding br cf-cache-status HIT age 565193 cf-polished origSize=1459 last-modified Tue, 21 Mar 2017 20:12:51 GMT x-amz-request-id C2ZVW7A9YNCDGGQ7 x-amz-id-2 Gj2XKjHH10rpHwA0Sr5cOTN5ODgEEXANXowb2N2erE07DG5IxakbE9TeG3hKLgTyWl2HZ+fWHT0= cf-bgj minify server cloudflare etag W/"ed4748e3a870ab1e3ed7f00760ba3a1c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript cache-control public, max-age=86400 x-amz-version-id dKBTJqTWfjh1s0TNJHycQdpwcEoIR_pL cf-ray 6becce5e48be7136-YUL expires Sat, 18 Dec 2021 02:43:50 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame D944	119 KB 37 KB	52ms 43ms	Script text/javascript	142.250.65.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.65.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s71-in-f2.1e100.net Software sffe / Resource Hash 87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Fri, 17 Dec 2021 02:43:50 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37305 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1638461285297402" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 17 Dec 2021 02:43:50 GMT
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 28C1	0 0	44ms 43ms	Fetch image/gif	142.250.65.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss9SgaUvkAFiPbhE5NmueU59fgXAe9aN4ah_wwjPrt3EHVV6vB3_sJguMekXVTwmtjBIfA_x1qt1ZQZq5wxV_1kQbfdghxBjAPUDDR2tZKKXjJAR_r0fiQZnJp27YTIeZyHcTfx1yolTAM_pgmJsO9K2DPWOtBFmw5CcEaYf_bHJXOs8hjrPsYnG76NrvJ6w7ivLEOzCf3RP-JkiDH5n0xiofPnkRguTy_WuMU3bFUAVAm_tv9grXkv8yXbKr81TD1UaKoMs5HWuZV3jIvXQN_Zj9LlK0IIktDbDcfEbjteEfQJj_v1GEg6rEKIwhHNR7w-HX19DitV6Q0q3qEkkVdIaOjQLcpjGrmSbZzRFMtO4wyn9pTK&sai=AMfl-YRzIfLNRg4hZahRCi97ddnCT3nK9SkITj-E1dZc3c111AhVBsbUznvD53478NcFWEVB8poTdKYHuic8cE0XEPZkPCrSPiZdL-yMphAdPE4VCnpYJSzyeWhrIEQj-YDY&sig=Cg0ArKJSzHBEldZe8TxhEAE&uach_m=[UACH]&urlfix=1&adurl= Requested by Host: www.sasktoday.ca URL: https://www.sasktoday.ca/central/outlook Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.65.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s71-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers timing-allow-origin * date Fri, 17 Dec 2021 02:43:50 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe expires Fri, 17 Dec 2021 02:43:50 GMT
GET H2	200	launcher-1.0.0.js Show response tj6w5.flx10.com/libs/ Frame 28C1	17 KB 6 KB	86ms 21ms	Script application/javascript	94.31.29.29 ZAYO-6461
General Check archive.org Show headers Download Go to Full URL https://tj6w5.flx10.com/libs/launcher-1.0.0.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.31.29.29 , United Kingdom, ASN6461 (ZAYO-6461, US), Reverse DNS 94.31.29.29.IPYX-077437-ZYO.above.net Software NetDNA-cache/2.2 / Resource Hash 35d3560abefdd86f4994b166ac3ba59f4ebf264b78310a63c7faf4c0e2d1c824 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Fri, 17 Dec 2021 02:43:50 GMT content-encoding gzip last-modified Fri, 10 Dec 2021 20:32:26 GMT server NetDNA-cache/2.2 etag W/"61b3b95a-42ae" x-cache HIT content-type application/javascript cache-control no-cache expires Wed, 15 Dec 2021 15:55:51 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 28C1	119 KB 37 KB	46ms 45ms	Script text/javascript	142.250.65.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.65.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s71-in-f2.1e100.net Software sffe / Resource Hash 87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Fri, 17 Dec 2021 02:43:50 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37305 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1638461285297402" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 17 Dec 2021 02:43:50 GMT
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 2AB5	0 0	43ms 42ms	Fetch image/gif	142.250.65.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu7RWTPMfNc-hieaaA2s7ePtlnocmc641UMIKdB14gGIm0v98WX6SsDkb2fbLRAs8fPnNp-NqyXyzZzTN-VzzX0vfaW2QpQ4aOIigq69WOe2QdgvKhrBCmX2iTmOybmkkPUiIVxkrU8ctz30iliQU_oUiYsKmmG2Z7gdhmijgzHOrspoDf4CCkEaWCrmolrP5p28JEmWZpYF4BA_mDDXLLMTZJVyhAUsZQdTcAryIF2AuXWND0i5tFbt4q4qOaqNd9Ybecwi_dtY-Fu4r9nnH-R7rpeo8XnUBc_xotzpjapvnwGv3b2QTTQ3Aq3JNFxpfHQnNtPRVS0wUvvLpO3weKaLJoTDpNmWQqEH8V7GxjzGz9fsWZ2&sai=AMfl-YTQWKARAeNF2E8QRndbKI8gM5e5DUnDP1bBjdCMm9s9yEv-RvO22xUw-lF4ryf1O7v3GQxLrWfE8tL1u89o-vuSI_-YYTfj0jPql8ciu1uX1VwMHwngY29ywPWXtJ2X&sig=Cg0ArKJSzC_Sr1BrQStlEAE&uach_m=[UACH]&adurl= Requested by Host: www.sasktoday.ca URL: https://www.sasktoday.ca/central/outlook Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.65.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s71-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers timing-allow-origin * date Fri, 17 Dec 2021 02:43:50 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 2AB5	2 KB 1 KB	33ms 32ms	Script text/javascript	2607:f8b0:4006:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Fri, 17 Dec 2021 02:43:22 GMT content-encoding gzip x-content-type-options nosniff age 28 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1332 x-xss-protection 0 server cafe etag 3351516697335751560 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 31 Dec 2021 02:43:22 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 2AB5	119 KB 36 KB	67ms 66ms	Script text/javascript	142.250.65.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.65.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s71-in-f2.1e100.net Software sffe / Resource Hash 87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Fri, 17 Dec 2021 02:43:50 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37305 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1638461285297402" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 17 Dec 2021 02:43:50 GMT
GET H3	200	14563914291601527531 tpc.googlesyndication.com/simgad/ Frame 2AB5	50 KB 50 KB	36ms 36ms	Image image/gif	2607:f8b0:4006:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/14563914291601527531 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash de24bf560215352c06babda2eb9dee47cda6a0f0aa079ba7489c0d28f561595d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Thu, 16 Dec 2021 22:19:20 GMT x-content-type-options nosniff age 15870 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 50771 x-xss-protection 0 last-modified Mon, 06 Dec 2021 21:06:00 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/gif access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Fri, 16 Dec 2022 22:19:20 GMT
GET H3	200	container.html Show response ce7168510b8aa18bdee2234806ee910c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F771	6 KB 3 KB	37ms 36ms	Document text/html	2607:f8b0:4006:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ce7168510b8aa18bdee2234806ee910c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} timing-allow-origin * content-length 3108 date Fri, 17 Dec 2021 02:43:49 GMT expires Sat, 17 Dec 2022 02:43:49 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, immutable, max-age=31536000 age 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame EAEC	0 0	99ms 69ms	Image text/html	2607:f8b0:4006:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021120601&jk=2355642185113648&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers
GET H3	200	A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js Show response pagead2.googlesyndication.com/bg/ Frame DF03	35 KB 13 KB	53ms 29ms	Script text/javascript	2607:f8b0:4006:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 037b12d07ffce84bbca6821a50f249c54429b20c0f2fd67469a0bb5937113051 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 12 Dec 2021 04:28:44 GMT content-encoding br x-content-type-options nosniff age 425706 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13610 x-xss-protection 0 last-modified Mon, 06 Dec 2021 19:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 12 Dec 2022 04:28:44 GMT
GET DATA	200 OK	truncated / Frame 28C1	217 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 04db3c82eb0de6c581ef09b10cd88f2f7450bd0eed98b6339445385e884c1cb5 Request headers Accept-Language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Content-Type image/png
GET H2	200	/ Show response tj6w5.flx10.com/v2/cZqvJAh736e/-/breakpoint/900x300/ Frame 12BC	50 KB 16 KB	28ms 27ms	Document text/html	94.31.29.29 ZAYO-6461
General Check archive.org Show headers Download Go to Full URL https://tj6w5.flx10.com/v2/cZqvJAh736e/-/breakpoint/900x300/?cacheBuster=954381094&clickTracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssYFlRRCkJtmDGc4n9hg4xqC8G4R-BRfOweP-RXx2w29Gj90bxFVRfSfWazIN9RW5j_FDd36AdcOZsFipILCl_Rz48FN7PiBYCqXz0PFhF1Crma2M1ooWYxUMQO9d6kRDF5LrTpl9UDHFKyHXIoLcL1WHxqELLf_lKqwpqKYIF7rLaqWiTXNKfjEr9gt77ntaJRujDVTtnA7Yh_tj_j-IJo9GpCIbXzRTr-4owRv9zp5WlRtX4FLdxSOj63vP4n-6eUdM8t0XufnTI_laPFGasJwvK9ZFhk6dpQHcYDL5LnDjxKZGxaYDbbjpKFLInB_Db3P6dQCy8aLANZv1BAa8j5lUzWWehh2NVDdEuNYtMg974x%26sai%3DAMfl-YRPNEI8S_9oguv-9e3XVw3NHQVEgCIEhhl2vRBytiD0JCbvxRKhVBcEEBAizEU2TxLmHHQulrY2HQw1kqiE1Qzs-F5Dhj07BlUMgMd8IIc1MYIRtEZkawSkJ0uSnWE7%26sig%3DCg0ArKJSzPZVc8EsiqtOEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D Requested by Host: tj6w5.flx10.com URL: https://tj6w5.flx10.com/libs/launcher-1.0.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.31.29.29 , United Kingdom, ASN6461 (ZAYO-6461, US), Reverse DNS 94.31.29.29.IPYX-077437-ZYO.above.net Software NetDNA-cache/2.2 / Resource Hash 0d90f4e9df11735aa7b3ca4de55d66f55557a10317c78ae89102e6f34437d256 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook Response headers date Fri, 17 Dec 2021 02:43:50 GMT content-type text/html access-control-allow-methods POST, GET, PUT, DELETE, OPTIONS access-control-allow-credentials true access-control-allow-headers X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, X-Auth-Token cache-control no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0 expires Thu Dec 23 2021 22:35:26 GMT+0000 (Coordinated Universal Time) vary Accept-Encoding server NetDNA-cache/2.2 x-cache HIT content-encoding gzip
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 28C1	0 0	47ms 47ms	Fetch image/gif	142.250.65.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstG4WqTrtfI2viKhcOdC1jCasjT6hdEAdnro6aGa2-Okl0R85g9aMYi31v6Fq-8I1X0JvgwqtybAx4nPWr4rww_cTcOctuXnfpdE6JAexXH-6DNlC9egPYIs4uXo3R3VVmTcXWcu8kM9AYKDTPYG0L6dcUT0MkAjUXtd_5hl8L8exdzZ5aCxlQ8h06p-2cauDYGKusL84-21gssIUfY3gFROwfVutLCOmOSxH30huKok3iP7NNUxil43R-bF9lciXn2KV-EpkVzXG099iQUDPRwDBz3iJktgcDyVNZfyX5JaSuKyJbHXPtxzx6cgARWCAdlHR5GINeDRSG2CDnkEQ52AM2HOevBAPWTKAQ1uyimJB1dv_4nS1Y&sai=AMfl-YQ7YxAVLkC81pRoGNAuhtRn6-1B3hlVA6C_9440pqy3bjU3QitL4aVXMdoMbcjHcl4O-R2tsm0H-mXDgBy-fIMM18HHW5ONaeoCVDLsrB13hNWe5pormCEcZhJL3WI_&sig=Cg0ArKJSzKOFnOoDCTnGEAE&uach_m=[UACH]&urlfix=1&adurl= Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.65.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s71-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers timing-allow-origin * date Fri, 17 Dec 2021 02:43:50 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe expires Fri, 17 Dec 2021 02:43:50 GMT
GET H3	200	/ www.facebook.com/tr/	44 B 91 B	98ms 44ms	Image image/gif	2a03:2880:f13a:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=230610384243630&ev=Microdata&dl=https%3A%2F%2Fwww.sasktoday.ca%2Fcentral%2Foutlook&rl=&if=false&ts=1639709030267&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Outlook%20-%20All%20News%20%20-%20SaskToday.ca%22%2C%22meta%3Adescription%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22SaskToday.ca%22%2C%22twitter%3Asite%22%3A%22%40%22%2C%22og%3Atitle%22%3A%22Outlook%20-%20All%20News%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.vmcdn.ca%2Ff%2Ffiles%2Fsasktoday%2Fimages%2Fsasktoday%2Fsasktoday-green-logo.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22NewsMediaOrganization%22%2C%22name%22%3A%22SaskToday.ca%22%2C%22url%22%3A%22https%3A%2F%2Fwww.sasktoday.ca%22%2C%22logo%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22ImageObject%22%2C%22url%22%3A%22https%3A%2F%2Fwww.vmcdn.ca%2Ff%2Ffiles%2Fsasktoday%2Fimages%2Fsasktoday%2Fsasktoday-green-logo.jpg%22%2C%22width%22%3A%22382%22%2C%22height%22%3A%2240%22%7D%2C%22email%22%3A%22gbrewerton%40glaciermedia.ca%22%2C%22address%22%3A%7B%22%40type%22%3A%22PostalAddress%22%2C%22addressLocality%22%3A%22Saskatchewan%22%2C%22addressRegion%22%3A%22SK%22%2C%22postalCode%22%3A%22S9A%201M9%22%2C%22streetAddress%22%3A%22892%20-%20104th%20Street%22%7D%2C%22sameAs%22%3A%5B%5D%7D%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1639709029690.1590908268&it=1639709029399&coo=false&es=automatic&tm=3&exp=p1&rqm=GET Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f13a:83:face:b00c:0:25de Minneapolis, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Fri, 17 Dec 2021 02:43:50 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3=":443"; ma=3600, h3-29=":443"; ma=3600 priority u=3,i expires Fri, 17 Dec 2021 02:43:50 GMT
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 2AB5	0 0	41ms 40ms	Fetch image/gif	142.250.65.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuQQqRojh5TXKXOgBTIRxevGWknrN5w-NOJqKd18lz3TCF_HPGW7nSTZp4nWhepY82G7eUOIvg7OWQ4bTQzPahySJ_r-FM4WTt5-oeGRDWvWtVdrqeWdQ_Yki-bFNt6bP3f04pFLezoWP4Xs2EYRGtNLkTzxREGnhtzPDeXx_iAEr1rlYyQ8ffDTHRlbZZ_SlxWAxc7Ise1--r3512Zova5MtDDRWYhIdXIpYAvWtUYT99eOuhm8ndfLhhn0jHv9Jwe9bHK589nn7_Mo59fIOPtUAJ3gZXvGwwp6CuBp_-take8_yXE-V95IRBtwXafGLNTJOsjrBEFdQH0H884mtQSlm1EFGseSJS6uTrVu5ji7sl7ue0x-q0&sai=AMfl-YT1eCKHQ4X_DjZGEDcUO4HqTeJY_mJ-f6forq1Sek-IHxHdYiIegkuCpsnbVqW-Vpw9GHL8te-Bfws2e_bsOeQ_nmBpYfMyE4no6uuIjvZx2uMli58m2WUdomC9TIMY&sig=Cg0ArKJSzN9csSCuROmaEAE&uach_m=[UACH]&adurl= Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.65.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s71-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers timing-allow-origin * date Fri, 17 Dec 2021 02:43:50 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe expires Fri, 17 Dec 2021 02:43:50 GMT
GET DATA	200 OK	truncated / Frame 2AB5	213 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 122dfdce3ed9e25bd65dd9351c9fae3d09e94dce1a32d8f046f3a927da1f3294 Request headers Accept-Language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Content-Type image/png
