urlscan.io logo urlscan.io
SecurityTrails logo

www.theobserver.ca Open in urlscan Pro
34.107.199.243  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Submission: On December 04 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 120 IPs in 6 countries across 83 domains to perform 503 HTTP transactions. The main IP is 34.107.199.243, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is www.theobserver.ca.
TLS certificate: Issued by GTS CA 1D4 on November 6th 2021. Valid for: 3 months.
This is the only time www.theobserver.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 34.107.199.243 15169 (GOOGLE)
12 26 142.250.65.162 15169 (GOOGLE)
2 6 23.52.162.21 16625 (AKAMAI-AS)
1 2620:100:a001::4 19750 (AS-CRITEO)
8 54.239.200.177 16509 (AMAZON-02)
2 15 104.16.68.69 13335 (CLOUDFLAR...)
1 52.85.61.46 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 52.85.61.56 16509 (AMAZON-02)
1 52.85.61.2 16509 (AMAZON-02)
25 2607:f8b0:400... 15169 (GOOGLE)
1 2 3.99.13.158 16509 (AMAZON-02)
5 2607:f8b0:400... 15169 (GOOGLE)
5 2600:9000:220... 16509 (AMAZON-02)
1 52.85.61.103 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
2 10 52.85.61.28 16509 (AMAZON-02)
1 2a04:4e42:400... 54113 (FASTLY)
9 151.101.66.133 54113 (FASTLY)
1 34.120.155.137 15169 (GOOGLE)
7 8 52.223.40.198 16509 (AMAZON-02)
6 3.233.23.149 14618 (AMAZON-AES)
7 2a04:4e42::645 54113 (FASTLY)
4 2607:f8b0:400... 15169 (GOOGLE)
1 52.85.61.32 16509 (AMAZON-02)
1 2600:1400:d::... 20940 (AKAMAI-ASN1)
1 2a04:4e42:600... 54113 (FASTLY)
2 142.251.32.98 15169 (GOOGLE)
1 2600:141b:13:... 20940 (AKAMAI-ASN1)
2 2a03:2880:f06... 32934 (FACEBOOK)
1 151.101.248.157 54113 (FASTLY)
10 20.49.104.19 8075 (MICROSOFT...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 52.85.61.64 16509 (AMAZON-02)
2 74.119.119.129 19750 (AS-CRITEO)
2 63.251.114.182 29791 (VOXEL-DOT...)
3 15 35.244.159.8 15169 (GOOGLE)
2 173.223.237.164 16625 (AKAMAI-AS)
12 3.230.217.116 14618 (AMAZON-AES)
1 13 52.46.130.91 16509 (AMAZON-02)
2 99.83.154.140 16509 (AMAZON-02)
1 54.243.64.72 14618 (AMAZON-AES)
3 3 2620:109:c002... 14413 (LINKEDIN)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
1 1 108.174.10.14 14413 (LINKEDIN)
1 2 104.18.99.194 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 142.250.80.98 15169 (GOOGLE)
1 4 2607:f8b0:400... 15169 (GOOGLE)
1 104.244.42.195 13414 (TWITTER)
1 104.244.42.69 13414 (TWITTER)
1 2600:141b:13:... 20940 (AKAMAI-ASN1)
30 2600:9000:220... 16509 (AMAZON-02)
2 2 2606:ae80:145... 25751 (VALUECLICK)
2 35.231.227.177 15169 (GOOGLE)
2 2 54.175.198.118 14618 (AMAZON-AES)
7 7 151.101.194.49 54113 (FASTLY)
3 3 35.211.178.172 19527 (GOOGLE-2)
2 2 3.228.147.119 14618 (AMAZON-AES)
3 3 34.197.145.87 14618 (AMAZON-AES)
1 4 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:402... 15169 (GOOGLE)
4 9 35.175.84.112 14618 (AMAZON-AES)
2 23.52.161.180 16625 (AKAMAI-AS)
2 23.64.109.237 16625 (AKAMAI-AS)
5 6 68.67.161.212 29990 (ASN-APPNEX)
3 3 52.223.22.214 16509 (AMAZON-02)
1 6 2620:116:800b... 14618 (AMAZON-AES)
1 174.129.10.91 14618 (AMAZON-AES)
2 2a03:2880:f16... 32934 (FACEBOOK)
3 2607:f8b0:400... 15169 (GOOGLE)
3 2600:1f18:44f... 14618 (AMAZON-AES)
2 2 34.206.204.12 14618 (AMAZON-AES)
1 52.45.33.138 14618 (AMAZON-AES)
4 8 35.190.60.146 15169 (GOOGLE)
4 4 107.178.254.65 15169 (GOOGLE)
2 2 34.98.67.3 15169 (GOOGLE)
2 2 2620:112:f002... 6336 (TURN-US-ASN)
1 3 2600:1f18:4e9... 14618 (AMAZON-AES)
3 3 216.200.232.249 30419 (MEDIAMATH...)
4 23.92.190.74 29791 (VOXEL-DOT...)
5 11 69.173.151.100 26667 (RUBICONPR...)
1 1 198.148.27.139 19189 (PULSEPOINT)
2 3 23.219.95.182 16625 (AKAMAI-AS)
1 1 213.19.162.90 3356 (LEVEL3)
1 1 192.132.33.46 18568 (BIDTELLECT)
1 2600:9000:220... 16509 (AMAZON-02)
3 3 52.206.55.189 14618 (AMAZON-AES)
11 3.222.44.99 14618 (AMAZON-AES)
1 1 23.209.184.224 16625 (AKAMAI-AS)
1 6 34.233.103.61 14618 (AMAZON-AES)
1 52.85.61.49 16509 (AMAZON-02)
1 104.36.115.113 62713 (AS-PUBMATIC)
1 2 185.167.164.39 198622 (ADFORM)
6 104.36.115.109 62713 (AS-PUBMATIC)
1 104.36.115.114 62713 (AS-PUBMATIC)
1 1 52.116.221.248 36351 (SOFTLAYER)
10 205.185.216.10 20446 (HIGHWINDS3)
19 54.221.224.161 14618 (AMAZON-AES)
4 205.185.216.42 20446 (HIGHWINDS3)
1 2 52.36.124.159 16509 (AMAZON-02)
2 2 52.73.153.177 14618 (AMAZON-AES)
1 3.234.8.37 14618 (AMAZON-AES)
13 50.17.45.48 14618 (AMAZON-AES)
1 2001:4998:14:... 14777 (YAHOO)
12 2607:f8b0:400... 15169 (GOOGLE)
9 2607:f8b0:400... 15169 (GOOGLE)
8 2607:f8b0:400... 15169 (GOOGLE)
4 2600:9000:220... 16509 (AMAZON-02)
17 2607:f8b0:400... 15169 (GOOGLE)
2 172.217.165.134 15169 (GOOGLE)
22 2607:f8b0:400... 15169 (GOOGLE)
18 54.156.215.112 14618 (AMAZON-AES)
4 142.251.41.2 15169 (GOOGLE)
1 2 2620:100:a001::c 19750 (AS-CRITEO)
1 2600:9000:220... 16509 (AMAZON-02)
1 74.119.119.139 19750 (AS-CRITEO)
1 142.250.112.154 15169 (GOOGLE)
1 8.28.7.84 62713 (AS-PUBMATIC)
1 206.189.49.44 14061 (DIGITALOC...)
2 2001:4860:480... 15169 (GOOGLE)
1 23.111.8.18 33438 (HIGHWINDS2)
4 18.213.23.102 14618 (AMAZON-AES)
2 2600:1400:d:5... 20940 (AKAMAI-ASN1)
1 1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 204.154.111.105 36062 (DOUBLE-VE...)
1 104.36.115.111 62713 (AS-PUBMATIC)
1 192.35.249.123 11742 (SPOTX-IAD)
1 199.127.204.162 26120 (RHYTHMONE)
1 34.198.206.24 14618 (AMAZON-AES)
1 34.200.131.242 14618 (AMAZON-AES)
1 2 2600:1f18:612... 14618 (AMAZON-AES)
2 23.217.28.180 16625 (AKAMAI-AS)
5 18.67.76.2 ()
1 44.239.204.94 ()
1 142.250.176.194 ()
503 120
1    34.107.199.243 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 243.199.107.34.bc.googleusercontent.com
www.theobserver.ca
26    142.250.65.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f2.1e100.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
pubads.g.doubleclick.net
6    23.52.162.21 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-162-21.deploy.static.akamaitechnologies.com
js-sec.indexww.com
as-sec.casalemedia.com
ssum-sec.casalemedia.com
1    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
8    54.239.200.177 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-239-200-177.ewr53.r.cloudfront.net
c.amazon-adsystem.com
15    104.16.68.69 (None, )

ASN13335 (CLOUDFLARENET, US)
hb.districtm.io
cdn.districtm.io
dmx.districtm.io
1    52.85.61.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-46.ewr53.r.cloudfront.net
cdn.adsafeprotected.com
2    2607:f8b0:4006:817::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:3037::6815:3c3f (United States)

ASN13335 (CLOUDFLARENET, US)
www.npttech.com
1    2606:4700:10::6816:49e8 (United States)

ASN13335 (CLOUDFLARENET, US)
auth.lrcontent.com
1    52.85.61.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-56.ewr53.r.cloudfront.net
ak.sail-horizon.com
1    52.85.61.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-2.ewr53.r.cloudfront.net
fem.prod.postmedia.digital
25    2607:f8b0:4006:808::2010 (United States)

ASN15169 (GOOGLE, US)
storage.googleapis.com
2    3.99.13.158 (Montreal, Canada)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-99-13-158.ca-central-1.compute.amazonaws.com
nexus.prod.postmedia.digital
static-nexus.prod.postmedia.digital
5    2607:f8b0:4006:822::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
5    2600:9000:2209:7200:8:f216:eb80:93a1 (United States)

ASN16509 (AMAZON-02, US)
d395dw5zk780j2.cloudfront.net
1    52.85.61.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-103.ewr53.r.cloudfront.net
widgets-cdn.rpxnow.com
1    2607:f8b0:4006:81e::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
10    52.85.61.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-28.ewr53.r.cloudfront.net
sb.scorecardresearch.com
1    2a04:4e42:400::645 (United States)

ASN54113 (FASTLY, US)
jssdkcdns.mparticle.com
9    151.101.66.133 (United States)

ASN54113 (FASTLY, US)
cdn.krxd.net
consumer.krxd.net
1    34.120.155.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.155.120.34.bc.googleusercontent.com
api.rlcdn.com
8    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
6    3.233.23.149 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-23-149.compute-1.amazonaws.com
pixel.adsafeprotected.com
7    2a04:4e42::645 (United States)

ASN54113 (FASTLY, US)
identity.mparticle.com
jssdks.mparticle.com
4    2607:f8b0:4006:807::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    52.85.61.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-32.ewr53.r.cloudfront.net
d1v9u0bgi1uimx.cloudfront.net
1    2600:1400:d::1721:ee10 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
quilt-cdn.janrain.com
1    2a04:4e42:600::645 (United States)

ASN54113 (FASTLY, US)
cookiesync.mparticle.com
2    142.251.32.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f2.1e100.net
www.googleadservices.com
1    2600:141b:13::1732:35c1 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
2    2a03:2880:f065:e:face:b00c:0:3 (Houston, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    151.101.248.157 (Ashburn, United States)

ASN54113 (FASTLY, US)
static.ads-twitter.com
10    20.49.104.19 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sr.studiostack.com
1    2607:f8b0:4006:80c::200e (United States)

ASN15169 (GOOGLE, US)
ampcid.google.com
1    52.85.61.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-64.ewr53.r.cloudfront.net
d1lqe9temigv1p.cloudfront.net
2    74.119.119.129 (United States)

ASN19750 (AS-CRITEO, US)
PTR: bidder.va1.vip.prod.criteo.com
bidder.criteo.com
2    63.251.114.182 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
15    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
postmedia-d.openx.net
us-u.openx.net
u.openx.net
distroscale-d.openx.net
2    173.223.237.164 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a173-223-237-164.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
12    3.230.217.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-217-116.compute-1.amazonaws.com
c2shb.ssp.yahoo.com
13    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    99.83.154.140 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa7557bb34ea5624b.awsglobalaccelerator.com
api.sail-personalize.com
1    54.243.64.72 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-64-72.compute-1.amazonaws.com
c.jsrdn.com
3    2620:109:c002::6cae:a0e (United States)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.linkedin.com
1    108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com
px4.ads.linkedin.com
2    104.18.99.194 (None, )

ASN13335 (CLOUDFLARENET, US)
p.adsymptotic.com
1    2607:f8b0:4006:81c::200e (United States)

ASN15169 (GOOGLE, US)
ampcid.google.ca
1    142.250.80.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f2.1e100.net
580448699.privacysandbox.googleadservices.com
4    2607:f8b0:4006:80f::2002 (United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    104.244.42.195 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    104.244.42.69 (United States)

ASN13414 (TWITTER, US)
t.co
1    2600:141b:13:1099::fa5 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
postmedia.us.janrainsso.com
30    2600:9000:2209:c000:8:2ae1:d740:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.viafoura.net
2    2606:ae80:1451:22::760 (United States)

ASN25751 (VALUECLICK, US)
districtm-match.dotomi.com
2    35.231.227.177 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 177.227.231.35.bc.googleusercontent.com
dmx.us-east-33.districtm.io
2    54.175.198.118 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-198-118.compute-1.amazonaws.com
sync.srv.stackadapt.com
7    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
3    35.211.178.172 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
2    3.228.147.119 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-147-119.compute-1.amazonaws.com
ads.creative-serving.com
3    34.197.145.87 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-145-87.compute-1.amazonaws.com
match.prod.bidr.io
4    2607:f8b0:4006:80a::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
3    2607:f8b0:4006:81e::2003 (United States)

ASN15169 (GOOGLE, US)
www.google.ca
1    2607:f8b0:4006:823::2002 (United States)

ASN15169 (GOOGLE, US)
adservice.google.ca
4    2607:f8b0:4006:80e::2002 (United States)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2607:f8b0:4023:1404::9a (Columbus, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
9    35.175.84.112 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-175-84-112.compute-1.amazonaws.com
match.sharethrough.com
2    23.52.161.180 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-161-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    23.64.109.237 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-64-109-237.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
6    68.67.161.212 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 801.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
3    52.223.22.214 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
dmpsync.3lift.com
6    2620:116:800b:21:2d66:77a6:9085:a5fa (United States)

ASN14618 (AMAZON-AES, US)
secure.quantserve.com
pixel.quantserve.com
1    174.129.10.91 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-174-129-10-91.compute-1.amazonaws.com
s.jsrdn.com
2    2a03:2880:f162:81:face:b00c:0:25de (Houston, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    2607:f8b0:4006:806::2001 (United States)

ASN15169 (GOOGLE, US)
cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com
3    2600:1f18:44f0:4816:6362:8f80:b427:2e9f (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
api.viafoura.co
2    34.206.204.12 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-204-12.compute-1.amazonaws.com
pixel.advertising.com
1    52.45.33.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-33-138.compute-1.amazonaws.com
ups.analytics.yahoo.com
8    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
id.rlcdn.com
idsync.rlcdn.com
4    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
2    34.98.67.3 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
2    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
3    2600:1f18:4e9:5a02:1f9d:78fd:b4f5:2185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
3    216.200.232.249 (United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
4    23.92.190.74 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ce.lijit.com
11    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
token.rubiconproject.com
pixel.rubiconproject.com
1    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
3    23.219.95.182 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-219-95-182.deploy.static.akamaitechnologies.com
px.owneriq.net
1    213.19.162.90 (United Kingdom)

ASN3356 (LEVEL3, US)
pixel-eu.rubiconproject.com
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
1    2600:9000:2209:ba00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
3    52.206.55.189 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-55-189.compute-1.amazonaws.com
usermatch.krxd.net
11    3.222.44.99 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-44-99.compute-1.amazonaws.com
beacon.krxd.net
1    23.209.184.224 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-209-184-224.deploy.static.akamaitechnologies.com
stags.bluekai.com
6    34.233.103.61 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-103-61.compute-1.amazonaws.com
ml314.com
1    52.85.61.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-49.ewr53.r.cloudfront.net
aa.agkn.com
1    104.36.115.113 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    185.167.164.39 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
6    104.36.115.109 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
1    104.36.115.114 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
1    52.116.221.248 (United States)

ASN36351 (SOFTLAYER, US)
PTR: f8.dd.7434.ip4.static.sl-reverse.com
um.simpli.fi
10    205.185.216.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net
c5x8i7c7.ssl.hwcdn.net
19    54.221.224.161 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-221-224-161.compute-1.amazonaws.com
i.jsrdn.com
4    205.185.216.42 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net
a.jsrdn.com
2    52.36.124.159 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-36-124-159.us-west-2.compute.amazonaws.com
dpm.demdex.net
2    52.73.153.177 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-153-177.compute-1.amazonaws.com
sync.crwdcntrl.net
1    3.234.8.37 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-234-8-37.compute-1.amazonaws.com
ps.eyeota.net
13    50.17.45.48 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-17-45-48.compute-1.amazonaws.com
i.viafoura.co
interaction.viafoura.co
notifications.viafoura.co
livecomments.viafoura.co
1    2001:4998:14:800::1001 (Ashburn, United States)

ASN14777 (YAHOO, US)
ads.yahoo.com
12    2607:f8b0:4006:809::200a (United States)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
9    2607:f8b0:4006:81c::2001 (United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
8    2607:f8b0:4006:816::2002 (United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    2600:9000:2209:5e00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
17    2607:f8b0:4006:822::2006 (United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    172.217.165.134 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s70-in-f6.1e100.net
ad.doubleclick.net
22    2607:f8b0:4006:809::2002 (United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
18    54.156.215.112 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-215-112.compute-1.amazonaws.com
dt.adsafeprotected.com
4    142.251.41.2 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f2.1e100.net
googleads4.g.doubleclick.net
2    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
1    2600:9000:2209:6000:7:75d4:e40:93a1 (United States)

ASN16509 (AMAZON-02, US)
assets.ribn.com
1    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
1    142.250.112.154 (United States)

ASN15169 (GOOGLE, US)
PTR: ga-in-f154.1e100.net
bid.g.doubleclick.net
1    8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
1    206.189.49.44 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
vast.doubleverify.com
2    2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    23.111.8.18 (United States)

ASN33438 (HIGHWINDS2, US)
vpaid.doubleverify.com
4    18.213.23.102 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-23-102.compute-1.amazonaws.com
vtrk.doubleverify.com
2    2600:1400:d:58c::4469 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
cdn.doubleverify.com
1    2607:f8b0:4006:80e::200e (United States)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
1    2607:f8b0:4006:3d::6 (United States)

ASN15169 (GOOGLE, US)
r1---sn-ab5sznlk.c.2mdn.net
1    204.154.111.105 (United States)

ASN36062 (DOUBLE-VERIFY, US)
PTR: nycp-hlb02.doubleverify.com
rtb0.doubleverify.com
1    104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    192.35.249.123 (Ashburn, United States)

ASN11742 (SPOTX-IAD, US)
search.spotxchange.com
1    199.127.204.162 (United States)

ASN26120 (RHYTHMONE, US)
tag.1rx.io
1    34.198.206.24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-206-24.compute-1.amazonaws.com
ads.adaptv.advertising.com
1    34.200.131.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-131-242.compute-1.amazonaws.com
prebid-server.rubiconproject.com
2    2600:1f18:612b:4264:b32e:f80d:5f2d:5164 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
5ew8d-b3mmu.ads.tremorhub.com
2    23.217.28.180 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-217-28-180.deploy.static.akamaitechnologies.com
video-ads.rubiconproject.com
5    18.67.76.2 (None, )

ASN- ()
smartcdn.prod.postmedia.digital
1    44.239.204.94 (None, )

ASN- ()
optimized-by.rubiconproject.com
1    142.250.176.194 (None, )

ASN- ()
ade.googlesyndication.com
Apex Domain
Subdomains		 Transfer
39 googleapis.com
fonts.googleapis.com
storage.googleapis.com
imasdk.googleapis.com
2 MB
38 doubleclick.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
ad.doubleclick.net
googleads4.g.doubleclick.net
pubads.g.doubleclick.net
bid.g.doubleclick.net
229 KB
35 googlesyndication.com
cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
ade.googlesyndication.com
227 KB
30 viafoura.net
cdn.viafoura.net
528 KB
29 adsafeprotected.com
cdn.adsafeprotected.com
pixel.adsafeprotected.com
static.adsafeprotected.com
dt.adsafeprotected.com
217 KB
25 jsrdn.com
c.jsrdn.com
s.jsrdn.com
i.jsrdn.com
a.jsrdn.com
288 KB
23 krxd.net
cdn.krxd.net
consumer.krxd.net
usermatch.krxd.net
beacon.krxd.net
185 KB
21 amazon-adsystem.com
c.amazon-adsystem.com
s.amazon-adsystem.com
90 KB
19 2mdn.net
s0.2mdn.net
gcdn.2mdn.net
r1---sn-ab5sznlk.c.2mdn.net
283 KB
18 rubiconproject.com
eus.rubiconproject.com
pixel-us-east.rubiconproject.com
pixel-eu.rubiconproject.com
token.rubiconproject.com
pixel.rubiconproject.com
prebid-server.rubiconproject.com
video-ads.rubiconproject.com
optimized-by.rubiconproject.com
42 KB
17 yahoo.com
c2shb.ssp.yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
ads.yahoo.com
8 KB
17 districtm.io
hb.districtm.io
cdn.districtm.io
dmx.districtm.io
dmx.us-east-33.districtm.io
20 KB
16 viafoura.co
api.viafoura.co
i.viafoura.co
interaction.viafoura.co
notifications.viafoura.co
livecomments.viafoura.co
7 KB
15 openx.net
postmedia-d.openx.net
us-u.openx.net
u.openx.net
distroscale-d.openx.net
3 KB
12 pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
image2.pubmatic.com
simage4.pubmatic.com
hbopenbid.pubmatic.com
24 KB
10 hwcdn.net
c5x8i7c7.ssl.hwcdn.net
439 KB
10 studiostack.com
sr.studiostack.com
26 KB
10 scorecardresearch.com
sb.scorecardresearch.com
5 KB
9 doubleverify.com
vast.doubleverify.com
vpaid.doubleverify.com
vtrk.doubleverify.com
cdn.doubleverify.com
rtb0.doubleverify.com
tps607.doubleverify.com Failed
75 KB
9 sharethrough.com
match.sharethrough.com
2 KB
9 google.com
ampcid.google.com
www.google.com
adservice.google.com
3 KB
9 rlcdn.com
api.rlcdn.com
id.rlcdn.com
idsync.rlcdn.com
1 KB
9 mparticle.com
jssdkcdns.mparticle.com
identity.mparticle.com
jssdks.mparticle.com
cookiesync.mparticle.com
58 KB
8 googletagservices.com
www.googletagservices.com
189 KB
8 adsrvr.org
match.adsrvr.org
4 KB
8 postmedia.digital
fem.prod.postmedia.digital
nexus.prod.postmedia.digital
static-nexus.prod.postmedia.digital
smartcdn.prod.postmedia.digital
410 KB
7 everesttech.net
sync-tm.everesttech.net
1 KB
7 cloudfront.net
d395dw5zk780j2.cloudfront.net
d1v9u0bgi1uimx.cloudfront.net
d1lqe9temigv1p.cloudfront.net
75 KB
7 gstatic.com
fonts.gstatic.com
csi.gstatic.com
78 KB
6 ml314.com
ml314.com
16 KB
6 quantserve.com
secure.quantserve.com
pixel.quantserve.com
11 KB
6 adnxs.com
ib.adnxs.com
6 KB
6 casalemedia.com
htlb.casalemedia.com
as-sec.casalemedia.com
ssum-sec.casalemedia.com
3 KB
6 lijit.com
ap.lijit.com
ce.lijit.com
6 KB
5 google.ca
ampcid.google.ca
www.google.ca
adservice.google.ca
2 KB
5 linkedin.com
px.ads.linkedin.com
www.linkedin.com
px4.ads.linkedin.com
3 KB
5 criteo.com
bidder.criteo.com
gum.criteo.com
mug.criteo.com
7 KB
4 pippio.com
pippio.com
1 KB
4 google-analytics.com
www.google-analytics.com
40 KB
3 owneriq.net
px.owneriq.net
1 KB
3 mathtag.com
sync.mathtag.com
2 KB
3 advertising.com
pixel.advertising.com
ads.adaptv.advertising.com
919 B
3 3lift.com
eb2.3lift.com
dmpsync.3lift.com
1 KB
3 bidr.io
match.prod.bidr.io
1 KB
3 bidswitch.net
x.bidswitch.net
2 KB
3 googleadservices.com
www.googleadservices.com
580448699.privacysandbox.googleadservices.com
16 KB
2 tremorhub.com
5ew8d-b3mmu.ads.tremorhub.com
1 KB
2 crwdcntrl.net
sync.crwdcntrl.net
1 KB
2 demdex.net
dpm.demdex.net
2 KB
2 adform.net
c1.adform.net
960 B
2 turn.com
ad.turn.com
959 B
2 linksynergy.com
tags.rd.linksynergy.com
659 B
2 facebook.com
www.facebook.com
425 B
2 creative-serving.com
ads.creative-serving.com
1 KB
2 stackadapt.com
sync.srv.stackadapt.com
833 B
2 dotomi.com
districtm-match.dotomi.com
685 B
2 adsymptotic.com
p.adsymptotic.com
540 B
2 sail-personalize.com
api.sail-personalize.com
474 B
2 facebook.net
connect.facebook.net
114 KB
2 indexww.com
js-sec.indexww.com
58 KB
1 1rx.io
tag.1rx.io
174 B
1 spotxchange.com
search.spotxchange.com
1 KB
1 ribn.com
assets.ribn.com
4 KB
1 eyeota.net
ps.eyeota.net
344 B
1 simpli.fi
um.simpli.fi
656 B
1 agkn.com
aa.agkn.com
658 B
1 bluekai.com
stags.bluekai.com
712 B
1 quantcount.com
rules.quantcount.com
429 B
1 bttrack.com
bttrack.com
695 B
1 contextweb.com
bh.contextweb.com
679 B
1 janrainsso.com
postmedia.us.janrainsso.com
2 KB
1 t.co
t.co
470 B
1 twitter.com
analytics.twitter.com
675 B
1 ads-twitter.com
static.ads-twitter.com
6 KB
1 licdn.com
snap.licdn.com
2 KB
1 janrain.com
quilt-cdn.janrain.com
9 KB
1 googletagmanager.com
www.googletagmanager.com
105 KB
1 rpxnow.com
widgets-cdn.rpxnow.com
109 KB
1 sail-horizon.com
ak.sail-horizon.com
43 KB
1 lrcontent.com
auth.lrcontent.com
46 KB
1 npttech.com
www.npttech.com
3 KB
1 criteo.net
static.criteo.net
38 KB
1 theobserver.ca
www.theobserver.ca
55 KB
503 83
Domain Requested by
30 cdn.viafoura.net fem.prod.postmedia.digital
cdn.viafoura.net
25 storage.googleapis.com www.theobserver.ca
storage.googleapis.com
22 pagead2.googlesyndication.com srcdoc
ad.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
www.googletagservices.com
19 i.jsrdn.com www.theobserver.ca
18 dt.adsafeprotected.com cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com
www.theobserver.ca
17 s0.2mdn.net imasdk.googleapis.com
ad.doubleclick.net
s0.2mdn.net
15 cm.g.doubleclick.net 12 redirects us-u.openx.net
u.openx.net
eus.rubiconproject.com
13 s.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
us-u.openx.net
ap.lijit.com
u.openx.net
match.sharethrough.com
cdn.districtm.io
ads.pubmatic.com
eus.rubiconproject.com
12 imasdk.googleapis.com c5x8i7c7.ssl.hwcdn.net
imasdk.googleapis.com
12 c2shb.ssp.yahoo.com js-sec.indexww.com
11 beacon.krxd.net www.theobserver.ca
cdn.krxd.net
11 us-u.openx.net 2 redirects js-sec.indexww.com
us-u.openx.net
u.openx.net
10 c5x8i7c7.ssl.hwcdn.net c.jsrdn.com
c5x8i7c7.ssl.hwcdn.net
www.theobserver.ca
10 sr.studiostack.com www.theobserver.ca
sr.studiostack.com
10 sb.scorecardresearch.com 2 redirects fem.prod.postmedia.digital
www.theobserver.ca
9 tpc.googlesyndication.com cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com
ad.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
9 match.sharethrough.com 4 redirects s.amazon-adsystem.com
match.sharethrough.com
9 dmx.districtm.io 1 redirects hb.districtm.io
cdn.districtm.io
www.theobserver.ca
8 www.googletagservices.com cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com
www.googletagservices.com
ad.doubleclick.net
s0.2mdn.net
8 match.adsrvr.org 7 redirects js-sec.indexww.com
8 c.amazon-adsystem.com www.theobserver.ca
c.amazon-adsystem.com
8 securepubads.g.doubleclick.net www.theobserver.ca
securepubads.g.doubleclick.net
cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com
www.googletagservices.com
7 sync-tm.everesttech.net 7 redirects
6 livecomments.viafoura.co cdn.viafoura.net
6 ml314.com 1 redirects www.theobserver.ca
ml314.com
6 ib.adnxs.com 5 redirects www.theobserver.ca
6 pixel.adsafeprotected.com cdn.adsafeprotected.com
cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com
www.theobserver.ca
6 cdn.krxd.net fem.prod.postmedia.digital
cdn.krxd.net
5 smartcdn.prod.postmedia.digital
5 pixel.rubiconproject.com eus.rubiconproject.com
5 pixel.quantserve.com 1 redirects www.theobserver.ca
5 idsync.rlcdn.com 2 redirects us-u.openx.net
www.theobserver.ca
ads.pubmatic.com
5 cdn.districtm.io 1 redirects hb.districtm.io
cdn.districtm.io
s.amazon-adsystem.com
5 d395dw5zk780j2.cloudfront.net fem.prod.postmedia.digital
d395dw5zk780j2.cloudfront.net
5 fonts.gstatic.com fonts.googleapis.com
4 vtrk.doubleverify.com vpaid.doubleverify.com
4 googleads4.g.doubleclick.net ad.doubleclick.net
4 static.adsafeprotected.com pixel.adsafeprotected.com
cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com
4 interaction.viafoura.co cdn.viafoura.net
4 a.jsrdn.com www.theobserver.ca
4 token.rubiconproject.com 3 redirects eus.rubiconproject.com
4 ce.lijit.com ap.lijit.com
4 pippio.com 4 redirects
4 adservice.google.com securepubads.g.doubleclick.net
imasdk.googleapis.com
4 www.google.com 1 redirects www.theobserver.ca
tpc.googlesyndication.com
4 googleads.g.doubleclick.net 1 redirects www.googleadservices.com
4 www.google-analytics.com jssdkcdns.mparticle.com
www.google-analytics.com
s0.2mdn.net
4 identity.mparticle.com jssdkcdns.mparticle.com
3 pubads.g.doubleclick.net imasdk.googleapis.com
3 image2.pubmatic.com ads.pubmatic.com
3 simage2.pubmatic.com ads.pubmatic.com
3 usermatch.krxd.net 3 redirects
3 px.owneriq.net 2 redirects ap.lijit.com
3 sync.mathtag.com 3 redirects
3 pr-bh.ybp.yahoo.com 1 redirects us-u.openx.net
u.openx.net
3 id.rlcdn.com 2 redirects eus.rubiconproject.com
3 api.viafoura.co cdn.viafoura.net
3 cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 www.google.ca www.theobserver.ca
3 match.prod.bidr.io 3 redirects
3 x.bidswitch.net 3 redirects
3 px.ads.linkedin.com 3 redirects
3 consumer.krxd.net cdn.krxd.net
3 jssdks.mparticle.com jssdkcdns.mparticle.com
2 video-ads.rubiconproject.com imasdk.googleapis.com
2 5ew8d-b3mmu.ads.tremorhub.com 1 redirects www.theobserver.ca
2 cdn.doubleverify.com vpaid.doubleverify.com
cdn.doubleverify.com
2 csi.gstatic.com imasdk.googleapis.com
2 gum.criteo.com 1 redirects static.criteo.net
2 ad.doubleclick.net www.googletagservices.com
2 i.viafoura.co www.theobserver.ca
2 sync.crwdcntrl.net 2 redirects
2 dpm.demdex.net 1 redirects www.theobserver.ca
2 c1.adform.net 1 redirects ads.pubmatic.com
2 ssum-sec.casalemedia.com 2 redirects
2 pixel-us-east.rubiconproject.com 2 redirects
2 ad.turn.com 2 redirects
2 tags.rd.linksynergy.com 2 redirects
2 pixel.advertising.com 2 redirects
2 www.facebook.com www.theobserver.ca
2 eb2.3lift.com 2 redirects
2 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
2 ads.pubmatic.com s.amazon-adsystem.com
ads.pubmatic.com
2 as-sec.casalemedia.com js-sec.indexww.com
2 ads.creative-serving.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 dmx.us-east-33.districtm.io www.theobserver.ca
2 districtm-match.dotomi.com 2 redirects
2 p.adsymptotic.com 1 redirects www.theobserver.ca
2 api.sail-personalize.com ak.sail-horizon.com
2 htlb.casalemedia.com js-sec.indexww.com
www.theobserver.ca
2 postmedia-d.openx.net 1 redirects www.theobserver.ca
2 ap.lijit.com js-sec.indexww.com
s.amazon-adsystem.com
2 bidder.criteo.com static.criteo.net
2 connect.facebook.net www.theobserver.ca
connect.facebook.net
2 www.googleadservices.com www.googletagmanager.com
www.googleadservices.com
2 fonts.googleapis.com www.theobserver.ca
client
2 js-sec.indexww.com www.theobserver.ca
c5x8i7c7.ssl.hwcdn.net
1 ade.googlesyndication.com
1 optimized-by.rubiconproject.com video-ads.rubiconproject.com
1 prebid-server.rubiconproject.com www.theobserver.ca
1 ads.adaptv.advertising.com www.theobserver.ca
1 tag.1rx.io www.theobserver.ca
1 distroscale-d.openx.net www.theobserver.ca
1 search.spotxchange.com www.theobserver.ca
1 hbopenbid.pubmatic.com www.theobserver.ca
1 rtb0.doubleverify.com cdn.doubleverify.com
1 r1---sn-ab5sznlk.c.2mdn.net
1 gcdn.2mdn.net 1 redirects
1 vpaid.doubleverify.com imasdk.googleapis.com
1 vast.doubleverify.com imasdk.googleapis.com
1 simage4.pubmatic.com ads.pubmatic.com
1 bid.g.doubleclick.net imasdk.googleapis.com
1 mug.criteo.com
1 assets.ribn.com www.theobserver.ca
1 notifications.viafoura.co cdn.viafoura.net
1 ads.yahoo.com eus.rubiconproject.com
1 ps.eyeota.net www.theobserver.ca
1 um.simpli.fi 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 dmpsync.3lift.com 1 redirects
1 image6.pubmatic.com ads.pubmatic.com
1 aa.agkn.com www.theobserver.ca
1 stags.bluekai.com 1 redirects
1 rules.quantcount.com secure.quantserve.com
1 bttrack.com 1 redirects
1 pixel-eu.rubiconproject.com 1 redirects
1 bh.contextweb.com 1 redirects
1 ups.analytics.yahoo.com us-u.openx.net
1 s.jsrdn.com c.jsrdn.com
1 secure.quantserve.com c.jsrdn.com
1 u.openx.net s.amazon-adsystem.com
1 stats.g.doubleclick.net www.google-analytics.com
1 adservice.google.ca securepubads.g.doubleclick.net
1 postmedia.us.janrainsso.com d1v9u0bgi1uimx.cloudfront.net
1 t.co www.theobserver.ca
1 analytics.twitter.com static.ads-twitter.com
1 580448699.privacysandbox.googleadservices.com www.theobserver.ca
1 ampcid.google.ca www.google-analytics.com
1 px4.ads.linkedin.com 1 redirects
1 www.linkedin.com 1 redirects
1 c.jsrdn.com fem.prod.postmedia.digital
1 d1lqe9temigv1p.cloudfront.net widgets-cdn.rpxnow.com
1 ampcid.google.com www.google-analytics.com
1 static.ads-twitter.com www.theobserver.ca
1 snap.licdn.com www.googletagmanager.com
1 cookiesync.mparticle.com www.theobserver.ca
1 quilt-cdn.janrain.com widgets-cdn.rpxnow.com
1 d1v9u0bgi1uimx.cloudfront.net widgets-cdn.rpxnow.com
1 api.rlcdn.com js-sec.indexww.com
1 jssdkcdns.mparticle.com fem.prod.postmedia.digital
1 www.googletagmanager.com fem.prod.postmedia.digital
1 widgets-cdn.rpxnow.com fem.prod.postmedia.digital
1 static-nexus.prod.postmedia.digital www.theobserver.ca
1 nexus.prod.postmedia.digital 1 redirects
1 fem.prod.postmedia.digital www.theobserver.ca
1 ak.sail-horizon.com www.theobserver.ca
1 auth.lrcontent.com www.theobserver.ca
1 www.npttech.com www.theobserver.ca
1 cdn.adsafeprotected.com www.theobserver.ca
1 hb.districtm.io www.theobserver.ca
1 static.criteo.net www.theobserver.ca
1 www.theobserver.ca
0 tps607.doubleverify.com Failed cdn.doubleverify.com
503 164
Subject Issuer Validity Valid
theobserver.ca
GTS CA 1D4		 2021-11-06 -
2022-02-04		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-24		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
districtm.io
Cloudflare Inc ECC CA-3		 2021-06-02 -
2022-06-01		 a year crt.sh
*.adsafeprotected.com
Amazon		 2021-07-21 -
2022-08-19		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-05 -
2022-07-04		 a year crt.sh
ak.sail-horizon.com
Amazon		 2021-01-07 -
2022-02-04		 a year crt.sh
fem.prod.postmedia.digital
Amazon		 2021-11-08 -
2022-12-06		 a year crt.sh
*.storage.googleapis.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
widget-cdn.rpxnow.com
Amazon		 2021-01-21 -
2022-02-19		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
jssdkcdns.mparticle.com
R3		 2021-10-28 -
2022-01-26		 3 months crt.sh
cdn.krxd.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2021-02-08 -
2022-02-07		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
fw.adsafeprotected.com
Amazon		 2021-08-11 -
2022-09-09		 a year crt.sh
identity.mparticle.com
Go Daddy Secure Certificate Authority - G2		 2021-07-07 -
2022-08-08		 a year crt.sh
quilt-cdn.janrain.com
R3		 2021-11-15 -
2022-02-13		 3 months crt.sh
jssdks.mparticle.com
R3		 2021-10-28 -
2022-01-26		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2021-07-15 -
2022-07-20		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-09-12 -
2021-12-11		 3 months crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-21 -
2022-07-26		 a year crt.sh
*.studiostack.com
Go Daddy Secure Certificate Authority - G2		 2021-11-16 -
2022-12-18		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-26		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-14 -
2022-04-06		 6 months crt.sh
consumer.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-13 -
2022-07-12		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2021-07-14 -
2022-06-27		 a year crt.sh
api.sail-personalize.com
Amazon		 2021-06-24 -
2022-07-23		 a year crt.sh
*.jsrdn.com
Amazon		 2021-11-16 -
2022-12-14		 a year crt.sh
*.google.ca
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.privacysandbox.googleadservices.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-24 -
2022-03-23		 a year crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-24 -
2022-03-23		 a year crt.sh
*.janrainsso.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-17 -
2022-10-05		 a year crt.sh
viafoura.com
Amazon		 2021-10-07 -
2022-11-05		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.sharethrough.com
Amazon		 2021-08-13 -
2022-09-11		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-24 -
2022-02-16		 6 months crt.sh
*.ml314.com
Amazon		 2021-01-17 -
2022-02-14		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.ssl.hwcdn.net
Sectigo RSA Domain Validation Secure Server CA		 2020-01-02 -
2022-01-19		 2 years crt.sh
a.jsrdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-05		 a year crt.sh
*.eyeota.net
R3		 2021-10-26 -
2022-01-24		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
dt.adsafeprotected.com
Amazon		 2021-04-22 -
2022-05-21		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh
*.ribn.com
Amazon		 2021-09-20 -
2022-10-19		 a year crt.sh
vast.doubleverify.com
Go Daddy Secure Certificate Authority - G2		 2021-06-11 -
2022-07-13		 a year crt.sh
vpaid.doubleverify.com
Go Daddy Secure Certificate Authority - G2		 2021-06-11 -
2022-07-13		 a year crt.sh
vtrk.doubleverify.com
Go Daddy Secure Certificate Authority - G2		 2019-12-03 -
2022-02-01		 2 years crt.sh
*.doubleverify.com
DigiCert SHA2 Secure Server CA		 2021-01-10 -
2022-01-17		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2021-03-10 -
2022-03-29		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2021-06-01 -
2022-07-02		 a year crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-19 -
2022-04-13		 6 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.prod.postmedia.digital
Amazon		 2021-02-14 -
2022-03-15		 a year crt.sh

This page contains 54 frames:

Primary Page: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Frame ID: 1A89C6A1E8E0A145129CD2646209EFD6
Requests: 217 HTTP requests in this frame

Frame: https://d395dw5zk780j2.cloudfront.net/v46.1/xd.html
Frame ID: 4526339EC6C7E5FB13542DF6B3DFEB8E
Requests: 2 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 171295A30EF1E397BB4C4042A5AA2655
Requests: 9 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: 1A4F6B4F86AF141B2A05500589615653
Requests: 23 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&dcc=t
Frame ID: A452D2BFD1523DA5D1B6D6D7F971DB62
Requests: 1 HTTP requests in this frame

Frame: https://postmedia.us.janrainsso.com/static/server.html
Frame ID: 8E96ED6DF45867FE16C9C6C887BECE9B
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Frame ID: F332A4E36AB954B9F0F00C8B26B08462
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=10&ph=eda0710e-2847-4e25-9f9c-d56d6d9d553e&gdpr=0
Frame ID: F544205FC3A035AEDCDB4168E300B192
Requests: 11 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: 32F8B4A91B5D1970AC4DD62D71717989
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Frame ID: 7BB1F2291ED139D3161F4FF8FF96B670
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: B2D591E34907636EFA8C68FB56F353C2
Requests: 12 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: 232EB08AF58D8CD231512C4AE096D3EE
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=8000251644872631429&ex=districtm
Frame ID: 284549E0AD4209CC5319E931A0B2295A
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=6452062990516382367&ex=appnexus.com
Frame ID: 1827D4081DD4843426A5A8E2E8854505
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Frame ID: 74423ED7F85C15C685EFF7ADEB0B0A8F
Requests: 7 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
Frame ID: 03BF4F1B52335FB21BA978CB8D55FAB8
Requests: 3 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=6614077142590073882
Frame ID: DCC432136998A626147E5B846F8EE5BA
Requests: 1 HTTP requests in this frame

Frame: https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4F11887BF84CDD13CE502586FC932364
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=A2587587-5D22-460D-A9DD-58C5B0E676AF
Frame ID: 2390B95618ED87115C4AAD2A16936C96
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YarmHwAJalmNkwBG&gdpr=0&gdpr_consent=
Frame ID: C0D33EDB648438F205AF6E8BBB48F470
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=A2587587-5D22-460D-A9DD-58C5B0E676AF&ex=pubmatic.com
Frame ID: E4C5D3B918185F22EFF86327A35691AA
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: EE49691E6EFB16993BFC4F9F09BA0425
Requests: 1 HTTP requests in this frame

Frame: https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 391D08C1AE3BB9C881C32138AEAA7D2E
Requests: 9 HTTP requests in this frame

Frame: https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D4322A9B89761D1DB0F26761F960F04A
Requests: 9 HTTP requests in this frame

Frame: https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20210408_1900/ima_html5/index.html
Frame ID: A8A12FAA43A953E5514B6077A478D307
Requests: 7 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=928934&campId=970x250&pubId=4823385567&chanId=21725210297&placementId=5845404894&pubCreative=138364017234&pubOrder=2944631174&cb=1891085319&custom=story&custom2=2&adsafe_par&impId=add3def7-54b5-11ec-bcfd-021c8b152da9
Frame ID: D15D31076B928635BA0F906273BB95A3
Requests: 11 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=928934&campId=300x250&pubId=4823385567&chanId=21725210297&placementId=5845404894&pubCreative=138364361962&pubOrder=2944631174&cb=459201512&custom=story&custom2=1&adsafe_par&impId=add3def6-54b5-11ec-bcfd-021c8b152da9
Frame ID: B7AB6BDA81823A4A6C47AE51B6892007
Requests: 13 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html
Frame ID: AAB8600902AC498A3554D48D6F74A0FA
Requests: 12 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N9597.3243117POSTMEDIA/B24337981.277935643;dc_ver=81.236;sz=300x250;u_sd=1;dc_adk=3183312129;ord=y11bmg;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssH5jyUcbP8wTNChjlfjqaxWvProwE4oW7whu_QW7KGayGNRhouPTl_Agz3RrGaU5XOT4_piwgHs400mUSUN_LHOG1fi5hvfDqcegWr2ejvkuBz5YgTU-OpJnw-IfsNH50Qq7TtlzCVkgAc751G_kaSU0yzV0I8UbIPwsmgLsIBsU4St0VlCSixtRUR1eTjSt1uleyHARJaLu5XIFfzSfFkxBS5xzI_NQ8NDDqQjJq-m5s4rCGYqUoeGSNcQwi54snzE0OjX56lPE-wxorf56CF__ChtoVwqgZZ9kawrgmUMeYeN9v7Bzx3nz9C3_J4XKEH24EV4AmJYishYbF9oQBJpuSz6gdDzblpXlw%26sai%3DAMfl-YTnzMqsB93r2RgAJ3ca-dfOC6ejG6Imz863WXvNRWaI0VfyTO4BhT7v9IxYw-wa1GNCwmJeVEglTSrIReTQggR8lFckyBRiQBzgCzD4V5S_NMCYp7z08lWtrss-UckgNaxk_Z8eL5nXW0D9s5dT%26sig%3DCg0ArKJSzMEzDVBL5vUpEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.theobserver.ca%2F$0;xdt=1;crlt=JY!BkmYF(T;sttr=74;prcl=s
Frame ID: 167B02105268F2AF9BFC5985AB4B89C7
Requests: 9 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N9597.3243117POSTMEDIA/B24337981.277935643;dc_ver=81.236;sz=970x250;u_sd=1;dc_adk=1224509250;ord=kt7pf8;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsumZ76qxfoHOuRzwtl_heEvN6bVR72uRTvrWWv81ioTbD05Ibd0SbHWKqgZHu7zQRJnm460x7tjrNB40Us_xaaSkhGZi0I3K6F2GcS4SixX2FGg4VnvmMbsieV8NCbPyvMVW3wJbhGmZY_4pexFvlgW16syFOqLpX1TukgdlCfyfuRENZppFPKGYo1Ds1ndtkP-1CJm2t-wunUFPvkDLjE_hJiQGpfoFytAg773jgtZ14Bton3GqOo90xXQFVS0v4bB-RnGahJHkhtrnGvyjI93HhB3dJT3ZcSQw6m84lh9rSkwyMlX-_qk_Cm5TIcOUq5ca5WkS0P_vbG3WDfgvNNB0xhOJsXho9wGEuI%26sai%3DAMfl-YROVQ-Wl8jxI57hMQWUM4EhytVe4cRZXRvKwV2iJU9YPY6wrOwekgKeaGOXYM6EELUoxC7nPLHlyHFa3veyPxxlM4Mts82swB44tVXhCnik5XK1AwB4-lfVzhjotZx0Nnely28U6gV_TLJrRVWT%26sig%3DCg0ArKJSzEXsmSl67DFDEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.theobserver.ca%2F$0;xdt=1;crlt=JY!BkmYF(T;sttr=109;prcl=s
Frame ID: 82D1046FA45EB4635E4984626FA87A2D
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: A93E61F0AD8E5B3182CBA6A374D77E80
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: D16C9952DF04E3B104D4C3F938073A49
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 831F9FDB7ACA3DA086780567CE450630
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/9676709/1638301806568/Index.html
Frame ID: 203EBAED7A488172244705D2EFFF2D86
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 877F00C823489C441BAD9CEA04295609
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: EFF56385B9B6119EC89C73DBE9B08798
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.theobserver.ca
Frame ID: 188D9A388981098F3BF3A8CF10096BE3
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lpsW2_ffPYTZ8rZJjb0UUxqN4MuIngUyqdH9Px88Rrc.js
Frame ID: DCB239BC8E1160F02435B74B52BFA449
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C9C7024A2A2D2485BDB744C827D73C80
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9342835AE0444021D7918E9E95FC6AEE
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: 128C850119BBD261A33EDBF01BA4C52B
Requests: 19 HTTP requests in this frame

Frame: https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20210408_1900/ima_html5/index.html
Frame ID: 0E62E99916D04D472B4663DBE9E9F89A
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html
Frame ID: 0DCAC9E9F2281C32409F177AEB64FD7B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: A44C27BC77177108D576F86F13BEE83A
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 763F0B49B8540445B696C418D26E3A55
Requests: 15 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html
Frame ID: 3FE17A5FA5E79FD6A10195F9FC95292B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: A9B8E61FA794D06A6C7E4926DD88A74F
Requests: 1 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: DEA6FBB0644E0056A5CF68FD2D3EA579
Requests: 7 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html
Frame ID: 0595DA66207C9DD91D78441F6DA6C2AE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: C96CA81AF21006ECE1D7946967C9C42F
Requests: 1 HTTP requests in this frame

Frame: https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20210408_1900/ima_html5/index.html
Frame ID: 5522B484EEFCB29AC2EFDD462FCC6215
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html
Frame ID: C7603CB4D5ADF095B2124E310C679253
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: D4DDCB662534687A933D88ED6F669D8E
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: FC418221A8D51E7D252343B51D466788
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Judge seeks rehab check | The Sarnia ObserverThe Sarnia ObserverUserToggle menuClose menu