GET H2	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 1D94	624 B 733 B	87ms 35ms	Document text/html	2607:f8b0:4006:80d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO4XRCv-LquAhjhxY-9ATAB&v=APEucNXmAjo7DV2p6JqiW7OZfijlnve7Q2NQXRuYMCc6jaHyAOjfOhhh0B9OwQDkpFZQ7NwHe4mMhlP0w2g9nLmN5XT-wi3N0Q Requested by Host: ce7168510b8aa18bdee2234806ee910c.safeframe.googlesyndication.com URL: https://ce7168510b8aa18bdee2234806ee910c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer https://ce7168510b8aa18bdee2234806ee910c.safeframe.googlesyndication.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Fri, 17 Dec 2021 02:43:50 GMT server cafe cache-control private content-length 276 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame F771	54 KB 27 KB	117ms 66ms	Script text/javascript	2607:f8b0:4006:80d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bv2TRz6Uz7ubkbolhCt8TEt07xHIXX1aBuvcpiHhJxxBS2A-bkyXMrCZyO4IHxGj7Xw0Y-VUgaxc9BpzHSEz--A9m1JZ4Hqv_5QoZojqnpk8Iro6bQYgNUirzzax0bYoCcYBcDNk2VFhNjaL627KAd8Aqa6Q&dbm_d=AKAmf-BgY-mNoRdEPrlAjepB77yPTvYTRGkfxoBVfcQtsyRjaE1GdDcet9oBk-IXovkGvLjjV29snTYlC6600i7B4KUQvHoInFl8RxeIofcKP9jajPlAlYn2Mt_tK7sd2OpoozCcikhW8QPHwOrCF7kMT4ifk-kECybgYCFmRHUKzcwRQGqVN8zXNPnCHAssVbXt_2uuMALnXe20oCgu-tDs15kRaKuN_VjNu9zBr_0FciofsXMEw5fvFbKErAHkxOtC0wL6inEk6f41M4vzlClc0hr9E-kqH7UU3jThIiF9yZyxGWOBownkzTTOnPAADWuSA92aBU9ZEpd_DULRXCT46ANR-linFjsIMT_cRBxZ1qCILV_fEzcuXt5FTytoukv6HSNYOCGEHpR28BAzFEgn8dyQ4PeaRF5wLTxd8s3qzGOj-aJ5rTMO-nn7JPaMpzrkPjPFTPvAZChZUoy5sX9B08727s0V_5R0-fZzWszKVm7sFLwJsnrcJXGVhrUD4EmHF64oMONUXhdC2FwzxKu0xAHMDhaWjBaXG1WEmsg0NlqczeYCB5BcuJii4fP2muuiz7AABNaNnODJC8YVkXO9p27RW8PQfhIbDk6hiPP_yElstToOluysdAp85r-q8dvGIkyXjLAT8MImA6lsYWzDPabCnFm4652wgGYZH1lHdfVE6yll6W7Ap33fA_Xfrgn5wKa8cqW_D9Tp_1bR95ryc8LWLQCNkahsNCse2k4ryFTj5pmhhgjvtaPArod6gxA_cqayugmTI5U6Pkn0Sk1SDwm3iVU3YR_Plrn6wPGjt_8NzCwzglKWE7ngQeY3tV0cuc_jpySrMXxmurbWV7JeWBRQ1vgEfQe6zxda1AIgPP2R-ve323If0Wo2-_t6-ocZE7lWJauIkbaDJwfLjLh0-x7DlD7u3v6IA0iJZWXD8CyGrfBBJEzb7kupExHdIyTIfosP8nxqAmi2wm38PnWRRD4aBdFjkQFa73GhL92aaT7palzWRqRuPNpXKkwG-9r7SFC2mJyKP8bN40Yb5gLj9Xnru_24LscCmbsMHg-uNOO4cTLXIZVpvSOS8fUkU4bGsOPeAxATQKcjLFkz37lciaCQlz_PDO8sPeuL-nVaUg3lxJwHIHOCWT6IepEcdd_tu6GKy3a3I2qgaMDy_E2C67h3akbG6xiDOmObFT15N_J58t888vYfBAJsgpUbeYzO8MknXCgkxF6e4xg2SaosYvWGO1mdcFvdb0_vVDDcNfrxFK3jhULbkSfs5Cy7ocUOKtaBjS0zsvkBjN4101e9z3QaDM26X-CATuc-zRFox0bs2W8TvDitvmzQwLaJeJxyByelPNjLB-4y0x9VAKKP5JH8_3q-2_b-asZa-xwHY-NyK2KRJ305sqioajdcrkH9OW0dN25404iWGdpx6Zb2s3h_vjObOW9PNc7ANI1FV8Z5-w6pY3fZqt_dgFAvFyVrr6-OlluBFBmfcJ9BW2_40vfeZVFFyXNCLQ7hSeI1i3GTCNQLMVl9MaozvDl7AeJxS4DFauIybUEsv9k4wgxd8St35V7QmOhzXI9KWB_X7M5rH6d-tfXY44KvZpmIeMCrIGP2Jx1dRd20I24OOj5ERwpYkiM9fd508hDrRZVtnnk66EvfXMZonPxLfF4OKc76a1ylsiZoxCdKXP0WkrZgWEelK38QzOONFt7yeNFbUYRPvY2H_X6eAr0SJW57jiJ8PwBHLPRJU0Sxf5Z67PNVm6usM7VTEdrNzI6oSGOGZDT1HMo03j8EhstT_V75wHGJ8lCQt0-6UKM5UVt6E6dChGFRoT0kj0XBsIT6KwEGzWmpc65vW1rNHt2AWDdSghoJbhsieduAsrVeC2uGfRVNjIhJWE0ZOOBogkXaGKex-dBzjzczdBCB5MMBzUp_1nzGtjDP1zFROGlfsDNkcqugdR19r5CB_fTIGP8jvMwkIdObfDEUtetzUmX0SVE8vmz2cFwxEW3fJFCCKCKst4HMQ6qgIQgRZdTiirPBVRc7FC0tUMaTwkBar559D89BHZPTJ8SvO1LMl04HR26RKk_6n9HbJzgRlCmc9W6HKw86zFoW_2mMwEXVXB8cq0V7wSrIbUmfBmE9iO74JZQmvXCysw6-Hk9bCpIKaikjLMLza7rqV80m3_iUhZXSX-kdNzV4c5iRk5mblYzi0b_4SJnb-JRiELIPqnJjjBSq1B9sKHYFjaswHhGJww5Hr6vwziIcRjFOHXVRpQRdGnYC0DqV4NCI7sRho2R6-QcOSSwbb4jB7TPW7oOaLDgpEFByOflVuyBWAUNmXFVpZZNfp1Y143XTr0JnDvN0X7LcvYphty8DmtkTgwmK1FFyJ5Me8wfsTEc2dl494SJT2nDHJELX-G2tEy9qlBvzt0wnY24xBu5_aVs-hgl-2j4y-dfG5zTYA-2N-5ylToJUBcc760dO9LupP1q9N5dLg7KxgvBCAUDn_hAOFTsLDo126mxCOXU5tbLiTxYazOZOl17TjIJG_hGI_WA0HyzHkKZd9-9e-5hpU_PtGjVQZWF-8rVQAreXb16TVNUv189JdLuFeafCv2O4R8L5TRZP3EAAjMJjrZgk7iRXlWsGzruI7Qz6HEKmE528qFcyAcPnVyouYojveEQfefuLREElbccu5GN-V7720s3QWPQS0HLAHSvokWpl1M0K7h8yTVpYYALZrAQPk4cjKo-HxuVzfFyvFz_CS_0SUKEKrj5yw9_ivDpfb4Z9CBgqvLeHP2szR4_4ktfC1MY_G53khfISl6n_sMcyFVmB9AsM9piLCAtIi-nBUAAho_CKYrBl5LTtk34Yy0vrnb85BcFdZEkwXJ8i34lY_u-3xWBqc70Y7bzW29J5-BN_nwUmxIIhrVbjGu90b34NAnBuuvPDH8YbSdmPU9DKZx8XPV_6xFudyG7r2P02V4THm0apNZ3H-p6YaXg5WwxwgL6B3egLE1me2wgbl1jhq35vXqnVCSrQtMhCM1IdwzPMPP8SZo_nifYwPlpZtarbtGgG4ko_6cFiqsr4gHRW_ZkjeQjdOiUr6gfrECyknSqLrT66M8rxa5UoXd5DLjUXVQihqqKgBWTBZjOaeM5pPix6NB6RJxzrIGyMfGjtSmrKkuDMSCeC6kRrvp90zRHgTis1K9ooMX61Kgm8yyrH6oCfqmED2_7u1EGnRs5YF7DLw4IGC586liFCvLFYfG6PXPJ84syzcCXkDaxX2OF9RtfmHl0uVQIGkDKdwrrVSQ_CEj1NDEWm&cid=CAASFeRoBBKVRqqSmaa_rLFPyngnUqvdDA&rfl=1%2Chttps%253A%252F%252Fwww.sasktoday.ca%252Fcentral%252Foutlook%240 Requested by Host: www.sasktoday.ca URL: https://www.sasktoday.ca/central/outlook Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 771ea6a584fb17fd7d8a6558b894dcacbaa8003cbd6e7b2cefe24e56e1701761 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://ce7168510b8aa18bdee2234806ee910c.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Fri, 17 Dec 2021 02:43:50 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 27400 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame F771	42 B 63 B	40ms 39ms	Image image/gif	2607:f8b0:4006:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CQTxIr8U80IzEJF1qkVjdzrMAZNU_pCt8u50tHC3E0-Nsam993roCF2a6SlUD_5LzuwH3KxaByaqnvRRyNN_OsK1fAhxqejBJ_jhTe9UsuhDt1OzY Requested by Host: ce7168510b8aa18bdee2234806ee910c.safeframe.googlesyndication.com URL: https://ce7168510b8aa18bdee2234806ee910c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://ce7168510b8aa18bdee2234806ee910c.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Fri, 17 Dec 2021 02:43:50 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame F771	2 KB 1 KB	28ms 27ms	Script text/javascript	2607:f8b0:4006:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js Requested by Host: ce7168510b8aa18bdee2234806ee910c.safeframe.googlesyndication.com URL: https://ce7168510b8aa18bdee2234806ee910c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://ce7168510b8aa18bdee2234806ee910c.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Fri, 17 Dec 2021 02:43:22 GMT content-encoding gzip x-content-type-options nosniff age 28 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1332 x-xss-protection 0 server cafe etag 3351516697335751560 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 31 Dec 2021 02:43:22 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame F771	119 KB 36 KB	82ms 81ms	Script text/javascript	142.250.65.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: ce7168510b8aa18bdee2234806ee910c.safeframe.googlesyndication.com URL: https://ce7168510b8aa18bdee2234806ee910c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.65.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s71-in-f2.1e100.net Software sffe / Resource Hash 87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://ce7168510b8aa18bdee2234806ee910c.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Fri, 17 Dec 2021 02:43:50 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37305 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1638461285297402" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 17 Dec 2021 02:43:50 GMT
GET H3	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame F771	15 KB 6 KB	28ms 27ms	Script text/javascript	2607:f8b0:4006:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js Requested by Host: ce7168510b8aa18bdee2234806ee910c.safeframe.googlesyndication.com URL: https://ce7168510b8aa18bdee2234806ee910c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://ce7168510b8aa18bdee2234806ee910c.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Fri, 17 Dec 2021 02:38:15 GMT content-encoding gzip x-content-type-options nosniff age 335 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6464 x-xss-protection 0 server cafe etag 15715955993838318253 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 31 Dec 2021 02:38:15 GMT
GET H2	200	Uh08ZLsealNQ2V9USvfPczSteR4jqi4a.jpg k3vzn.flx10.com/ Frame 12BC	120 KB 120 KB	105ms 35ms	Image image/jpeg	94.31.29.29 ZAYO-6461
General Check archive.org Show headers Download Go to Show image Full URL https://k3vzn.flx10.com/Uh08ZLsealNQ2V9USvfPczSteR4jqi4a.jpg?width=900&height=300&focusX=50&focusY=50&zoom=100 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.31.29.29 , United Kingdom, ASN6461 (ZAYO-6461, US), Reverse DNS 94.31.29.29.IPYX-077437-ZYO.above.net Software NetDNA-cache/2.2 / Resource Hash f5e29c0aeeef06efe8e9a0a7e078b8b1b44feed3f7162260e64249d489668106 Request headers Accept-Language en-CA,en;q=0.9 Referer https://tj6w5.flx10.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Fri, 17 Dec 2021 02:43:50 GMT server NetDNA-cache/2.2 access-control-allow-methods POST, GET, PUT, DELETE, OPTIONS content-type image/jpeg cache-control public, max-age=864000 access-control-allow-credentials true x-cache HIT access-control-allow-headers X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, X-Auth-Token expires Fri Dec 17 2021 21:38:43 GMT+0000 (Coordinated Universal Time)
GET H2	200	sxFFGTqCeZnzJ7Xji29dHcK7Hi1aDMT3.jpg k3vzn.flx10.com/ Frame 12BC	125 KB 125 KB	152ms 83ms	Image image/jpeg	94.31.29.29 ZAYO-6461
General Check archive.org Show headers Download Go to Show image Full URL https://k3vzn.flx10.com/sxFFGTqCeZnzJ7Xji29dHcK7Hi1aDMT3.jpg?width=900&height=300&focusX=50&focusY=50&zoom=100 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.31.29.29 , United Kingdom, ASN6461 (ZAYO-6461, US), Reverse DNS 94.31.29.29.IPYX-077437-ZYO.above.net Software NetDNA-cache/2.2 / Resource Hash 4fc43de1362edec0f29314271d76e6b5b604638ee5130d24389ce6a3411f8ea1 Request headers Accept-Language en-CA,en;q=0.9 Referer https://tj6w5.flx10.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Fri, 17 Dec 2021 02:43:50 GMT server NetDNA-cache/2.2 access-control-allow-methods POST, GET, PUT, DELETE, OPTIONS content-type image/jpeg cache-control public, max-age=864000 access-control-allow-credentials true x-cache HIT access-control-allow-headers X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, X-Auth-Token expires Fri Dec 17 2021 21:38:43 GMT+0000 (Coordinated Universal Time)
GET H2	200	script.js Show response sb.freeskreen.com/publisher/	74 KB 22 KB	170ms 104ms	Script text/html	44.198.150.39 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://sb.freeskreen.com/publisher/script.js?bai=206&ut=&uts=&flc=&slc=&windowlocation=https%3A%2F%2Fwww.sasktoday.ca%2Fcentral%2Foutlook&usp=&gdpr=-1&cs=-1 Requested by Host: static.freeskreen.com URL: https://static.freeskreen.com/ba/206/freeskreen.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.198.150.39 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-198-150-39.compute-1.amazonaws.com Software Apache/2.4.29 (Ubuntu) / Resource Hash c27c8509f3d0ec500ba9b35913ec2b1ae941f036709a9407f6455ab5209fdd34 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Fri, 17 Dec 2021 02:43:50 GMT content-encoding gzip server Apache/2.4.29 (Ubuntu) vary Accept-Encoding p3p CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR" cache-control no-cache, no-store, must-revalidate content-type text/html;charset=UTF-8 content-length 22006 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	200 OK	bounce Show response secure.adnxs.com/ Frame D944 Redirect Chain https://secure.adnxs.com/ttj?inv_code=dm-pl-138225&member=1908&pt1=1190&pt2=0&pt3=5000000&pt4=0&pt5=0&cb=905273936 https://secure.adnxs.com/bounce?%2Fttj%3Finv_code%3Ddm-pl-138225%26member%3D1908%26pt1%3D1190%26pt2%3D0%26pt3%3D5000000%26pt4%3D0%26pt5%3D0%26cb%3D905273936	7 KB 4 KB	153ms 152ms	Script application/javascript	68.67.161.182 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://secure.adnxs.com/bounce?%2Fttj%3Finv_code%3Ddm-pl-138225%26member%3D1908%26pt1%3D1190%26pt2%3D0%26pt3%3D5000000%26pt4%3D0%26pt5%3D0%26cb%3D905273936 Requested by Host: www.sasktoday.ca URL: https://www.sasktoday.ca/central/outlook Protocol HTTP/1.1 Server 68.67.161.182 New York, United States, ASN29990 (ASN-APPNEX, US), Reverse DNS 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net Software nginx/1.17.9 / Resource Hash 7434628f659ab49acef6b73a8eb19bbd7d082dcf8352b6f1bba39d2bdbd95dcc Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Fri, 17 Dec 2021 02:43:50 GMT Content-Encoding gzip Transfer-Encoding chunked P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Connection keep-alive X-Proxy-Origin 37.120.205.170; 37.120.205.170; 797.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com X-XSS-Protection 0 Pragma no-cache AN-X-Request-Uuid 07a22474-f713-4c8e-92ab-c9eff544b60d Server nginx/1.17.9 Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers Pragma no-cache Date Fri, 17 Dec 2021 02:43:50 GMT X-Proxy-Origin 37.120.205.170; 37.120.205.170; 797.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com AN-X-Request-Uuid 0c1996b3-39b0-4101-9895-098ec6a655c5 Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://secure.adnxs.com/bounce?%2Fttj%3Finv_code%3Ddm-pl-138225%26member%3D1908%26pt1%3D1190%26pt2%3D0%26pt3%3D5000000%26pt4%3D0%26pt5%3D0%26cb%3D905273936 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 1D94 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1qpQGAOtrfJ1JOYIOPgSc&google_cver=1 https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1qpQGAOtrfJ1JOYIOPgSc&google_cver=1&C=1	43 B 1012 B	39ms 38ms	Image image/gif	23.52.162.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1qpQGAOtrfJ1JOYIOPgSc&google_cver=1&C=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO4XRCv-LquAhjhxY-9ATAB&v=APEucNXmAjo7DV2p6JqiW7OZfijlnve7Q2NQXRuYMCc6jaHyAOjfOhhh0B9OwQDkpFZQ7NwHe4mMhlP0w2g9nLmN5XT-wi3N0Q Protocol HTTP/1.1 Server 23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-52-162-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Pragma no-cache Date Fri, 17 Dec 2021 02:43:50 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Fri, 17 Dec 2021 02:43:50 GMT Redirect headers Pragma no-cache Date Fri, 17 Dec 2021 02:43:50 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1qpQGAOtrfJ1JOYIOPgSc&google_cver=1&C=1 Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type text/html; charset=iso-8859-1 Content-Length 308 Expires Fri, 17 Dec 2021 02:43:50 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 1D94 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ybv5Zu1yPJrWxW1aGj5N1QAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1qpQGAOtrfJ1JOYIOPgSc&google_cver=1	43 B 892 B	51ms 50ms	Image image/gif	23.52.162.