Page Statistics

503
Requests

84 %
HTTPS

35 %
IPv6

83
Domains

164
Subdomains

120
IPs

6
Countries

6141 kB
Transfer

17405 kB
Size

135
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://nexus.prod.postmedia.digital/wp-content/uploads/2018/08/1297679496675_ORIGINAL.jpg?quality=90&strip=all&w=564&h=423&type=webp HTTP 302
  • https://static-nexus.prod.postmedia.digital/wp-content/uploads/2018/08/1297679496675_ORIGINAL.jpg?quality=90&strip=all&w=564&h=423&type=webp
Request Chain 67
  • https://cm.g.doubleclick.net/pixel?google_nid=mparticle_dmp&google_cm&MPID=6874739207850811631&esid=30989&Key=580aa374a095754d9f83e996ce038321&env=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mparticle_dmp&google_cm=&MPID=6874739207850811631&esid=30989&Key=580aa374a095754d9f83e996ce038321&env=2&google_tc= HTTP 302
  • https://cookiesync.mparticle.com/v1/sync/?id=CAESECrtBVBfXjqqaoKZ1bQGZrI&MPID=6874739207850811631&esid=30989&Key=580aa374a095754d9f83e996ce038321&env=2&google_cver=1
Request Chain 73
  • https://sb.scorecardresearch.com/b?c1=2&c2=10276888&ns__t=1638589982592&ns_c=UTF-8&c8=Judge%20seeks%20rehab%20check%20%7C%20The%20Sarnia%20Observer&c7=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=10276888&ns__t=1638589982592&ns_c=UTF-8&c8=Judge%20seeks%20rehab%20check%20%7C%20The%20Sarnia%20Observer&c7=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check&c9=
Request Chain 83
  • https://postmedia-d.openx.net/w/1.0/arj?auid=543832900%2C543832896%2C543832892&aus=300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90&ju=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check&jr=&ch=UTF-8&tz=0&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._QsCHNyuT&cache=1638589982741&ttduuid=96202975-3807-4288-a32a-8d03bb6cadd8 HTTP 302
  • https://postmedia-d.openx.net/w/1.0/arj?cc=1&auid=543832900%2C543832896%2C543832892&aus=300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90&ju=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check&jr=&ch=UTF-8&tz=0&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._QsCHNyuT&cache=1638589982741&ttduuid=96202975-3807-4288-a32a-8d03bb6cadd8
Request Chain 99
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&dcc=t
Request Chain 103
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1747836&time=1638589982939&url=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1747836&time=1638589982939&url=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1747836%26time%3D1638589982939%26url%3Dhttps%253A%252F%252Fwww.theobserver.ca%252Fnews%252Flocal-news%252Fjudge-seeks-rehab-check%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1747836&time=1638589982939&url=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1747836&time=1638589982939&url=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check&cookiesTest=true&liSync=true&e_ipv6=AQKWWPvSmRBFlwAAAX2DkutN3_91iaYbezinbuPoK9aCXP_2zhYNlm6yg-MAH1MBUBCB5T73kS4 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=69470d1d-8a4f-48cb-b7bf-029bce23199e HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=69470d1d-8a4f-48cb-b7bf-029bce23199e&_expected_cookie=a86db29101e877cd4473a4a9385195bb
Request Chain 121
  • https://districtm-match.dotomi.com/match/bounce/current?version=1&networkId=33921&nuid=21nw6UMnrLDYUJONcEPsjtVo4l1&rurl=//dmx.us-east-33.districtm.io/s/10007/ HTTP 302
  • https://districtm-match.dotomi.com/match/bounce/current?DotomiTest=30024edf91fc1225&is_secure=true&version=1&networkId=33921&nuid=21nw6UMnrLDYUJONcEPsjtVo4l1&rurl=%2F%2Fdmx.us-east-33.districtm.io%2Fs%2F10007%2F HTTP 302
  • https://dmx.us-east-33.districtm.io/s/10007/AAAGcpz0j86PlANQkaQOAAAAAAA&expiration=1638676383&nuid=21nw6UMnrLDYUJONcEPsjtVo4l1&is_secure=true
Request Chain 122
  • https://sync.srv.stackadapt.com/sync?nid=132 HTTP 302
  • https://dmx.districtm.io/s/10026/oN4_Gdv7Tl5EUvBlC1zylSV4zZU
Request Chain 123
  • https://sync-tm.everesttech.net/upi/pid/1477?redir=https%3A//dmx.us-east-33.districtm.io/s/10016/$%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/1477?redir=https%3A//dmx.us-east-33.districtm.io/s/10016/$%7BTM_USER_ID%7D&_test=YarmHwAJalmNkwBG HTTP 302
  • https://dmx.us-east-33.districtm.io/s/10016/YarmHwAJalmNkwBG&_test=YarmHwAJalmNkwBG
Request Chain 124
  • https://x.bidswitch.net/sync?ssp=districtm&user_id=21nw6UMnrLDYUJONcEPsjtVo4l1 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=districtm&user_id=21nw6UMnrLDYUJONcEPsjtVo4l1 HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=districtm&bsw_custom_parameter=1dd13624-9489-465b-b6b4-b624acf5784a HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=districtm&bsw_custom_parameter=1dd13624-9489-465b-b6b4-b624acf5784a HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=51db0490-a098-4fc3-be5c-52032bdb91a5&ssp=districtm&expires=30&user_group=5&bsw_param=1dd13624-9489-465b-b6b4-b624acf5784a HTTP 302
  • https://dmx.districtm.io/s/10009/1dd13624-9489-465b-b6b4-b624acf5784a
Request Chain 125
  • https://match.prod.bidr.io/cookie-sync/districtm HTTP 303
  • https://match.prod.bidr.io/cookie-sync/districtm?_bee_ppp=1 HTTP 303
  • https://dmx.districtm.io/s/10025/AADVTE7DVcwAACsQRS7N7g
Request Chain 128
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/580448699/?random=1926342138&cv=9&fst=1638589982972&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check&tiba=Judge%20seeks%20rehab%20check%20%7C%20The%20Sarnia%20Observer&auid=526130370.1638589983&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=H-aqYdvwAcqDNbiCvPgL&sscte=1&crd=&eitems=ChEIgJ2njQYQi7Pmo-TTpbvTARIdAORaJOcjhW93Xuh8TnmgAQ-sfkouztJvHHrjWV0 HTTP 302
  • https://www.google.com/pagead/1p-conversion/580448699/?random=1926342138&cv=9&fst=1638589982972&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check&tiba=Judge%20seeks%20rehab%20check%20%7C%20The%20Sarnia%20Observer&auid=526130370.1638589983&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=H-aqYdvwAcqDNbiCvPgL&cid=CAQSKQCNIrLModgkEsl3W4EVflcVdDqW21sA-S59BeGQQPE0OjCqxEPDf9JG&eitems=ChEIgJ2njQYQi7Pmo-TTpbvTARIdAORaJOf6svWWhJX2OpAbYJOYj-azB-Hx01GGxXI&random=4036911189&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.ca/pagead/1p-conversion/580448699/?random=1926342138&cv=9&fst=1638589982972&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check&tiba=Judge%20seeks%20rehab%20check%20%7C%20The%20Sarnia%20Observer&auid=526130370.1638589983&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=H-aqYdvwAcqDNbiCvPgL&cid=CAQSKQCNIrLModgkEsl3W4EVflcVdDqW21sA-S59BeGQQPE0OjCqxEPDf9JG&eitems=ChEIgJ2njQYQi7Pmo-TTpbvTARIdAORaJOf6svWWhJX2OpAbYJOYj-azB-Hx01GGxXI&random=4036911189&resp=GooglemKTybQhCsO&ipr=y&prhg=0
Request Chain 141
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=districtm HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Ddistrictm HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=8000251644872631429&ex=districtm
Request Chain 142
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=6452062990516382367&ex=appnexus.com
Request Chain 144
  • https://cdn.districtm.io/ids/?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D HTTP 301
  • https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
Request Chain 145
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=6614077142590073882
Request Chain 155
  • https://us-u.openx.net/w/1.0/cm?id=9e0a35ea-c8e3-4b1b-9efa-4af6f54a373e&r=https://pixel.advertising.com/ups/58294/sync?_origin=1&uid={OPENX_ID} HTTP 302
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&uid=ec4836ae-f8c2-01eb-2687-332d2a737664 HTTP 302
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&uid=ec4836ae-f8c2-01eb-2687-332d2a737664&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=ec4836ae-f8c2-01eb-2687-332d2a737664&apid=UPaea33ccf-54b5-11ec-b1b2-02422e731895
Request Chain 156
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=974aca41-edef-0dc2-2ad9-72d4844be3d5 HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CPaqHBIvCisIARCUaxokOTc0YWNhNDEtZWRlZi0wZGMyLTJhZDktNzJkNDg0NGJlM2Q1EAAaDQifzKuNBhIFCOgHEABCAEoA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=3e80d9062efc7a8f675bf3c4020944279f3ca548343f5b27f3c70c9f3242152d791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAzZTgwZDkwNjJlZmM3YThmNjc1YmYzYzQwMjA5NDQyNzlmM2NhNTQ4MzQzZjViMjdmM2M3MGM5ZjMyNDIxNTJkNzkxNDI2YjU0MTdkY2UyMRAAGgwIn8yrjQYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAzZTgwZDkwNjJlZmM3YThmNjc1YmYzYzQwMjA5NDQyNzlmM2NhNTQ4MzQzZjViMjdmM2M3MGM5ZjMyNDIxNTJkNzkxNDI2YjU0MTdkY2UyMRAAGgwIn8yrjQYSBAgCEABCAEoA&google_gid=CAESEPmO0mPU-_TWe4vJc07NYYo&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=0f32092c-8101-4011-ab0d-a513102f7f78
Request Chain 157
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=8000251644872631429
Request Chain 159
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=4414439470486007426&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 160
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YarmHwAJalmNkwBG
Request Chain 162
  • https://match.adsrvr.org/track/cmf/openx?oxid=c28cb527-20a8-3ba2-75a0-f227bdd0820d&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=96202975-3807-4288-a32a-8d03bb6cadd8&ttd_puid=c28cb527-20a8-3ba2-75a0-f227bdd0820d
Request Chain 164
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEF5eQbnT_j79dseKJw-GCLU&google_cver=1
Request Chain 166
  • https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=938fa8f1edfcc5795241704f&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=3&3pid=38d561aa-e620-4500-a835-726ec1cd5433&gdpr=0&gdpr_consent=
Request Chain 167
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=KWRA638C-2-59X6&gdpr=0
Request Chain 168
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=49&3pid=w6NTHLymKpa6&ev=1&pid=558511&gdpr_consent=&gdpr=0
Request Chain 169
  • https://px.owneriq.net/eucm/p/sv?gdpr=0&gdpr_consent= HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fpx.owneriq.net%2ffr%2fepx.gif&uid=Q6918763831934181121&ref=%2Feucm%2Fp%2Fsv HTTP 302
  • https://px.owneriq.net/fr/epx.gif
Request Chain 170
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=83&3pid=KWRA63G4-1L-JQDI&gdpr=0
Request Chain 172
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YarmHwAJalmNkwBG
Request Chain 174
  • https://match.adsrvr.org/track/cmf/openx?oxid=c28cb527-20a8-3ba2-75a0-f227bdd0820d&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=96202975-3807-4288-a32a-8d03bb6cadd8&ttd_puid=c28cb527-20a8-3ba2-75a0-f227bdd0820d
Request Chain 176
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEF5eQbnT_j79dseKJw-GCLU&google_cver=1
Request Chain 178
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=96202975-3807-4288-a32a-8d03bb6cadd8&gdpr=0&gdpr_consent=
Request Chain 179
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2 HTTP 302
  • https://pixel.quantserve.com/pixel/p-_jQ037pSmtjhN.gif?idmatch=0 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=mKgSocXAVa8Wq7r1ivjrQDkr&gdpr=0&source_user_id=hGg0c9dvZHSfODYihWx4c4U_bXOfaGJ0hWoiIO1A
Request Chain 180
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=96202975-3807-4288-a32a-8d03bb6cadd8&gdpr=0&gdpr_consent=
Request Chain 181
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4 HTTP 302
  • https://bttrack.com/pixel/cookiesync?source=d0afdff5-c51e-4a8d-b07b-b52a29015170&secure=1 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=FGhqNjC2WnFmmvNpTL32LMME&source_user_id=c2c8ea37-d565-485d-9578-22ea039666ad
Request Chain 185
  • https://usermatch.krxd.net/um/v2?partner=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=T2hSVTZVMnI HTTP 302
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESECceV66HG__wl4LqUG072po&google_cver=1
Request Chain 186
  • https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=T2hSVTZVMnI HTTP 302
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESECceV66HG__wl4LqUG072po&google_cver=1
Request Chain 188
  • https://stags.bluekai.com/site/26357?id=OhRU6U2r&redir=https://beacon.krxd.net/usermatch.gif?_kuid%3DOhRU6U2r%26partner%3Dbluekai%26bk_uuid%3D%24_BK_UUID HTTP 302
  • https://beacon.krxd.net/usermatch.gif?_kuid=OhRU6U2r&partner=bluekai&bk_uuid=$_BK_UUID
Request Chain 190
  • https://sync-tm.everesttech.net/upi/pid/NC4WTmcy?redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner_id%3Dcb276571-e0d9-4438-9fd4-80a1ff034b01%26puid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner_id=cb276571-e0d9-4438-9fd4-80a1ff034b01&puid=YarmHwAJalmNkwBG
Request Chain 191
  • https://usermatch.krxd.net/um/v2?partner=beeswax HTTP 302
  • https://match.prod.bidr.io/cookie-sync/krux?partner_user_id=OhRU6U2r HTTP 303
  • https://beacon.krxd.net/usermatch.gif?partner=beeswax&partner_uid=AADVTE7DVcwAACsQRS7N7g
Request Chain 193
  • https://usermatch.krxd.net/um/v2?partner=neustar HTTP 302
  • https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=OhRU6U2r
Request Chain 194
  • https://ssum-sec.casalemedia.com/usermatchredir?s=183716&cb=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcasale%26partner_uid%3D__UID__ HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcasale%26partner_uid%3D__UID__&s=183716&C=1 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=casale&partner_uid=YarmH1K3tMNJH9pjGD-FtgAA%26508
Request Chain 196
  • https://sync.srv.stackadapt.com/sync?nid=salesforce HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=stackadapt&partner_uid=oN4_Gdv7Tl5EUvBlC1zylSV4zZU
Request Chain 197
  • https://dmpsync.3lift.com/getuid?redir=https:%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dtriplelift%26partner_uid%3D%24UID HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=triplelift&partner_uid=6614077142590073882
Request Chain 199
  • https://dmx.districtm.io/s/v1/users/10002 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=dmx.com&id=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAyLCJ1c3IiOiJxZ1llc2dZYk1qRnVkelpWVFc1eVRFUlpWVXBQVG1ORlVITnFkRlp2Tkd3eCJ9.BUzt7w5EKv4x1dq0zpGEQd4Dd4Qx3pkskCAOf6ctgvBSMygrZohl0SZWS4eRgzlKeFQci7WoCpXRdsOuwCzPag
Request Chain 202
  • https://c1.adform.net/serving/cookie/match?party=14&cid=A2587587-5D22-460D-A9DD-58C5B0E676AF HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=A2587587-5D22-460D-A9DD-58C5B0E676AF
Request Chain 203
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YarmHwAJalmNkwBG&gdpr=0&gdpr_consent=
Request Chain 205
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=olh1h10iRg2p3VjFsOZ2rw%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 206
  • https://idsync.rlcdn.com/420486.gif?partner_uid=A2587587-5D22-460D-A9DD-58C5B0E676AF HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=3e80d9062efc7a8f675bf3c4020944279f3ca548343f5b27f3c70c9f3242152d791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAzZTgwZDkwNjJlZmM3YThmNjc1YmYzYzQwMjA5NDQyNzlmM2NhNTQ4MzQzZjViMjdmM2M3MGM5ZjMyNDIxNTJkNzkxNDI2YjU0MTdkY2UyMRAAGgwIn8yrjQYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAzZTgwZDkwNjJlZmM3YThmNjc1YmYzYzQwMjA5NDQyNzlmM2NhNTQ4MzQzZjViMjdmM2M3MGM5ZjMyNDIxNTJkNzkxNDI2YjU0MTdkY2UyMRAAGgwIn8yrjQYSBAgCEABCAEoA&google_gid=CAESEPmO0mPU-_TWe4vJc07NYYo&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=1843238f-ed40-468a-be65-03b8de890079
Request Chain 207
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=38d561aa-e620-4500-a835-726ec1cd5433
Request Chain 208
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTI1ODc1ODctNUQyMi00NjBELUE5REQtNThDNUIwRTY3NkFG&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 209
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPb6scENDEwSNDCJ0TcMiaQ&google_cver=1
Request Chain 210
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:738B91C76CE54A558D37C79C24F614F8
Request Chain 211
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3682604531038301826&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 212
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=96202975-3807-4288-a32a-8d03bb6cadd8
Request Chain 220
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=KWRA63A3-1D-AIR0&ex=d-rubiconproject.com&status=ok
Request Chain 230
  • https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3623455489792147513&redir= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3623455489792147513&redir=
Request Chain 231
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3623455489792147513 HTTP 307
  • https://ml314.com/csync.ashx?fp=677c5e5012794a0c20fa4d640440b1efd6a21afbad0efc289fb498d6c1e33c45f4cb09cee1a4f8eb&person_id=3623455489792147513&eid=50082
Request Chain 232
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
  • https://ml314.com/utsync.ashx?eid=53819&et=0&fp=96202975-3807-4288-a32a-8d03bb6cadd8&gdpr=0&gdpr_consent=
Request Chain 233
  • https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3623455489792147513 HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3623455489792147513 HTTP 302
  • https://ml314.com/csync.ashx?fp=1b725e17968450711ca2e2b3a8963760&eid=50146&person_id=3623455489792147513
Request Chain 235
  • https://ml314.com/csync.ashx?fp=OhRU6U2r&person_id=3623455489792147513&eid=748&return=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dmadisonlogic%26partner_uid%3D3623455489792147513 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=madisonlogic&partner_uid=3623455489792147513
Request Chain 245
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KWRA63A3-1D-AIR0&sigv=1&esig=2~a0be5515f3aaf0dc991fa6520d1985d0f2e58014
Request Chain 246
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGOtWwzzJy59kNnf1UyOFm4&google_cver=1
Request Chain 247
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=38d561aa-e620-4500-a835-726ec1cd5433&expires=28
Request Chain 248
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YarmHwAJalmNkwBG
Request Chain 249
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/chOYmg_L6SjaQDkGZGXTvMn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3129778739929973358
Request Chain 250
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=96202975-3807-4288-a32a-8d03bb6cadd8&gdpr=0&gdpr_consent=&expires=30
Request Chain 252
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmFjMDE4NDE5NDVhNmQ5Mjg0ZDYzY2E5YjlmYTg1NzY0NmExYzllZg
Request Chain 344
  • https://sb.scorecardresearch.com/c2/10276888/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
Request Chain 349
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=theobserver.ca&sn=ChromeSyncframe&so=0&topUrl=www.theobserver.ca&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=TZfMynx3RXYyMmlIWGxXSlpGYmxJT3pmdXJWUHl4bzA5TEVnQTdhaWs3VjZ1bHJ6dTIvM3BnZURiVHR0eGNHVXBDcUdkN0dlbVk0ZlVBU2RjQ3hiSWpUUGNGZ3A5bGVSM1FiYmlhbzhyVUdZb3hXWTBxOTR2VzZSdk4wSENpa0Z4SnQ4OVpXWFFzenNBUEdNZUNwWXkyMVBCaENoSGc0K0o1TzFwVlZrS3NLTzIxWVYzMGpJRlYzOWtjUW1PZFpBMFVMaU5EdndTdXoyMndhbUZIUm1GV2tvakJabFI1WjIrK0lodmV1b3kvM2dmblFpSDR5MU1LVjFtMjdnRjdWbHhEeW1KaUtZc2NMTHpON1BTTW1RYzdVME9CUT09fA&cppv=2
Request Chain 381
  • https://gcdn.2mdn.net/videoplayback/id/66199ea1b96022d7/itag/18/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3781005170/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/2F134F6F9F7F7E58D2964C57D622DA9DEAC330C5.111A27796E067BCBDF71D14E51A0A3620E87647/key/ck2/file/file.mp4 HTTP 302
  • https://r1---sn-ab5sznlk.c.2mdn.net/videoplayback/id/66199ea1b96022d7/itag/18/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3781005170/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/628CD0191CADDF9EFBD646F65E4090DDF786909D.54599E607FACAE67839DC920EBCDC297C13305D0/key/cms1/cms_redirect/yes/mh/Hc/mip/2a0d:5600:9:4b00:c3::1/mm/42/mn/sn-ab5sznlk/ms/onc/mt/1638589599/mv/u/mvi/1/pl/49/file/file.mp4
Request Chain 430
  • https://5ew8d-b3mmu.ads.tremorhub.com/ad/tag?adCode=5ew8d-hg1g0&playerWidth=640&playerHeight=480&srcPageUrl=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check&supplyCode=5ew8d-b3mmu&skip=0&delivery=1&placement=1&schain=1.0,1!distroscale.com,6243197009,1,,,&transactionId=4758d8e4-4011-43b9-ac7a-225428db1137&referrer=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check&hb=1&fmt=json HTTP 302
  • https://5ew8d-b3mmu.ads.tremorhub.com/ad/tag?adCode=5ew8d-hg1g0&playerWidth=640&playerHeight=480&srcPageUrl=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check&supplyCode=5ew8d-b3mmu&skip=0&delivery=1&placement=1&schain=1.0,1!distroscale.com,6243197009,1,,,&transactionId=4758d8e4-4011-43b9-ac7a-225428db1137&referrer=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check&hb=1&fmt=json&_tur=T

503 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request judge-seeks-rehab-check
www.theobserver.ca/news/local-news/ 		285 KB
55 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.199.243 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
243.199.107.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
efd0a16fb682e4fad72ad425fed5a22c810b0650be0277b23a754711ed1a8c9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

server
nginx/1.19.10
date
Sat, 04 Dec 2021 03:53:01 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding Accept-Encoding user-agent
expires
Sat, 04 Dec 2021 03:52:29 GMT
cache-control
max-age=300
x-frame-options
SAMEORIGIN
x-pmd-backend
cheetah-nginx pmd-nginx-proxy-59fd8965c5-d548m
access-control-allow-origin
*
x-pmd-cache
STALE
strict-transport-security
max-age=31536000
content-encoding
gzip
via
1.1 google
alt-svc
clear
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
sffe /
Resource Hash
f3385adf33b15d77200af558761f6a92bbeeab7254fa981f16089d6ea81db1dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1062 / 188 of 1000 / last-modified: 1638572771"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26973
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 04 Dec 2021 03:53:02 GMT
184635-69700543969858.js
js-sec.indexww.com/ht/p/ 		181 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/184635-69700543969858.js
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
dcb0f064f445c7ba21183d3c3db46452c64d05c90589a32d8eb1c8b552d62e08

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 04 Dec 2021 03:53:02 GMT
Content-Encoding
gzip
Last-Modified
Sat, 04 Dec 2021 03:40:24 GMT
Server
Apache
ETag
"905ab6-2d264-5d249c8a479a5"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3013
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
45314
Expires
Sat, 04 Dec 2021 04:43:15 GMT
publishertag.js
static.criteo.net/js/ld/ 		117 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
c0fb763f2f2e80a902d63860360c9ae467315055f06d4ac3a8cf0bd5982573ef

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:02 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 06:35:13 GMT
server
nginx
etag
W/"618cb9a1-1d4ec"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 05 Dec 2021 03:53:02 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.239.200.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-239-200-177.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
d8c62b0d4ac621bedd0ca5a4e96b12a77118338d4166f94d65c15bb154d455aa

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 01:04:12 GMT
content-encoding
gzip
age
10129
x-cache
Hit from cloudfront
timing-allow-origin
*
server
Server
x-amz-rid
1AXJK7YK9WCP0270HSY0
etag
4da12c74ee926b2a11a4e43bfb72b2fd
vary
Accept-Encoding
x-amz-version-id
4VmutqpMSKe44XUliQiub0_OOWAXoLbl
via
1.1 34deee8ac34d726c1404a3045667664b.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
g5BjqTQtC2RqXM7IsHGGOL1GBdxxHSGCBuiPWfQ9GOqJtX7ziV5N2w==
all.postmedia.js
hb.districtm.io/prod/100549/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.districtm.io/prod/100549/all.postmedia.js
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5f7c1c0cbec2c27d4165db4cd06b7780f477fc9161008bde67c7a9d62b223aa

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:02 GMT
via
1.1 309350110faf62b312dbbe8a89e6eed2.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
5870
x-cache
Miss from cloudfront
cf-bgj
minify
content-encoding
br
last-modified
Thu, 10 Dec 2020 10:37:54 GMT
server
cloudflare
etag
W/"5f2e83162e71fb84bb30df8f49e91eee"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=43200
x-amz-cf-pop
ORD52-C3
cf-ray
6b8215dbe93f2c95-ORD
x-amz-cf-id
GI4p71NjX9dLkA3_s2uwHtS5oRz7eUWYV3IPSC1HeeQs80Owxgvw4A==
expires
Sat, 04 Dec 2021 15:53:02 GMT
iasPET.1.js
cdn.adsafeprotected.com/ 		22 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-46.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 03 Dec 2021 04:58:40 GMT
Via
1.1 d7202b57803815a076179b3bb9bbd767.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Wed, 02 Jun 2021 17:38:57 GMT
Server
AmazonS3
Age
82463
ETag
"51636de3ce868a2172f9e6996c2934e0"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Cache-Control
max-age=604800
X-Amz-Cf-Pop
EWR53-P1
Accept-Ranges
bytes
Content-Length
22521
X-Amz-Cf-Id
WqKws2XRBlMoIHntX8VR8R3bX_Y2m_0gh4sEVQQrOm_f3O86jG-tMQ==
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3bd5a9fc21186f86dc7899696f378659e555a7f1978af4161de48552343a4d6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 04 Dec 2021 02:29:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 04 Dec 2021 03:53:02 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 04 Dec 2021 03:53:02 GMT
advertising.js
www.npttech.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.npttech.com/advertising.js
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:3c3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2123
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
JNMEQGQ9NJ9E6X1S
x-amz-id-2
fxImh/8M8kos4PfArLZQ66EMsMP9XUBIudAFPFkNaHH9tQrUf3+tzsmbOphXS4daZ7ig6eUbrKc=
last-modified
Wed, 19 Jun 2019 08:25:01 GMT
server
cloudflare
etag
W/"3d6f80c860866175f58a84bbbc9217c6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V53ZT3zCcxTFQQ5Qbj%2Fz00KGPtClZMOi9FamIPB0Re%2BF37rB%2Bb%2F1iX0gSAhY%2BA9n4Iyv7O%2F2ItgWus4fbryia3zV0CtZb6eEcGGpAVYJtT1kztm0PcV%2BpDVgwyNIVR8z7CjZVwZZ2qj4xx%2FRBVI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=28800
x-amz-version-id
hXQWgdpwSBM26VgKOeTSlm.4VT89.h9w
cf-ray
6b8215dc5c46ece2-YUL
LoginRadiusV2.js
auth.lrcontent.com/v2/js/ 		195 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.lrcontent.com/v2/js/LoginRadiusV2.js
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:49e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1357d050358d80ecda9a8a3f02d8d91a2ae71d683bc31d3659cd2a9db0b27030
Security Headers
Name Value
Strict-Transport-Security max-age= 63072000; includeSubdomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:02 GMT
via
1.1 244258cb002db1df1e3b828956edd1fa.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
age
2070
cf-polished
origSize=1221643
x-cache
Hit from cloudfront
content-encoding
gzip
last-modified
Tue, 20 Jul 2021 04:25:48 GMT
server
cloudflare
etag
W/"2cfaf27cd342c7b4dca95f74b6ba9430"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age= 63072000; includeSubdomains; preload
content-type
application/javascript
cache-control
max-age=14400
x-amz-cf-pop
YUL62-C1
cf-ray
6b8215dbbfeb7144-YUL
x-amz-cf-id
L6TaowUaqSvBRKJsjo7JHxs_QjBCF_fFHpuPjY7ZXCFMs-qbcuz4tw==
cf-bgj
minify
spm.v1.min.js
ak.sail-horizon.com/spm/ 		121 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-56.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d06ae5e97e495832fc4526c3e93d7e9440f1faf5f77669b41678c9d564a25faf

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:43:36 GMT
content-encoding
gzip
last-modified
Tue, 08 Jun 2021 04:22:34 GMT
server
AmazonS3
age
567
etag
W/"b22b4f4738e8722be1636447be239da2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 52b969a4ab7956a248b07efba57c92a4.cloudfront.net (CloudFront)
cache-control
max-age=600; must-revalidate
x-amz-cf-pop
EWR53-P1
x-amz-cf-id
LGmauYqTM1fKP9i84J1KLRuTxz_uHMPjO_y340ZXaaiuCUSSijtvDQ==
fem.js
fem.prod.postmedia.digital/v46.1/ 		320 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fem.prod.postmedia.digital/v46.1/fem.js
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-2.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
edb22ef77d103ce8ef172e7bf0d40d1529c2a386d573ae15ac418b0e7a0528ad

Request headers

Referer
https://www.theobserver.ca/
Origin
https://www.theobserver.ca
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 17:06:10 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
902813
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Fri, 19 Nov 2021 21:41:39 GMT
server
AmazonS3
etag
W/"01a93f3213bb002cbe6a581e095fef95"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 3f65d34f6010e326e59d2f311de6e203.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-P1
x-amz-cf-id
CSiv8CDhuQMF39LTeks2O-4mKG-L3793uFGfpSvl8Cd1LWYIBDFXnw==
share-modal-icon-close.svg
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.5.1/websites/images/share-icons/ 		284 B
545 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.5.1/websites/images/share-icons/share-modal-icon-close.svg
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2010 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
bb4fb0059425e84fccb29bdbdaa7c010b6fc4a5e831487b1eeb9c4b108e214b5

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:47:41 GMT
age
321
x-guploader-uploadid
ADPycdsra4itOKScvMq8HGmfANcAPi5vWSfjCzoXRMkyVVCnq2v4ZJQ74MxHffsOT--tk7Rqa4EY5D6biSKTv3gmlQBFwKVdUA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
284
last-modified
Tue, 23 Nov 2021 16:46:51 GMT
server
UploadServer
etag
"aeffa4d673f9046357d018cd83f36303"
x-goog-hash
crc32c=mQjXfA==, md5=rv+k1nP5BGNX0BjNg/NjAw==
x-goog-generation
1637612104476930
access-control-allow-origin
*
cache-control
max-age=31536000
x-goog-stored-content-length
284
accept-ranges
bytes
content-type
image/svg+xml
expires
Sun, 04 Dec 2022 03:47:41 GMT
icon-circle-email.svg
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.5.1/websites/images/share-icons/ 		976 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.5.1/websites/images/share-icons/icon-circle-email.svg
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2010 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
2a647bbfb5c6723ca10f9833ae08d3381b0061f982959571e56a55d7768cb7a5

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:13:57 GMT
age
2345
x-guploader-uploadid
ADPycdugFsn2lLtmY51GmdG0CtlxqjG-61CUA_E-4UuL1BXZilcajxcVyxB6z0B2wRcrMCXw2vOGSmZpGWyUMc13O_Z-4HnMTQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
976
last-modified
Tue, 23 Nov 2021 16:46:56 GMT
server
UploadServer
etag
"bef02ad8b1f137bbb303cefe8614b69f"
x-goog-hash
crc32c=ZVCajw==, md5=vvAq2LHxN7uzA87+hhS2nw==
x-goog-generation
1637612109594743
access-control-allow-origin
*
cache-control
max-age=31536000
x-goog-stored-content-length
976
accept-ranges
bytes
content-type
image/svg+xml
expires
Sun, 04 Dec 2022 03:13:57 GMT
icon-soc-fb.svg
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.5.1/websites/images/share-icons/ 		775 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.5.1/websites/images/share-icons/icon-soc-fb.svg
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2010 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
40e562e806ce113ae7879d0dd76db82797b5c274794751c260381f2c8b283641

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:02:19 GMT
age
3043
x-guploader-uploadid
ADPycduK8TfPTforpaEcsGVNCvtKzEBSiFGfINtWHVKhXVPphSJ8vEP50hba-BZdrg7tzvgzCb4z3oEVEEzF-PfQhVBU7sptsQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
775
last-modified
Tue, 23 Nov 2021 16:46:57 GMT
server
UploadServer
etag
"993353c51244defcc16154eac23ff88d"
x-goog-hash
crc32c=Z/aKUg==, md5=mTNTxRJE3vzBYVTqwj/4jQ==
x-goog-generation
1637355217131529
access-control-allow-origin
*
cache-control
max-age=31536000
x-goog-stored-content-length
775
accept-ranges
bytes
content-type
image/svg+xml
expires
Sun, 04 Dec 2022 03:02:19 GMT
icon-soc-tw.svg
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.5.1/websites/images/share-icons/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.5.1/websites/images/share-icons/icon-soc-tw.svg
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2010 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
975a64dc9bbc5e1884ba8ca2e76d9b2791d16d5c9f3619bf30477cd21a8636d2

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:02:19 GMT
age
3043
x-guploader-uploadid
ADPycdv34K394QfrYC-Y4CIrkzT1GQPhIWNhUSnwNGpWacJWxMoiprEmHCLPHgWHxkZcGpzJGhArylqGKbv5AAK_m-Pw6HZ5Zw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1698
last-modified
Tue, 23 Nov 2021 16:46:51 GMT
server
UploadServer
etag
"df82c342c1176b84253c53e6e10eed05"
x-goog-hash
crc32c=cbPk0w==, md5=34LDQsEXa4QlPFPm4Q7tBQ==
x-goog-generation
1637355213518112
access-control-allow-origin
*
cache-control
max-age=31536000
x-goog-stored-content-length
1698
accept-ranges
bytes
content-type
image/svg+xml
expires
Sun, 04 Dec 2022 03:02:19 GMT
icon-soc-rdit.svg
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.5.1/websites/images/share-icons/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.5.1/websites/images/share-icons/icon-soc-rdit.svg
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2010 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
1fb82c9bb456f6d5336430ebb3d5b1e596ceb303ee99690f0c9187aa13a0cd43

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:09:38 GMT
age
2604
x-guploader-uploadid
ADPycdsLnKSwxok3Uj6u7Z76Fvx7gw-N8xZ54oDYWLXn7il3EwWAuAll8pQjVQ4ZnYdc2M6Kga5pSh12NO8sUD1pTztX7sLFrg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2135
last-modified
Tue, 23 Nov 2021 16:46:52 GMT
server
UploadServer
etag
"0304b8d3870cc1f4f888574a14022da4"
x-goog-hash
crc32c=GJubKw==, md5=AwS404cMwfT4iFdKFAItpA==
x-goog-generation
1637612105327508
access-control-allow-origin
*
cache-control
max-age=31536000
x-goog-stored-content-length
2135
accept-ranges
bytes
content-type
image/svg+xml
expires
Sun, 04 Dec 2022 03:09:38 GMT
icon-soc-pin.svg
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.5.1/websites/images/share-icons/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.5.1/websites/images/share-icons/icon-soc-pin.svg
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2010 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
73ce21104cbd5c5d38a7f58633f41f6aaf3cf9bb58d2166935871115df10086f

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:09:58 GMT
age
2584
x-guploader-uploadid
ADPycdvTcnF2c5whEKe5ZuZ-DwovyFnw7rULLLrCPcF4owhinOtK22xD5I470Ye-d0Xt1g8bEeTi874Gb6cjhZORrHQXo32-WQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1904
last-modified
Tue, 23 Nov 2021 16:46:53 GMT
server
UploadServer
etag
"7dbe30e1f3c16e83b217e86f8fe87986"
x-goog-hash
crc32c=CmGx6w==, md5=fb4w4fPBboOyF+hvj+h5hg==
x-goog-generation
1637612106221006
access-control-allow-origin
*
cache-control
max-age=31536000
x-goog-stored-content-length
1904
accept-ranges
bytes
content-type
image/svg+xml
expires
Sun, 04 Dec 2022 03:09:58 GMT
icon-soc-li.svg
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.5.1/websites/images/share-icons/ 		739 B
1001 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.5.1/websites/images/share-icons/icon-soc-li.svg
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2010 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
73f5cb8f7a137847e41aeb849588174535651b6e140d8b13575f46fff0c496a2

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:09:58 GMT
age
2584
x-guploader-uploadid
ADPycdvByBas7OJFOkKlDTao1Xs4ZYY8sPnG6njIf3Ya1hxS11HNWOmyXMrmD7uhk2e4_LnLvYDaNUFGkwUhrs35F_0Oy6nI5Q
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
739
last-modified
Tue, 23 Nov 2021 16:46:54 GMT
server
UploadServer
etag
"071e5c7f2df5f3dc2b856b2576752f1c"
x-goog-hash
crc32c=PfZM8A==, md5=Bx5cfy3189wrhWsldnUvHA==
x-goog-generation
1637612107061752
access-control-allow-origin
*
cache-control
max-age=31536000
x-goog-stored-content-length
739
accept-ranges
bytes
content-type
image/svg+xml
expires
Sun, 04 Dec 2022 03:09:58 GMT
icon-soc-tblr.svg
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.5.1/websites/images/share-icons/ 		479 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.5.1/websites/images/share-icons/icon-soc-tblr.svg
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2010 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
bd42ab1e963caae23b78541c50e8b5d8146d0c6b2151fcfcfa938c17c417f68e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:09:58 GMT
age
2584
x-guploader-uploadid
ADPycdtj04dlHXdVJg-wE7Q67gLOvXJEKmkLNqIVAOI2jb7dlLC1SQTkUvC31NO55Pg9RcHmNmInyZ3Ftn_Dmpt2_XFlCuKD5w
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
479
last-modified
Tue, 23 Nov 2021 16:46:55 GMT
server
UploadServer
etag
"1ace9edc1bbac746d584a7270d791ff9"
x-goog-hash
crc32c=08+Lmg==, md5=Gs6e3Bu6x0bVhKcnDXkf+Q==
x-goog-generation
1637612108329198
access-control-allow-origin
*
cache-control
max-age=31536000
x-goog-stored-content-length
479
accept-ranges
bytes
content-type
image/svg+xml
expires
Sun, 04 Dec 2022 03:09:58 GMT
icon-circle-share.svg
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.5.1/websites/images/share-icons/ 		561 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.5.1/websites/images/share-icons/icon-circle-share.svg
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2010 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
4bef0d2ce9ddd3dcd15889345ea8e4ae1eb38c2bcf50bcd76daed2dc63f0a424

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:09:57 GMT
age
2585
x-guploader-uploadid
ADPycdv3T_lRJKqC20aCioGUtt-4zgNIzy4vcq8erRnoSzsR0kikUq0yzBqpMC5-VCU-a6BDcEHveDVp88IgxrY1xNIJq2aVOw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
561
last-modified
Tue, 23 Nov 2021 16:46:55 GMT
server
UploadServer
etag
"cbc289873c015f5baae7e9e8d4876ea9"
x-goog-hash
crc32c=9Je3tg==, md5=y8KJhzwBX1uq5+no1IduqQ==
x-goog-generation
1637612108753943
access-control-allow-origin
*
cache-control
max-age=31536000
x-goog-stored-content-length
561
accept-ranges
bytes
content-type
image/svg+xml
expires
Sun, 04 Dec 2022 03:09:57 GMT
1297679496675_ORIGINAL.jpg
static-nexus.prod.postmedia.digital/wp-content/uploads/2018/08/
Redirect Chain
  • https://nexus.prod.postmedia.digital/wp-content/uploads/2018/08/1297679496675_ORIGINAL.jpg?quality=90&strip=all&w=564&h=423&type=webp
  • https://static-nexus.prod.postmedia.digital/wp-content/uploads/2018/08/1297679496675_ORIGINAL.jpg?quality=90&strip=all&w=564&h=423&type=webp
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-nexus.prod.postmedia.digital/wp-content/uploads/2018/08/1297679496675_ORIGINAL.jpg?quality=90&strip=all&w=564&h=423&type=webp
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Server
3.99.13.158 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-99-13-158.ca-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Redirect headers

location
https://static-nexus.prod.postmedia.digital/wp-content/uploads/2018/08/1297679496675_ORIGINAL.jpg?quality=90&strip=all&w=564&h=423&type=webp
date
Sat, 04 Dec 2021 03:53:02 GMT
server
nginx/1.14.1
content-length
161
x-pmd-backend
prod-wordpress-5
strict-transport-security
max-age=31536000
content-type
text/html
shared.669cea0d3dc0.js
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.5.1/CACHE/js/ 		23 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.5.1/CACHE/js/shared.669cea0d3dc0.js
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2010 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
669cea0d3dc0c8458235b50ea674f11f29efa1042f2a5987d5858300604523fa

Request headers

Referer
https://www.theobserver.ca/
Origin
https://www.theobserver.ca
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:44:55 GMT
age
487
x-guploader-uploadid
ADPycdt4YlFynVygF_u4E-cIH3caiYi2bAVbroaR5qeVZJs52pQvM4zEUHf_lSofpT8V7efaBH3MaOl0QbfWsnt4oGtYokhWmA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23931
last-modified
Tue, 23 Nov 2021 16:55:01 GMT
server
UploadServer
etag
"8aff2e1c2bce2e56118d4b3a1b6f390a"
x-goog-hash
crc32c=PATUDA==, md5=iv8uHCvOLlYRjUs6G285Cg==
x-goog-generation
1637612584500610
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
max-age=31536000
x-goog-stored-content-length
23931
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 04 Dec 2022 03:44:55 GMT
main.b68334d88010.js
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.5.1/CACHE/js/ 		94 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.5.1/CACHE/js/main.b68334d88010.js
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2010 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
b68334d88010495e1aa7da9af914a6043408076b36ad5cf8368667b3e6f7b85c

Request headers

Referer
https://www.theobserver.ca/
Origin
https://www.theobserver.ca
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:00:55 GMT
age
3127
x-guploader-uploadid
ADPycdterQMeX7LGi4uwDtUTYBFkq2PIqnf_KPLr2L3pLW8UONio-w0fKKapWZjzhJ1HEJbMGADP3BIcNhLa0zUJptMnpAjY9g
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95780
last-modified
Tue, 23 Nov 2021 16:55:01 GMT
server
UploadServer
etag
"d09e115b7ec7751f13831fe5417b5fda"
x-goog-hash
crc32c=nRnUsg==, md5=0J4RW37HdR8Tgx/lQXtf2g==
x-goog-generation
1637355575674295
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
max-age=31536000
x-goog-stored-content-length
95780
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 04 Dec 2022 03:00:55 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.theobserver.ca
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 01:28:42 GMT
x-content-type-options
nosniff
age
95060
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 03 Dec 2022 01:28:42 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.theobserver.ca
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 01:16:07 GMT
x-content-type-options
nosniff
age
95815
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15640
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:08:37 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 03 Dec 2022 01:16:07 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.theobserver.ca
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 16:23:56 GMT
x-content-type-options
nosniff
age
300546
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 30 Nov 2022 16:23:56 GMT
xd.html
d395dw5zk780j2.cloudfront.net/v46.1/ Frame 4526 		167 B
507 B 		Document
General
Check archive.org
Download Go to
Full URL
https://d395dw5zk780j2.cloudfront.net/v46.1/xd.html
Requested by
Host: fem.prod.postmedia.digital
URL: https://fem.prod.postmedia.digital/v46.1/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:7200:8:f216:eb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4576f4b1362fdeba0cb45896fe5275005f2e3930a2e8016f9ba50259b7f8a77c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/

Response headers

content-type
text/html
content-length
167
date
Fri, 19 Nov 2021 22:31:05 GMT
last-modified
Fri, 19 Nov 2021 21:41:39 GMT
etag
"0cf48a7d773bffb9e1209d19767164e4"
cache-control
max-age=31536000
accept-ranges
bytes
server
AmazonS3
x-cache
Hit from cloudfront
via
1.1 e832d261a0bb86f8ba09ea0550c8e77e.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-P1
x-amz-cf-id
N5X9mWZ9cP1J3aNisO4mt6WmgpEVKe1ngAaa5qZ7RnLzUPxAg6svnw==
age
1228918
capture:login
widgets-cdn.rpxnow.com/manifest/ 		453 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets-cdn.rpxnow.com/manifest/capture:login
Requested by
Host: fem.prod.postmedia.digital
URL: https://fem.prod.postmedia.digital/v46.1/fem.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-103.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d852c8c4a4916c22d524936925de15f0b1a519f4b42ed5aed98b4b8fb8fdd41c

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 03 Dec 2021 12:46:31 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Mar 2021 16:23:27 GMT
Server
AmazonS3
Age
54401
ETag
"44315a90fa384deff5df790e9c20d8af"
X-Cache
Hit from cloudfront
Content-Type
text/javascript;charset=UTF-8
Via
1.1 acbc1e922360be31edf0371abdc7a3a4.cloudfront.net (CloudFront)
Connection
keep-alive
X-Amz-Cf-Pop
EWR53-P1
Content-Length
111565
X-Amz-Cf-Id
RBMPmca-XMcGt_6eIQxgF5uHPfDDgqQaGsDmtoPsBXB3FdrFreOWTg==
gtm.js
www.googletagmanager.com/ 		456 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer
Requested by
Host: fem.prod.postmedia.digital
URL: https://fem.prod.postmedia.digital/v46.1/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9c6ff3f20600ffae239cd18a4768de6bdde5e4ce1657d0d286bd29a8cb639ba2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:02 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
107009
x-xss-protection
0
last-modified
Sat, 04 Dec 2021 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 04 Dec 2021 03:53:02 GMT
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: fem.prod.postmedia.digital
URL: https://fem.prod.postmedia.digital/v46.1/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-28.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 10:18:28 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
101578
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6a2d00c5c73022efc4bc2786f44b3cdc.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-P1
x-amz-cf-id
iSA-DZkW-MvKcabvbPTG3zPbiZsgCUyf_aCJ-2jvChnmu7URoLkUJQ==
876107132377ee12fd9d.js
d395dw5zk780j2.cloudfront.net/v46.1/chunks/ 		115 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d395dw5zk780j2.cloudfront.net/v46.1/chunks/876107132377ee12fd9d.js
Requested by
Host: fem.prod.postmedia.digital
URL: https://fem.prod.postmedia.digital/v46.1/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:7200:8:f216:eb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
99a6510b192118ff9b7de874ff61d03627bb0b3bc8461104080b55cdbbbb904b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 22:31:05 GMT
content-encoding
gzip
last-modified
Fri, 19 Nov 2021 21:41:40 GMT
server
AmazonS3
age
1228918
etag
W/"81fbdbb27749d8964a4813015d9f0b8d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 e832d261a0bb86f8ba09ea0550c8e77e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-P1
x-amz-cf-id
cb1Wd26drR1iCiTUHKGd_rJlZxlG9PndJ_-3-ChnwA4cQ5G8q3Emnw==
60c58728ccb522c206e6.js
d395dw5zk780j2.cloudfront.net/v46.1/chunks/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d395dw5zk780j2.cloudfront.net/v46.1/chunks/60c58728ccb522c206e6.js
Requested by
Host: fem.prod.postmedia.digital
URL: https://fem.prod.postmedia.digital/v46.1/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:7200:8:f216:eb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b60d43449c02f9d0491b15138a75b36c377c67583b59c83e616cf505981130

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 22:31:05 GMT
content-encoding
gzip
last-modified
Fri, 19 Nov 2021 21:41:40 GMT
server
AmazonS3
age
1228918
etag
W/"10e906bdf8879241ab1eee78a4475905"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 e832d261a0bb86f8ba09ea0550c8e77e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-P1
x-amz-cf-id
L8v1OYd8XYn4rZfz6XxGCeRLdviU1kk0lt3uZiJIp9N2E1piuRr5Sw==
mparticle.js
jssdkcdns.mparticle.com/js/v2/580aa374a095754d9f83e996ce038321/ 		522 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jssdkcdns.mparticle.com/js/v2/580aa374a095754d9f83e996ce038321/mparticle.js
Requested by
Host: fem.prod.postmedia.digital
URL: https://fem.prod.postmedia.digital/v46.1/fem.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
662e2a3383679032296e6df6a3e801e849b0d1c2953ce1a065624f364130df41

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:02 GMT
via
1.1 varnish, 1.1 varnish
age
2015
x-origin-name
fastlyshield--shield_ssl_cache_dca17759_DCA
x-cache
HIT, HIT
x-cache-hits
1, 10
content-encoding
gzip
content-length
57786
x-served-by
cache-dca17759-DCA, cache-yul12829-YUL
server
Kestrel
x-timer
S1638589982.262516,VS0,VE0
vary
Accept, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 04 Dec 2021 04:19:27 GMT
uthtxmddg.js
cdn.krxd.net/controltag/ 		28 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/controltag/uthtxmddg.js
Requested by
Host: fem.prod.postmedia.digital
URL: https://fem.prod.postmedia.digital/v46.1/fem.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4917a8e103df1c03fe1664e88809fd1168a2a8930976e4ac3ab7a8e0706fdfd6

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Sat, 04 Dec 2021 03:53:02 GMT
via
1.1 varnish, 1.1 varnish
age
710
x-cache
MISS, HIT, HIT
x-app-cache
HIT
x-age
0
content-encoding
gzip
content-length
6312
x-served-by
config-service-a002-ash-prod.krxd.net, cache-bwi5131-BWI, cache-yul12828-YUL
x-response-time
0
x-do-esi
esi
x-timer
S1638589982.276526,VS0,VE0
etag
"2d5824058428e0e7935b95048ba752459e98bf20"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 1, 40
pubads_impl_2021113001.js
securepubads.g.doubleclick.net/gpt/ 		348 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
sffe /
Resource Hash
465b31f84196ddfdd21c859a1460c95d70093d91e3ae5ce5c688c398b9dc20f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119680
x-xss-protection
0
last-modified
Tue, 30 Nov 2021 13:53:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 04 Dec 2021 03:53:02 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		181 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.theobserver.ca
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
cafe /
Resource Hash
ab894cd89f0f24b1938bc78d2da0aa60bf6ac9e80c3ee7a0490832bbd44358fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Dec 2021 03:53:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
expires
Sat, 04 Dec 2021 03:53:02 GMT
identity
api.rlcdn.com/api/ 		0
255 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-69700543969858.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.155.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theobserver.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 04 Dec 2021 03:53:02 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.theobserver.ca
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
rid
match.adsrvr.org/track/ 		109 B
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=184635
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-69700543969858.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
76a25ef33d68faae60dad591c81964f1e9fb44c21a9eec0433ed0cb3bd2d32b5

Request headers

Referer
https://www.theobserver.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 04 Dec 2021 03:53:02 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theobserver.ca
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Mon, 03 Jan 2022 03:53:02 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		0
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3528&u=https%3A%2F%2Fwww.theobserver.ca
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.239.200.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-239-200-177.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 22:01:06 GMT
via
1.1 34deee8ac34d726c1404a3045667664b.cloudfront.net (CloudFront)
server
Server
age
21115
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.theobserver.ca
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
EWR53-P1
x-amz-cf-id
qqgFX_aq8Vkh3A_DD4rUtXwvr7J0-qXWJBILu_3jKL_dfu9QSuuHSQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.239.200.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-239-200-177.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 20:52:47 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
25216
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Tue, 09 Nov 2021 22:55:20 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
gYbY2ORQY5Qmsyt0ob0SiGH6tjIhuo4B
via
1.1 35c803afef083002d824403342d4c62e.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
EWR53-P1
content-type
application/javascript
x-amz-cf-id
gcQD5A8jhtSsb3EzF_gSii64HX_lm2Ny-K63NH5M-LAH9IApmgqEPQ==
pub
pixel.adsafeprotected.com/services/ 		639 B
875 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=928934&slot=%7Bid:ad-1,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENCO_ON_Observer_EN_WEB/news/local-news/story,t:display%7D&slot=%7Bid:ad-2,ss:%5B6.6,1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENCO_ON_Observer_EN_WEB/news/local-news/story,t:display%7D&slot=%7Bid:ad-3,ss:%5B7.7,1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENCO_ON_Observer_EN_WEB/news/local-news/story,t:display%7D&slot=%7Bid:ad-native-1,ss:%5B5.5%5D,p:/3081/SMCO_ENCO_ON_Observer_EN_WEB/news/local-news/story,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=2b48f95f-36b9-f5fc-0df4-262618469e0c&url=https%253A%252F%252Fwww.theobserver.ca%252Fnews%252Flocal-news%252Fjudge-seeks-rehab-check
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.23.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-23-149.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf109434d21cad0bf9b51eef38b867bda7c44e9653c7c82cfa9ca844b6f8b023