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1qpQGAOtrfJ1JOYIOPgSc&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO4XRCv-LquAhjhxY-9ATAB&v=APEucNXmAjo7DV2p6JqiW7OZfijlnve7Q2NQXRuYMCc6jaHyAOjfOhhh0B9OwQDkpFZQ7NwHe4mMhlP0w2g9nLmN5XT-wi3N0Q Protocol HTTP/1.1 Server 23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-52-162-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Pragma no-cache Date Fri, 17 Dec 2021 02:43:50 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Fri, 17 Dec 2021 02:43:50 GMT Redirect headers pragma no-cache date Fri, 17 Dec 2021 02:43:50 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1qpQGAOtrfJ1JOYIOPgSc&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	setuid ib.adnxs.com/ Frame 1D94 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEMgx20UJF2r209ZQjy8uh-c&google_cver=1	43 B 1006 B	84ms 73ms	Image image/gif	68.67.161.182 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESEMgx20UJF2r209ZQjy8uh-c&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO4XRCv-LquAhjhxY-9ATAB&v=APEucNXmAjo7DV2p6JqiW7OZfijlnve7Q2NQXRuYMCc6jaHyAOjfOhhh0B9OwQDkpFZQ7NwHe4mMhlP0w2g9nLmN5XT-wi3N0Q Protocol HTTP/1.1 Server 68.67.161.182 New York, United States, ASN29990 (ASN-APPNEX, US), Reverse DNS 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net Software nginx/1.17.9 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Pragma no-cache Date Fri, 17 Dec 2021 02:43:50 GMT X-Proxy-Origin 37.120.205.170; 37.120.205.170; 797.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com AN-X-Request-Uuid 83035c58-499b-4c73-9517-222a041bf743 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Fri, 17 Dec 2021 02:43:50 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ib.adnxs.com/setuid?entity=101&code=CAESEMgx20UJF2r209ZQjy8uh-c&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 1D94 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI4MzA0MTI0MjI5NTM2MjQ1Mw%3D%3D	170 B 188 B	85ms 60ms	Image image/png	142.250.64.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI4MzA0MTI0MjI5NTM2MjQ1Mw%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO4XRCv-LquAhjhxY-9ATAB&v=APEucNXmAjo7DV2p6JqiW7OZfijlnve7Q2NQXRuYMCc6jaHyAOjfOhhh0B9OwQDkpFZQ7NwHe4mMhlP0w2g9nLmN5XT-wi3N0Q Protocol H3 Server 142.250.64.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s30-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Fri, 17 Dec 2021 02:43:50 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Fri, 17 Dec 2021 02:43:50 GMT X-Proxy-Origin 37.120.205.170; 37.120.205.170; 797.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com AN-X-Request-Uuid 1944b759-c1ae-487c-8adb-9e13b408baa0 Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI4MzA0MTI0MjI5NTM2MjQ1Mw%3D%3D Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame F771	24 KB 9 KB	22ms 21ms	Script text/javascript	2607:f8b0:4006:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bv2TRz6Uz7ubkbolhCt8TEt07xHIXX1aBuvcpiHhJxxBS2A-bkyXMrCZyO4IHxGj7Xw0Y-VUgaxc9BpzHSEz--A9m1JZ4Hqv_5QoZojqnpk8Iro6bQYgNUirzzax0bYoCcYBcDNk2VFhNjaL627KAd8Aqa6Q&dbm_d=AKAmf-BgY-mNoRdEPrlAjepB77yPTvYTRGkfxoBVfcQtsyRjaE1GdDcet9oBk-IXovkGvLjjV29snTYlC6600i7B4KUQvHoInFl8RxeIofcKP9jajPlAlYn2Mt_tK7sd2OpoozCcikhW8QPHwOrCF7kMT4ifk-kECybgYCFmRHUKzcwRQGqVN8zXNPnCHAssVbXt_2uuMALnXe20oCgu-tDs15kRaKuN_VjNu9zBr_0FciofsXMEw5fvFbKErAHkxOtC0wL6inEk6f41M4vzlClc0hr9E-kqH7UU3jThIiF9yZyxGWOBownkzTTOnPAADWuSA92aBU9ZEpd_DULRXCT46ANR-linFjsIMT_cRBxZ1qCILV_fEzcuXt5FTytoukv6HSNYOCGEHpR28BAzFEgn8dyQ4PeaRF5wLTxd8s3qzGOj-aJ5rTMO-nn7JPaMpzrkPjPFTPvAZChZUoy5sX9B08727s0V_5R0-fZzWszKVm7sFLwJsnrcJXGVhrUD4EmHF64oMONUXhdC2FwzxKu0xAHMDhaWjBaXG1WEmsg0NlqczeYCB5BcuJii4fP2muuiz7AABNaNnODJC8YVkXO9p27RW8PQfhIbDk6hiPP_yElstToOluysdAp85r-q8dvGIkyXjLAT8MImA6lsYWzDPabCnFm4652wgGYZH1lHdfVE6yll6W7Ap33fA_Xfrgn5wKa8cqW_D9Tp_1bR95ryc8LWLQCNkahsNCse2k4ryFTj5pmhhgjvtaPArod6gxA_cqayugmTI5U6Pkn0Sk1SDwm3iVU3YR_Plrn6wPGjt_8NzCwzglKWE7ngQeY3tV0cuc_jpySrMXxmurbWV7JeWBRQ1vgEfQe6zxda1AIgPP2R-ve323If0Wo2-_t6-ocZE7lWJauIkbaDJwfLjLh0-x7DlD7u3v6IA0iJZWXD8CyGrfBBJEzb7kupExHdIyTIfosP8nxqAmi2wm38PnWRRD4aBdFjkQFa73GhL92aaT7palzWRqRuPNpXKkwG-9r7SFC2mJyKP8bN40Yb5gLj9Xnru_24LscCmbsMHg-uNOO4cTLXIZVpvSOS8fUkU4bGsOPeAxATQKcjLFkz37lciaCQlz_PDO8sPeuL-nVaUg3lxJwHIHOCWT6IepEcdd_tu6GKy3a3I2qgaMDy_E2C67h3akbG6xiDOmObFT15N_J58t888vYfBAJsgpUbeYzO8MknXCgkxF6e4xg2SaosYvWGO1mdcFvdb0_vVDDcNfrxFK3jhULbkSfs5Cy7ocUOKtaBjS0zsvkBjN4101e9z3QaDM26X-CATuc-zRFox0bs2W8TvDitvmzQwLaJeJxyByelPNjLB-4y0x9VAKKP5JH8_3q-2_b-asZa-xwHY-NyK2KRJ305sqioajdcrkH9OW0dN25404iWGdpx6Zb2s3h_vjObOW9PNc7ANI1FV8Z5-w6pY3fZqt_dgFAvFyVrr6-OlluBFBmfcJ9BW2_40vfeZVFFyXNCLQ7hSeI1i3GTCNQLMVl9MaozvDl7AeJxS4DFauIybUEsv9k4wgxd8St35V7QmOhzXI9KWB_X7M5rH6d-tfXY44KvZpmIeMCrIGP2Jx1dRd20I24OOj5ERwpYkiM9fd508hDrRZVtnnk66EvfXMZonPxLfF4OKc76a1ylsiZoxCdKXP0WkrZgWEelK38QzOONFt7yeNFbUYRPvY2H_X6eAr0SJW57jiJ8PwBHLPRJU0Sxf5Z67PNVm6usM7VTEdrNzI6oSGOGZDT1HMo03j8EhstT_V75wHGJ8lCQt0-6UKM5UVt6E6dChGFRoT0kj0XBsIT6KwEGzWmpc65vW1rNHt2AWDdSghoJbhsieduAsrVeC2uGfRVNjIhJWE0ZOOBogkXaGKex-dBzjzczdBCB5MMBzUp_1nzGtjDP1zFROGlfsDNkcqugdR19r5CB_fTIGP8jvMwkIdObfDEUtetzUmX0SVE8vmz2cFwxEW3fJFCCKCKst4HMQ6qgIQgRZdTiirPBVRc7FC0tUMaTwkBar559D89BHZPTJ8SvO1LMl04HR26RKk_6n9HbJzgRlCmc9W6HKw86zFoW_2mMwEXVXB8cq0V7wSrIbUmfBmE9iO74JZQmvXCysw6-Hk9bCpIKaikjLMLza7rqV80m3_iUhZXSX-kdNzV4c5iRk5mblYzi0b_4SJnb-JRiELIPqnJjjBSq1B9sKHYFjaswHhGJww5Hr6vwziIcRjFOHXVRpQRdGnYC0DqV4NCI7sRho2R6-QcOSSwbb4jB7TPW7oOaLDgpEFByOflVuyBWAUNmXFVpZZNfp1Y143XTr0JnDvN0X7LcvYphty8DmtkTgwmK1FFyJ5Me8wfsTEc2dl494SJT2nDHJELX-G2tEy9qlBvzt0wnY24xBu5_aVs-hgl-2j4y-dfG5zTYA-2N-5ylToJUBcc760dO9LupP1q9N5dLg7KxgvBCAUDn_hAOFTsLDo126mxCOXU5tbLiTxYazOZOl17TjIJG_hGI_WA0HyzHkKZd9-9e-5hpU_PtGjVQZWF-8rVQAreXb16TVNUv189JdLuFeafCv2O4R8L5TRZP3EAAjMJjrZgk7iRXlWsGzruI7Qz6HEKmE528qFcyAcPnVyouYojveEQfefuLREElbccu5GN-V7720s3QWPQS0HLAHSvokWpl1M0K7h8yTVpYYALZrAQPk4cjKo-HxuVzfFyvFz_CS_0SUKEKrj5yw9_ivDpfb4Z9CBgqvLeHP2szR4_4ktfC1MY_G53khfISl6n_sMcyFVmB9AsM9piLCAtIi-nBUAAho_CKYrBl5LTtk34Yy0vrnb85BcFdZEkwXJ8i34lY_u-3xWBqc70Y7bzW29J5-BN_nwUmxIIhrVbjGu90b34NAnBuuvPDH8YbSdmPU9DKZx8XPV_6xFudyG7r2P02V4THm0apNZ3H-p6YaXg5WwxwgL6B3egLE1me2wgbl1jhq35vXqnVCSrQtMhCM1IdwzPMPP8SZo_nifYwPlpZtarbtGgG4ko_6cFiqsr4gHRW_ZkjeQjdOiUr6gfrECyknSqLrT66M8rxa5UoXd5DLjUXVQihqqKgBWTBZjOaeM5pPix6NB6RJxzrIGyMfGjtSmrKkuDMSCeC6kRrvp90zRHgTis1K9ooMX61Kgm8yyrH6oCfqmED2_7u1EGnRs5YF7DLw4IGC586liFCvLFYfG6PXPJ84syzcCXkDaxX2OF9RtfmHl0uVQIGkDKdwrrVSQ_CEj1NDEWm&cid=CAASFeRoBBKVRqqSmaa_rLFPyngnUqvdDA&rfl=1%2Chttps%253A%252F%252Fwww.sasktoday.ca%252Fcentral%252Foutlook%240 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a1b000b433199bfd60632e61b74bb2c4abd074dce072784e7acd55b1e4158cee Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://ce7168510b8aa18bdee2234806ee910c.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Fri, 17 Dec 2021 02:42:47 GMT content-encoding gzip x-content-type-options nosniff age 63 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9516 x-xss-protection 0 server cafe etag 14328493792227503680 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 31 Dec 2021 02:42:47 GMT
GET H3	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/ Frame F771	8 KB 3 KB	23ms 23ms	Script text/javascript	2607:f8b0:4006:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bv2TRz6Uz7ubkbolhCt8TEt07xHIXX1aBuvcpiHhJxxBS2A-bkyXMrCZyO4IHxGj7Xw0Y-VUgaxc9BpzHSEz--A9m1JZ4Hqv_5QoZojqnpk8Iro6bQYgNUirzzax0bYoCcYBcDNk2VFhNjaL627KAd8Aqa6Q&dbm_d=AKAmf-BgY-mNoRdEPrlAjepB77yPTvYTRGkfxoBVfcQtsyRjaE1GdDcet9oBk-IXovkGvLjjV29snTYlC6600i7B4KUQvHoInFl8RxeIofcKP9jajPlAlYn2Mt_tK7sd2OpoozCcikhW8QPHwOrCF7kMT4ifk-kECybgYCFmRHUKzcwRQGqVN8zXNPnCHAssVbXt_2uuMALnXe20oCgu-tDs15kRaKuN_VjNu9zBr_0FciofsXMEw5fvFbKErAHkxOtC0wL6inEk6f41M4vzlClc0hr9E-kqH7UU3jThIiF9yZyxGWOBownkzTTOnPAADWuSA92aBU9ZEpd_DULRXCT46ANR-linFjsIMT_cRBxZ1qCILV_fEzcuXt5FTytoukv6HSNYOCGEHpR28BAzFEgn8dyQ4PeaRF5wLTxd8s3qzGOj-aJ5rTMO-nn7JPaMpzrkPjPFTPvAZChZUoy5sX9B08727s0V_5R0-fZzWszKVm7sFLwJsnrcJXGVhrUD4EmHF64oMONUXhdC2FwzxKu0xAHMDhaWjBaXG1WEmsg0NlqczeYCB5BcuJii4fP2muuiz7AABNaNnODJC8YVkXO9p27RW8PQfhIbDk6hiPP_yElstToOluysdAp85r-q8dvGIkyXjLAT8MImA6lsYWzDPabCnFm4652wgGYZH1lHdfVE6yll6W7Ap33fA_Xfrgn5wKa8cqW_D9Tp_1bR95ryc8LWLQCNkahsNCse2k4ryFTj5pmhhgjvtaPArod6gxA_cqayugmTI5U6Pkn0Sk1SDwm3iVU3YR_Plrn6wPGjt_8NzCwzglKWE7ngQeY3tV0cuc_jpySrMXxmurbWV7JeWBRQ1vgEfQe6zxda1AIgPP2R-ve323If0Wo2-_t6-ocZE7lWJauIkbaDJwfLjLh0-x7DlD7u3v6IA0iJZWXD8CyGrfBBJEzb7kupExHdIyTIfosP8nxqAmi2wm38PnWRRD4aBdFjkQFa73GhL92aaT7palzWRqRuPNpXKkwG-9r7SFC2mJyKP8bN40Yb5gLj9Xnru_24LscCmbsMHg-uNOO4cTLXIZVpvSOS8fUkU4bGsOPeAxATQKcjLFkz37lciaCQlz_PDO8sPeuL-nVaUg3lxJwHIHOCWT6IepEcdd_tu6GKy3a3I2qgaMDy_E2C67h3akbG6xiDOmObFT15N_J58t888vYfBAJsgpUbeYzO8MknXCgkxF6e4xg2SaosYvWGO1mdcFvdb0_vVDDcNfrxFK3jhULbkSfs5Cy7ocUOKtaBjS0zsvkBjN4101e9z3QaDM26X-CATuc-zRFox0bs2W8TvDitvmzQwLaJeJxyByelPNjLB-4y0x9VAKKP5JH8_3q-2_b-asZa-xwHY-NyK2KRJ305sqioajdcrkH9OW0dN25404iWGdpx6Zb2s3h_vjObOW9PNc7ANI1FV8Z5-w6pY3fZqt_dgFAvFyVrr6-OlluBFBmfcJ9BW2_40vfeZVFFyXNCLQ7hSeI1i3GTCNQLMVl9MaozvDl7AeJxS4DFauIybUEsv9k4wgxd8St35V7QmOhzXI9KWB_X7M5rH6d-tfXY44KvZpmIeMCrIGP2Jx1dRd20I24OOj5ERwpYkiM9fd508hDrRZVtnnk66EvfXMZonPxLfF4OKc76a1ylsiZoxCdKXP0WkrZgWEelK38QzOONFt7yeNFbUYRPvY2H_X6eAr0SJW57jiJ8PwBHLPRJU0Sxf5Z67PNVm6usM7VTEdrNzI6oSGOGZDT1HMo03j8EhstT_V75wHGJ8lCQt0-6UKM5UVt6E6dChGFRoT0kj0XBsIT6KwEGzWmpc65vW1rNHt2AWDdSghoJbhsieduAsrVeC2uGfRVNjIhJWE0ZOOBogkXaGKex-dBzjzczdBCB5MMBzUp_1nzGtjDP1zFROGlfsDNkcqugdR19r5CB_fTIGP8jvMwkIdObfDEUtetzUmX0SVE8vmz2cFwxEW3fJFCCKCKst4HMQ6qgIQgRZdTiirPBVRc7FC0tUMaTwkBar559D89BHZPTJ8SvO1LMl04HR26RKk_6n9HbJzgRlCmc9W6HKw86zFoW_2mMwEXVXB8cq0V7wSrIbUmfBmE9iO74JZQmvXCysw6-Hk9bCpIKaikjLMLza7rqV80m3_iUhZXSX-kdNzV4c5iRk5mblYzi0b_4SJnb-JRiELIPqnJjjBSq1B9sKHYFjaswHhGJww5Hr6vwziIcRjFOHXVRpQRdGnYC0DqV4NCI7sRho2R6-QcOSSwbb4jB7TPW7oOaLDgpEFByOflVuyBWAUNmXFVpZZNfp1Y143XTr0JnDvN0X7LcvYphty8DmtkTgwmK1FFyJ5Me8wfsTEc2dl494SJT2nDHJELX-G2tEy9qlBvzt0wnY24xBu5_aVs-hgl-2j4y-dfG5zTYA-2N-5ylToJUBcc760dO9LupP1q9N5dLg7KxgvBCAUDn_hAOFTsLDo126mxCOXU5tbLiTxYazOZOl17TjIJG_hGI_WA0HyzHkKZd9-9e-5hpU_PtGjVQZWF-8rVQAreXb16TVNUv189JdLuFeafCv2O4R8L5TRZP3EAAjMJjrZgk7iRXlWsGzruI7Qz6HEKmE528qFcyAcPnVyouYojveEQfefuLREElbccu5GN-V7720s3QWPQS0HLAHSvokWpl1M0K7h8yTVpYYALZrAQPk4cjKo-HxuVzfFyvFz_CS_0SUKEKrj5yw9_ivDpfb4Z9CBgqvLeHP2szR4_4ktfC1MY_G53khfISl6n_sMcyFVmB9AsM9piLCAtIi-nBUAAho_CKYrBl5LTtk34Yy0vrnb85BcFdZEkwXJ8i34lY_u-3xWBqc70Y7bzW29J5-BN_nwUmxIIhrVbjGu90b34NAnBuuvPDH8YbSdmPU9DKZx8XPV_6xFudyG7r2P02V4THm0apNZ3H-p6YaXg5WwxwgL6B3egLE1me2wgbl1jhq35vXqnVCSrQtMhCM1IdwzPMPP8SZo_nifYwPlpZtarbtGgG4ko_6cFiqsr4gHRW_ZkjeQjdOiUr6gfrECyknSqLrT66M8rxa5UoXd5DLjUXVQihqqKgBWTBZjOaeM5pPix6NB6RJxzrIGyMfGjtSmrKkuDMSCeC6kRrvp90zRHgTis1K9ooMX61Kgm8yyrH6oCfqmED2_7u1EGnRs5YF7DLw4IGC586liFCvLFYfG6PXPJ84syzcCXkDaxX2OF9RtfmHl0uVQIGkDKdwrrVSQ_CEj1NDEWm&cid=CAASFeRoBBKVRqqSmaa_rLFPyngnUqvdDA&rfl=1%2Chttps%253A%252F%252Fwww.sasktoday.ca%252Fcentral%252Foutlook%240 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://ce7168510b8aa18bdee2234806ee910c.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Fri, 17 Dec 2021 02:41:47 GMT content-encoding gzip x-content-type-options nosniff age 123 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3140 x-xss-protection 0 server cafe etag 17163059639670574047 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 31 Dec 2021 02:41:47 GMT
POST H2	200	view googleads4.g.doubleclick.net/pcs/ Frame F771	0 571 B	111ms 46ms	Ping image/gif	142.250.80.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssONZH0YaiIKOvHgUbYA5oW_H3rpmRapzkh_B12eeUYVRQPY89IAOXMJZpWG4Z9Ctbm5-Y0zJF_WfBQy3buPnmzMtnIOQTl3zPy0dJKbjrmsHrm98hGsuJiUzN7EoXQSGTQkU2wPAhxghuB4KkqinSflz2pUa2vaLijXfr7Jy1abn1YKzi9cId1odblTenrnSQCcNClLuPxOKVzNGz1ghhP-uoJMFaLRWgcvTu4FElxhZaH-7WBLS0F-dVXcfyYoIIq_4uC0QxofUQULIUXgXyS58r5tTTdvmXK_OaaOAwmAaWuK-ceuql_CRWDDKSJfrxcwDlpHtkKR6b0YJFAyeWUFW01Vldsl02CswXtDiooJDH4TSN0YWL-LWFEvr-NK2BJwq_55-82lrks4uZeTr-DedRsbBlPYwpkHOeIGoPtJ9hsEycmlihhMcW9NbOyvHbm1WmZHezCuxDqotGstrwaU5ekSHt40D5KvcVwieIzBPwwSBaZF6tNFlBVHgUQ-wpoQjS4iBAK-CSQz_hiZyE0uJi0kNyVOk0Sdafa8RydWKhJhvHEvHgvQeuQY8UtNzTBXKZBD9S6QuSeLaXJTQ3RQM2px0XGYwkAACKx7aVFddMrDGhXhhoB7O8uynSnixNljjOKaIFDei_XoHcFVpl5z75uVR4B33dodFrScE5oeyv1JYH1md0-JQNz9TtKNYHs7uDW7Wy3PQ72HYRraO_Fa6MC-XIg_jaukLc6iYxntV-5fSYHJBS6kGUqICSLfVSEO7PbJ0ijlFZ5cTN57xawebjYfCgGlejhiq4QkvMW0A_gXSIxXBiGmqxPvICEhvuIWyWtF8gbbLBH24L6usFHH77G2UV_4pARFK3EyOMen0OPwpZjxQnenB6sf2mXcQ9kqEISbNrz6Fqm7CWgX2HUfN2tNpPf3Gc_vWdNUt7Rz8rGWdC5YCnGO2d-XqWrcjjHVIn8O5kj_nCp8kujFXaWuVT5L5BuHOdmgkWfBUqXphkg9b3cn0ZbI_8Azkv_7oYFIoHd8OZv5X391Umczh7Hc2BnDOp3hnCPBk5ZsTvIZj5k7ok4Sezz-yZ_0ZJpEEsaUpdQXvy2AoHJDJqW4HMPYQMnRVue5yeX-oWTHkkiQMY_BQql7sQKw-uKomwLDuiaZ69Ao34hZF9Nlno9EqR2Bchg33qZRDIa3rbQFsuSYuob5zgx5K6zf_8KNFNw&sai=AMfl-YQkfix29nznxixIKzzSWT5DonuhnN8GYC8aXm4sx-HKYyFDW6rj1lNhWSXWcE8k9gIxoEBW61PjQQvcxoubhw2hOWgQa5tpn5kXpTgPf9hRtS_PLhOZnN8f4U455VFRb0XDcNZyv3Ac-lJ-Wp13UAUkVYeXJ3b5OzJsuAM&sig=Cg0ArKJSzO9V_k5Q0SWiEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211207.03733&adurl= Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bv2TRz6Uz7ubkbolhCt8TEt07xHIXX1aBuvcpiHhJxxBS2A-bkyXMrCZyO4IHxGj7Xw0Y-VUgaxc9BpzHSEz--A9m1JZ4Hqv_5QoZojqnpk8Iro6bQYgNUirzzax0bYoCcYBcDNk2VFhNjaL627KAd8Aqa6Q&dbm_d=AKAmf-BgY-mNoRdEPrlAjepB77yPTvYTRGkfxoBVfcQtsyRjaE1GdDcet9oBk-IXovkGvLjjV29snTYlC6600i7B4KUQvHoInFl8RxeIofcKP9jajPlAlYn2Mt_tK7sd2OpoozCcikhW8QPHwOrCF7kMT4ifk-kECybgYCFmRHUKzcwRQGqVN8zXNPnCHAssVbXt_2uuMALnXe20oCgu-tDs15kRaKuN_VjNu9zBr_0FciofsXMEw5fvFbKErAHkxOtC0wL6inEk6f41M4vzlClc0hr9E-kqH7UU3jThIiF9yZyxGWOBownkzTTOnPAADWuSA92aBU9ZEpd_DULRXCT46ANR-linFjsIMT_cRBxZ1qCILV_fEzcuXt5FTytoukv6HSNYOCGEHpR28BAzFEgn8dyQ4PeaRF5wLTxd8s3qzGOj-aJ5rTMO-nn7JPaMpzrkPjPFTPvAZChZUoy5sX9B08727s0V_5R0-fZzWszKVm7sFLwJsnrcJXGVhrUD4EmHF64oMONUXhdC2FwzxKu0xAHMDhaWjBaXG1WEmsg0NlqczeYCB5BcuJii4fP2muuiz7AABNaNnODJC8YVkXO9p27RW8PQfhIbDk6hiPP_yElstToOluysdAp85r-q8dvGIkyXjLAT8MImA6lsYWzDPabCnFm4652wgGYZH1lHdfVE6yll6W7Ap33fA_Xfrgn5wKa8cqW_D9Tp_1bR95ryc8LWLQCNkahsNCse2k4ryFTj5pmhhgjvtaPArod6gxA_cqayugmTI5U6Pkn0Sk1SDwm3iVU3YR_Plrn6wPGjt_8NzCwzglKWE7ngQeY3tV0cuc_jpySrMXxmurbWV7JeWBRQ1vgEfQe6zxda1AIgPP2R-ve323If0Wo2-_t6-ocZE7lWJauIkbaDJwfLjLh0-x7DlD7u3v6IA0iJZWXD8CyGrfBBJEzb7kupExHdIyTIfosP8nxqAmi2wm38PnWRRD4aBdFjkQFa73GhL92aaT7palzWRqRuPNpXKkwG-9r7SFC2mJyKP8bN40Yb5gLj9Xnru_24LscCmbsMHg-uNOO4cTLXIZVpvSOS8fUkU4bGsOPeAxATQKcjLFkz37lciaCQlz_PDO8sPeuL-nVaUg3lxJwHIHOCWT6IepEcdd_tu6GKy3a3I2qgaMDy_E2C67h3akbG6xiDOmObFT15N_J58t888vYfBAJsgpUbeYzO8MknXCgkxF6e4xg2SaosYvWGO1mdcFvdb0_vVDDcNfrxFK3jhULbkSfs5Cy7ocUOKtaBjS0zsvkBjN4101e9z3QaDM26X-CATuc-zRFox0bs2W8TvDitvmzQwLaJeJxyByelPNjLB-4y0x9VAKKP5JH8_3q-2_b-asZa-xwHY-NyK2KRJ305sqioajdcrkH9OW0dN25404iWGdpx6Zb2s3h_vjObOW9PNc7ANI1FV8Z5-w6pY3fZqt_dgFAvFyVrr6-OlluBFBmfcJ9BW2_40vfeZVFFyXNCLQ7hSeI1i3GTCNQLMVl9MaozvDl7AeJxS4DFauIybUEsv9k4wgxd8St35V7QmOhzXI9KWB_X7M5rH6d-tfXY44KvZpmIeMCrIGP2Jx1dRd20I24OOj5ERwpYkiM9fd508hDrRZVtnnk66EvfXMZonPxLfF4OKc76a1ylsiZoxCdKXP0WkrZgWEelK38QzOONFt7yeNFbUYRPvY2H_X6eAr0SJW57jiJ8PwBHLPRJU0Sxf5Z67PNVm6usM7VTEdrNzI6oSGOGZDT1HMo03j8EhstT_V75wHGJ8lCQt0-6UKM5UVt6E6dChGFRoT0kj0XBsIT6KwEGzWmpc65vW1rNHt2AWDdSghoJbhsieduAsrVeC2uGfRVNjIhJWE0ZOOBogkXaGKex-dBzjzczdBCB5MMBzUp_1nzGtjDP1zFROGlfsDNkcqugdR19r5CB_fTIGP8jvMwkIdObfDEUtetzUmX0SVE8vmz2cFwxEW3fJFCCKCKst4HMQ6qgIQgRZdTiirPBVRc7FC0tUMaTwkBar559D89BHZPTJ8SvO1LMl04HR26RKk_6n9HbJzgRlCmc9W6HKw86zFoW_2mMwEXVXB8cq0V7wSrIbUmfBmE9iO74JZQmvXCysw6-Hk9bCpIKaikjLMLza7rqV80m3_iUhZXSX-kdNzV4c5iRk5mblYzi0b_4SJnb-JRiELIPqnJjjBSq1B9sKHYFjaswHhGJww5Hr6vwziIcRjFOHXVRpQRdGnYC0DqV4NCI7sRho2R6-QcOSSwbb4jB7TPW7oOaLDgpEFByOflVuyBWAUNmXFVpZZNfp1Y143XTr0JnDvN0X7LcvYphty8DmtkTgwmK1FFyJ5Me8wfsTEc2dl494SJT2nDHJELX-G2tEy9qlBvzt0wnY24xBu5_aVs-hgl-2j4y-dfG5zTYA-2N-5ylToJUBcc760dO9LupP1q9N5dLg7KxgvBCAUDn_hAOFTsLDo126mxCOXU5tbLiTxYazOZOl17TjIJG_hGI_WA0HyzHkKZd9-9e-5hpU_PtGjVQZWF-8rVQAreXb16TVNUv189JdLuFeafCv2O4R8L5TRZP3EAAjMJjrZgk7iRXlWsGzruI7Qz6HEKmE528qFcyAcPnVyouYojveEQfefuLREElbccu5GN-V7720s3QWPQS0HLAHSvokWpl1M0K7h8yTVpYYALZrAQPk4cjKo-HxuVzfFyvFz_CS_0SUKEKrj5yw9_ivDpfb4Z9CBgqvLeHP2szR4_4ktfC1MY_G53khfISl6n_sMcyFVmB9AsM9piLCAtIi-nBUAAho_CKYrBl5LTtk34Yy0vrnb85BcFdZEkwXJ8i34lY_u-3xWBqc70Y7bzW29J5-BN_nwUmxIIhrVbjGu90b34NAnBuuvPDH8YbSdmPU9DKZx8XPV_6xFudyG7r2P02V4THm0apNZ3H-p6YaXg5WwxwgL6B3egLE1me2wgbl1jhq35vXqnVCSrQtMhCM1IdwzPMPP8SZo_nifYwPlpZtarbtGgG4ko_6cFiqsr4gHRW_ZkjeQjdOiUr6gfrECyknSqLrT66M8rxa5UoXd5DLjUXVQihqqKgBWTBZjOaeM5pPix6NB6RJxzrIGyMfGjtSmrKkuDMSCeC6kRrvp90zRHgTis1K9ooMX61Kgm8yyrH6oCfqmED2_7u1EGnRs5YF7DLw4IGC586liFCvLFYfG6PXPJ84syzcCXkDaxX2OF9RtfmHl0uVQIGkDKdwrrVSQ_CEj1NDEWm&cid=CAASFeRoBBKVRqqSmaa_rLFPyngnUqvdDA&rfl=1%2Chttps%253A%252F%252Fwww.sasktoday.ca%252Fcentral%252Foutlook%240 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.80.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s36-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ce7168510b8aa18bdee2234806ee910c.safeframe.googlesyndication.com/ Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version date Fri, 17 Dec 2021 02:43:50 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame F771	41 KB 15 KB	27ms 26ms	Script text/javascript	2607:f8b0:4006:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bv2TRz6Uz7ubkbolhCt8TEt07xHIXX1aBuvcpiHhJxxBS2A-bkyXMrCZyO4IHxGj7Xw0Y-VUgaxc9BpzHSEz--A9m1JZ4Hqv_5QoZojqnpk8Iro6bQYgNUirzzax0bYoCcYBcDNk2VFhNjaL627KAd8Aqa6Q&dbm_d=AKAmf-BgY-mNoRdEPrlAjepB77yPTvYTRGkfxoBVfcQtsyRjaE1GdDcet9oBk-IXovkGvLjjV29snTYlC6600i7B4KUQvHoInFl8RxeIofcKP9jajPlAlYn2Mt_tK7sd2OpoozCcikhW8QPHwOrCF7kMT4ifk-kECybgYCFmRHUKzcwRQGqVN8zXNPnCHAssVbXt_2uuMALnXe20oCgu-tDs15kRaKuN_VjNu9zBr_0FciofsXMEw5fvFbKErAHkxOtC0wL6inEk6f41M4vzlClc0hr9E-kqH7UU3jThIiF9yZyxGWOBownkzTTOnPAADWuSA92aBU9ZEpd_DULRXCT46ANR-linFjsIMT_cRBxZ1qCILV_fEzcuXt5FTytoukv6HSNYOCGEHpR28BAzFEgn8dyQ4PeaRF5wLTxd8s3qzGOj-aJ5rTMO-nn7JPaMpzrkPjPFTPvAZChZUoy5sX9B08727s0V_5R0-fZzWszKVm7sFLwJsnrcJXGVhrUD4EmHF64oMONUXhdC2FwzxKu0xAHMDhaWjBaXG1WEmsg0NlqczeYCB5BcuJii4fP2muuiz7AABNaNnODJC8YVkXO9p27RW8PQfhIbDk6hiPP_yElstToOluysdAp85r-q8dvGIkyXjLAT8MImA6lsYWzDPabCnFm4652wgGYZH1lHdfVE6yll6W7Ap33fA_Xfrgn5wKa8cqW_D9Tp_1bR95ryc8LWLQCNkahsNCse2k4ryFTj5pmhhgjvtaPArod6gxA_cqayugmTI5U6Pkn0Sk1SDwm3iVU3YR_Plrn6wPGjt_8NzCwzglKWE7ngQeY3tV0cuc_jpySrMXxmurbWV7JeWBRQ1vgEfQe6zxda1AIgPP2R-ve323If0Wo2-_t6-ocZE7lWJauIkbaDJwfLjLh0-x7DlD7u3v6IA0iJZWXD8CyGrfBBJEzb7kupExHdIyTIfosP8nxqAmi2wm38PnWRRD4aBdFjkQFa73GhL92aaT7palzWRqRuPNpXKkwG-9r7SFC2mJyKP8bN40Yb5gLj9Xnru_24LscCmbsMHg-uNOO4cTLXIZVpvSOS8fUkU4bGsOPeAxATQKcjLFkz37lciaCQlz_PDO8sPeuL-nVaUg3lxJwHIHOCWT6IepEcdd_tu6GKy3a3I2qgaMDy_E2C67h3akbG6xiDOmObFT15N_J58t888vYfBAJsgpUbeYzO8MknXCgkxF6e4xg2SaosYvWGO1mdcFvdb0_vVDDcNfrxFK3jhULbkSfs5Cy7ocUOKtaBjS0zsvkBjN4101e9z3QaDM26X-CATuc-zRFox0bs2W8TvDitvmzQwLaJeJxyByelPNjLB-4y0x9VAKKP5JH8_3q-2_b-asZa-xwHY-NyK2KRJ305sqioajdcrkH9OW0dN25404iWGdpx6Zb2s3h_vjObOW9PNc7ANI1FV8Z5-w6pY3fZqt_dgFAvFyVrr6-OlluBFBmfcJ9BW2_40vfeZVFFyXNCLQ7hSeI1i3GTCNQLMVl9MaozvDl7AeJxS4DFauIybUEsv9k4wgxd8St35V7QmOhzXI9KWB_X7M5rH6d-tfXY44KvZpmIeMCrIGP2Jx1dRd20I24OOj5ERwpYkiM9fd508hDrRZVtnnk66EvfXMZonPxLfF4OKc76a1ylsiZoxCdKXP0WkrZgWEelK38QzOONFt7yeNFbUYRPvY2H_X6eAr0SJW57jiJ8PwBHLPRJU0Sxf5Z67PNVm6usM7VTEdrNzI6oSGOGZDT1HMo03j8EhstT_V75wHGJ8lCQt0-6UKM5UVt6E6dChGFRoT0kj0XBsIT6KwEGzWmpc65vW1rNHt2AWDdSghoJbhsieduAsrVeC2uGfRVNjIhJWE0ZOOBogkXaGKex-dBzjzczdBCB5MMBzUp_1nzGtjDP1zFROGlfsDNkcqugdR19r5CB_fTIGP8jvMwkIdObfDEUtetzUmX0SVE8vmz2cFwxEW3fJFCCKCKst4HMQ6qgIQgRZdTiirPBVRc7FC0tUMaTwkBar559D89BHZPTJ8SvO1LMl04HR26RKk_6n9HbJzgRlCmc9W6HKw86zFoW_2mMwEXVXB8cq0V7wSrIbUmfBmE9iO74JZQmvXCysw6-Hk9bCpIKaikjLMLza7rqV80m3_iUhZXSX-kdNzV4c5iRk5mblYzi0b_4SJnb-JRiELIPqnJjjBSq1B9sKHYFjaswHhGJww5Hr6vwziIcRjFOHXVRpQRdGnYC0DqV4NCI7sRho2R6-QcOSSwbb4jB7TPW7oOaLDgpEFByOflVuyBWAUNmXFVpZZNfp1Y143XTr0JnDvN0X7LcvYphty8DmtkTgwmK1FFyJ5Me8wfsTEc2dl494SJT2nDHJELX-G2tEy9qlBvzt0wnY24xBu5_aVs-hgl-2j4y-dfG5zTYA-2N-5ylToJUBcc760dO9LupP1q9N5dLg7KxgvBCAUDn_hAOFTsLDo126mxCOXU5tbLiTxYazOZOl17TjIJG_hGI_WA0HyzHkKZd9-9e-5hpU_PtGjVQZWF-8rVQAreXb16TVNUv189JdLuFeafCv2O4R8L5TRZP3EAAjMJjrZgk7iRXlWsGzruI7Qz6HEKmE528qFcyAcPnVyouYojveEQfefuLREElbccu5GN-V7720s3QWPQS0HLAHSvokWpl1M0K7h8yTVpYYALZrAQPk4cjKo-HxuVzfFyvFz_CS_0SUKEKrj5yw9_ivDpfb4Z9CBgqvLeHP2szR4_4ktfC1MY_G53khfISl6n_sMcyFVmB9AsM9piLCAtIi-nBUAAho_CKYrBl5LTtk34Yy0vrnb85BcFdZEkwXJ8i34lY_u-3xWBqc70Y7bzW29J5-BN_nwUmxIIhrVbjGu90b34NAnBuuvPDH8YbSdmPU9DKZx8XPV_6xFudyG7r2P02V4THm0apNZ3H-p6YaXg5WwxwgL6B3egLE1me2wgbl1jhq35vXqnVCSrQtMhCM1IdwzPMPP8SZo_nifYwPlpZtarbtGgG4ko_6cFiqsr4gHRW_ZkjeQjdOiUr6gfrECyknSqLrT66M8rxa5UoXd5DLjUXVQihqqKgBWTBZjOaeM5pPix6NB6RJxzrIGyMfGjtSmrKkuDMSCeC6kRrvp90zRHgTis1K9ooMX61Kgm8yyrH6oCfqmED2_7u1EGnRs5YF7DLw4IGC586liFCvLFYfG6PXPJ84syzcCXkDaxX2OF9RtfmHl0uVQIGkDKdwrrVSQ_CEj1NDEWm&cid=CAASFeRoBBKVRqqSmaa_rLFPyngnUqvdDA&rfl=1%2Chttps%253A%252F%252Fwww.sasktoday.ca%252Fcentral%252Foutlook%240 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://ce7168510b8aa18bdee2234806ee910c.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 12 Dec 2021 04:28:41 GMT content-encoding gzip x-content-type-options nosniff age 425709 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Mon, 12 Dec 2022 04:28:41 GMT
GET H2	200	9461310420014593030 s0.2mdn.net/simgad/ Frame F771	38 KB 38 KB	95ms 21ms	Image image/jpeg	2607:f8b0:4006:822::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/simgad/9461310420014593030 Requested by Host: ce7168510b8aa18bdee2234806ee910c.safeframe.googlesyndication.com URL: https://ce7168510b8aa18bdee2234806ee910c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:822::2006 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7089ac2a26615cd6bf2b65f50da92331c44ca9b06260267d37d6384d2a1f690b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://ce7168510b8aa18bdee2234806ee910c.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Thu, 16 Dec 2021 09:02:16 GMT x-content-type-options nosniff age 63694 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38497 x-xss-protection 0 last-modified Mon, 06 Dec 2021 10:30:04 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 16 Dec 2022 09:02:16 GMT
GET DATA	200 OK	truncated / Frame F771	216 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5d9f21c4031d6c88c33b6b2601ef54cf552c1c88dd33f2908eae7a6f99f9aacb Request headers Accept-Language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Content-Type image/png
GET H2	200	Uh08ZLsealNQ2V9USvfPczSteR4jqi4a.jpg k3vzn.flx10.com/ Frame 12BC	120 KB 120 KB	20ms 19ms	Image image/jpeg	94.31.29.29 ZAYO-6461
General Check archive.org Show headers Download Go to Show image Full URL https://k3vzn.flx10.com/Uh08ZLsealNQ2V9USvfPczSteR4jqi4a.jpg?width=900&height=300&focusX=50&focusY=50&zoom=100 Requested by Host: tj6w5.flx10.com URL: https://tj6w5.flx10.com/v2/cZqvJAh736e/-/breakpoint/900x300/?cacheBuster=954381094&clickTracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssYFlRRCkJtmDGc4n9hg4xqC8G4R-BRfOweP-RXx2w29Gj90bxFVRfSfWazIN9RW5j_FDd36AdcOZsFipILCl_Rz48FN7PiBYCqXz0PFhF1Crma2M1ooWYxUMQO9d6kRDF5LrTpl9UDHFKyHXIoLcL1WHxqELLf_lKqwpqKYIF7rLaqWiTXNKfjEr9gt77ntaJRujDVTtnA7Yh_tj_j-IJo9GpCIbXzRTr-4owRv9zp5WlRtX4FLdxSOj63vP4n-6eUdM8t0XufnTI_laPFGasJwvK9ZFhk6dpQHcYDL5LnDjxKZGxaYDbbjpKFLInB_Db3P6dQCy8aLANZv1BAa8j5lUzWWehh2NVDdEuNYtMg974x%26sai%3DAMfl-YRPNEI8S_9oguv-9e3XVw3NHQVEgCIEhhl2vRBytiD0JCbvxRKhVBcEEBAizEU2TxLmHHQulrY2HQw1kqiE1Qzs-F5Dhj07BlUMgMd8IIc1MYIRtEZkawSkJ0uSnWE7%26sig%3DCg0ArKJSzPZVc8EsiqtOEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.31.29.29 , United Kingdom, ASN6461 (ZAYO-6461, US), Reverse DNS 94.31.29.29.IPYX-077437-ZYO.above.net Software NetDNA-cache/2.2 / Resource Hash f5e29c0aeeef06efe8e9a0a7e078b8b1b44feed3f7162260e64249d489668106 Request headers Accept-Language en-CA,en;q=0.9 Referer https://tj6w5.flx10.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Fri, 17 Dec 2021 02:43:50 GMT server NetDNA-cache/2.2 access-control-allow-methods POST, GET, PUT, DELETE, OPTIONS content-type image/jpeg cache-control public, max-age=864000 access-control-allow-credentials true x-cache HIT access-control-allow-headers X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, X-Auth-Token expires Fri Dec 17 2021 21:38:43 GMT+0000 (Coordinated Universal Time)
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 742E	22 KB 8 KB	35ms 34ms	Document text/html	2607:f8b0:4006:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer https://ce7168510b8aa18bdee2234806ee910c.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} timing-allow-origin * content-length 8395 date Sun, 12 Dec 2021 04:28:43 GMT expires Mon, 12 Dec 2022 04:28:43 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 425707 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	sxFFGTqCeZnzJ7Xji29dHcK7Hi1aDMT3.jpg k3vzn.flx10.com/ Frame 12BC	125 KB 125 KB	21ms 19ms	Image image/jpeg	94.31.29.29 ZAYO-6461
General Check archive.org Show headers Download Go to Show image Full URL https://k3vzn.flx10.com/sxFFGTqCeZnzJ7Xji29dHcK7Hi1aDMT3.jpg?width=900&height=300&focusX=50&focusY=50&zoom=100 Requested by Host: tj6w5.flx10.com URL: https://tj6w5.flx10.com/v2/cZqvJAh736e/-/breakpoint/900x300/?cacheBuster=954381094&clickTracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssYFlRRCkJtmDGc4n9hg4xqC8G4R-BRfOweP-RXx2w29Gj90bxFVRfSfWazIN9RW5j_FDd36AdcOZsFipILCl_Rz48FN7PiBYCqXz0PFhF1Crma2M1ooWYxUMQO9d6kRDF5LrTpl9UDHFKyHXIoLcL1WHxqELLf_lKqwpqKYIF7rLaqWiTXNKfjEr9gt77ntaJRujDVTtnA7Yh_tj_j-IJo9GpCIbXzRTr-4owRv9zp5WlRtX4FLdxSOj63vP4n-6eUdM8t0XufnTI_laPFGasJwvK9ZFhk6dpQHcYDL5LnDjxKZGxaYDbbjpKFLInB_Db3P6dQCy8aLANZv1BAa8j5lUzWWehh2NVDdEuNYtMg974x%26sai%3DAMfl-YRPNEI8S_9oguv-9e3XVw3NHQVEgCIEhhl2vRBytiD0JCbvxRKhVBcEEBAizEU2TxLmHHQulrY2HQw1kqiE1Qzs-F5Dhj07BlUMgMd8IIc1MYIRtEZkawSkJ0uSnWE7%26sig%3DCg0ArKJSzPZVc8EsiqtOEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.31.29.29 , United Kingdom, ASN6461 (ZAYO-6461, US), Reverse DNS 94.31.29.29.IPYX-077437-ZYO.above.net Software NetDNA-cache/2.2 / Resource Hash 4fc43de1362edec0f29314271d76e6b5b604638ee5130d24389ce6a3411f8ea1 Request headers Accept-Language en-CA,en;q=0.9 Referer https://tj6w5.flx10.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Fri, 17 Dec 2021 02:43:50 GMT server NetDNA-cache/2.2 access-control-allow-methods POST, GET, PUT, DELETE, OPTIONS content-type image/jpeg cache-control public, max-age=864000 access-control-allow-credentials true x-cache HIT access-control-allow-headers X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, X-Auth-Token expires Fri Dec 17 2021 21:38:43 GMT+0000 (Coordinated Universal Time)