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:02 GMT
x-server-name
app21.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theobserver.ca
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
server
nginx
index.html
cdn.districtm.io/ids/ Frame 1712 		116 B
304 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: hb.districtm.io
URL: https://hb.districtm.io/prod/100549/all.postmedia.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/

Response headers

date
Sat, 04 Dec 2021 03:53:02 GMT
content-type
text/html
cf-ray
6b8215ddbc952c95-ORD
age
19362
last-modified
Thu, 20 May 2021 02:18:27 GMT
via
1.1 6fd3e892e833323ba7dcdc6f465cfe99.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-cf-id
53GP4csxcC2edReIbeFxFPu3ykQNea9JrYlLYnjCln_11--zX_QJMA==
x-amz-cf-pop
ORD52-C2
x-cache
Hit from cloudfront
vary
Accept-Encoding
server
cloudflare
content-encoding
br
v1
dmx.districtm.io/b/ 		0
38 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: hb.districtm.io
URL: https://hb.districtm.io/prod/100549/all.postmedia.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.theobserver.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 04 Dec 2021 03:53:02 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
https://www.theobserver.ca
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6b8215dddcbe2c95-ORD
access-control-allow-headers
origin, content-type
v1
dmx.districtm.io/b/ 		0
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: hb.districtm.io
URL: https://hb.districtm.io/prod/100549/all.postmedia.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.theobserver.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 04 Dec 2021 03:53:02 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
https://www.theobserver.ca
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6b8215dddcc62c95-ORD
access-control-allow-headers
origin, content-type
xd.js
d395dw5zk780j2.cloudfront.net/v46.1/ Frame 4526 		37 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d395dw5zk780j2.cloudfront.net/v46.1/xd.js
Requested by
Host: d395dw5zk780j2.cloudfront.net
URL: https://d395dw5zk780j2.cloudfront.net/v46.1/xd.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:7200:8:f216:eb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca39ac2106cae3b8e988a9a627162f3bd075d83794f0fadc5a27468f4d60c7f8

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://d395dw5zk780j2.cloudfront.net/v46.1/xd.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 22:31:06 GMT
content-encoding
gzip
last-modified
Fri, 19 Nov 2021 21:41:38 GMT
server
AmazonS3
age
1228917
etag
W/"400b5acc533384a76c8b70c86002a968"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 e832d261a0bb86f8ba09ea0550c8e77e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-P1
x-amz-cf-id
xGNHtsWX40QPXpTt5UrXzPDIikuUTUnbPR9izL9PmU7dFHcNnttXMQ==
logo-identity-sob.svg
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.5.1/websites/images/identity/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.5.1/websites/images/identity/logo-identity-sob.svg
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2010 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
91ece1c98f47c513ee0dff76ca9e6747bde5082d4a4e4fbad8cd9cdac63a008b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:02 GMT
age
0
x-guploader-uploadid
ADPycdto2ffXBmOkp-kaj3HDW3VfFal15KnRY5zHcV1e_k1h3MRKDYvnX3UXBhgChU7ywaQJw5kNOQnyjkx8dV47RIICdZ7cnA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7111
last-modified
Tue, 23 Nov 2021 16:45:39 GMT
server
UploadServer
etag
"9c3afddfa4f6232f15e6271238768ce8"
x-goog-hash
crc32c=Fy813w==, md5=nDr936T2Iy8V5icSOHaM6A==
x-goog-generation
1637685939573741
access-control-allow-origin
*
cache-control
max-age=31536000
x-goog-stored-content-length
7111
accept-ranges
bytes
content-type
image/svg+xml
expires
Sun, 04 Dec 2022 03:53:02 GMT
controltag.js.a1705c5ac5f06cf0c202ff70908fc042
cdn.krxd.net/ctjs/ 		259 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/uthtxmddg.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Sat, 04 Dec 2021 03:53:02 GMT
content-encoding
gzip
age
10683292
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
1496265
content-length
84509
x-served-by
cache-yul12828-YUL
last-modified
Mon, 02 Aug 2021 12:06:17 GMT
x-timer
S1638589982.373697,VS0,VE0
etag
"a1705c5ac5f06cf0c202ff70908fc042"
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Thu, 31 Jul 2031 12:06:16 GMT
identify
identity.mparticle.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-mp-key
Origin
https://www.theobserver.ca
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Kestrel
access-control-allow-headers
content-type,x-mp-key
access-control-allow-methods
POST
access-control-allow-origin
*
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
accept-ranges
bytes
date
Sat, 04 Dec 2021 03:53:02 GMT
via
1.1 varnish
age
2487
x-served-by
cache-yul12822-YUL
x-cache
HIT
x-cache-hits
2584
x-timer
S1638589982.448382,VS0,VE0
strict-transport-security
max-age=900
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/580aa374a095754d9f83e996ce038321/mparticle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5467
date
Sat, 04 Dec 2021 02:21:55 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 04 Dec 2021 04:21:55 GMT
identify
identity.mparticle.com/v1/ 		175 B
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/580aa374a095754d9f83e996ce038321/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
0d70c8a0aae74175852391d2840460ac68e84aa79875fd0d4d3609de559029a9
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

x-mp-key
580aa374a095754d9f83e996ce038321
Referer
https://www.theobserver.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 04 Dec 2021 03:53:02 GMT
content-encoding
gzip
server
Kestrel
x-timer
S1638589982.462125,VS0,VE30
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by
cache-yul12822-YUL
vary
Accept-Encoding
x-cache
MISS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
strict-transport-security
max-age=900
accept-ranges
bytes
via
1.1 varnish
x-cache-hits
0
374c0c278f93b821f0c40.js
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.5.1/websites/js/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.5.1/websites/js/374c0c278f93b821f0c40.js
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.5.1/CACHE/js/shared.669cea0d3dc0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2010 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
46e83497b5122bc313a5952b84761c5a09d8ce988100d3777e278fdb42cbced7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:04:46 GMT
age
2896
x-guploader-uploadid
ADPycduh7-49_beOEkpjouNLwLmOdq3aBHk27QFGuULHrY3SBXYJML9I1igKZ7xxot0-plHMxu0MG_ct-rLC6csSQT8A45rLlw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6613
last-modified
Tue, 23 Nov 2021 16:50:40 GMT
server
UploadServer
etag
"b99e8e4ea741f961b3ddd399d0a94832"
x-goog-hash
crc32c=86Xtlw==, md5=uZ6OTqdB+WGz3dOZ0KlIMg==
x-goog-generation
1637355363567235
access-control-allow-origin
*
cache-control
max-age=31536000
x-goog-stored-content-length
6613
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 04 Dec 2022 03:04:46 GMT
85e9432a33ebc75f547c9.js
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.5.1/websites/js/ 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.5.1/websites/js/85e9432a33ebc75f547c9.js
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.5.1/CACHE/js/shared.669cea0d3dc0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2010 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
8663c4c012653545c9f9da9605cd23e7e412379704bcf9cdc72c6522b5447312

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:45:54 GMT
age
428
x-guploader-uploadid
ADPycdtmwtJZAwrGUGzkSQy5lL4MgX0ImbQhS2GCXq5kY8KVfQreTj02PnA5A8I0srhsmIxFToIgULVYacEB3qzFPGRHbVN1_w
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12695
last-modified
Tue, 23 Nov 2021 16:51:04 GMT
server
UploadServer
etag
"e648c0ea197c3fbb40afb7d68978bb98"
x-goog-hash
crc32c=CVwaFQ==, md5=5kjA6hl8P7tAr7fWiXi7mA==
x-goog-generation
1637612351837526
access-control-allow-origin
*
cache-control
max-age=31536000
x-goog-stored-content-length
12695
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 04 Dec 2022 03:45:54 GMT
004b3081072a844d450f17.js
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.5.1/websites/js/ 		10 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.5.1/websites/js/004b3081072a844d450f17.js
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.5.1/CACHE/js/shared.669cea0d3dc0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2010 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
41ff4b428bfb3371a5bd4bd343610428336c583892d0fa5c13f60289b754e183

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:03:43 GMT
age
2959
x-guploader-uploadid
ADPycdtnCmBVoZ82OoumI3kEtFx23RFd4nlbb0e4dA-FwOMVJIpK3NaMKAwuepSExlq-HhboIWam_fpQZbAYwUmUUHWdArI5BA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10733
last-modified
Tue, 23 Nov 2021 16:49:29 GMT
server
UploadServer
etag
"0eba6a13c1231594470bf463b9af20eb"
x-goog-hash
crc32c=foy7cw==, md5=DrpqE8EjFZRHC/Rjua8g6w==
x-goog-generation
1637612259044415
access-control-allow-origin
*
cache-control
max-age=31536000
x-goog-stored-content-length
10733
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 04 Dec 2022 03:03:43 GMT
e0338a7e76f3ba8256744.js
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.5.1/websites/js/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.5.1/websites/js/e0338a7e76f3ba8256744.js
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.5.1/CACHE/js/shared.669cea0d3dc0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2010 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
aca9b4cf53c3b000033746b6314c868ee8f25e92bc9201b1ef9e4f1cafd0a60a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:45:52 GMT
age
430
x-guploader-uploadid
ADPycdsLJqn-smFrjzcX8g2QY3cfi14j34p0ZGr58y3LDbYgwDoMlQINzXbLTg4pNP158c_zoGjXWmQInFa4nslFUuz0A3lg5A
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7850
last-modified
Tue, 23 Nov 2021 16:50:44 GMT
server
UploadServer
etag
"5ee455a7cd6a8872d0f66ec552480576"
x-goog-hash
crc32c=hX5PDg==, md5=XuRVp81qiHLQ9m7FUkgFdg==
x-goog-generation
1637612332420338
access-control-allow-origin
*
cache-control
max-age=31536000
x-goog-stored-content-length
7850
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 04 Dec 2022 03:45:52 GMT
76809b1def32de1320d96.js
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.5.1/websites/js/ 		19 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.5.1/websites/js/76809b1def32de1320d96.js
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.5.1/CACHE/js/shared.669cea0d3dc0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2010 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
4da7e3b0dbc9d7f23bd16aeb38ba8cc78f9d2a104bcd8f6737669440c9ed8a26

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:03:43 GMT
age
2959
x-guploader-uploadid
ADPycdv1bgp4OzeailDnA8DUvlnoDZl24qKgC7EN5J98RP4ipRHZudRtph_w4BEumrMsxdAEi0StWIHBRti2ZmoLavOrt7vaow
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19479
last-modified
Tue, 23 Nov 2021 16:51:57 GMT
server
UploadServer
etag
"19b03c1bfc649edde233152cb7a62401"
x-goog-hash
crc32c=oxlosw==, md5=GbA8G/xknt3iMxUst6YkAQ==
x-goog-generation
1637355412048827
access-control-allow-origin
*
cache-control
max-age=31536000
x-goog-stored-content-length
19479
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 04 Dec 2022 03:03:43 GMT
66fd8c455a4ee26286a612.js
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.5.1/websites/js/ 		44 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.5.1/websites/js/66fd8c455a4ee26286a612.js
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.5.1/CACHE/js/shared.669cea0d3dc0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2010 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
656221125e72b908c855f3124bf61f15239fdb1f08b864c75fcdadfe003b66f8

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:02:16 GMT
age
3046
x-guploader-uploadid
ADPycds5OyfZ4X5ZwPVpAh0QyBIijtfa94y8Fs1NbatNMP4bBes4icm2buFINpkGfh8rmVIxp292ygM3GEYV-78R3zxtm7tUig
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44985
last-modified
Tue, 23 Nov 2021 16:49:40 GMT
server
UploadServer
etag
"5cd8b78972f54af28e24ac874082980d"
x-goog-hash
crc32c=AUsm0Q==, md5=XNi3iXL1SvKOJKyHQIKYDQ==
x-goog-generation
1637355326233513
access-control-allow-origin
*
cache-control
max-age=31536000
x-goog-stored-content-length
44985
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 04 Dec 2022 03:02:16 GMT
7d39bdc2cd38c166ad5f2.js
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.5.1/websites/js/ 		16 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.5.1/websites/js/7d39bdc2cd38c166ad5f2.js
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.5.1/CACHE/js/shared.669cea0d3dc0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2010 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
ce6cd860558c0112cb2f2f95bce9e16812b24ab25df073e326eabd213750f7c1

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:03:43 GMT
age
2959
x-guploader-uploadid
ADPycdt-Y62aDV5sXzzwJze8DUmEfRbWOuUyS9LSvsuNDSUQ_OinzTlMbufotXzlZUY-zwPPBmBB5SJ56wFxisn1B39obhzaGQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16205
last-modified
Tue, 23 Nov 2021 16:50:36 GMT
server
UploadServer
etag
"6ab74314b26d9df9d928edc4710a05c1"
x-goog-hash
crc32c=Z0qY9w==, md5=ardDFLJtnfnZKO3EcQoFwQ==
x-goog-generation
1637612324835440
access-control-allow-origin
*
cache-control
max-age=31536000
x-goog-stored-content-length
16205
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 04 Dec 2022 03:03:43 GMT
768f7cf9c6bbcf0af9ee5.js
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.5.1/websites/js/ 		14 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.5.1/websites/js/768f7cf9c6bbcf0af9ee5.js
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.5.1/CACHE/js/shared.669cea0d3dc0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2010 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
7a3bc8c32965f3f5733e386d24a6b5d42429b572f64f3cd469504fbdbc07f8e4

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:03:43 GMT
age
2959
x-guploader-uploadid
ADPycdvlqGwpk8HLItN5Q4jn5gsST9_OxjyL7CYBbmlW0FMHq9b9DgGj0HgFENv8DFy-B3Srxenn56fHjGa8QozLWZKqOazSmA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14613
last-modified
Tue, 23 Nov 2021 16:52:55 GMT
server
UploadServer
etag
"5f11dc6385a94b07583a03603ed1aa33"
x-goog-hash
crc32c=akjdlA==, md5=XxHcY4WpSwdYOgNgPtGqMw==
x-goog-generation
1637612460623809
access-control-allow-origin
*
cache-control
max-age=31536000
x-goog-stored-content-length
14613
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 04 Dec 2022 03:03:43 GMT
30abee42287aea61e19b8.js
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.5.1/websites/js/ 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.5.1/websites/js/30abee42287aea61e19b8.js
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.5.1/CACHE/js/shared.669cea0d3dc0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2010 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
4e83caf1cb9cc7a5ba0c7d5d0308796c3c41c0a85a6beec913378bf3ca5b2126

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:03:43 GMT
age
2959
x-guploader-uploadid
ADPycdvexxw2EMnRy9QEHsFjp-DSzhHoNhwZN6gPVBSIQT6KB0DgM6zPoSpLzEazJJXGRyo5CE-mCZ9BogigA0mV3v6V2WHnPw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13044
last-modified
Tue, 23 Nov 2021 16:52:38 GMT
server
UploadServer
etag
"7dc8cf5499ea3842533a70d965e8cca2"
x-goog-hash
crc32c=rFQNDg==, md5=fcjPVJnqOEJTOnDZZejMog==
x-goog-generation
1637612444453305
access-control-allow-origin
*
cache-control
max-age=31536000
x-goog-stored-content-length
13044
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 04 Dec 2022 03:03:43 GMT
a25b669575a89d6880f413.js
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.5.1/websites/js/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.5.1/websites/js/a25b669575a89d6880f413.js
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.5.1/CACHE/js/shared.669cea0d3dc0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2010 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
4d8e57e390bdad7acf647c9e9adb492cec559d61a736e421260d4838efdaf04b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:03:43 GMT
age
2959
x-guploader-uploadid
ADPycdsB4Zh3TTJkmg28IE-RJsP74je5TVONCNXSqpIvjgvw7iozzl5NjOBmNyLAXYXJIxXPO1vRSs3yinD-sWHO8Fq-je_Y3Q
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9380
last-modified
Tue, 23 Nov 2021 16:53:12 GMT
server
UploadServer
etag
"aba8c5dce8aaf2137df388f5abb728b4"
x-goog-hash
crc32c=8pCNzQ==, md5=q6jF3Oiq8hN984j1q7cotA==
x-goog-generation
1637612477051475
access-control-allow-origin
*
cache-control
max-age=31536000
x-goog-stored-content-length
9380
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 04 Dec 2022 03:03:43 GMT
89e69fdaad03c5283d7714.js
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.5.1/websites/js/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.5.1/websites/js/89e69fdaad03c5283d7714.js
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.5.1/CACHE/js/shared.669cea0d3dc0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2010 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
e48769b510137e582179b5beedb1adc108d4a0f9d2cabdc14adef3fdde340e25

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:04:38 GMT
age
2904
x-guploader-uploadid
ADPycds2BbK2S2PdJ54Xhv3dBKxVF0USIr9a5YHO1DNfz9r-Nrrk8Kmkjf8LDss62Qa6UbE6T2GJ3Q1RIF-jrQhZbFwwGd_xUQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6785
last-modified
Tue, 23 Nov 2021 16:52:52 GMT
server
UploadServer
etag
"459fe2c86e09141a55b834ec41fb4634"
x-goog-hash
crc32c=XuUzdw==, md5=RZ/iyG4JFBpVuDTsQftGNA==
x-goog-generation
1637355446543150
access-control-allow-origin
*
cache-control
max-age=31536000
x-goog-stored-content-length
6785
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 04 Dec 2022 03:04:38 GMT
554bc21dbc95d07a394c10.js
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.5.1/websites/js/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.5.1/websites/js/554bc21dbc95d07a394c10.js
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.5.1/CACHE/js/shared.669cea0d3dc0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2010 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
cbe938bffb329d94400869712d557aff03a7f0b5f82854659c703cbdc0c9b64b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:04:38 GMT
age
2904
x-guploader-uploadid
ADPycdtw7nVA0EEbhD_J5RvyevHOf6PIvizoKtyZl3lkd2kAN8VcB4CjoD1LaeXCxO9CkGvOWsCqsxSvrh7s1rTDBcA319hOtw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10199
last-modified
Tue, 23 Nov 2021 16:50:38 GMT
server
UploadServer
etag
"edf35347d6aa96556671ef54369e1760"
x-goog-hash
crc32c=OX9ijQ==, md5=7fNTR9aqllVmce9UNp4XYA==
x-goog-generation
1637355362446606
access-control-allow-origin
*
cache-control
max-age=31536000
x-goog-stored-content-length
10199
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 04 Dec 2022 03:04:38 GMT
b05d1526cccab67b15be26.js
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.5.1/websites/js/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.5.1/websites/js/b05d1526cccab67b15be26.js
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.5.1/CACHE/js/shared.669cea0d3dc0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2010 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
2b7a7cdb6cdfeea5b6d3a19b510a9f5ce868b73988b44333770d3326798320d9

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:03:43 GMT
age
2959
x-guploader-uploadid
ADPycdtAxz_l-tQWjLDdmhRAAqHtAfYpTbXU1LTUzoLBWHR3Y4aADGXTiv_beN-A9blyWHm7WqHPOKQi72KY3Avx0g56-Qx7zw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9689
last-modified
Tue, 23 Nov 2021 16:51:59 GMT
server
UploadServer
etag
"67ad6210a7732d54e25e330639f4934c"
x-goog-hash
crc32c=gqHkvA==, md5=Z61iEKdzLVTiXjMGOfSTTA==
x-goog-generation
1637355413845007
access-control-allow-origin
*
cache-control
max-age=31536000
x-goog-stored-content-length
9689
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 04 Dec 2022 03:03:43 GMT
sso.js
d1v9u0bgi1uimx.cloudfront.net/ 		28 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1v9u0bgi1uimx.cloudfront.net/sso.js
Requested by
Host: widgets-cdn.rpxnow.com
URL: https://widgets-cdn.rpxnow.com/manifest/capture:login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-32.ewr53.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
2cdf80963bd339576cd2fa41ab42c93baa3499810a07f243cced7eb84d19aa6f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 03 Dec 2021 18:04:33 GMT
Via
1.1 a034e5b3e703810e3023d56d31897ebd.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
35312
X-Cache
Hit from cloudfront
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection
keep-alive
X-SSO-Instance
SSO1-sso-3.5.0+216
Content-Length
29010
Last-Modified
Tue, 16 Apr 2019 19:03:14 GMT
Server
Apache-Coyote/1.1
ETag
W/"29010-1555441394000"
Content-Type
application/javascript
EC2-instance-id
i-0805158b042c068ac
X-Amz-Cf-Pop
EWR53-P1
Accept-Ranges
bytes
X-Amz-Cf-Id
INtMJMDdTNC-_cBVs9h45OSG9V8QjKjjWMqJ6OJALyi2v02t85rYRw==
providers.css
quilt-cdn.janrain.com/HEAD/ 		123 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://quilt-cdn.janrain.com/HEAD/providers.css
Requested by
Host: widgets-cdn.rpxnow.com
URL: https://widgets-cdn.rpxnow.com/manifest/capture:login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d::1721:ee10 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cbf82bc71e89c822b11480a6c7ad144d8f4a43b8395afd5c2b81608859c55aa5

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Sat, 04 Dec 2021 03:53:02 GMT
content-encoding
gzip
last-modified
Mon, 27 Sep 2021 18:12:27 GMT
server
AmazonS3
x-amz-request-id
SZEWMT2YM56RHRHX
etag
"123d2909bf54e24c0050abf1148b1fce"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=25734043
accept-ranges
bytes
content-length
8619
x-amz-id-2
RCtmTcoKP0nxqMNUXYt6cuSrwxHpQaDw0jaaloZxW8fH9xJlEojwhAHx/EVpzhbSFGpw7kn0TWA=
expires
Wed, 28 Sep 2022 00:13:45 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		194 B
665 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3528&u=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check&pid=Hhyg6GVkGbCFH&cb=0&ws=1600x1200&v=7.71.1&t=2000&slots=%5B%7B%22sd%22%3A%22ad-1%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-2%22%2C%22s%22%3A%5B%226x6%22%2C%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-3%22%2C%22s%22%3A%5B%227x7%22%2C%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-1%22%2C%22s%22%3A%5B%225x5%22%5D%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.239.200.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-239-200-177.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
61a9435112cb68acc5f8da27798416ac4082a71a8ee5d392fb39c30185e4bc73
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:02 GMT
via
1.1 34deee8ac34d726c1404a3045667664b.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR53-P1
x-amz-rid
E3PG3MB6SSXAW360ZBST
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.theobserver.ca
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
194
x-amz-cf-id
SIYy-AeWkj0OnHF2hD38l9ph29Zkzthvjfy5j1o4Mpa8Tuun0r13ow==
Forwarding
jssdks.mparticle.com/v1/JS/580aa374a095754d9f83e996ce038321/ 		0
198 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v1/JS/580aa374a095754d9f83e996ce038321/Forwarding
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/580aa374a095754d9f83e996ce038321/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theobserver.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 04 Dec 2021 03:53:02 GMT
via
1.1 varnish
server
Kestrel
x-timer
S1638589983.627021,VS0,VE15
x-served-by
cache-yul12828-YUL
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
x-cache-hits
0
/
cookiesync.mparticle.com/v1/sync/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=mparticle_dmp&google_cm&MPID=6874739207850811631&esid=30989&Key=580aa374a095754d9f83e996ce038321&env=2
  • https://cm.g.doubleclick.net/pixel?google_nid=mparticle_dmp&google_cm=&MPID=6874739207850811631&esid=30989&Key=580aa374a095754d9f83e996ce038321&env=2&google_tc=
  • https://cookiesync.mparticle.com/v1/sync/?id=CAESECrtBVBfXjqqaoKZ1bQGZrI&MPID=6874739207850811631&esid=30989&Key=580aa374a095754d9f83e996ce038321&env=2&google_cver=1
0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cookiesync.mparticle.com/v1/sync/?id=CAESECrtBVBfXjqqaoKZ1bQGZrI&MPID=6874739207850811631&esid=30989&Key=580aa374a095754d9f83e996ce038321&env=2&google_cver=1
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:02 GMT
via
1.1 varnish
server
Kestrel
x-timer
S1638589983.831027,VS0,VE16
x-origin-name
6pOFtq5qpnIJ0Pt8WbH5c2--F_us1_origin
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
x-served-by
cache-yul12820-YUL

Redirect headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cookiesync.mparticle.com/v1/sync/?id=CAESECrtBVBfXjqqaoKZ1bQGZrI&MPID=6874739207850811631&esid=30989&Key=580aa374a095754d9f83e996ce038321&env=2&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
382
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
cafe /
Resource Hash
7317a02358b2b617ba0934b570c313ee76f29176c4821a9a5fd1656413e5f41b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14333
x-xss-protection
0
server
cafe
etag
8469929769973419123
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 04 Dec 2021 03:53:02 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::1732:35c1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 04 Dec 2021 03:53:02 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 Sep 2021 19:17:49 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=28200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2036
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f065:e:face:b00c:0:3 Houston, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
25965
x-xss-protection
0
pragma
public
x-fb-debug
2uul402jtTh3v4lcRV6WmUNpfTjTUWIXR+c38asmqhIcLd2F3fdKvw1aLGu7UtDvAGC7uQGc8VeTfxqfSgz16Q==
x-fb-trip-id
1679558926
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sat, 04 Dec 2021 03:53:02 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
uwt.js
static.ads-twitter.com/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.248.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:02 GMT
content-encoding
gzip
last-modified
Thu, 16 Sep 2021 23:12:14 GMT
etag
"8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
5410
x-served-by
cache-iad-kjyo7100159-IAD, cache-bwi5044-BWI
services
sr.studiostack.com/v3/ 		24 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sr.studiostack.com/v3/services
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.49.104.19 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
de70035b9069675a3313f33aee3809e0030b5457fb04d19d9e2da42180078c77