POST H3	200	view googleads4.g.doubleclick.net/pcs/ Frame F771	0 23 B	75ms 48ms	Ping image/gif	142.250.80.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssONZH0YaiIKOvHgUbYA5oW_H3rpmRapzkh_B12eeUYVRQPY89IAOXMJZpWG4Z9Ctbm5-Y0zJF_WfBQy3buPnmzMtnIOQTl3zPy0dJKbjrmsHrm98hGsuJiUzN7EoXQSGTQkU2wPAhxghuB4KkqinSflz2pUa2vaLijXfr7Jy1abn1YKzi9cId1odblTenrnSQCcNClLuPxOKVzNGz1ghhP-uoJMFaLRWgcvTu4FElxhZaH-7WBLS0F-dVXcfyYoIIq_4uC0QxofUQULIUXgXyS58r5tTTdvmXK_OaaOAwmAaWuK-ceuql_CRWDDKSJfrxcwDlpHtkKR6b0YJFAyeWUFW01Vldsl02CswXtDiooJDH4TSN0YWL-LWFEvr-NK2BJwq_55-82lrks4uZeTr-DedRsbBlPYwpkHOeIGoPtJ9hsEycmlihhMcW9NbOyvHbm1WmZHezCuxDqotGstrwaU5ekSHt40D5KvcVwieIzBPwwSBaZF6tNFlBVHgUQ-wpoQjS4iBAK-CSQz_hiZyE0uJi0kNyVOk0Sdafa8RydWKhJhvHEvHgvQeuQY8UtNzTBXKZBD9S6QuSeLaXJTQ3RQM2px0XGYwkAACKx7aVFddMrDGhXhhoB7O8uynSnixNljjOKaIFDei_XoHcFVpl5z75uVR4B33dodFrScE5oeyv1JYH1md0-JQNz9TtKNYHs7uDW7Wy3PQ72HYRraO_Fa6MC-XIg_jaukLc6iYxntV-5fSYHJBS6kGUqICSLfVSEO7PbJ0ijlFZ5cTN57xawebjYfCgGlejhiq4QkvMW0A_gXSIxXBiGmqxPvICEhvuIWyWtF8gbbLBH24L6usFHH77G2UV_4pARFK3EyOMen0OPwpZjxQnenB6sf2mXcQ9kqEISbNrz6Fqm7CWgX2HUfN2tNpPf3Gc_vWdNUt7Rz8rGWdC5YCnGO2d-XqWrcjjHVIn8O5kj_nCp8kujFXaWuVT5L5BuHOdmgkWfBUqXphkg9b3cn0ZbI_8Azkv_7oYFIoHd8OZv5X391Umczh7Hc2BnDOp3hnCPBk5ZsTvIZj5k7ok4Sezz-yZ_0ZJpEEsaUpdQXvy2AoHJDJqW4HMPYQMnRVue5yeX-oWTHkkiQMY_BQql7sQKw-uKomwLDuiaZ69Ao34hZF9Nlno9EqR2Bchg33qZRDIa3rbQFsuSYuob5zgx5K6zf_8KNFNw&sai=AMfl-YQkfix29nznxixIKzzSWT5DonuhnN8GYC8aXm4sx-HKYyFDW6rj1lNhWSXWcE8k9gIxoEBW61PjQQvcxoubhw2hOWgQa5tpn5kXpTgPf9hRtS_PLhOZnN8f4U455VFRb0XDcNZyv3Ac-lJ-Wp13UAUkVYeXJ3b5OzJsuAM&sig=Cg0ArKJSzO9V_k5Q0SWiEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=113&vt=11&dtpt=112&dett=2&cstd=0&cisv=r20211207.03733&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl= Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bv2TRz6Uz7ubkbolhCt8TEt07xHIXX1aBuvcpiHhJxxBS2A-bkyXMrCZyO4IHxGj7Xw0Y-VUgaxc9BpzHSEz--A9m1JZ4Hqv_5QoZojqnpk8Iro6bQYgNUirzzax0bYoCcYBcDNk2VFhNjaL627KAd8Aqa6Q&dbm_d=AKAmf-BgY-mNoRdEPrlAjepB77yPTvYTRGkfxoBVfcQtsyRjaE1GdDcet9oBk-IXovkGvLjjV29snTYlC6600i7B4KUQvHoInFl8RxeIofcKP9jajPlAlYn2Mt_tK7sd2OpoozCcikhW8QPHwOrCF7kMT4ifk-kECybgYCFmRHUKzcwRQGqVN8zXNPnCHAssVbXt_2uuMALnXe20oCgu-tDs15kRaKuN_VjNu9zBr_0FciofsXMEw5fvFbKErAHkxOtC0wL6inEk6f41M4vzlClc0hr9E-kqH7UU3jThIiF9yZyxGWOBownkzTTOnPAADWuSA92aBU9ZEpd_DULRXCT46ANR-linFjsIMT_cRBxZ1qCILV_fEzcuXt5FTytoukv6HSNYOCGEHpR28BAzFEgn8dyQ4PeaRF5wLTxd8s3qzGOj-aJ5rTMO-nn7JPaMpzrkPjPFTPvAZChZUoy5sX9B08727s0V_5R0-fZzWszKVm7sFLwJsnrcJXGVhrUD4EmHF64oMONUXhdC2FwzxKu0xAHMDhaWjBaXG1WEmsg0NlqczeYCB5BcuJii4fP2muuiz7AABNaNnODJC8YVkXO9p27RW8PQfhIbDk6hiPP_yElstToOluysdAp85r-q8dvGIkyXjLAT8MImA6lsYWzDPabCnFm4652wgGYZH1lHdfVE6yll6W7Ap33fA_Xfrgn5wKa8cqW_D9Tp_1bR95ryc8LWLQCNkahsNCse2k4ryFTj5pmhhgjvtaPArod6gxA_cqayugmTI5U6Pkn0Sk1SDwm3iVU3YR_Plrn6wPGjt_8NzCwzglKWE7ngQeY3tV0cuc_jpySrMXxmurbWV7JeWBRQ1vgEfQe6zxda1AIgPP2R-ve323If0Wo2-_t6-ocZE7lWJauIkbaDJwfLjLh0-x7DlD7u3v6IA0iJZWXD8CyGrfBBJEzb7kupExHdIyTIfosP8nxqAmi2wm38PnWRRD4aBdFjkQFa73GhL92aaT7palzWRqRuPNpXKkwG-9r7SFC2mJyKP8bN40Yb5gLj9Xnru_24LscCmbsMHg-uNOO4cTLXIZVpvSOS8fUkU4bGsOPeAxATQKcjLFkz37lciaCQlz_PDO8sPeuL-nVaUg3lxJwHIHOCWT6IepEcdd_tu6GKy3a3I2qgaMDy_E2C67h3akbG6xiDOmObFT15N_J58t888vYfBAJsgpUbeYzO8MknXCgkxF6e4xg2SaosYvWGO1mdcFvdb0_vVDDcNfrxFK3jhULbkSfs5Cy7ocUOKtaBjS0zsvkBjN4101e9z3QaDM26X-CATuc-zRFox0bs2W8TvDitvmzQwLaJeJxyByelPNjLB-4y0x9VAKKP5JH8_3q-2_b-asZa-xwHY-NyK2KRJ305sqioajdcrkH9OW0dN25404iWGdpx6Zb2s3h_vjObOW9PNc7ANI1FV8Z5-w6pY3fZqt_dgFAvFyVrr6-OlluBFBmfcJ9BW2_40vfeZVFFyXNCLQ7hSeI1i3GTCNQLMVl9MaozvDl7AeJxS4DFauIybUEsv9k4wgxd8St35V7QmOhzXI9KWB_X7M5rH6d-tfXY44KvZpmIeMCrIGP2Jx1dRd20I24OOj5ERwpYkiM9fd508hDrRZVtnnk66EvfXMZonPxLfF4OKc76a1ylsiZoxCdKXP0WkrZgWEelK38QzOONFt7yeNFbUYRPvY2H_X6eAr0SJW57jiJ8PwBHLPRJU0Sxf5Z67PNVm6usM7VTEdrNzI6oSGOGZDT1HMo03j8EhstT_V75wHGJ8lCQt0-6UKM5UVt6E6dChGFRoT0kj0XBsIT6KwEGzWmpc65vW1rNHt2AWDdSghoJbhsieduAsrVeC2uGfRVNjIhJWE0ZOOBogkXaGKex-dBzjzczdBCB5MMBzUp_1nzGtjDP1zFROGlfsDNkcqugdR19r5CB_fTIGP8jvMwkIdObfDEUtetzUmX0SVE8vmz2cFwxEW3fJFCCKCKst4HMQ6qgIQgRZdTiirPBVRc7FC0tUMaTwkBar559D89BHZPTJ8SvO1LMl04HR26RKk_6n9HbJzgRlCmc9W6HKw86zFoW_2mMwEXVXB8cq0V7wSrIbUmfBmE9iO74JZQmvXCysw6-Hk9bCpIKaikjLMLza7rqV80m3_iUhZXSX-kdNzV4c5iRk5mblYzi0b_4SJnb-JRiELIPqnJjjBSq1B9sKHYFjaswHhGJww5Hr6vwziIcRjFOHXVRpQRdGnYC0DqV4NCI7sRho2R6-QcOSSwbb4jB7TPW7oOaLDgpEFByOflVuyBWAUNmXFVpZZNfp1Y143XTr0JnDvN0X7LcvYphty8DmtkTgwmK1FFyJ5Me8wfsTEc2dl494SJT2nDHJELX-G2tEy9qlBvzt0wnY24xBu5_aVs-hgl-2j4y-dfG5zTYA-2N-5ylToJUBcc760dO9LupP1q9N5dLg7KxgvBCAUDn_hAOFTsLDo126mxCOXU5tbLiTxYazOZOl17TjIJG_hGI_WA0HyzHkKZd9-9e-5hpU_PtGjVQZWF-8rVQAreXb16TVNUv189JdLuFeafCv2O4R8L5TRZP3EAAjMJjrZgk7iRXlWsGzruI7Qz6HEKmE528qFcyAcPnVyouYojveEQfefuLREElbccu5GN-V7720s3QWPQS0HLAHSvokWpl1M0K7h8yTVpYYALZrAQPk4cjKo-HxuVzfFyvFz_CS_0SUKEKrj5yw9_ivDpfb4Z9CBgqvLeHP2szR4_4ktfC1MY_G53khfISl6n_sMcyFVmB9AsM9piLCAtIi-nBUAAho_CKYrBl5LTtk34Yy0vrnb85BcFdZEkwXJ8i34lY_u-3xWBqc70Y7bzW29J5-BN_nwUmxIIhrVbjGu90b34NAnBuuvPDH8YbSdmPU9DKZx8XPV_6xFudyG7r2P02V4THm0apNZ3H-p6YaXg5WwxwgL6B3egLE1me2wgbl1jhq35vXqnVCSrQtMhCM1IdwzPMPP8SZo_nifYwPlpZtarbtGgG4ko_6cFiqsr4gHRW_ZkjeQjdOiUr6gfrECyknSqLrT66M8rxa5UoXd5DLjUXVQihqqKgBWTBZjOaeM5pPix6NB6RJxzrIGyMfGjtSmrKkuDMSCeC6kRrvp90zRHgTis1K9ooMX61Kgm8yyrH6oCfqmED2_7u1EGnRs5YF7DLw4IGC586liFCvLFYfG6PXPJ84syzcCXkDaxX2OF9RtfmHl0uVQIGkDKdwrrVSQ_CEj1NDEWm&cid=CAASFeRoBBKVRqqSmaa_rLFPyngnUqvdDA&rfl=1%2Chttps%253A%252F%252Fwww.sasktoday.ca%252Fcentral%252Foutlook%240 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.80.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s36-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ce7168510b8aa18bdee2234806ee910c.safeframe.googlesyndication.com/ Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * date Fri, 17 Dec 2021 02:43:50 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	52ms 45ms	Image image/gif	2607:f8b0:4006:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021120601&jk=2355642185113648&bg=!dHeldzPNAAZKWFskSlg7ACkAdvg8Wozm-GmwxIdmV6s0antIQ4ZZxc2xp04v3gK0wkMmsVoiDGm5VgIAAAEFUgAAABpoAQcKAONScCNcPrMYlGZt3w_qUk5AEtIdKTpHczCfDE625k4OOnznWuvMl7hXdLGCgPJkwhskHVZGuGNhUo0fvQ9_01oW7zED-SNeBpk-E5QoDlHQZWcLajhhBFSLlg5kiGNeg2fo5bNK-w4NL12Mza-rlCVLVli35dhU8YhH2-O0dMhMA0iqIGb-nEN4qH8qWcO-D_OhacV5oT0VsoQGRf7VrNW9LNPmId3A9enSsLXeqc7aH-zYzuKdsljkuMuTto6hEqa3eV8pLvuc4mKOPCRL4TzEjcVfI2qTB1KhfpsyfaAPkN_HYJkCs6Blfa3-dXVSaCKyxGZxhONFrDZGjqWGZ-GtHn-CNUgtOiKLkbrwLexmTUCzrh6JZXvgCIoiQq3MkRqKUsIup5nI14HQHsydzmPcZSHhgViOCq4BWWcd_xPXVNjVy9cGseksIKSjNVVQ6cDaYTHJlVkgsk6yGHlniJzTY4h6M9ZpCGFbx-qm7kaY4YTk7Ak5xhoigGKRPOwTQdysfuNMFzWZfUz0unkqFBMJo9zUJOMDNVjXMuqM9iKTibN4uYPPHVlSqGDzDK08BIy3mFrQCqvax5pLqG1_tY66acX4gF415so2sMeR7_qtYMxchJlDdufW1PWLL9yscLR5Lv5lbNCY2rviDL_wzCnLRmN2cqnvLfhblTbjgFq8Xy8piGSzG7FEYVT3lumGekk3dxIuzpVjPouZiYPu__o25mUqqCkC0EAGQdfP0Sa_qnZ2_WOj1GpY2oh3ieCg8SLrhBI3SDn2-jFqK7FKUOhcgyECro83vSD1sQl51g0kcMvJFetPJi-HNLFqCEno-pcr6bYMwgAV5-xEI20gbLeT0d63VU1RfznQH5oDMzt3uPu8CJxUjqBSVvfLw7W_3H70ZyI8_RMCKTO22bZPbLUySaTvq1Rp1ov2EjQj3X80sefxxXeWYcQEi3X5VTCrLdqjntnjXUtSm5v02ORztcZVtL36ycbO3Ar2et1lFz-uZjv-N8v8SxEhsjW5lfsatqKv_QLbD7_UCys2fzV0MN6oA_bC1xExOAjPVMrnLQVYdyJg89GoALpnLqIYlWei3UX-8HwTBwX-lLsUHIzTwtOqnGHmPubEBEpZhVEAtEdeeYbmRnjQB-G6-tfrVSMPsFpdwcqFjZkbyt9tX6namKb_-Xf0N29e54TLOsHBfFKxNFXdjuEDYD6ajFt_lA1f7VFC-iTkv-DMtSY Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Fri, 17 Dec 2021 02:43:50 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	ac Show response ww1772.smartadserver.com/	2 KB 2 KB	284ms 82ms	Script application/javascript	23.83.76.34 LEASEWEB-USA-LAX-11
General Check archive.org Show headers Download Go to Full URL https://ww1772.smartadserver.com/ac?pgid=662773&insid=7974420&tmstp=236201617&out=js Requested by Host: sb.freeskreen.com URL: https://sb.freeskreen.com/publisher/script.js?bai=206&ut=&uts=&flc=&slc=&windowlocation=https%3A%2F%2Fwww.sasktoday.ca%2Fcentral%2Foutlook&usp=&gdpr=-1&cs=-1 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.83.76.34 , United States, ASN395954 (LEASEWEB-USA-LAX-11, US), Reverse DNS Software / Resource Hash 0ca0cf67887e93eebe77c21598200b8df82c73e7495290a638981225b2b9467f Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Fri, 17 Dec 2021 02:43:50 GMT content-encoding br vary Accept-Encoding p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" x-smrt-i 7974420 cache-control no-cache,no-store transfer-encoding chunked content-type application/javascript; charset=UTF-8
GET H/1.1	200 OK	usync.html Show response eus.rubiconproject.com/ Frame F1E7 Redirect Chain https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=123456&endpoint=us-west https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west	281 B 554 B	77ms 21ms	Document text/html	23.73.244.44 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west Requested by Host: sb.freeskreen.com URL: https://sb.freeskreen.com/publisher/script.js?bai=206&ut=&uts=&flc=&slc=&windowlocation=https%3A%2F%2Fwww.sasktoday.ca%2Fcentral%2Foutlook&usp=&gdpr=-1&cs=-1 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-73-244-44.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook Response headers Server Apache/2.2.15 (CentOS) Last-Modified Tue, 14 Dec 2021 23:07:59 GMT ETag "402b2-119-5d32342a551c0" Accept-Ranges bytes Content-Encoding gzip Content-Length 233 Content-Type text/html; charset=UTF-8 Date Fri, 17 Dec 2021 02:43:50 GMT Connection keep-alive Vary Accept-Encoding Redirect headers Server AkamaiGHost Content-Length 0 Location https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west Date Fri, 17 Dec 2021 02:43:50 GMT Connection keep-alive Access-Control-Allow-Credentials true Access-Control-Allow-Origin *
GET H2	200	um sb.freeskreen.com/ Redirect Chain https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Fsa%3D%5Bsas_uid%5D https://sync.smartadserver.com/getuid?url=https://sb.freeskreen.com/um?sa=[sas_uid]&cklb=1 https://sb.freeskreen.com/um?sa=1493118236525077279	43 B 551 B	36ms 35ms	Image image/gif	44.198.150.39 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://sb.freeskreen.com/um?sa=1493118236525077279 Protocol H2 Server 44.198.150.39 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-198-150-39.compute-1.amazonaws.com Software Apache/2.4.29 (Ubuntu) / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Fri, 17 Dec 2021 02:43:51 GMT server Apache/2.4.29 (Ubuntu) p3p CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR" cache-control no-cache, no-store content-type image/gif content-length 43 expires -1 Redirect headers location https://sb.freeskreen.com/um?sa=1493118236525077279 pragma no-cache date Fri, 17 Dec 2021 02:43:50 GMT cache-control no-cache,no-store content-length 0 p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
GET H2	200	um sb.freeskreen.com/ Redirect Chain https://scm.publishers.tremorhub.com/pubsync?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D https://scm.publishers.tremorhub.com/pubsync/verify?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D https://sb.freeskreen.com/um?tlr=0f7a318073f44da58476165206f6907b	43 B 449 B	33ms 33ms	Image image/gif	44.198.150.39 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://sb.freeskreen.com/um?tlr=0f7a318073f44da58476165206f6907b Protocol H2 Server 44.198.150.39 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-198-150-39.compute-1.amazonaws.com Software Apache/2.4.29 (Ubuntu) / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Fri, 17 Dec 2021 02:43:50 GMT server Apache/2.4.29 (Ubuntu) p3p CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR" cache-control no-cache, no-store content-type image/gif content-length 43 expires -1 Redirect headers location https://sb.freeskreen.com/um?tlr=0f7a318073f44da58476165206f6907b date Fri, 17 Dec 2021 02:43:50 GMT server Apache-Coyote/1.1 content-length 0 p3p CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
GET H/1.1	200 OK	smaato cs.admanmedia.com/sync/	42 B 469 B	83ms 27ms	Image image/gif	88.214.206.142 NATCOWEB
General Check archive.org Show headers Download Go to Show image Full URL https://cs.admanmedia.com/sync/smaato?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Fac%3D{$UID} Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 88.214.206.142 , United Kingdom, ASN46636 (NATCOWEB, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Frame-Options DENY Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Fri, 17 Dec 2021 02:43:50 GMT Transfer-Encoding chunked Server nginx Connection keep-alive X-Frame-Options DENY Strict-Transport-Security max-age=63072000; includeSubdomains; preload Content-Type image/gif
GET H2	200	um sb.freeskreen.com/ Redirect Chain https://loadeu.exelator.com/load/?p=204&g=1300&j=0 https://loadeu.exelator.com/load/?p=204&g=1300&j=0&xl8blockcheck=1 https://sb.freeskreen.com/um?ni=9662f738684e1ec595ebe915fc432766	43 B 506 B	34ms 33ms	Image image/gif	44.198.150.39 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://sb.freeskreen.com/um?ni=9662f738684e1ec595ebe915fc432766 Protocol H2 Server 44.198.150.39 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-198-150-39.compute-1.amazonaws.com Software Apache/2.4.29 (Ubuntu) / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Fri, 17 Dec 2021 02:43:50 GMT server Apache/2.4.29 (Ubuntu) p3p CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR" cache-control no-cache, no-store content-type image/gif content-length 43 expires -1 Redirect headers date Fri, 17 Dec 2021 02:43:50 GMT server nginx x-powered-by Undertow/1 p3p policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA location https://sb.freeskreen.com/um?ni=9662f738684e1ec595ebe915fc432766 cache-control no-cache access-control-allow-credentials true content-type image/gif content-length 0
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.9.1/ Frame CC30	90 KB 33 KB	96ms 29ms	Script text/javascript	2607:f8b0:4006:809::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js Requested by Host: www.sasktoday.ca URL: https://www.sasktoday.ca/central/outlook Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 06:55:04 GMT content-encoding gzip x-content-type-options nosniff age 244126 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 33018 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Wed, 14 Dec 2022 06:55:04 GMT
GET H/1.1	200 OK	fsk.css static.freeskreen.com/css/20210107205009/default/ Frame CC30	50 KB 29 KB	27ms 26ms	Stylesheet text/css	13.225.223.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.freeskreen.com/css/20210107205009/default/fsk.css Requested by Host: www.sasktoday.ca URL: https://www.sasktoday.ca/central/outlook Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 13.225.223.126 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-223-126.jfk51.r.cloudfront.net Software AmazonS3 / Resource Hash 31ace63fa339896dc045f21da77b1ffdc57160e2db5690b132766b0086d6f58e Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Thu, 16 Dec 2021 13:08:32 GMT Content-Encoding gzip Age 48919 X-Cache Hit from cloudfront Connection keep-alive Content-Length 28958 Last-Modified Thu, 07 Jan 2021 20:54:53 GMT Server AmazonS3 x-amz-meta-s3cmd-attrs atime:1610052891/ctime:1610052892/gid:497/gname:jenkins/md5:ba07184144408ada0c1691c69221a457/mode:33188/mtime:1610052892/uid:498/uname:jenkins ETag "ba07184144408ada0c1691c69221a457" x-amz-version-id 5DtU9pV9aPv90d5PMlXs6Og9O1cWT0Fu Via 1.1 671b6837b1f5908956524bc8798dab1f.cloudfront.net (CloudFront) X-Amz-Cf-Pop JFK51-C1 Accept-Ranges bytes Content-Type text/css X-Amz-Cf-Id fkDHoXuH4bUHjnMyn-YuTAE_oeKAtsJwazn32rfQeH3pSc-CaL4s7w==
GET H3	200	A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js Show response pagead2.googlesyndication.com/bg/ Frame 742E	35 KB 13 KB	24ms 23ms	Script text/javascript	2607:f8b0:4006:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 037b12d07ffce84bbca6821a50f249c54429b20c0f2fd67469a0bb5937113051 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 12 Dec 2021 04:28:44 GMT content-encoding br x-content-type-options nosniff age 425706 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13610 x-xss-protection 0 last-modified Mon, 06 Dec 2021 19:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 12 Dec 2022 04:28:44 GMT
GET H2	200	sync Show response gum.criteo.com/ Frame D944	51 B 373 B	104ms 35ms	Script text/javascript	2620:100:a001::c AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/sync?c=30&r=2&j=cr_handle_data_a Requested by Host: secure.adnxs.com URL: https://secure.adnxs.com/ttj?inv_code=dm-pl-138225&member=1908&pt1=1190&pt2=0&pt3=5000000&pt4=0&pt5=0&cb=905273936 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software / Resource Hash acb5d519051cc13618e992a7df4bce6a980036dfbe2e17a970ec716194329f6a Security Headers Name Value Strict-Transport-Security max-age=86400; preload; Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Fri, 17 Dec 2021 02:43:49 GMT content-encoding gzip vary Accept-Encoding content-type text/javascript; charset=utf-8 cache-control private, max-age=3600 server-processing-duration-in-ticks 1444 strict-transport-security max-age=86400; preload; content-length 169 expires 60
GET H/1.1	200 OK	ttj Show response secure.adnxs.com/ Frame D944	0 987 B	136ms 135ms	Script text/html	68.67.161.182 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://secure.adnxs.com/ttj?ttjb=1&bdc=1639709030&bdh=iIU5J6GoD0JxEcxhes4K-W-LvRI.&&bdref=https%3A%2F%2Fwww.sasktoday.ca%2Fcentral%2Foutlook&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.sasktoday.ca%2Fcentral%2Foutlook,https%3A%2F%2Fwww.sasktoday.ca%2Fcentral%2Foutlook&&inv_code=dm-pl-138225&member=1908&pt1=1190&pt2=0&pt3=5000000&pt4=0&pt5=0&cb=905273936 Requested by Host: secure.adnxs.com URL: https://secure.adnxs.com/ttj?inv_code=dm-pl-138225&member=1908&pt1=1190&pt2=0&pt3=5000000&pt4=0&pt5=0&cb=905273936 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 68.67.161.182 New York, United States, ASN29990 (ASN-APPNEX, US), Reverse DNS 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net Software nginx/1.17.9 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Pragma no-cache Date Fri, 17 Dec 2021 02:43:50 GMT X-Proxy-Origin 37.120.205.170; 37.120.205.170; 797.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com AN-X-Request-Uuid b67eb797-59b0-4d58-9e59-273984a6b145 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	player-hb.js Show response static.freeskreen.com/scm/player/20211014b/ Frame CC30	265 KB 68 KB	25ms 25ms	Script text/javascript	13.225.223.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.freeskreen.com/scm/player/20211014b/player-hb.js Requested by Host: www.sasktoday.ca URL: https://www.sasktoday.ca/central/outlook Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 13.225.223.126 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-223-126.jfk51.r.cloudfront.net Software AmazonS3 / Resource Hash 4af5765b7587881ef567c23d0aa9fcdbeff09e3354473ed56eca490f4df5ca30 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Thu, 16 Dec 2021 13:31:25 GMT Content-Encoding gzip Age 47546 X-Cache Hit from cloudfront Connection keep-alive Content-Length 69058 Last-Modified Thu, 14 Oct 2021 20:54:36 GMT Server AmazonS3 x-amz-meta-s3cmd-attrs atime:1634244865/ctime:1634244872/gid:20/gname:staff/md5:409ad7e8925e1ea5584c81bef309f239/mode:33188/mtime:1634244865/uid:501/uname:mickael ETag "409ad7e8925e1ea5584c81bef309f239" x-amz-version-id 1a20JKKbfSum1GD_kgL27p_j3szFYaZQ Via 1.1 671b6837b1f5908956524bc8798dab1f.cloudfront.net (CloudFront) X-Amz-Cf-Pop JFK51-C1 Accept-Ranges bytes Content-Type text/javascript X-Amz-Cf-Id dpDrXEjXUAbSfj7cW-M9Bdlg3fomGvTu7dhdRrTP3vZgXQfUO7frsw==
GET DATA	200 OK	truncated / Frame D944	216 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ceda630bc5bccdb8b888bb02eae9ab465a3c61223cd465cc8f01e44b00fec468 Request headers Accept-Language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Content-Type image/png
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame D944	0 0	45ms 44ms	Fetch image/gif	142.250.65.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvESPClmIKZlkhMOCsiSLB3SaKr4ZW6bx_boGGpVnLFatORCnWHi_FbXSTsCaA0lf8LDd2c0OzQAuiKu4VNlAnsZog_TeZneEjpVK1udoNqPsMeh2Lq7FNvg7rg81NIjS709itHiw-u6o1JAmc7HlL327uT1CjeXtI4cBXG3Gy2WxKeI1jv9I-2KUfZmwElReLIwEM8oaUiOXMXN-d3-Ey3KA-DX6oS97RHj7HQQorp1dJJiNbOfcQPZGGU4WxDIKtUyJxr2L9yuCd9y1vKcCKgPyedQy9Mf_UuRFCnNeUfdwcHJ5Cm5pO33qt8CEH_cu26z4EFSKQCMljP-zFmRiumn9eB7E0639u6rwHuTEO3kNmvdpSGo-tKFFxV&sai=AMfl-YQcsubbIeOfsSFz2Ix8sMzDKNEgeBBSiFt8oFSgQT_ZiZFRc-VF06_h87NxPIfTfQ_v2gkdUS7AiZbmZSS5F6tK8lES3L5xjnRGm4XbvZWOw9tToco8vkUEJ_6J34jA&sig=Cg0ArKJSzK4kEvU3hI3IEAE&uach_m=[UACH]&urlfix=1&adurl= Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.65.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s71-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers timing-allow-origin * date Fri, 17 Dec 2021 02:43:50 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe expires Fri, 17 Dec 2021 02:43:50 GMT
GET H/1.1	200 OK	F44630BFF8F3C6CE4CE115B339AF014D.cache.js Show response static.freeskreen.com/gwt/20210107205009/advertisement/freeskreen_splitbox_client/ Frame CC30	98 KB 34 KB	20ms 20ms	Script application/javascript	13.225.223.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.freeskreen.com/gwt/20210107205009/advertisement/freeskreen_splitbox_client/F44630BFF8F3C6CE4CE115B339AF014D.cache.js Requested by Host: www.sasktoday.ca URL: https://www.sasktoday.ca/central/outlook Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 13.225.223.126 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-223-126.jfk51.r.cloudfront.net Software AmazonS3 / Resource Hash 19ac7f7f03270e923c602d544845da674a088cbb610a4c76a6445f0d075b7d0f Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Thu, 16 Dec 2021 13:31:36 GMT Content-Encoding gzip Age 47535 X-Cache Hit from cloudfront Connection keep-alive Content-Length 34110 Last-Modified Thu, 07 Jan 2021 20:54:06 GMT Server AmazonS3 x-amz-meta-s3cmd-attrs atime:1610052721/ctime:1610052845/gid:497/gname:jenkins/md5:ffc2c23e98e50d5acfafe8ccfc4dc585/mode:33188/mtime:1610052721/uid:498/uname:jenkins ETag "ffc2c23e98e50d5acfafe8ccfc4dc585" x-amz-version-id jP3BhKySKcISIxarwq4cPXWHxkq.8vAk Via 1.1 671b6837b1f5908956524bc8798dab1f.cloudfront.net (CloudFront) X-Amz-Cf-Pop JFK51-C1 Accept-Ranges bytes Content-Type application/javascript X-Amz-Cf-Id dMrr5xMYFIZyDbGZP4QUWOTe6YqkZHKtQsnCiTlbcmyTKF9Rmme7fQ==
GET H2	200	t.gif sb.freeskreen.com/ Frame CC30	43 B 257 B	31ms 30ms	Image image/gif	44.198.150.39 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://sb.freeskreen.com/t.gif?tm=1639709030&p=4533&c=6028&s=undefined&d=&v=&t=425e574b-4c35-41bb-9955-8e60b17d5360&co=CA&pr=QC&ci=Montreal&dm=GM&flc=&slc=&ttm=1639709030562&gdpr=0&gdpr_consent=&e=AdOpened&m=2&x=null Requested by Host: www.sasktoday.ca URL: https://www.sasktoday.ca/central/outlook Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.198.150.39 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-198-150-39.compute-1.amazonaws.com Software Apache/2.4.29 (Ubuntu) / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Fri, 17 Dec 2021 02:43:50 GMT server Apache/2.4.29 (Ubuntu) p3p CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR" cache-control no-cache, no-store content-type image/gif content-length 43 expires -1
GET H/1.1	200 OK	usync.html Show response eus.rubiconproject.com/ Frame 9BD0 Redirect Chain https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu	281 B 554 B	59ms 20ms	Document text/html	23.73.244.44 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu Requested by Host: ww1772.smartadserver.com URL: https://ww1772.smartadserver.com/ac?pgid=662773&insid=7974420&tmstp=236201617&out=js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-73-244-44.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook Response headers Server Apache/2.2.15 (CentOS) Last-Modified Tue, 14 Dec 2021 23:07:59 GMT ETag "402b2-119-5d32342a551c0" Accept-Ranges bytes Content-Encoding gzip Content-Length 233 Content-Type text/html; charset=UTF-8 Date Fri, 17 Dec 2021 02:43:51 GMT Connection keep-alive Vary Accept-Encoding Redirect headers Server AkamaiGHost Content-Length 0 Location https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu Date Fri, 17 Dec 2021 02:43:51 GMT Connection keep-alive Access-Control-Allow-Credentials true Access-Control-Allow-Origin *
GET H/1.1	200 OK	usync.js Show response eus.rubiconproject.com/ Frame F1E7	32 KB 10 KB	116ms 115ms	Script text/html	23.73.244.44 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.js Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-73-244-44.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash 9a05269b320979b79a2fbeef27981305ecd84efa1e7a4077015659739b28ac41 Request headers Accept-Language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Fri, 17 Dec 2021 02:43:51 GMT Content-Encoding gzip Last-Modified Wed, 15 Dec 2021 23:04:16 GMT Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.3.3 Vary Accept-Encoding p3p CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT" Cache-Control max-age=64629 Connection keep-alive Content-Type text/html; charset=UTF-8 Content-Length 9696 Expires Fri, 17 Dec 2021 20:41:00 GMT
GET H/1.1	200 OK	EZ_1638566400.xml Show response video.freeskreen.com/30644/ Frame CC30	681 B 1 KB	89ms 30ms	XHR application/xml	13.225.223.104 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://video.freeskreen.com/30644/EZ_1638566400.xml?_cb=1639709031 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 13.225.223.104 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-223-104.jfk51.r.cloudfront.net Software AmazonS3 / Resource Hash 9768ab935ec6b53fa9ce07f989db28c48d0c1bba90aa2c7c6a6806d1038bf50f Request headers Accept application/xml, text/xml, */*; q=0.01 Referer https://www.sasktoday.ca/central/outlook Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Thu, 16 Dec 2021 23:15:57 GMT Content-Encoding gzip Vary Origin Age 12475 X-Cache Hit from cloudfront Connection keep-alive Content-Length 463 Access-Control-Allow-Origin * Last-Modified Fri, 03 Dec 2021 21:20:01 GMT Server AmazonS3 ETag "8cd83c3ca68b7bf7316d0e7f099657e6" Access-Control-Max-Age 3000 Access-Control-Allow-Methods GET Content-Type application/xml Via 1.1 4ffd9afb636b7eb92e42cf2534136d51.cloudfront.net (CloudFront) X-Amz-Cf-Pop JFK51-C1 Accept-Ranges bytes X-Amz-Cf-Id S_JMTyKUJo0xU-IM5ELdVuW9iWBvtzDTHCRo_ZYOGMSOpSpG5HmT_A==
GET H2	200	tag Show response pc206-oru5s.ads.tremorhub.com/ad/ Frame CC30	55 B 607 B	191ms 97ms	XHR application/json	2600:1f18:612b:4232:4585:da71:50b1:6776 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://pc206-oru5s.ads.tremorhub.com/ad/tag?adCode=pc206-86r8y&playerWidth=732&playerHeight=411&playerPosition=3&srcPageUrl=https%3A%2F%2Fwww.sasktoday.ca%2Fcentral%2Foutlook&gdpr=0&gdpr_consent=&custom=6028&c2=en-ca&floor=USD:5&us_privacy=&fmt=json Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:612b:4232:4585:da71:50b1:6776 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash def57a6307c27b9274bea34cbc19614e9354815258925a556452672bc31a504c Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://www.sasktoday.ca/central/outlook Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Fri, 17 Dec 2021 02:43:51 GMT content-encoding gzip server Apache-Coyote/1.1 vary accept-encoding p3p CP='This is not a P3P policy. See https://telaria.com/privacy-policy/' access-control-allow-origin https://www.sasktoday.ca cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true x-tremorvideo-status NO_AD content-type application/json;charset=UTF-8
GET H2	204	bid Show response ads.freeskreen.com/ Frame CC30	0 198 B	414ms 324ms	XHR text/plain	44.194.222.26 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://ads.freeskreen.com/bid?pid=4533&tid=425e574b-4c35-41bb-9955-8e60b17d5360&w=732&h=411&u=https%3A%2F%2Fwww.sasktoday.ca%2Fcentral%2Foutlook&ip=37.120.205.170&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.93%20Safari%2F537.36&g_co=CA&g_p=QC&g_ci=Montreal&g_d=GM&s_1=&s_2=&cid=6028&sid=undefined&vid=298&did=1548327&pf=500&ttm=1639709030562&eu_c=&eu_g=0&eu_ggl=0 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.194.222.26 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-194-222-26.compute-1.amazonaws.com Software Apache-Coyote/1.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/xml, text/xml, */*; q=0.01 Referer https://www.sasktoday.ca/central/outlook Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Fri, 17 Dec 2021 02:43:51 GMT server Apache-Coyote/1.1 access-control-allow-methods GET access-control-allow-origin https://www.sasktoday.ca cache-control no-cache, no-store access-control-allow-credentials true expires -1