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Dec 2021 03:53:01 GMT
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD, PUT
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
24454
request-context
appId=cid-v1:c374023b-8354-459d-b51b-039919730c2c
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=10276888&ns__t=1638589982592&ns_c=UTF-8&c8=Judge%20seeks%20rehab%20check%20%7C%20The%20Sarnia%20Observer&c7=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Floca...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=10276888&ns__t=1638589982592&ns_c=UTF-8&c8=Judge%20seeks%20rehab%20check%20%7C%20The%20Sarnia%20Observer&c7=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Floc...
0
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=10276888&ns__t=1638589982592&ns_c=UTF-8&c8=Judge%20seeks%20rehab%20check%20%7C%20The%20Sarnia%20Observer&c7=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check&c9=
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Server
52.85.61.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-28.ewr53.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:02 GMT
via
1.1 6a2d00c5c73022efc4bc2786f44b3cdc.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-P1
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
mI_Z0y3wzQ43sk2of82AMtgC0O7Fr50yKLsT1XpQyoNoR6aM78GDMw==
x-cache
Miss from cloudfront

Redirect headers

date
Sat, 04 Dec 2021 03:53:02 GMT
via
1.1 6a2d00c5c73022efc4bc2786f44b3cdc.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-P1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=10276888&ns__t=1638589982592&ns_c=UTF-8&c8=Judge%20seeks%20rehab%20check%20%7C%20The%20Sarnia%20Observer&c7=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check&c9=
content-length
256
x-amz-cf-id
4ww0KkHV05N-bvETYzNYK5rvvmQOj4r5ixdYS8sh5r5KjK-zLV9GKA==
idsync.d5cb6b96.js
cdn.districtm.io/ids/ Frame 1712 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/ids/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:02 GMT
via
1.1 af773f4ed0d1f81acb9720b12cb8310a.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
40664
cf-polished
origSize=3302
x-cache
Hit from cloudfront
cf-bgj
minify
content-encoding
br
last-modified
Thu, 20 May 2021 02:18:27 GMT
server
cloudflare
etag
W/"74ede07ef946dc2316f86b2661cf2dd3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=172800
x-amz-cf-pop
ORD53-C3
cf-ray
6b8215df68092c95-ORD
x-amz-cf-id
uJD7-scSZy2JJFjPm8i9Cdewcgd2i3gB8gn-RJpkBBP5Z3NnDvi9vg==
expires
Mon, 06 Dec 2021 03:53:02 GMT
publisher:getClientId
ampcid.google.com/v1/ 		74 B
534 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ae8264ec552f76003b5335b0839b6fe29284e27617923b0b2c50357ade389091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.theobserver.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 04 Dec 2021 03:53:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.theobserver.ca
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
94
x-xss-protection
0
proxy.3d2100fd7107262ecb55ce6847f01fa5.html
cdn.krxd.net/partnerjs/xdi/ Frame 1A4F 		805 B
827 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/

Response headers

last-modified
Tue, 21 Feb 2017 17:50:54 GMT
etag
"3d2100fd7107262ecb55ce6847f01fa5"
cache-control
public, max-age=315360000
expires
Fri, 19 Feb 2027 17:50:50 GMT
content-type
text/html
x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
content-encoding
gzip
accept-ranges
bytes
date
Sat, 04 Dec 2021 03:53:02 GMT
via
1.1 varnish
age
15440503
x-served-by
cache-yul12828-YUL
x-cache
HIT
x-cache-hits
452430
x-timer
S1638589983.681202,VS0,VE0
vary
Accept-Encoding
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length
525
identify
identity.mparticle.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-mp-key
Origin
https://www.theobserver.ca
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Kestrel
access-control-allow-headers
content-type,x-mp-key
access-control-allow-methods
POST
access-control-allow-origin
*
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
accept-ranges
bytes
date
Sat, 04 Dec 2021 03:53:02 GMT
via
1.1 varnish
age
2487
x-served-by
cache-yul12822-YUL
x-cache
HIT
x-cache-hits
2585
x-timer
S1638589983.685888,VS0,VE0
strict-transport-security
max-age=900
identify
identity.mparticle.com/v1/ 		175 B
228 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/580aa374a095754d9f83e996ce038321/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
0d70c8a0aae74175852391d2840460ac68e84aa79875fd0d4d3609de559029a9
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

x-mp-key
580aa374a095754d9f83e996ce038321
Referer
https://www.theobserver.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 04 Dec 2021 03:53:02 GMT
content-encoding
gzip
server
Kestrel
x-timer
S1638589983.701587,VS0,VE31
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by
cache-yul12822-YUL
vary
Accept-Encoding
x-cache
MISS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
strict-transport-security
max-age=900
accept-ranges
bytes
via
1.1 varnish
x-cache-hits
0
Forwarding
jssdks.mparticle.com/v1/JS/580aa374a095754d9f83e996ce038321/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v1/JS/580aa374a095754d9f83e996ce038321/Forwarding
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/580aa374a095754d9f83e996ce038321/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theobserver.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 04 Dec 2021 03:53:02 GMT
via
1.1 varnish
server
Kestrel
x-timer
S1638589983.702086,VS0,VE64
x-served-by
cache-yul12828-YUL
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
x-cache-hits
0
flow.js:ztcpr5854s8kyh93khrgw44sv9:en-US:HEAD:standard
d1lqe9temigv1p.cloudfront.net/widget_data/ 		36 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1lqe9temigv1p.cloudfront.net/widget_data/flow.js:ztcpr5854s8kyh93khrgw44sv9:en-US:HEAD:standard
Requested by
Host: widgets-cdn.rpxnow.com
URL: https://widgets-cdn.rpxnow.com/manifest/capture:login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-64.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bab05e352c21048ba5634365c3cfbaa21b405364b0b051ad763f824e6ee63624

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 04 Dec 2021 03:48:57 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 02 Feb 2021 14:30:46 GMT
Server
AmazonS3
Age
250
ETag
"fbefee44935aec5f0a4ffda5021cf7d3"
X-Cache
Hit from cloudfront
Content-Type
text/javascript; charset=utf-8
Via
1.1 11140291d542e546b40770525cf1e1b5.cloudfront.net (CloudFront)
Cache-Control
max-age=300
X-Amz-Cf-Pop
EWR53-P1
Content-Length
8026
X-Amz-Cf-Id
JeRje65VgO7ri4hNM5yl_sUrwHkjWEOEhy8S6ctV5avyJDC9uOM9OA==
cdb
bidder.criteo.com/ 		0
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=116&profileId=154&cb=43096204026
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theobserver.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.theobserver.ca
date
Sat, 04 Dec 2021 03:53:02 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
bid
ap.lijit.com/rtb/ 		134 B
798 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?callback=window.headertag.SovrnHtb.adResponseCallback&br=%7B%22id%22%3A%22_yHGrGXoW%22%2C%22site%22%3A%7B%22domain%22%3A%22www.theobserver.ca%22%2C%22page%22%3A%22%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check%22%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22ZqRs7fSN%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%22tagid%22%3A%22839562%22%7D%2C%7B%22id%22%3A%22B69w3JZQ%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%7D%2C%22tagid%22%3A%22839563%22%7D%2C%7B%22id%22%3A%228eQSBPXU%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%22tagid%22%3A%22839564%22%7D%2C%7B%22id%22%3A%22fgbDazpy%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%22tagid%22%3A%22839565%22%7D%2C%7B%22id%22%3A%229rnT6lL1%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%22tagid%22%3A%22839554%22%7D%2C%7B%22id%22%3A%22dLQ8oTge%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%7D%2C%22tagid%22%3A%22839555%22%7D%2C%7B%22id%22%3A%224n1dtL70%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%22tagid%22%3A%22839556%22%7D%2C%7B%22id%22%3A%22q0ST0TKM%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%22tagid%22%3A%22839557%22%7D%2C%7B%22id%22%3A%22PJs8denf%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%22tagid%22%3A%22839510%22%7D%2C%7B%22id%22%3A%222Pvf46ZA%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%7D%2C%22tagid%22%3A%22839511%22%7D%2C%7B%22id%22%3A%22pzJnp2v6%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%22tagid%22%3A%22839512%22%7D%2C%7B%22id%22%3A%22OUZYBlNH%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%22tagid%22%3A%22839513%22%7D%5D%7D
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-69700543969858.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.182 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
3e27a1979bf4f8bd03e538e041ca8062e6376512c2b58d87d616fbd38b2c9142

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 04 Dec 2021 03:53:02 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/x-javascript
Access-Control-Allow-Origin
https://www.theobserver.ca
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
142
arj
postmedia-d.openx.net/w/1.0/
Redirect Chain
  • https://postmedia-d.openx.net/w/1.0/arj?auid=543832900%2C543832896%2C543832892&aus=300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90&ju...
  • https://postmedia-d.openx.net/w/1.0/arj?cc=1&auid=543832900%2C543832896%2C543832892&aus=300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x...
233 B
241 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://postmedia-d.openx.net/w/1.0/arj?cc=1&auid=543832900%2C543832896%2C543832892&aus=300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90&ju=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check&jr=&ch=UTF-8&tz=0&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._QsCHNyuT&cache=1638589982741&ttduuid=96202975-3807-4288-a32a-8d03bb6cadd8
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.221.0 /
Resource Hash
0826670086a8c44b8dec0839de47e4d3381083a69033ea8fdf16efae1f9de0ac

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:03 GMT
content-encoding
gzip
server
OXGW/16.221.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.theobserver.ca
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
218
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Sat, 04 Dec 2021 03:53:02 GMT
via
1.1 google
server
OXGW/16.221.0
location
https://postmedia-d.openx.net/w/1.0/arj?cc=1&auid=543832900%2C543832896%2C543832892&aus=300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90&ju=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check&jr=&ch=UTF-8&tz=0&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._QsCHNyuT&cache=1638589982741&ttduuid=96202975-3807-4288-a32a-8d03bb6cadd8
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.theobserver.ca
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cygnus
htlb.casalemedia.com/ 		78 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?v=7.2&s=283186&fn=headertag.IndexExchangeHtb.adResponseCallback&r=%7B%22id%22%3A43335015%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check%22%7D%2C%22imp%22%3A%5B%7B%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%229%22%2C%22siteID%22%3A%22607881%22%7D%2C%22id%22%3A%221%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%2210%22%2C%22siteID%22%3A%22607866%22%7D%2C%22id%22%3A%222%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%2211%22%2C%22siteID%22%3A%22607884%22%7D%2C%22id%22%3A%223%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%2212%22%2C%22siteID%22%3A%22607913%22%7D%2C%22id%22%3A%224%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%225%22%2C%22siteID%22%3A%22607865%22%7D%2C%22id%22%3A%225%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%226%22%2C%22siteID%22%3A%22607861%22%7D%2C%22id%22%3A%226%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%227%22%2C%22siteID%22%3A%22607911%22%7D%2C%22id%22%3A%227%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%228%22%2C%22siteID%22%3A%22607917%22%7D%2C%22id%22%3A%228%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%221%22%2C%22siteID%22%3A%22607842%22%7D%2C%22id%22%3A%229%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%222%22%2C%22siteID%22%3A%22607864%22%7D%2C%22id%22%3A%2210%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%223%22%2C%22siteID%22%3A%22607931%22%7D%2C%22id%22%3A%2211%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%224%22%2C%22siteID%22%3A%22607899%22%7D%2C%22id%22%3A%2212%22%7D%5D%2C%22ext%22%3A%7B%22source%22%3A%22ixwrapper%22%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2296202975-3807-4288-a32a-8d03bb6cadd8%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-12-04T03%3A53%3A02%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%7D
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-69700543969858.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.237.164 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-237-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
75fa98b9284a6f23d1ade00b372fb743eb15255ae9a5a5c0654b5a9af20ad655

Request headers

Referer
https://www.theobserver.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:02 GMT
x-ak-initial-geo
CC:[CA], RC:[QC], CN:[NA], CIP:[37.120.205.149], XFF:[]
server
Apache
content-type
text/javascript
access-control-allow-origin
https://www.theobserver.ca
x-cs-client-geo
19
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
78
x-ak-client-geo
19
expires
Sat, 04 Dec 2021 03:53:02 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
545 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c703c7f0118&pos=8a9695880176763d01e83ec093a60095&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-69700543969858.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
51e43d59ce914f13c7d982bc986c28527c5b51ed68f18517fcbcb67d0124542f

Request headers

Referer
https://www.theobserver.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 04 Dec 2021 03:53:02 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.theobserver.ca
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c703c7f0118&pos=8a9699050176763cf9053ec098a80094&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-69700543969858.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
02a916d5620aa24b368e0230567db2144e3908a459ba256b14d98eaa135a2e11

Request headers

Referer
https://www.theobserver.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 04 Dec 2021 03:53:02 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.theobserver.ca
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c703c7f0118&pos=8a9695880176763d01e83ec09b9e0096&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-69700543969858.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
fc535219781182fe7936d4aabca6f414eeb8f44a53d896a9609b4588e2b30b59

Request headers

Referer
https://www.theobserver.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 04 Dec 2021 03:53:02 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.theobserver.ca
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c703c7f0118&pos=8a9690e20176763cfd8b3ec095ec00ac&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-69700543969858.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
244e55c513c83013afd0021e9b14d8c39d5c513fbd729c32ed5c64d2428cae4e

Request headers

Referer
https://www.theobserver.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 04 Dec 2021 03:53:03 GMT
server
ATS/9.1.0.33
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.theobserver.ca
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c703c7f0118&pos=8a9699050176763cf9053ec081a90091&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-69700543969858.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
d781546a0e288f92f460e1d0893328358d25af8b4cb6de58300b38f27af5e330

Request headers

Referer
https://www.theobserver.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 04 Dec 2021 03:53:02 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.theobserver.ca
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c703c7f0118&pos=8a9695880176763d01e83ec0846f0093&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-69700543969858.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
ff881f658a1fa4c243a837f91832b5380574bfbc875634d82ac187a1cc806ca4

Request headers

Referer
https://www.theobserver.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 04 Dec 2021 03:53:02 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.theobserver.ca
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c703c7f0118&pos=8a9690e20176763cfd8b3ec0869d00aa&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-69700543969858.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
a4c82916d7442c4595c1a67305814ec4f7c20e2f4cb70c8089578ce821b53a5c

Request headers

Referer
https://www.theobserver.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 04 Dec 2021 03:53:02 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.theobserver.ca
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c703c7f0118&pos=8a9690e20176763cfd8b3ec07f2600a9&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-69700543969858.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
199df8a1a830f317c7fd448a9c52c7c8f7cf3615fbb76f341d7836bd2c34dd38

Request headers

Referer
https://www.theobserver.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 04 Dec 2021 03:53:02 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.theobserver.ca
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c703c7f0118&pos=8a9699050176763cf9053ec020250082&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-69700543969858.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
fdd2957bdd15de48ec0fbf6539730dfe8942e910ab815503b7d4ba98566b001f

Request headers

Referer
https://www.theobserver.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 04 Dec 2021 03:53:03 GMT
server
ATS/9.1.0.33
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.theobserver.ca
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c703c7f0118&pos=8a9695880176763d01e83ec022280084&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-69700543969858.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
0709502ac1b84f643f54315b1549680c1ba0aa282725bf59bc0b0e4509a53171

Request headers

Referer
https://www.theobserver.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 04 Dec 2021 03:53:03 GMT
server
ATS/9.1.0.33
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.theobserver.ca
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c703c7f0118&pos=8a9695880176763d01e83ec01c460083&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-69700543969858.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
1903f0c0a3cdf0cf442844a4c595c7698bf675b04ffe3319afff3145211eb457

Request headers

Referer
https://www.theobserver.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 04 Dec 2021 03:53:02 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.theobserver.ca
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c703c7f0118&pos=8a9690e20176763cfd8b3ec01e25009c&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-69700543969858.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
b15cf086ac8238d3ed10e56639d4ca2ce7f629b435fe9d4ea50548294d47a2e8

Request headers

Referer
https://www.theobserver.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 04 Dec 2021 03:53:02 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.theobserver.ca
access-control-allow-credentials
true
content-length
62
buyers
dmx.districtm.io/s/v1/ Frame 1712 		596 B
795 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/buyers
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c84d34072f03bc30d7cf97ca883897d97a137bf16e148a7f657175de9cbe0078
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:03 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
DELETE, GET, OPTIONS, POST
content-type
application/json
access-control-allow-origin
https://cdn.districtm.io
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6b8215e089cf2c95-ORD
access-control-allow-headers
Origin, Content-Type
42fb57ac-2013-45a6-8dad-332d53e17c1b
consumer.krxd.net/consent/get/ 		239 B
432 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/42fb57ac-2013-45a6-8dad-332d53e17c1b?idt=device&dt=kxcookie&callback=Krux.ns.postmedia.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8ddf9e8fa96d1bbbeaf292ca94fc082dde61e4a6be90c87f8b2609fd88edbd4d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:02 GMT
via
1.1 varnish
age
0
x-served-by
consumer-a018-ash-prod.krxd.net, cache-yul12829-YUL
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
content-encoding
gzip
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1638589983.823860,VS0,VE16
content-length
193
x-cache-hits
0, 0
iu3
s.amazon-adsystem.com/ Frame A452
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&dcc=t
275 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
5bfee1a430ede5828fcb00547e58f4121e6758b35517b4ee1b5387067a2e65e9
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/

Response headers

Server
Server
Date
Sat, 04 Dec 2021 03:53:02 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
275
Connection
keep-alive
x-amz-rid
PX16VM51MSCKHZC0JJ0M
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

Server
Server
Date
Sat, 04 Dec 2021 03:53:02 GMT
Content-Length
0
Connection
keep-alive
x-amz-rid
GPS0EXWGPPGKN2693YF6
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&dcc=t
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()
simple
api.sail-personalize.com/v1/personalize/ 		256 B
474 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Requested by
Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash
961cc8bc25bc6551000e38b66ad016f1a463a135cf3adbae44e2c516f8b23f03

Request headers

x-lib-version
v1.0.1
Accept-Language
en-CA,en;q=0.9
authorization
Bearer b9d3df2fccd108b5eff3c44f573b2cd6
content-type
application/json
accept
application/json
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
x-referring-url
https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:03 GMT
content-encoding
gzip
allowedorigins
*
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
allowedheaders
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length
173
allowedmethods
GET,OPTIONS
expires
-1
simple
api.sail-personalize.com/v1/personalize/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-lib-version,x-referring-url
Origin
https://www.theobserver.ca
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sat, 04 Dec 2021 03:53:03 GMT
content-type
text/plain
content-length
18
access-control-allow-origin
https://www.theobserver.ca
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
OPTIONS,GET,POST,PUT,DELETE
access-control-allow-headers
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
allow
HEAD,GET,OPTIONS
cs.js
c.jsrdn.com/s/ 		82 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.jsrdn.com/s/cs.js?p=22507
Requested by
Host: fem.prod.postmedia.digital
URL: https://fem.prod.postmedia.digital/v46.1/fem.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.64.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-64-72.compute-1.amazonaws.com
Software
Apache /
Resource Hash
8d59f2c7986bc73bf37e3da9d7d9a0cbf7686dede1cb5a1649c43569848bde6e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 04 Dec 2021 03:53:03 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 Sep 2021 07:57:24 GMT
Server
Apache
ETag
"40b88-146b6-5cb12a657a349"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
27163
/
p.adsymptotic.com/d/px/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1747836&time=1638589982939&url=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1747836&time=1638589982939&url=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1747836%26time%3D1638589982939%26url%3Dhttps%253A%252F%252Fwww.theobserver.ca%252...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1747836&time=1638589982939&url=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check&cookiesTest=true&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1747836&time=1638589982939&url=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check&cookiesTest=true&liSync=true&e_ipv6...
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=69470d1d-8a4f-48cb-b7bf-029bce23199e
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=69470d1d-8a4f-48cb-b7bf-029bce23199e&_expected_cookie=a86db29101e877cd4473a4a9...
43 B
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=69470d1d-8a4f-48cb-b7bf-029bce23199e&_expected_cookie=a86db29101e877cd4473a4a9385195bb
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Server
104.18.99.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6b8215e6fcbd4bd7-YUL
p3p
CP='NON DSP COR CONi OUR BUS CNT'
content-type
image/gif
content-length
43

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=69470d1d-8a4f-48cb-b7bf-029bce23199e&_expected_cookie=a86db29101e877cd4473a4a9385195bb
date
Sat, 04 Dec 2021 03:53:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6b8215e68bf44bd7-YUL
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
publisher:getClientId
ampcid.google.ca/v1/ 		3 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.ca/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.theobserver.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 04 Dec 2021 03:53:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.theobserver.ca
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
events
bidder.criteo.com/csm/ 		0
191 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theobserver.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.theobserver.ca
date
Sat, 04 Dec 2021 03:53:02 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
uthtxmddg.js
cdn.krxd.net/controltag/ Frame 1A4F 		28 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/controltag/uthtxmddg.js
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4917a8e103df1c03fe1664e88809fd1168a2a8930976e4ac3ab7a8e0706fdfd6

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Sat, 04 Dec 2021 03:53:02 GMT
via
1.1 varnish, 1.1 varnish
age
711
x-cache
MISS, HIT, HIT
x-app-cache
HIT
x-age
0
content-encoding
gzip
content-length
6312
x-served-by
config-service-a002-ash-prod.krxd.net, cache-bwi5131-BWI, cache-yul12828-YUL
x-response-time
0
x-do-esi
esi
x-timer
S1638589983.975780,VS0,VE0
etag
"2d5824058428e0e7935b95048ba752459e98bf20"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 1, 41
/
www.googleadservices.com/pagead/conversion/580448699/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/580448699/?random=1638589982972&cv=9&fst=1638589982972&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check&tiba=Judge%20seeks%20rehab%20check%20%7C%20The%20Sarnia%20Observer&auid=526130370.1638589983&capi=1&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
cafe /
Resource Hash
9fe6045252bd27f37a61668002b06cf91cd098daf27c6a536aadd838b03be15c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1246
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
580448699.privacysandbox.googleadservices.com/pagead/privacysandbox/conversion/580448699/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://580448699.privacysandbox.googleadservices.com/pagead/privacysandbox/conversion/580448699/?random=1638589982972&cv=9&fst=1638589982972&num=1&fmt=3&value=0&label=FmJTCMOu_N8BELvj45QC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check&tiba=Judge%20seeks%20rehab%20check%20%7C%20The%20Sarnia%20Observer&auid=526130370.1638589983&capi=1&hn=www.googleadservices.com&bttype=purchase&async=1
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/990309138/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/990309138/?random=1638589982981&cv=9&fst=1638589982981&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check&tiba=Judge%20seeks%20rehab%20check%20%7C%20The%20Sarnia%20Observer&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
33f7b5e63afee605939830d22993b43e99745fab39e9e6c35208b01229695508
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1043
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsct
analytics.twitter.com/i/ 		31 B
675 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o01de&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=2ada48da-6676-4f36-a54c-ac9b281aa2e0&tw_document_href=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check&tpx_cb=twttr.conversion.loadPixels
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
57
x-xss-protection
0
x-response-time
10
pragma
no-cache
last-modified
Sat, 04 Dec 2021 03:53:03 GMT
server
tsa_b
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
2cf36f7ff31bda7a135081b67d5134f438a37aa305d684ee5a1c83854f2bdbe1
x-transaction
f9d2babdeb94f784
expires
Tue, 31 Mar 1981 05:00:00 GMT
adsct
t.co/i/ 		43 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o01de&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=2ada48da-6676-4f36-a54c-ac9b281aa2e0&tw_document_href=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
8
pragma
no-cache
last-modified
Sat, 04 Dec 2021 03:53:03 GMT
server
tsa_b
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
835e173f467ba74d09fb3e78dadcb8676a8fde8ff1b9315e6f4bb71f70ba8c87
x-transaction
df2ba536c7e051f8
expires
Tue, 31 Mar 1981 05:00:00 GMT
server.html
postmedia.us.janrainsso.com/static/ Frame 8E96 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://postmedia.us.janrainsso.com/static/server.html
Requested by
Host: d1v9u0bgi1uimx.cloudfront.net
URL: https://d1v9u0bgi1uimx.cloudfront.net/sso.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:1099::fa5 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
ad30fc772afe5ab92c1ee3fae4c2b4378baa49cb22f7456d0d42712590794435
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/

Response headers

content-type
text/html
server
Apache-Coyote/1.1
x-sso-instance
SSO1-sso-3.5.0+216
ec2-instance-id
i-0c72b9f20d46c1f57 i-0c72b9f20d46c1f57
x-content-type-options
nosniff nosniff
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
accept-ranges
bytes
etag
W/"4536-1555441394000"
last-modified
Tue, 16 Apr 2019 19:03:14 GMT
vary
Accept-Encoding
content-encoding
gzip
content-length
1726
cache-control
public, max-age=467
expires
Sat, 04 Dec 2021 04:00:50 GMT
date
Sat, 04 Dec 2021 03:53:03 GMT
cfaca89d27f8c16f4262.js
d395dw5zk780j2.cloudfront.net/v46.1/chunks/ 		958 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d395dw5zk780j2.cloudfront.net/v46.1/chunks/cfaca89d27f8c16f4262.js
Requested by
Host: fem.prod.postmedia.digital
URL: https://fem.prod.postmedia.digital/v46.1/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:7200:8:f216:eb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
259f7f95ff6ee7b1e465f7a4143de7467bec3294b44c45f7740c23739dcc7328