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 742E	0 20 B	46ms 44ms	Image image/gif	2607:f8b0:4006:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B0GSOZvm7YY2jGNGKxAO8o6XYBwAAAAA4AeAEAg&bg=!ubqluv7NAAZKWFskSlg7ACkAdvg8WgpZ6z-Wi2AMnHrnEz6rkOoRkZtzuYMFV--GSnarOtBAtlXr8wIAAAFfUgAAABBoAQeZAxICOSDS9sRbX7uBVLFU90N9Cb_evlO8CN4X6rkqCJXlH2EMg_gWOqGeprOwCfnRBY9zdYSNw5hjta9ZjzXs0Q0u3GW_CoVVxhZx1Uob-zdttBF7Acm4o_axu_4MAZmeS9jT91WKen5JKNTO369C8n4uF1VhZ-Hdyx42e2UY1-5MqYP70LSLe5STvWQuRI-EwFFQ8d2fy-uTJ-WQkLa8hXMmwdf1vkcY9DLkQBzKlCoOUfJAkYAm1-fagImHt4wNKZWV9K4D4DI6MofPI9qSsWYPRJmrVbzIO2a4d6XRaXKsh2G3fEnO05oz6bx-4ZjHRen8hrQinPx6Lt3JRL6Drhdu7cmytstRPV32Xn8SHm9l5_0Te-_si5kLWROjcIuxHvhnm-m_2-JHlDQ_EwtZvZhjDMNqanzAFAsE94WWenm81Ha2VcjdN6px0yLjY5dejJDp4v6rPI29P5qIxhDml7Ars2o0MhsaKw5-tnf1Wa7kcPEzU7SU4s9rsubGX8wnZWcUYIPP3JLh0clBaeDjZlxuGVEW7MlmadxwN7jtiNNpIcyp0vAXSdVnMuhVvaaWpy-1a9NsJ1bz9nY1BHU-F8VkVlNA3BC2K8ESxhBjQrPGopCai0dzngVIlBaMj_LhAQtzd7Wys8B3NyP3CWuE-IEGm_X7svno73Tju7A_J1-Ijap63q_IWHmB_qHkm5adOVtjd6Nt2P6FyoqcWDovpPcnXjHeBQrvmhLVFhep5vTbZBAxi1znaeHzqzhiszfZ-pcapiRh-PorSE4OHELOkzqoSKE_X_N307CTzFXmbAj-WLWO2kefjOnyuc_LauFhpDG51yad1FImn78tlJ3CoGtRoDzz00Xrfq1f96-dC7hbF1HSaUyYSl5y5fuQsgcWZWy3Vls65dAAj4sHa6Yb2Vo3Iexeab23n6itfk7aSj_UMr8qwaPF2is6wZ3ZZe5UULfWFZ8-WwJeT9ZSnGwqBOTRv_yuoNBBlbacXho-N8rzl67NXDOG8A2nEfEmzONYvXFNjMPTn0SYi1JXt0-2oSiwEVo Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Fri, 17 Dec 2021 02:43:51 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	xpub Show response bid.g.doubleclick.net/xbbe/bid/ Frame CC30	3 KB 4 KB	368ms 149ms	XHR text/xml	142.251.4.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://bid.g.doubleclick.net/xbbe/bid/xpub?deal_id=13225464_777766&max_duration=15&ord=1639709031&dc_sdk_apis=[APIFRAMEWORKS]&dc_omid_p=[OMIDPARTNER]&dc_vast=3&dc_rdid= Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.4.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS gm-in-f156.1e100.net Software cafe / Resource Hash b089c7360da88d18ba1d7d52df8782961a7b8a8bab54df692d75836d042674a1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept application/xml, text/xml, */*; q=0.01 Referer https://www.sasktoday.ca/central/outlook Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Fri, 17 Dec 2021 02:43:51 GMT x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin https://www.sasktoday.ca cache-control no-cache, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin content-type text/xml; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3540 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	t.gif sb.freeskreen.com/ Frame CC30	43 B 257 B	34ms 34ms	Image image/gif	44.198.150.39 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://sb.freeskreen.com/t.gif?tm=1639709031&p=4533&c=6028&s=undefined&d=1610036&v=30644&t=425e574b-4c35-41bb-9955-8e60b17d5360&co=CA&pr=QC&ci=Montreal&dm=GM&flc=&slc=&ttm=1639709030562&gdpr=0&gdpr_consent=&e=VastRequest&m=1&x=https%3A%2F%2Fvideo.freeskreen.com%2F30644%2FEZ_1638566400.xml%3F_cb%3D1639709031 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.198.150.39 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-198-150-39.compute-1.amazonaws.com Software Apache/2.4.29 (Ubuntu) / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Fri, 17 Dec 2021 02:43:51 GMT server Apache/2.4.29 (Ubuntu) p3p CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR" cache-control no-cache, no-store content-type image/gif content-length 43 expires -1
GET H/1.1	200 OK	khaos.jpg token.rubiconproject.com/ Frame F1E7	284 B 921 B	1105ms 85ms	Image image/jpg	8.39.36.142 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://token.rubiconproject.com/khaos.jpg? Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032 Request headers Accept-Language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" content-length 284 X-RPHost 6683ee3a8662a9679fcacb9fe223a3f8 Content-Type image/jpg
GET H/1.1	200 OK	usync.js Show response eus.rubiconproject.com/ Frame 9BD0	32 KB 10 KB	33ms 32ms	Script text/html	23.73.244.44 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.js Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-73-244-44.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash 9a05269b320979b79a2fbeef27981305ecd84efa1e7a4077015659739b28ac41 Request headers Accept-Language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Fri, 17 Dec 2021 02:43:51 GMT Content-Encoding gzip Last-Modified Wed, 15 Dec 2021 23:04:16 GMT Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.3.3 Vary Accept-Encoding p3p CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT" Cache-Control max-age=64629 Connection keep-alive Content-Type text/html; charset=UTF-8 Content-Length 9696 Expires Fri, 17 Dec 2021 20:41:00 GMT
GET H/1.1	200 OK	khaos.jpg token.rubiconproject.com/ Frame 9BD0	284 B 922 B	1158ms 96ms	Image image/jpg	8.39.36.142 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://token.rubiconproject.com/khaos.jpg? Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032 Request headers Accept-Language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" content-length 284 X-RPHost 6683ee3a8662a9679fcacb9fe223a3f8 Content-Type image/jpg
GET H2	200	t.gif sb.freeskreen.com/ Frame CC30	43 B 257 B	30ms 30ms	Image image/gif	44.198.150.39 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://sb.freeskreen.com/t.gif?tm=1639709031&p=4533&c=6028&s=undefined&d=1548363&v=9316&t=425e574b-4c35-41bb-9955-8e60b17d5360&co=CA&pr=QC&ci=Montreal&dm=GM&flc=&slc=&ttm=1639709030562&gdpr=0&gdpr_consent=&e=VastRequest&m=1&x=https%3A%2F%2Fpc206-oru5s.ads.tremorhub.com%2Fad%2Ftag%3FadCode%3Dpc206-86r8y%26playerWidth%3D732%26playerHeight%3D411%26playerPosition%3D3%26srcPageUrl%3Dhttps%253A%252F%252Fwww.sasktoday.ca%252Fcentral%252Foutlook%26gdpr%3D0%26gdpr_consent%3D%26custom%3D6028%26c2%3Den-ca%26floor%3DUSD%3A5%26us_privacy%3D%26fmt%3Djson Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.198.150.39 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-198-150-39.compute-1.amazonaws.com Software Apache/2.4.29 (Ubuntu) / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Fri, 17 Dec 2021 02:43:51 GMT server Apache/2.4.29 (Ubuntu) p3p CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR" cache-control no-cache, no-store content-type image/gif content-length 43 expires -1
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 28C1	42 B 64 B	64ms 37ms	Fetch image/gif	2607:f8b0:4006:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvCHG2TNeI6QSwdcZnapKcuyOey-tjURPSRHbM_fTa5JYwdpXfNQRiQ3hSg3qyTCMt7o6Oee4rHDvnzm9ublGlps3R9CzN58AwAxEQdqTtngGNWGhVL&sig=Cg0ArKJSzFXU05j7MydaEAE&id=lidar2&mcvt=1000&p=129,350,429,1250&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211202&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=3880896073&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1639709030091&rpt=151&isd=0&lsd=0&met=mue&wmsd=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Fri, 17 Dec 2021 02:43:51 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 2AB5	42 B 64 B	37ms 37ms	Fetch image/gif	2607:f8b0:4006:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvjweq-E1sgDVgX_mO8RA6la1aNSqL9zIyoJMkTxkuQ1yQ7qk-01qvKYo09WDoUNNqw7KWTPw2t7S-qjknBe9GQi2aC6YekV8Vhn_AJCrXw3EX5xf_u&sig=Cg0ArKJSzGwE8gg-eQMdEAE&id=lidar2&mcvt=1000&p=464,980,764,1280&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211202&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=3952705426&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1639709030131&rpt=182&isd=0&lsd=0&met=mue&wmsd=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Fri, 17 Dec 2021 02:43:51 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	t.gif sb.freeskreen.com/ Frame CC30	43 B 257 B	27ms 27ms	Image image/gif	44.198.150.39 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://sb.freeskreen.com/t.gif?tm=1639709031&p=4533&c=6028&s=undefined&d=1548327&v=298&t=425e574b-4c35-41bb-9955-8e60b17d5360&co=CA&pr=QC&ci=Montreal&dm=GM&flc=&slc=&ttm=1639709030562&gdpr=0&gdpr_consent=&e=VastRequest&m=1&x=https%3A%2F%2Fads.freeskreen.com%2Fbid%3Fpid%3D4533%26tid%3D425e574b-4c35-41bb-9955-8e60b17d5360%26w%3D732%26h%3D411%26u%3Dhttps%253A%252F%252Fwww.sasktoday.ca%252Fcentral%252Foutlook%26ip%3D37.120.205.170%26ua%3DMozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F96.0.4664.93%2520Safari%252F537.36%26g_co%3DCA%26g_p%3DQC%26g_ci%3DMontreal%26g_d%3DGM%26s_1%3D%26s_2%3D%26cid%3D6028%26sid%3Dundefined%26vid%3D298%26did%3D1548327%26pf%3D500%26ttm%3D1639709030562%26eu_c%3D%26eu_g%3D0%26eu_ggl%3D0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.198.150.39 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-198-150-39.compute-1.amazonaws.com Software Apache/2.4.29 (Ubuntu) / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Fri, 17 Dec 2021 02:43:51 GMT server Apache/2.4.29 (Ubuntu) p3p CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR" cache-control no-cache, no-store content-type image/gif content-length 43 expires -1
GET H2	200	t.gif sb.freeskreen.com/ Frame CC30	43 B 257 B	31ms 30ms	Image image/gif	44.198.150.39 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://sb.freeskreen.com/t.gif?tm=1639709031&p=4533&c=6028&s=undefined&d=1548327&v=298&t=425e574b-4c35-41bb-9955-8e60b17d5360&co=CA&pr=QC&ci=Montreal&dm=GM&flc=&slc=&ttm=1639709030562&gdpr=0&gdpr_consent=&e=VastEmpty&m=1&x= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.198.150.39 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-198-150-39.compute-1.amazonaws.com Software Apache/2.4.29 (Ubuntu) / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Fri, 17 Dec 2021 02:43:51 GMT server Apache/2.4.29 (Ubuntu) p3p CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR" cache-control no-cache, no-store content-type image/gif content-length 43 expires -1
GET H3	200	vast Show response bid.g.doubleclick.net/dbm/ Frame CC30	16 KB 5 KB	152ms 95ms	XHR text/xml	142.251.4.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CcIxFlcLoYSkz2OBGkvzEfYNCL36SCCl9n3mdwfTcoJJZQGOMrPU3jAOXehRtZ27XDpB5Hee6fVJPyz5EuEwO3UxjZjQ&dbm_d=AKAmf-DIFDf8XVm6qJ7ZIlJ7grJRTyhmB_tlckU4SAk3jzAYSyufR0l57QIO3ZrflfdgvKDgm4eoGjFv1bUf5-WT50LiIXg2U-avdIlnsDteMRmXUn-r1Q9KOtpjMXBD1aKIxTW0f8fUMYqScELz0QhXk6uS-Tx8TZZcdthEZgr88dilLdjYA1RXnKqhi3jSw2HCuhJIONy6VXXCXcQ4UFrorDPCrv2wEKR_iRrYKITfod2h7RZm7Yx77Otzopye81dewqmdwRUymn1zbZsp6ouP6wLugjKrCXbeL7c_K8Sq372yWPUCNkdYaqdoy1XPA5FAMpIQLRXHAfZRkRsrxSfwQ0tZZ2c4_dcTIR5CGu3NwOeMDmMHODK_Z_t92zQFfuf1UqwJjlkarGz1x3k19-zP9-5jBsks0Mtypw47QgRFo59wks4Yb7EE-hK1dUECKbn9fExR9DRtXBJ-nX6Ttjac7jcZmh1QurECOwSgqZaumg5QrCRCENSy02ntd-znP6WvYq_rVsVG9Ts5OuQYudlyKiGFAxIM51Z6X439TDjkbcrCxJTCNlf2CPOMt-bO6sfa-DgVzyY6jP_Sm0TNZuFwjWrL0aDsJzGGiDpjygE4WqZvIQfYt6gnlp8mSg_-xJHBkf-ErnoI6TM3RO_tZgFa-vLbuQCXjieHEV6_hY5B42J83GQdh-Bpv20oeKWnrFcFxX8aZcU8DhOpaK09CTHzCWBvRq4n1DImyuTN8OpgMTwzee_CNJANYiLSMIN_Zpstf5hFNrNq5if2SUoRShvbTnjaaXaHkOO4w1q8YbjNj5mUbTZPVCX9mqCwdG-87b45dO_89bIjy7M_lS9BK-gjK0LwGEAm-Pm4cdBGMCvhcasiaQXCDAZx319QdDcoHGj01xSJ3k73dCTjhTabOfv0WQwMDcfnySlncClRaOKBU3owq3s5cKIJ0UxM4YwOmRE31FYD3ER1JlqX1wH8IG9Ex3hNbTETYsX5lHWkAKzY87PXOf-qb-z01dc4hkpnC_ODFx-kg80FFvE_ibCcuOrC5UlTwbN96zLEc6u49ApESgwDKXnQR_sZdclq7SvXavwV31DjcyvG11f0DXsHfLhKAo5hbHWI0Ei0QzKBf9Lxdi7kCzVcNHOCE8q0MtscbCEZi9kYI8hYP5MOe5clOCPuAynRpWOrJqkN02QZKzxXBZjGbWaYuEq4LkTT6W_-GuvHX1kQyHf44jh1ZSz-2tQ3X15mUNLal8EF8pV7PbgbxpI2tmBCbIXyZMryJx3J0oxavSH02k81FN35xboc4pgH_ZFaC_XDguz9QJe0cGoXBQfsIKOEvLZ0FOJZh36N_kh1GdU1mZJ-6K0hLWckLMiM9gIOwmLAM2duDSWXLN8c-eNegQ_BF6w-3h5ACGywddrqYttTYIqYshkiDhaqk8ObtpAgZupX7MhDjSorUUgA-4fezfOP0LbjudDpyhkfIPCxj44iu-mVzwkIpZzqWmBhrTSmJ4XbMGYlgynhzRJxe5rDjddGw3fBVLDpujgA31S81Xt0jIPkDvoM3fp77iB1CfarsXdJUDOZsmh6RBsJGVTqAo5hQyymXO5XjxqY39X2k5n6HlUHeo01ioAGUOc816UOmDaRV6Pnv8EylPgqwO-I6MD7rzjXUMQo7YHa0KTij56wI4MC840n6QxrVhig7BC8d7ajrS1IqP09eXgiIf6unMKX5uXUwh6kmGWQS8Ri8lrFt2yfHVkirVPXNhiR20DaAUalr6SBsVU9hOZVf1mEYZ2_eKfiPSJWm9hjwtNRBuJvyCjXL8-yIvC5DFpD6eOJjlIRAPz1ZiePUSNQufQjQDZ74E2iRLTcrLBuq7IJxCGOSQYlwSqNkCRnMH9LNz7YF1T8ZkLLqG9H5XOgJRg1S_MoB_SFGtv4kjILCU8Ta4GO3w4fen9Jqyo4uUN1rOfWVWBd3f7a6FiA4JNYE1DSiSjED-UrrZffLxIGG-GCi_viZl7BfwOAd0kbHD1d6FhTpE8ERMh7TyZeqcTl9xNmBA7edEMNQCX-U_v7qWVwdzKClS__Z86aERO3DosBKBnDpENOw3ngAECBJWZOoBarhfyEynA6cL9V3Rkz0teTF8BsiDEXdj5k9caHdP-qZ2vWilGkAsrYW8rAszXVYbmut_WMpP-Y4NLPLIe85yDBF8z3x_qVvz3Fm1NHCQXae0PL_ze4VMAOJJ6M9gWJsYlJAWt9OtXrP18wQtIYkP5UM6binEWhO-TIpug8BUZbfucNeNI1L3GudwGKvOPALX2oXu-2Lp0gtFyyKwLE7DaVd9_g9-7yaijjpTorpNvhdFBShiSoxvUGzfFMY6LIXyiL4dKe2neKqlZ3glDi2qL5M9nOsWywrmp4daKBWGkmib5Q9zvXZFttfZMTe9hW5OkCvsK2FvA2ZEFYeu14G_hSf-vOSHF9YS9O5fU3TalJ11zEBF_M_5KJXS_rcw6P2zJGMlJylD08yai4pavoN3djUU4i9ZsrLUJ9l4CUTHspvB9gCqLIrnCNP6Mx0kjxDL-LLRhAZUgukbDWdoKOBSMj8UbXTd5kQ1xZzGC3BNTc5eobWPRqgC1akkSuCgRUxTAIOQ5cpTPvopjCuWIVfIjKEyumODghHbikvELIF-QBv8fx_W6g6XLPfUdhWlEcHVUDfLX4HwE1n-KKA5q5c4o5Gfl_GzJZ0JfA4YURgQe9Hr1ROlRQTgSPtAriJoYyGR3tSganQtCtsu36TphrMV97WirXKza1ARxjsqcY9yzV40V9ggmYjFvEMQJ8xDWLm6j-UgiC-RgDCuwI70wzMt8mfXSGSdgr26KfErdWJbCmqKIKdrQ-pcs9CugVA7yDPMPlUcjYuyknxLEuRRRO71lstquvLSz--_zmE7ydsfahrmPxMecSMEklAkpkWNPcEhuto_4l06k&cid=CAASEuRoxsBNrb8R1kADbNvIXbBceQ&pr=39:AAAAAAAAAAAAAAAAAAAAAOsnHIIpawkrz0-jOA Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.4.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS gm-in-f156.1e100.net Software cafe / Resource Hash 1ea6195c5e537a1e3fdee18a9584d0b5047ec87f684b53cf88fbf6aa0010f329 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept application/xml, text/xml, */*; q=0.01 Referer https://www.sasktoday.ca/central/outlook Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Fri, 17 Dec 2021 02:43:51 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5029 x-xss-protection 0 pragma no-cache server cafe content-type text/xml; charset=UTF-8 access-control-allow-origin https://www.sasktoday.ca cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	t.gif sb.freeskreen.com/ Frame CC30	43 B 257 B	27ms 26ms	Image image/gif	44.198.150.39 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://sb.freeskreen.com/t.gif?tm=1639709031&p=4533&c=6028&s=undefined&d=1610036&v=30644&t=425e574b-4c35-41bb-9955-8e60b17d5360&co=CA&pr=QC&ci=Montreal&dm=GM&flc=&slc=&ttm=1639709030562&gdpr=0&gdpr_consent=&e=LoaderStartHB&m=1&x=%3B%3Bvideoloader%3B Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.198.150.39 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-198-150-39.compute-1.amazonaws.com Software Apache/2.4.29 (Ubuntu) / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Fri, 17 Dec 2021 02:43:51 GMT server Apache/2.4.29 (Ubuntu) p3p CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR" cache-control no-cache, no-store content-type image/gif content-length 43 expires -1