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 07:29:25 GMT
via
1.1 e832d261a0bb86f8ba09ea0550c8e77e.cloudfront.net (CloudFront)
last-modified
Fri, 19 Nov 2021 21:41:40 GMT
server
AmazonS3
age
1023819
etag
"870546a5dae3bcdd469464d2cb234ea9"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-length
958
x-amz-cf-id
MAzIBSmC18dmyg2dKMlvsxCscmuIzJORrz7goaiWHcazK5nVGP6EtA==
attention-event
sr.studiostack.com/track/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sr.studiostack.com/track/attention-event
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.49.104.19 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.theobserver.ca
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Allow
POST
Content-Length
4
Content-Type
text/html; charset=utf-8
Expires
0
ETag
W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
request-context
appId=cid-v1:c374023b-8354-459d-b51b-039919730c2c
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD, PUT
Date
Sat, 04 Dec 2021 03:53:02 GMT
attention-event
sr.studiostack.com/track/ 		0
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sr.studiostack.com/track/attention-event
Requested by
Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.49.104.19 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theobserver.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sat, 04 Dec 2021 03:53:03 GMT
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin
*
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
0
request-context
appId=cid-v1:c374023b-8354-459d-b51b-039919730c2c
1685973801652415
connect.facebook.net/signals/config/ 		307 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1685973801652415?v=2.9.48&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f065:e:face:b00c:0:3 Houston, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
29fbf5476e720057c6a38e981e9e03833b2e93c77b4a0234df09e0b0bcbb9f6e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
89920
x-xss-protection
0
pragma
public
x-fb-debug
BTS6guJoh3BWKEBkb1bkIInNRjq+YcMeH4/IxHyFkAzzlvP8JGYrXiMWviACaZZRk0SxTcdvtU31PLgM8zzUSg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sat, 04 Dec 2021 03:53:03 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
attention-data
sr.studiostack.com/track/ 		147 B
634 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sr.studiostack.com/track/attention-data?media=250760&ref=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check
Requested by
Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.49.104.19 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ea664f57fe4d8da1f856406ea987de0701a49faed669b64a6b4b60d16e7ce1db

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Dec 2021 03:53:02 GMT
ETag
W/"93-Na+MjgQjiDnKPMmcRpyNOVOiSBE"
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD, PUT
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
147
request-context
appId=cid-v1:c374023b-8354-459d-b51b-039919730c2c
pr
s.amazon-adsystem.com/v3/ Frame F332 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
b8bf1ce94288681edefbce3053bacc05d1a5081dd4ad962da2e8cf734d044d40
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&dcc=t

Response headers

Server
Server
Date
Sat, 04 Dec 2021 03:53:03 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
2042
Connection
keep-alive
x-amz-rid
66TS7S3BMP5BG7ZY41XW
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()
controltag.js.a1705c5ac5f06cf0c202ff70908fc042
cdn.krxd.net/ctjs/ Frame 1A4F 		259 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/uthtxmddg.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Sat, 04 Dec 2021 03:53:03 GMT
content-encoding
gzip
age
10683292
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
1496270
content-length
84509
x-served-by
cache-yul12828-YUL
last-modified
Mon, 02 Aug 2021 12:06:17 GMT
x-timer
S1638589983.044150,VS0,VE0
etag
"a1705c5ac5f06cf0c202ff70908fc042"
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Thu, 31 Jul 2031 12:06:16 GMT
vf-v2.js
cdn.viafoura.net/ 		659 KB
155 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/vf-v2.js
Requested by
Host: fem.prod.postmedia.digital
URL: https://fem.prod.postmedia.digital/v46.1/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:c000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cbdb7ccb9eafa3f71216402c88bb174ea0893c7b6c4438bcd32403769bbd160f

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
rBrAz4qD7dYh9N0nxIJQ650PHzHxve3Z
content-encoding
br
last-modified
Thu, 02 Dec 2021 16:43:49 GMT
server
AmazonS3
age
50
etag
W/"c59c2f35f092902d6835034459289c8c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 3f65d34f6010e326e59d2f311de6e203.cloudfront.net (CloudFront)
cache-control
max-age=300
date
Sat, 04 Dec 2021 03:52:14 GMT
x-amz-replication-status
COMPLETED
x-amz-cf-pop
EWR53-P1
x-amz-cf-id
PkG0aVFlf91oPSorHeXaWh7atzkRuBa2QtDCwp5QfRvMJyCIIgNiJA==
AAAGcpz0j86PlANQkaQOAAAAAAA&expiration=1638676383&nuid=21nw6UMnrLDYUJONcEPsjtVo4l1&is_secure=true
dmx.us-east-33.districtm.io/s/10007/ Frame 1712
Redirect Chain
  • https://districtm-match.dotomi.com/match/bounce/current?version=1&networkId=33921&nuid=21nw6UMnrLDYUJONcEPsjtVo4l1&rurl=//dmx.us-east-33.districtm.io/s/10007/
  • https://districtm-match.dotomi.com/match/bounce/current?DotomiTest=30024edf91fc1225&is_secure=true&version=1&networkId=33921&nuid=21nw6UMnrLDYUJONcEPsjtVo4l1&rurl=%2F%2Fdmx.us-east-33.districtm.io%...
  • https://dmx.us-east-33.districtm.io/s/10007/AAAGcpz0j86PlANQkaQOAAAAAAA&expiration=1638676383&nuid=21nw6UMnrLDYUJONcEPsjtVo4l1&is_secure=true
153 B
290 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.us-east-33.districtm.io/s/10007/AAAGcpz0j86PlANQkaQOAAAAAAA&expiration=1638676383&nuid=21nw6UMnrLDYUJONcEPsjtVo4l1&is_secure=true
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Server
35.231.227.177 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
177.227.231.35.bc.googleusercontent.com
Software
/
Resource Hash
526801c2c7d1c1bead34d14e88ebd6f4b8f9f7a09a78dd06f1d4473f0de8e318
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:03 GMT
content-length
153
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8

Redirect headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:03 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
//dmx.us-east-33.districtm.io/s/10007/AAAGcpz0j86PlANQkaQOAAAAAAA&expiration=1638676383&nuid=21nw6UMnrLDYUJONcEPsjtVo4l1&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
oN4_Gdv7Tl5EUvBlC1zylSV4zZU
dmx.districtm.io/s/10026/ Frame 1712
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=132
  • https://dmx.districtm.io/s/10026/oN4_Gdv7Tl5EUvBlC1zylSV4zZU
83 B
176 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10026/oN4_Gdv7Tl5EUvBlC1zylSV4zZU
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9918bde2114fe8132f96f2498adbe9a6b4a4aa9e19ae03fdbcbfe79b3df64bfc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Sat, 04 Dec 2021 03:53:03 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6b8215e3bef32c95-ORD

Redirect headers

Location
https://dmx.districtm.io/s/10026/oN4_Gdv7Tl5EUvBlC1zylSV4zZU
Date
Sat, 04 Dec 2021 03:53:03 GMT
Connection
keep-alive
Content-Length
83
Content-Type
text/html; charset=utf-8
YarmHwAJalmNkwBG&_test=YarmHwAJalmNkwBG
dmx.us-east-33.districtm.io/s/10016/ Frame 1712
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/1477?redir=https%3A//dmx.us-east-33.districtm.io/s/10016/$%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/1477?redir=https%3A//dmx.us-east-33.districtm.io/s/10016/$%7BTM_USER_ID%7D&_test=YarmHwAJalmNkwBG
  • https://dmx.us-east-33.districtm.io/s/10016/YarmHwAJalmNkwBG&_test=YarmHwAJalmNkwBG
95 B
232 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.us-east-33.districtm.io/s/10016/YarmHwAJalmNkwBG&_test=YarmHwAJalmNkwBG
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Server
35.231.227.177 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
177.227.231.35.bc.googleusercontent.com
Software
/
Resource Hash
dac552dfd69559c85c5d6f3122b64dccc57222f3e5fb9634349d299b3efbe630
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:03 GMT
content-length
95
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8

Redirect headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:03 GMT
via
1.1 varnish
server
Varnish
x-timer
S1638589983.309878,VS0,VE0
x-served-by
cache-yul12827-YUL
x-cache
HIT
location
https://dmx.us-east-33.districtm.io/s/10016/YarmHwAJalmNkwBG&_test=YarmHwAJalmNkwBG
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
1dd13624-9489-465b-b6b4-b624acf5784a
dmx.districtm.io/s/10009/ Frame 1712
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=districtm&user_id=21nw6UMnrLDYUJONcEPsjtVo4l1
  • https://x.bidswitch.net/ul_cb/sync?ssp=districtm&user_id=21nw6UMnrLDYUJONcEPsjtVo4l1
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=districtm&bsw_custom_parameter=1dd13624-9489-465b-b6b4-b624acf5784a
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=districtm&bsw_custom_parameter=1dd13624-9489-465b-b6b4-b624acf5784a
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=51db0490-a098-4fc3-be5c-52032bdb91a5&ssp=districtm&expires=30&user_group=5&bsw_param=1dd13624-9489-465b-b6b4-b624acf5784a
  • https://dmx.districtm.io/s/10009/1dd13624-9489-465b-b6b4-b624acf5784a
92 B
140 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10009/1dd13624-9489-465b-b6b4-b624acf5784a
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bb8cc0d3cd4048d2b1974f8084e37c9244cf70b9bffc1e9b6d3fa0f315475da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Sat, 04 Dec 2021 03:53:03 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6b8215e62b012c95-ORD

Redirect headers

Location
//dmx.districtm.io/s/10009/1dd13624-9489-465b-b6b4-b624acf5784a
Date
Sat, 04 Dec 2021 03:53:03 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
AADVTE7DVcwAACsQRS7N7g
dmx.districtm.io/s/10025/ Frame 1712
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/districtm
  • https://match.prod.bidr.io/cookie-sync/districtm?_bee_ppp=1
  • https://dmx.districtm.io/s/10025/AADVTE7DVcwAACsQRS7N7g
78 B
155 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10025/AADVTE7DVcwAACsQRS7N7g
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90494aea6b20f877f5bf2c0a133c658cfb620c4c671f9672b2bd35fb4897c3ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Sat, 04 Dec 2021 03:53:03 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6b8215e61ae72c95-ORD

Redirect headers

location
https://dmx.districtm.io/s/10025/AADVTE7DVcwAACsQRS7N7g
Date
Sat, 04 Dec 2021 03:53:03 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=764991782&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check&ul=en-us&de=UTF-8&dt=Judge%20seeks%20rehab%20check%20%7C%20The%20Sarnia%20Observer&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Other&ea=video&el=&_u=KEDAAAABAAQCAC~&jid=1091619857&gjid=571542429&cid=1389068322.1638589983&tid=UA-22866731-1&_gid=1819214990.1638589983&_r=1&_slc=1&cd7=HTML&cd13=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check&cd28=Cheetah&cd92=story&cd150=The%20Sarnia%20Observer&cd194=www.theobserver.ca&z=898047429
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theobserver.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.theobserver.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theobserver.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.theobserver.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ca/pagead/1p-conversion/580448699/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/580448699/?random=1926342138&cv=9&fst=1638589982972&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&...
  • https://www.google.com/pagead/1p-conversion/580448699/?random=1926342138&cv=9&fst=1638589982972&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_...
  • https://www.google.ca/pagead/1p-conversion/580448699/?random=1926342138&cv=9&fst=1638589982972&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_a...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-conversion/580448699/?random=1926342138&cv=9&fst=1638589982972&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check&tiba=Judge%20seeks%20rehab%20check%20%7C%20The%20Sarnia%20Observer&auid=526130370.1638589983&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=H-aqYdvwAcqDNbiCvPgL&cid=CAQSKQCNIrLModgkEsl3W4EVflcVdDqW21sA-S59BeGQQPE0OjCqxEPDf9JG&eitems=ChEIgJ2njQYQi7Pmo-TTpbvTARIdAORaJOf6svWWhJX2OpAbYJOYj-azB-Hx01GGxXI&random=4036911189&resp=GooglemKTybQhCsO&ipr=y&prhg=0
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H3
Server
2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:03 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.ca/pagead/1p-conversion/580448699/?random=1926342138&cv=9&fst=1638589982972&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check&tiba=Judge%20seeks%20rehab%20check%20%7C%20The%20Sarnia%20Observer&auid=526130370.1638589983&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=H-aqYdvwAcqDNbiCvPgL&cid=CAQSKQCNIrLModgkEsl3W4EVflcVdDqW21sA-S59BeGQQPE0OjCqxEPDf9JG&eitems=ChEIgJ2njQYQi7Pmo-TTpbvTARIdAORaJOf6svWWhJX2OpAbYJOYj-azB-Hx01GGxXI&random=4036911189&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pd
us-u.openx.net/w/1.0/ Frame F544 		1 KB
1008 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=10&ph=eda0710e-2847-4e25-9f9c-d56d6d9d553e&gdpr=0
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-69700543969858.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.221.0 /
Resource Hash
8a4ca8b668500fe34a37c8d27aaacfd2d71b28e9a0a0818e903fc99c21d47b67

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/16.221.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Sat, 04 Dec 2021 03:53:03 GMT
content-type
text/html
content-length
667
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
42fb57ac-2013-45a6-8dad-332d53e17c1b
consumer.krxd.net/consent/get/ Frame 1A4F 		224 B
310 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/42fb57ac-2013-45a6-8dad-332d53e17c1b?idt=device&dt=kxcookie&callback=Krux.ns.postmedia.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aba228999bf40536d3c9be43fba78eea158925c0fb200b1993324e695629fb63

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:03 GMT
via
1.1 varnish
age
0
x-served-by
consumer-a001-ash-prod.krxd.net, cache-yul12829-YUL
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
content-encoding
gzip
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1638589983.340446,VS0,VE20
content-length
187
x-cache-hits
0, 0
headerstats
as-sec.casalemedia.com/ 		0
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=283186&u=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-69700543969858.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theobserver.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Sat, 04 Dec 2021 03:53:03 GMT
X-AK-INITIAL-GEO
CC:[CA], RC:[QC], CN:[NA], CIP:[37.120.205.149], XFF:[]
Server
Apache
Access-Control-Allow-Origin
https://www.theobserver.ca
X-CS-CLIENT-GEO
19
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-AK-CLIENT-GEO
19
Expires
Sat, 04 Dec 2021 03:53:03 GMT
integrator.js
adservice.google.ca/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=www.theobserver.ca
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Dec 2021 03:53:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.theobserver.ca
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Dec 2021 03:53:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
collect
stats.g.doubleclick.net/j/ 		4 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-22866731-1&cid=1389068322.1638589983&jid=1091619857&gjid=571542429&_gid=1819214990.1638589983&_u=KEDAAAAAAAQCAC~&z=357922284
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4023:1404::9a Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theobserver.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 04 Dec 2021 03:53:03 GMT
content-type
text/plain
access-control-allow-origin
https://www.theobserver.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/990309138/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/990309138/?random=1638589982981&cv=9&fst=1638586800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check&tiba=Judge%20seeks%20rehab%20check%20%7C%20The%20Sarnia%20Observer&async=1&fmt=3&is_vtc=1&random=4109821568&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ca/pagead/1p-user-list/990309138/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/990309138/?random=1638589982981&cv=9&fst=1638586800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check&tiba=Judge%20seeks%20rehab%20check%20%7C%20The%20Sarnia%20Observer&async=1&fmt=3&is_vtc=1&random=4109821568&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
match.sharethrough.com/jwumXNuB/v1/ Frame 32F8 		427 B
613 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.175.84.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-175-84-112.compute-1.amazonaws.com
Software
/
Resource Hash
cffb3ce889cbcb84854ba3324b2fdd31018072aeb16f0a04b3512afcb9c6ac98

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

date
Sat, 04 Dec 2021 03:53:03 GMT
content-length
427
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7BB1 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=144996
expires
Sun, 05 Dec 2021 20:09:39 GMT
date
Sat, 04 Dec 2021 03:53:03 GMT
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame B2D5 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.64.109.237 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-109-237.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40334-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 04 Dec 2021 03:53:03 GMT
Connection
keep-alive
Vary
Accept-Encoding
cm
u.openx.net/w/1.0/ Frame 232E 		722 B
761 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.221.0 /
Resource Hash
bd550e9074e7a7041b3cddaa539e339c27023a993785e49974951c92b9079f00

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

vary
Accept, Accept-Encoding
server
OXGW/16.221.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Sat, 04 Dec 2021 03:53:03 GMT
content-type
text/html
content-length
458
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ecm3
s.amazon-adsystem.com/ Frame 2845
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=districtm
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Ddistrictm
  • https://s.amazon-adsystem.com/ecm3?id=8000251644872631429&ex=districtm
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=8000251644872631429&ex=districtm
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Server
Server
Date
Sat, 04 Dec 2021 03:53:03 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
61X9K1N10R36WJG97CV4
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

Server
nginx/1.17.9
Date
Sat, 04 Dec 2021 03:53:03 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=8000251644872631429&ex=districtm
AN-X-Request-Uuid
84b88e59-89ef-4b5f-b001-d24af998bf36
X-Proxy-Origin
37.120.205.149; 37.120.205.149; 801.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
ecm3
s.amazon-adsystem.com/ Frame 1827
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=6452062990516382367&ex=appnexus.com
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=6452062990516382367&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Server
Server
Date
Sat, 04 Dec 2021 03:53:03 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
VCB9A3KKGR4ZRD4J06XN
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

Server
nginx/1.17.9
Date
Sat, 04 Dec 2021 03:53:03 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=6452062990516382367&ex=appnexus.com
AN-X-Request-Uuid
824c4ecb-a4b4-4ff0-a1c2-29c8a665e6b6
X-Proxy-Origin
37.120.205.149; 37.120.205.149; 801.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
amazon
ap.lijit.com/beacon/ Frame 7442 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.182 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
d00812b039ff3598df190e22fcf97790e40eff9e3185e6b9be76e5b520ead533

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Server
nginx
Date
Sat, 04 Dec 2021 03:53:03 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Vary
Accept-Encoding
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
Content-Encoding
gzip
X-Sovrn-Pod
ad_ap7ewr1
index.html
cdn.districtm.io/ids/ Frame 03BF
Redirect Chain
  • https://cdn.districtm.io/ids/?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
  • https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
116 B
254 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

date
Sat, 04 Dec 2021 03:53:03 GMT
content-type
text/html
cf-ray
6b8215e488602c95-ORD
age
19363
last-modified
Thu, 20 May 2021 02:18:27 GMT
via
1.1 37069e7b3e0fcab3339e435d9be900e8.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-cf-id
1utBqBGpfEWfRgSGNWq0JIdi3WiWy2yYUZYK1OTSi1DS9QqptK89XQ==
x-amz-cf-pop
ORD52-C2
x-cache
Hit from cloudfront
vary
Accept-Encoding
server
cloudflare
content-encoding
br

Redirect headers

date
Sat, 04 Dec 2021 03:53:03 GMT
location
https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
cf-ray
6b8215e43fea2c95-ORD
cache-control
max-age=3600
expires
Sat, 04 Dec 2021 04:53:03 GMT
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
ecm3
s.amazon-adsystem.com/ Frame DCC4
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=6614077142590073882
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=6614077142590073882
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Server
Server
Date
Sat, 04 Dec 2021 03:53:03 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
7BMY2FAN1ETRJ19RFJ6D
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

date
Sat, 04 Dec 2021 03:53:03 GMT
content-length
0
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=6614077142590073882
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: c.jsrdn.com
URL: https://c.jsrdn.com/s/cs.js?p=22507
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:2d66:77a6:9085:a5fa , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:03 GMT
content-encoding
gzip
etag
"FMCWFRCBdbNj8Eh2c0G78Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Sat, 11 Dec 2021 03:53:03 GMT
1.js
s.jsrdn.com/s/ 		69 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.jsrdn.com/s/1.js?p=22507&r=5o9p&k=dmMJMjAyMTAxMjUJdQk2YzE0MWYwNC02MDliLTRiMDEtYTk1MC0zMDE1NWVlYzU4NTAJdW4JMQl2CTljZmQzYzhhLTAyZjEtNDJiNi05YjVjLTg3YWE4ZmIyMGFhOAl0Zwljcy5qcwlidAkyMDIxLTEyLTA0VDAzOjUzOjAzKzAwOjAwCWRjCXV0Zi04CWJsCWVuLXVzCWJmCTMJZHcJMTYwMAlkaAkxMjAwCWJjCTEJYnAJMQliZAkyNAlidwkxNjAwCWJoCTEyMDAJZglodHRwczovL3d3dy50aGVvYnNlcnZlci5jYS9uZXdzL2xvY2FsLW5ld3MvanVkZ2Utc2Vla3MtcmVoYWItY2hlY2sJdWQJCXBiCTAJcHYJMAlwcQkwCWN3CQlhY3IJdW5kZWZpbmVkCWRyCQlrdwlqdWRnZSBzZWVrcyByZWhhYiBjaGVjawlwcmYJdW5kZWZpbmVk
Requested by
Host: c.jsrdn.com
URL: https://c.jsrdn.com/s/cs.js?p=22507
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.129.10.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-174-129-10-91.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e9e511b8cadb6b4a7b8aa15647ce7fa8ede409a1f30d54fa568cd401ad91af56

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Dec 2021 03:53:03 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
Cache-Control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Type
text/javascript
Content-Length
18397
Expires
Mon, 26 Jul 1997 05:00:00 GMT
/
www.facebook.com/tr/ 		44 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1685973801652415&ev=PageView&dl=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check&rl=&if=false&ts=1638589983399&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22514537319740368%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22CAD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22503487844400487%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22CAD%22%7D%7D%7D&par[2]=%7B%22extractorID%22%3A%221042784969583558%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22CAD%22%7D%7D%7D&par[3]=%7B%22extractorID%22%3A%22858678751523779%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[4]=%7B%22extractorID%22%3A%221127243281129742%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[5]=%7B%22extractorID%22%3A%22497819211464386%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1638589983397.2104172101&it=1638589983015&coo=false&rqm=GET
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f162:81:face:b00c:0:25de Houston, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:03 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Sat, 04 Dec 2021 03:53:03 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		90 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3249841735357916&correlator=773146810591954&output=ldjh&impl=fifs&eid=31063871&vrg=2021113001&ptt=17&sc=1&sfv=1-0-38&ecs=20211204&iu_parts=3081%2CSMCO_ENCO_ON_Observer_EN_WEB%2Cnews%2Clocal-news%2Cstory&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C6x6%7C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C7x7%7C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5&ppid=00000000ppidp6874739207850811631&prev_scp=loc%3D1%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Dadd3def6-54b5-11ec-bcfd-021c8b152da9%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%26pub%3D40%7Cloc%3D2%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Dadd3def7-54b5-11ec-bcfd-021c8b152da9%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%26pub%3D40%2C50%7Cloc%3D3%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Dadd3def8-54b5-11ec-bcfd-021c8b152da9%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%26pub%3D40%2C50%7Cloc%3D1%26amznbid%3D2%26amznp%3D2%26id%3Dadd3def9-54b5-11ec-bcfd-021c8b152da9&eri=1&cust_params=aid%3D0da4e23b-a39c-4158-b12d-572347c6e2aa%252C56940%26author%3DNeil%2520Bowen%26no_pol%3Dtrue%26page%3Dstory%26pr%3Dsob%26sensitive%3Dn%26negative%3Dn%26asrc%3Dsob%26comm%3Dy%26et%3Dsm%26ck%3Dnews%26sck%3Dlocal-news%26kuid%3D%26amznbid%3D0%26amznp%3D0%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3DIAS_1506123_PG&cookie_enabled=1&bc=31&abxe=1&lmt=1638589983&dt=1638589983410&dlt=1638589981956&idt=549&frm=20&biw=1600&bih=1200&oid=2&adxs=200%2C797%2C797%2C534&adys=233%2C1241%2C2682%2C3855&adks=101662019%2C3740308771%2C677623707%2C1416064494&ucis=1%7C2%7C3%7C4&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x250%7C1600x250%7C1600x250%7C1x5&msz=1600x250%7C1600x250%7C1600x250%7C5x5&ga_vid=1389068322.1638589983&ga_sid=1638589983&ga_hid=764991782&ga_fc=true&fws=4%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1&btvi=0%7C1%7C2%7C3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
cafe /
Resource Hash
c86342e29c3615186162f1814ffd130066e4ff58994fb87ef0c99c5689673e05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:04 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17161
x-xss-protection
0
google-lineitem-id
5845404894,5845404894,5820853150,5833599016
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138364361962,138364017234,138372063352,138371037860
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.theobserver.ca
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4F11 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sat, 04 Dec 2021 03:53:03 GMT
expires
Sun, 04 Dec 2022 03:53:03 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
v2
api.viafoura.co/v2/www.theobserver.ca/bootstrap/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/www.theobserver.ca/bootstrap/v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4816:6362:8f80:b427:2e9f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.theobserver.ca
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sat, 04 Dec 2021 03:53:03 GMT
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 04 Dec 2021 03:53:03 GMT
cache-control
max-age=0
access-control-allow-origin
https://www.theobserver.ca
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-max-age
1728000
v2
api.viafoura.co/v2/www.theobserver.ca/bootstrap/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/www.theobserver.ca/bootstrap/v2
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4816:6362:8f80:b427:2e9f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
6d31625f8592d84d2bbf194f654f20182c9ee55b4b7da66da1f7dce38a878c31