GET H/1.1	206 Partial Content	file.mp4 r2---sn-ab5sznld.c.2mdn.net/videoplayback/id/215db9d5cca936e4/itag/59/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3782420117/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mi... Frame CC30 Redirect Chain https://gcdn.2mdn.net/videoplayback/id/215db9d5cca936e4/itag/59/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3782420117/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/sign... https://r2---sn-ab5sznld.c.2mdn.net/videoplayback/id/215db9d5cca936e4/itag/59/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3782420117/sparams/acao,ctier,expire,id,ip,ipbits,it...	2 MB 2 MB	333ms 53ms	Media video/mp4	2607:f8b0:4006:3c::7 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://r2---sn-ab5sznld.c.2mdn.net/videoplayback/id/215db9d5cca936e4/itag/59/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3782420117/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/67F8B31375520DA8B0AB4325DA3817F0F71E1EE2.1C18DB52F8E9ECCCF16540E01F727EC661EB1D79/key/cms1/cms_redirect/yes/mh/Vi/mip/2a0d:5600:9:4b03:cf::1/mm/42/mn/sn-ab5sznld/ms/onc/mt/1639707946/mv/u/mvi/2/pl/49/file/file.mp4 Protocol HTTP/1.1 Server 2607:f8b0:4006:3c::7 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software gvs 1.0 / Resource Hash 484a80d94e718e445b9fb10dd7cb89d93875e799d636620803a71620821fe16b Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.sasktoday.ca/central/outlook User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Fri, 17 Dec 2021 02:43:52 GMT X-Content-Type-Options nosniff Content-Range bytes 0-1680285/1680286 Connection close Alt-Svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" Content-Length 1680286 Last-Modified Sat, 27 Nov 2021 00:15:17 GMT Server gvs 1.0 Vary Origin Content-Type video/mp4 Access-Control-Allow-Origin null Access-Control-Expose-Headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms Cache-Control private, max-age=86400 Access-Control-Allow-Credentials true Accept-Ranges bytes Timing-Allow-Origin null Expires Fri, 17 Dec 2021 02:43:52 GMT Redirect headers date Fri, 17 Dec 2021 02:43:51 GMT x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 653 x-xss-protection 0 pragma no-cache server ClientMapServer location https://r2---sn-ab5sznld.c.2mdn.net/videoplayback/id/215db9d5cca936e4/itag/59/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3782420117/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/67F8B31375520DA8B0AB4325DA3817F0F71E1EE2.1C18DB52F8E9ECCCF16540E01F727EC661EB1D79/key/cms1/cms_redirect/yes/mh/Vi/mip/2a0d:5600:9:4b03:cf::1/mm/42/mn/sn-ab5sznld/ms/onc/mt/1639707946/mv/u/mvi/2/pl/49/file/file.mp4 x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 access-control-allow-origin https://www.sasktoday.ca access-control-expose-headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin https://www.sasktoday.ca expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	um sb.freeskreen.com/ Frame F1E7 Redirect Chain https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=123456&khaos=KX9SF6LP-A-5D87 https://sb.freeskreen.com/um?mg=KX9SF6LP-A-5D87	43 B 611 B	31ms 30ms	Image image/gif	44.198.150.39 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://sb.freeskreen.com/um?mg=KX9SF6LP-A-5D87 Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west Protocol H2 Server 44.198.150.39 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-198-150-39.compute-1.amazonaws.com Software Apache/2.4.29 (Ubuntu) / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers Accept-Language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Fri, 17 Dec 2021 02:43:52 GMT server Apache/2.4.29 (Ubuntu) p3p CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR" cache-control no-cache, no-store content-type image/gif content-length 43 expires -1 Redirect headers Pragma no-cache P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Location https://sb.freeskreen.com/um?mg=KX9SF6LP-A-5D87 Cache-Control no-cache,no-store,must-revalidate Content-Type text/html content-length 0 X-RPHost 6683ee3a8662a9679fcacb9fe223a3f8 Expires 0
GET H/1.1	200 OK	/ rtb-csync.smartadserver.com/redir/ Frame 9BD0 Redirect Chain https://pixel-eu.rubiconproject.com/exchange/sync.php?p=smartadserver&khaos=KX9SF6OA-28-BX9A https://rtb-csync.smartadserver.com/redir/?partnerid=104&partneruserid=KX9SF6OA-28-BX9A	43 B 406 B	174ms 57ms	Image image/gif	199.187.193.166 SMARTADSERVER
General Check archive.org Show headers Download Go to Show image Full URL https://rtb-csync.smartadserver.com/redir/?partnerid=104&partneruserid=KX9SF6OA-28-BX9A Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu Protocol HTTP/1.1 Server 199.187.193.166 , Canada, ASN47043 (SMARTADSERVER, CA), Reverse DNS Software / Resource Hash 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7 Request headers Accept-Language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Fri, 17 Dec 2021 02:43:52 GMT cache-control no-cache,no-store content-type image/gif transfer-encoding chunked p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" Redirect headers Pragma no-cache P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Location https://rtb-csync.smartadserver.com/redir/?partnerid=104&partneruserid=KX9SF6OA-28-BX9A Cache-Control no-cache,no-store,must-revalidate Content-Type text/html content-length 0 X-RPHost 1da0c96602e9a1076eae4f5554c05cf3 Expires 0
GET H2	204	v1 ads.yahoo.com/cms/ Frame F1E7 Redirect Chain https://token.rubiconproject.com/token?pid=26594 https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KX9SF6OA-28-BX9A&sigv=1&esig=2~35c38f934983a30ea51c4e744247b891c990f860	0 445 B	124ms 38ms	Image text/plain	2001:4998:14:800::1001 YAHOO
General Check archive.org Show headers Download Go to Show image Full URL https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KX9SF6OA-28-BX9A&sigv=1&esig=2~35c38f934983a30ea51c4e744247b891c990f860 Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west Protocol H2 Server 2001:4998:14:800::1001 Ashburn, United States, ASN14777 (YAHOO, US), Reverse DNS Software ATS / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Fri, 17 Dec 2021 02:43:52 GMT cache-control no-store x-content-type-options nosniff server ATS strict-transport-security max-age=15552000 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" x-xss-protection 1; mode=block Redirect headers Location https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KX9SF6OA-28-BX9A&sigv=1&esig=2~35c38f934983a30ea51c4e744247b891c990f860 Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost 6683ee3a8662a9679fcacb9fe223a3f8 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H/1.1	200 OK	tap.php pixel.rubiconproject.com/ Frame F1E7 Redirect Chain https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=Ybv5aAAMhoHJcgBR https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=Ybv5aAAMhoHJcgBR&_test=Ybv5aAAMhoHJcgBR	42 B 679 B	311ms 81ms	Image image/gif	8.39.36.141 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=Ybv5aAAMhoHJcgBR&_test=Ybv5aAAMhoHJcgBR Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west Protocol HTTP/1.1 Server 8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" content-length 42 X-RPHost 6683ee3a8662a9679fcacb9fe223a3f8 Content-Type image/gif Redirect headers pragma no-cache date Fri, 17 Dec 2021 02:43:52 GMT via 1.1 varnish server Varnish x-timer S1639709033.535305,VS0,VE0 x-served-by cache-yul12820-YUL x-cache HIT location https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=Ybv5aAAMhoHJcgBR&_test=Ybv5aAAMhoHJcgBR cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H/1.1	200 OK	tap.php pixel.rubiconproject.com/ Frame F1E7 Redirect Chain https://match.adsrvr.org/track/cmf/rubicon https://match.adsrvr.org/track/cmb/rubicon? https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=299604d7-a570-4e90-8092-a7b2773b92c8&gdpr=0&gdpr_consent=&expires=30	42 B 679 B	337ms 83ms	Image image/gif	8.39.36.141 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=299604d7-a570-4e90-8092-a7b2773b92c8&gdpr=0&gdpr_consent=&expires=30 Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west Protocol HTTP/1.1 Server 8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" content-length 42 X-RPHost 0963d041a95f271fbba7f411adc03573 Content-Type image/gif Redirect headers pragma no-cache date Fri, 17 Dec 2021 02:43:52 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=299604d7-a570-4e90-8092-a7b2773b92c8&gdpr=0&gdpr_consent=&expires=30 cache-control private,no-cache, must-revalidate content-type text/html content-length 289
GET H2	200	709414.gif id.rlcdn.com/ Frame F1E7	42 B 449 B	124ms 56ms	Image image/gif	35.190.60.146 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://id.rlcdn.com/709414.gif Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 146.60.190.35.bc.googleusercontent.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers timing-allow-origin * date Fri, 17 Dec 2021 02:43:52 GMT via 1.1 google p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" cache-control no-cache, no-store content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42
GET H/1.1	200 OK	tap.php pixel.rubiconproject.com/ Frame F1E7 Redirect Chain https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=3d2f61bb-f968-4800-8b0a-3dcc8c775ac0	42 B 679 B	329ms 79ms	Image image/gif	8.39.36.141 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=3d2f61bb-f968-4800-8b0a-3dcc8c775ac0 Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west Protocol HTTP/1.1 Server 8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" content-length 42 X-RPHost 0963d041a95f271fbba7f411adc03573 Content-Type image/gif Redirect headers Date Fri, 17 Dec 2021 02:43:52 GMT Server MT3 4133 baa842e master ord-pixel-x51 config:1.0.0 Access-Control-Allow-Origin * P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=3d2f61bb-f968-4800-8b0a-3dcc8c775ac0 Cache-Control no-cache Connection keep-alive Content-Type image/gif Keep-Alive timeout=360 Content-Length 0 Expires Fri, 17 Dec 2021 02:43:51 GMT
GET H/1.1	200 OK	tap.php pixel.rubiconproject.com/ Frame F1E7 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAsFQHnIKC6_BfsMJ0AxdHU&google_cver=1	42 B 679 B	313ms 78ms	Image image/gif	8.39.36.141 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAsFQHnIKC6_BfsMJ0AxdHU&google_cver=1 Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west Protocol HTTP/1.1 Server 8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" content-length 42 X-RPHost 0963d041a95f271fbba7f411adc03573 Content-Type image/gif Redirect headers pragma no-cache date Fri, 17 Dec 2021 02:43:52 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAsFQHnIKC6_BfsMJ0AxdHU&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 326 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame F1E7 Redirect Chain https://token.rubiconproject.com/token?pid=25470 https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1g5U0Y2T0EtMjgtQlg5QQ==	170 B 188 B	39ms 39ms	Image image/png	142.250.64.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1g5U0Y2T0EtMjgtQlg5QQ== Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west Protocol H3 Server 142.250.64.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s30-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Fri, 17 Dec 2021 02:43:52 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1g5U0Y2T0EtMjgtQlg5QQ== Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost 6683ee3a8662a9679fcacb9fe223a3f8 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H3	200	pixel cm.g.doubleclick.net/ Frame F1E7 Redirect Chain https://token.rubiconproject.com/token?pid=2249&pt=n https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzhiZTI0YTZiZDM2ZDQ4OWQzOTE5NTUyNDc3MzU4NGZjNTc2YTNmYg	170 B 188 B	40ms 40ms	Image image/png	142.250.64.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzhiZTI0YTZiZDM2ZDQ4OWQzOTE5NTUyNDc3MzU4NGZjNTc2YTNmYg Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west Protocol H3 Server 142.250.64.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s30-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Fri, 17 Dec 2021 02:43:52 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzhiZTI0YTZiZDM2ZDQ4OWQzOTE5NTUyNDc3MzU4NGZjNTc2YTNmYg Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost 6683ee3a8662a9679fcacb9fe223a3f8 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
POST H/1.1	200 OK	attention-event Show response sr.studiostack.com/track/	0 396 B	51ms 50ms	XHR text/plain	20.49.104.19 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://sr.studiostack.com/track/attention-event Requested by Host: sr.studiostack.com URL: https://sr.studiostack.com/v3/services Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.49.104.19 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.sasktoday.ca/central/outlook Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type application/json;charset=UTF-8 Response headers Pragma no-cache Date Fri, 17 Dec 2021 02:43:54 GMT Access-Control-Allow-Methods GET, POST, OPTIONS, HEAD, PUT Access-Control-Allow-Origin * Expires 0 Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Content-Length 0 request-context appId=cid-v1:c374023b-8354-459d-b51b-039919730c2c
OPTIONS H/1.1	200 OK	attention-event sr.studiostack.com/track/ Frame	0 0	66ms 65ms	Preflight text/html	20.49.104.19 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://sr.studiostack.com/track/attention-event Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.49.104.19 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://www.sasktoday.ca User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Sec-Fetch-Mode cors Response headers Cache-Control no-cache, no-store, must-revalidate Pragma no-cache Allow POST Content-Length 4 Content-Type text/html; charset=utf-8 Expires 0 ETag W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ" request-context appId=cid-v1:c374023b-8354-459d-b51b-039919730c2c Access-Control-Allow-Origin * Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Access-Control-Allow-Methods GET, POST, OPTIONS, HEAD, PUT Date Fri, 17 Dec 2021 02:43:53 GMT