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theobserver.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:03 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
x-instance-id
i-0ca004bc6aa95eca8
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theobserver.ca
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Sat, 04 Dec 2021 03:53:03 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-22866731-1&cid=1389068322.1638589983&jid=1091619857&_u=KEDAAAAAAAQCAC~&z=1443968450
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-22866731-1&cid=1389068322.1638589983&jid=1091619857&_u=KEDAAAAAAAQCAC~&z=1443968450
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ups.analytics.yahoo.com/ups/58294/ Frame F544
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9e0a35ea-c8e3-4b1b-9efa-4af6f54a373e&r=https://pixel.advertising.com/ups/58294/sync?_origin=1&uid={OPENX_ID}
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&uid=ec4836ae-f8c2-01eb-2687-332d2a737664
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&uid=ec4836ae-f8c2-01eb-2687-332d2a737664&verify=true
  • https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=ec4836ae-f8c2-01eb-2687-332d2a737664&apid=UPaea33ccf-54b5-11ec-b1b2-02422e731895
0
688 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=ec4836ae-f8c2-01eb-2687-332d2a737664&apid=UPaea33ccf-54b5-11ec-b1b2-02422e731895
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=eda0710e-2847-4e25-9f9c-d56d6d9d553e&gdpr=0
Protocol
H2
Server
52.45.33.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-33-138.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:03 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=ec4836ae-f8c2-01eb-2687-332d2a737664&apid=UPaea33ccf-54b5-11ec-b1b2-02422e731895
date
Sat, 04 Dec 2021 03:53:03 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
458249.gif
idsync.rlcdn.com/ Frame F544
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D
  • https://id.rlcdn.com/464246.gif?partner_uid=974aca41-edef-0dc2-2ad9-72d4844be3d5
  • https://id.rlcdn.com/1000.gif?memo=CPaqHBIvCisIARCUaxokOTc0YWNhNDEtZWRlZi0wZGMyLTJhZDktNzJkNDg0NGJlM2Q1EAAaDQifzKuNBhIFCOgHEABCAEoA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=3e80d9062efc7a8f675bf3c4020944279f3ca548343f5b27f3c70c9f3242152d791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAzZTgwZDkwNjJlZmM3YThmNjc1YmYzYzQwMjA5NDQyNzlmM2NhNTQ4MzQzZjViMjdmM2M3MGM5ZjMyNDIxNTJkNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAzZTgwZDkwNjJlZmM3YThmNjc1YmYzYzQwMjA5NDQyNzlmM2NhNTQ4MzQzZjViMjdmM2M3MGM5ZjMyNDIxNTJkNzkxNDI2YjU0MTdkY2UyMRAAGgwIn8yrjQYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=0f32092c-8101-4011-ab0d-a513102f7f78
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=0f32092c-8101-4011-ab0d-a513102f7f78
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=eda0710e-2847-4e25-9f9c-d56d6d9d553e&gdpr=0
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Dec 2021 03:53:04 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=0f32092c-8101-4011-ab0d-a513102f7f78
date
Sat, 04 Dec 2021 03:53:04 GMT
via
1.1 google
x-samesite
secure
alt-svc
clear
content-length
111
content-type
text/html; charset=utf-8
sd
us-u.openx.net/w/1.0/ Frame F544
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=8000251644872631429
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=8000251644872631429
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=eda0710e-2847-4e25-9f9c-d56d6d9d553e&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.221.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:03 GMT
via
1.1 google
server
OXGW/16.221.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 04 Dec 2021 03:53:03 GMT
X-Proxy-Origin
37.120.205.149; 37.120.205.149; 801.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
dc6bbedc-cf6e-4b86-845f-29454a3dfe10
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=8000251644872631429
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame F544 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=9a5ac95a-3c02-8058-b5ae-70b0d5e349ed
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=eda0710e-2847-4e25-9f9c-d56d6d9d553e&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Dec 2021 03:53:03 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
Z5R610JYE817FCAWFAX8
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame F544
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=4414439470486007426&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=4414439470486007426&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=eda0710e-2847-4e25-9f9c-d56d6d9d553e&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.221.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:03 GMT
via
1.1 google
server
OXGW/16.221.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=4414439470486007426&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sat, 04 Dec 2021 03:53:03 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame F544
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YarmHwAJalmNkwBG
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YarmHwAJalmNkwBG
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=eda0710e-2847-4e25-9f9c-d56d6d9d553e&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.221.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:03 GMT
via
1.1 google
server
OXGW/16.221.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:03 GMT
via
1.1 varnish
server
Varnish
x-timer
S1638589984.613247,VS0,VE0
x-served-by
cache-yul12827-YUL
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YarmHwAJalmNkwBG
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
564bd363-b004-a9eb-4477-e4d242874f44
pr-bh.ybp.yahoo.com/sync/openx/ Frame F544 		43 B
872 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/564bd363-b004-a9eb-4477-e4d242874f44?gdpr=0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=eda0710e-2847-4e25-9f9c-d56d6d9d553e&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:1f9d:78fd:b4f5:2185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:03 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
sd
us-u.openx.net/w/1.0/ Frame F544
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=c28cb527-20a8-3ba2-75a0-f227bdd0820d&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=96202975-3807-4288-a32a-8d03bb6cadd8&ttd_puid=c28cb527-20a8-3ba2-75a0-f227bdd0820d
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=96202975-3807-4288-a32a-8d03bb6cadd8&ttd_puid=c28cb527-20a8-3ba2-75a0-f227bdd0820d
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=eda0710e-2847-4e25-9f9c-d56d6d9d553e&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.221.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:03 GMT
via
1.1 google
server
OXGW/16.221.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:03 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=96202975-3807-4288-a32a-8d03bb6cadd8&ttd_puid=c28cb527-20a8-3ba2-75a0-f227bdd0820d
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
293
pixel
cm.g.doubleclick.net/ Frame F544 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZWVlMzY2ZWQtZTlkZi02NTA2LTYwNDAtYTg5ZTc3MzI0YzZk
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=eda0710e-2847-4e25-9f9c-d56d6d9d553e&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame F544
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEF5eQbnT_j79dseKJw-GCLU&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEF5eQbnT_j79dseKJw-GCLU&google_cver=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=eda0710e-2847-4e25-9f9c-d56d6d9d553e&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.221.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:03 GMT
via
1.1 google
server
OXGW/16.221.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:03 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEF5eQbnT_j79dseKJw-GCLU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 7442 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=938fa8f1edfcc5795241704f&ex=sovrn.com&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Dec 2021 03:53:03 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
GHTZMBB1MK27Z8RSJXFQ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 7442
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=938fa8f1edfcc5795241704f&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=3&3pid=38d561aa-e620-4500-a835-726ec1cd5433&gdpr=0&gdpr_consent=
43 B
997 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=3&3pid=38d561aa-e620-4500-a835-726ec1cd5433&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Server
23.92.190.74 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Dec 2021 03:53:03 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Sat, 04 Dec 2021 03:53:03 GMT
Server
MT3 4103 f8fad19 master ord-pixel-x15 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ce.lijit.com/merge?pid=3&3pid=38d561aa-e620-4500-a835-726ec1cd5433&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 04 Dec 2021 03:53:02 GMT
merge
ce.lijit.com/ Frame 7442
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=80&3pid=KWRA638C-2-59X6&gdpr=0
43 B
977 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=KWRA638C-2-59X6&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Server
23.92.190.74 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Dec 2021 03:53:03 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://ce.lijit.com/merge?pid=80&3pid=KWRA638C-2-59X6&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
83041abbe8494cb29eff3083edd6dff6
Expires
0
merge
ce.lijit.com/ Frame 7442
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=49&3pid=w6NTHLymKpa6&ev=1&pid=558511&gdpr_consent=&gdpr=0
43 B
974 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=49&3pid=w6NTHLymKpa6&ev=1&pid=558511&gdpr_consent=&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Server
23.92.190.74 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Dec 2021 03:53:03 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-CA
location
https://ce.lijit.com/merge?pid=49&3pid=w6NTHLymKpa6&ev=1&pid=558511&gdpr_consent=&gdpr=0
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-544c4f9c45-vmhf9
expires
-1
epx.gif
px.owneriq.net/fr/ Frame 7442
Redirect Chain
  • https://px.owneriq.net/eucm/p/sv?gdpr=0&gdpr_consent=
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fpx.owneriq.net%2ffr%2fepx.gif&uid=Q6918763831934181121&ref=%2Feucm%2Fp%2Fsv
  • https://px.owneriq.net/fr/epx.gif
43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/fr/epx.gif
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Server
23.219.95.182 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-219-95-182.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 04 Dec 2021 03:53:03 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
max-age=300670
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 07 Dec 2021 15:24:13 GMT

Redirect headers

Date
Sat, 04 Dec 2021 03:53:03 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://px.owneriq.net/fr/epx.gif
Cache-Control
max-age=61534
Connection
keep-alive
Content-Type
text/html
Content-Length
154
merge
ce.lijit.com/ Frame 7442
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=83&3pid=KWRA63G4-1L-JQDI&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=83&3pid=KWRA63G4-1L-JQDI&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Server
23.92.190.74 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Dec 2021 03:53:04 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://ce.lijit.com/merge?pid=83&3pid=KWRA63G4-1L-JQDI&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
0163a7456b0a5605e8b1fb1d4fba3e4d
Expires
0
ecm3
s.amazon-adsystem.com/ Frame 232E 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=9a5ac95a-3c02-8058-b5ae-70b0d5e349ed
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Dec 2021 03:53:03 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
9RS9CEK6Q84VSQXGYDJH
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 232E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YarmHwAJalmNkwBG
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YarmHwAJalmNkwBG
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.221.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:03 GMT
via
1.1 google
server
OXGW/16.221.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:03 GMT
via
1.1 varnish
server
Varnish
x-timer
S1638589984.604180,VS0,VE0
x-served-by
cache-yul12827-YUL
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YarmHwAJalmNkwBG
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
564bd363-b004-a9eb-4477-e4d242874f44
pr-bh.ybp.yahoo.com/sync/openx/ Frame 232E 		43 B
871 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/564bd363-b004-a9eb-4477-e4d242874f44?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:1f9d:78fd:b4f5:2185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:03 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
sd
us-u.openx.net/w/1.0/ Frame 232E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=c28cb527-20a8-3ba2-75a0-f227bdd0820d&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=96202975-3807-4288-a32a-8d03bb6cadd8&ttd_puid=c28cb527-20a8-3ba2-75a0-f227bdd0820d
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=96202975-3807-4288-a32a-8d03bb6cadd8&ttd_puid=c28cb527-20a8-3ba2-75a0-f227bdd0820d
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.221.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:03 GMT
via
1.1 google
server
OXGW/16.221.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:03 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=96202975-3807-4288-a32a-8d03bb6cadd8&ttd_puid=c28cb527-20a8-3ba2-75a0-f227bdd0820d
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
293
pixel
cm.g.doubleclick.net/ Frame 232E 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZWVlMzY2ZWQtZTlkZi02NTA2LTYwNDAtYTg5ZTc3MzI0YzZk
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 232E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEF5eQbnT_j79dseKJw-GCLU&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEF5eQbnT_j79dseKJw-GCLU&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.221.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:03 GMT
via
1.1 google
server
OXGW/16.221.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:03 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEF5eQbnT_j79dseKJw-GCLU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 32F8 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=fb0cb73a-25ce-45a8-ba8a-a9ffd6860b5d
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Dec 2021 03:53:03 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
QJGWKK4BAA93NZM36JPS
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 32F8
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=96202975-3807-4288-a32a-8d03bb6cadd8&gdpr=0&gdpr_consent=
68 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=96202975-3807-4288-a32a-8d03bb6cadd8&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
35.175.84.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-175-84-112.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:03 GMT
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:03 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=96202975-3807-4288-a32a-8d03bb6cadd8&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
v1
match.sharethrough.com/sync/ Frame 32F8
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2
  • https://pixel.quantserve.com/pixel/p-_jQ037pSmtjhN.gif?idmatch=0
  • https://match.sharethrough.com/sync/v1?source_id=mKgSocXAVa8Wq7r1ivjrQDkr&gdpr=0&source_user_id=hGg0c9dvZHSfODYihWx4c4U_bXOfaGJ0hWoiIO1A
68 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=mKgSocXAVa8Wq7r1ivjrQDkr&gdpr=0&source_user_id=hGg0c9dvZHSfODYihWx4c4U_bXOfaGJ0hWoiIO1A
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
35.175.84.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-175-84-112.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:03 GMT
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:03 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://match.sharethrough.com/sync/v1?source_id=mKgSocXAVa8Wq7r1ivjrQDkr&gdpr=0&source_user_id=hGg0c9dvZHSfODYihWx4c4U_bXOfaGJ0hWoiIO1A
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 32F8
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=96202975-3807-4288-a32a-8d03bb6cadd8&gdpr=0&gdpr_consent=
68 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=96202975-3807-4288-a32a-8d03bb6cadd8&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
35.175.84.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-175-84-112.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:03 GMT
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:03 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=96202975-3807-4288-a32a-8d03bb6cadd8&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
v1
match.sharethrough.com/sync/ Frame 32F8
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4
  • https://bttrack.com/pixel/cookiesync?source=d0afdff5-c51e-4a8d-b07b-b52a29015170&secure=1
  • https://match.sharethrough.com/sync/v1?source_id=FGhqNjC2WnFmmvNpTL32LMME&source_user_id=c2c8ea37-d565-485d-9578-22ea039666ad
68 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=FGhqNjC2WnFmmvNpTL32LMME&source_user_id=c2c8ea37-d565-485d-9578-22ea039666ad
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
35.175.84.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-175-84-112.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:03 GMT
content-length
68
content-type
image/png

Redirect headers

X-ServerName
Track002-dc3
Pragma
no-cache
Date
Sat, 04 Dec 2021 03:53:03 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Location
https://match.sharethrough.com/sync/v1?source_id=FGhqNjC2WnFmmvNpTL32LMME&source_user_id=c2c8ea37-d565-485d-9578-22ea039666ad
Cache-Control
private,no-cache
Content-Type
text/html; charset=utf-8
Content-Length
246
Expires
-1
usync.js
eus.rubiconproject.com/ Frame B2D5 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.64.109.237 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-109-237.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
91da9cf26e25d02b4185e1174ce6ad93fcc8cd581ed06ecda1e527d0bfcbacbe

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 04 Dec 2021 03:53:03 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Nov 2021 00:01:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=36481
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9513
Expires
Sat, 04 Dec 2021 14:01:04 GMT
idsync.d5cb6b96.js
cdn.districtm.io/ids/ Frame 03BF 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:03 GMT
via
1.1 af773f4ed0d1f81acb9720b12cb8310a.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
40665
cf-polished
origSize=3302
x-cache
Hit from cloudfront
cf-bgj
minify
content-encoding
br
last-modified
Thu, 20 May 2021 02:18:27 GMT
server
cloudflare
etag
W/"74ede07ef946dc2316f86b2661cf2dd3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=172800
x-amz-cf-pop
ORD53-C3
cf-ray
6b8215e59a2d2c95-ORD
x-amz-cf-id
uJD7-scSZy2JJFjPm8i9Cdewcgd2i3gB8gn-RJpkBBP5Z3NnDvi9vg==
expires
Mon, 06 Dec 2021 03:53:03 GMT
rules-p-w9vzu-sGKCA0U.js
rules.quantcount.com/ 		3 B
429 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-w9vzu-sGKCA0U.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:ba00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 21:26:02 GMT
via
1.1 2ba01a121d51ee735a8dde7a86ed73b7.cloudfront.net (CloudFront)
age
23222
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
3
last-modified
Sat, 04 Mar 2017 21:22:26 GMT
server
AmazonS3
etag
"8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
x-amz-cf-id
6lIRkXjXcLlOhXnvU5ltpUBiB-07l8Q9vym6bGkM_hfp-lKXXAyF6w==
usermatch.gif
beacon.krxd.net/ Frame 1A4F
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=google
  • https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=T2hSVTZVMnI
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESECceV66HG__wl4LqUG072po&google_cver=1
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?google_gid=CAESECceV66HG__wl4LqUG072po&google_cver=1
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Server
3.222.44.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-44-99.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:03 GMT
cache-control
private, no-cache, no-store
x-request-time
D=29 t=1638589983
x-served-by
beacon-n027-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:03 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://beacon.krxd.net/usermatch.gif?google_gid=CAESECceV66HG__wl4LqUG072po&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
291
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 1A4F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=T2hSVTZVMnI
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESECceV66HG__wl4LqUG072po&google_cver=1
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?google_gid=CAESECceV66HG__wl4LqUG072po&google_cver=1
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Server
3.222.44.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-44-99.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:03 GMT
cache-control
private, no-cache, no-store
x-request-time
D=64 t=1638589983
x-served-by
beacon-n031-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:03 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://beacon.krxd.net/usermatch.gif?google_gid=CAESECceV66HG__wl4LqUG072po&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
291
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
379708.gif
idsync.rlcdn.com/ Frame 1A4F 		42 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/379708.gif?partner_uid=OhRU6U2r
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Dec 2021 03:53:03 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
usermatch.gif
beacon.krxd.net/ Frame 1A4F
Redirect Chain
  • https://stags.bluekai.com/site/26357?id=OhRU6U2r&redir=https://beacon.krxd.net/usermatch.gif?_kuid%3DOhRU6U2r%26partner%3Dbluekai%26bk_uuid%3D%24_BK_UUID
  • https://beacon.krxd.net/usermatch.gif?_kuid=OhRU6U2r&partner=bluekai&bk_uuid=$_BK_UUID
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?_kuid=OhRU6U2r&partner=bluekai&bk_uuid=$_BK_UUID
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Server
3.222.44.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-44-99.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:03 GMT
cache-control
private, no-cache, no-store
x-request-time
D=39 t=1638589983
x-served-by
beacon-n025-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://beacon.krxd.net/usermatch.gif?_kuid=OhRU6U2r&partner=bluekai&bk_uuid=$_BK_UUID
Date
Sat, 04 Dec 2021 03:53:03 GMT
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
p
sb.scorecardresearch.com/ Frame 1A4F 		64 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=9&c2=8188709&cs_xi=OhRU6U2r&rn=1638589984
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-28.ewr53.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:03 GMT
via
1.1 6a2d00c5c73022efc4bc2786f44b3cdc.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-P1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
Zs2lDSB6fzJgtTtJWREKTuKt5VQORfNQiP1qJSq8gimwvCfZ-3e5MQ==
usermatch.gif
beacon.krxd.net/ Frame 1A4F
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/NC4WTmcy?redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner_id%3Dcb276571-e0d9-4438-9fd4-80a1ff034b01%26puid%3D%24%7BTM_USER_ID%7D
  • https://beacon.krxd.net/usermatch.gif?partner_id=cb276571-e0d9-4438-9fd4-80a1ff034b01&puid=YarmHwAJalmNkwBG
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner_id=cb276571-e0d9-4438-9fd4-80a1ff034b01&puid=YarmHwAJalmNkwBG
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Server
3.222.44.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-44-99.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:03 GMT
cache-control
private, no-cache, no-store
x-request-time
D=26 t=1638589983
x-served-by
beacon-n022-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:03 GMT
via
1.1 varnish
server
Varnish
x-timer
S1638589984.636046,VS0,VE0
x-served-by
cache-yul12827-YUL
x-cache
HIT
location
https://beacon.krxd.net/usermatch.gif?partner_id=cb276571-e0d9-4438-9fd4-80a1ff034b01&puid=YarmHwAJalmNkwBG
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
usermatch.gif
beacon.krxd.net/ Frame 1A4F
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=beeswax
  • https://match.prod.bidr.io/cookie-sync/krux?partner_user_id=OhRU6U2r
  • https://beacon.krxd.net/usermatch.gif?partner=beeswax&partner_uid=AADVTE7DVcwAACsQRS7N7g
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=beeswax&partner_uid=AADVTE7DVcwAACsQRS7N7g
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Server
3.222.44.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-44-99.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:03 GMT
cache-control
private, no-cache, no-store
x-request-time
D=32 t=1638589983
x-served-by
beacon-n032-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=beeswax&partner_uid=AADVTE7DVcwAACsQRS7N7g
Date
Sat, 04 Dec 2021 03:53:03 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
tag.aspx
ml314.com/ Frame 1A4F 		29 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ml314.com/tag.aspx?4112021
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.103.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-103-61.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5dc729f58012bd361fd011c68209313e097ba21eb75d22b70a72a56b209f3686

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 04 Dec 2021 03:53:03 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=86400
transfer-encoding
chunked
Connection
keep-alive
g.js
aa.agkn.com/adscores/ Frame 1A4F
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=neustar
  • https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=OhRU6U2r
43 B
658 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=OhRU6U2r
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Server
52.85.61.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-49.ewr53.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:03 GMT
via
1.1 19e58616339f974c22a3a07f8f637719.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
EWR53-P1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
content-type
image/gif
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
jWXPbgFuhRndLYz3ccd1-U0eb7BWHkgWuON86ZRdd-F7j7iybV8R1A==
expires
0

Redirect headers

location
https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=OhRU6U2r
date
Sat, 04 Dec 2021 03:53:03 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a002-ash-prod.krxd.net
usermatch.gif
beacon.krxd.net/ Frame 1A4F
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=183716&cb=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcasale%26partner_uid%3D__UID__
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcasale%26partner_uid%3D__UID__&s=183716&C=1
  • https://beacon.krxd.net/usermatch.gif?partner=casale&partner_uid=YarmH1K3tMNJH9pjGD-FtgAA%26508
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=casale&partner_uid=YarmH1K3tMNJH9pjGD-FtgAA%26508
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Server
3.222.44.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-44-99.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:03 GMT
cache-control
private, no-cache, no-store
x-request-time
D=47 t=1638589983
x-served-by
beacon-n020-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Sat, 04 Dec 2021 03:53:03 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://beacon.krxd.net/usermatch.gif?partner=casale&partner_uid=YarmH1K3tMNJH9pjGD-FtgAA%26508
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
283
Expires
Sat, 04 Dec 2021 03:53:03 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 7BB1 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=69822553&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
fa21ff0b2d90b6b801869ec504dfbede0711c7011b4a26a0403106f3fbbe06c4

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
1569
content-type
text/html; charset=UTF-8
usermatch.gif
beacon.krxd.net/ Frame 1A4F
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=salesforce
  • https://beacon.krxd.net/usermatch.gif?partner=stackadapt&partner_uid=oN4_Gdv7Tl5EUvBlC1zylSV4zZU
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=stackadapt&partner_uid=oN4_Gdv7Tl5EUvBlC1zylSV4zZU
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Server
3.222.44.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-44-99.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:03 GMT
cache-control
private, no-cache, no-store
x-request-time
D=36 t=1638589983
x-served-by
beacon-n006-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://beacon.krxd.net/usermatch.gif?partner=stackadapt&partner_uid=oN4_Gdv7Tl5EUvBlC1zylSV4zZU
Date
Sat, 04 Dec 2021 03:53:03 GMT
Connection
keep-alive
Content-Length
123
Content-Type
text/html; charset=utf-8
usermatch.gif
beacon.krxd.net/ Frame 1A4F
Redirect Chain
  • https://dmpsync.3lift.com/getuid?redir=https:%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dtriplelift%26partner_uid%3D%24UID
  • https://beacon.krxd.net/usermatch.gif?partner=triplelift&partner_uid=6614077142590073882
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=triplelift&partner_uid=6614077142590073882
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Server
3.222.44.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-44-99.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:03 GMT
cache-control
private, no-cache, no-store
x-request-time
D=34 t=1638589983
x-served-by
beacon-n003-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=triplelift&partner_uid=6614077142590073882
date
Sat, 04 Dec 2021 03:53:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
khaos.jpg
token.rubiconproject.com/ Frame B2D5 		284 B
920 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
0190a17a18f2299b1b85aeb1793e601c
Content-Type
image/jpg
ecm3
s.amazon-adsystem.com/ Frame 03BF
Redirect Chain
  • https://dmx.districtm.io/s/v1/users/10002
  • https://s.amazon-adsystem.com/ecm3?ex=dmx.com&id=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAyLCJ1c3IiOiJxZ1llc2dZYk1qRnVkelpWVFc1eVRFUlpWVXBQVG1ORlVITnFkRlp2Tkd3eCJ9.BUzt7w5EKv4x1dq0zpGEQd...
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=dmx.com&id=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAyLCJ1c3IiOiJxZ1llc2dZYk1qRnVkelpWVFc1eVRFUlpWVXBQVG1ORlVITnFkRlp2Tkd3eCJ9.BUzt7w5EKv4x1dq0zpGEQd4Dd4Qx3pkskCAOf6ctgvBSMygrZohl0SZWS4eRgzlKeFQci7WoCpXRdsOuwCzPag
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Dec 2021 03:53:03 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
1W53Q4TGVT43EZWBZCS1
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Sat, 04 Dec 2021 03:53:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://s.amazon-adsystem.com/ecm3?ex=dmx.com&id=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAyLCJ1c3IiOiJxZ1llc2dZYk1qRnVkelpWVFc1eVRFUlpWVXBQVG1ORlVITnFkRlp2Tkd3eCJ9.BUzt7w5EKv4x1dq0zpGEQd4Dd4Qx3pkskCAOf6ctgvBSMygrZohl0SZWS4eRgzlKeFQci7WoCpXRdsOuwCzPag
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-allow-origin
https://cdn.districtm.io
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6b8215e61ae82c95-ORD
access-control-allow-headers
Origin, Content-Type
content-length
0
thirdpartycookie
api.viafoura.co/v2/www.theobserver.ca/ 		45 B
651 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/www.theobserver.ca/thirdpartycookie?section=
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4816:6362:8f80:b427:2e9f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theobserver.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:03 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
x-instance-id
i-0d429ed95924e2e03
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theobserver.ca
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Sat, 04 Dec 2021 03:53:03 GMT
pixel;r=212086404;labels=pub.22507%2Clang.en-us%2Cdomain.ca.theobserver.www.root.news.local-news.judge-seeks-rehab-check;rf=0;a=p-w9vzu-sGKCA0U;url=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-n...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=212086404;labels=pub.22507%2Clang.en-us%2Cdomain.ca.theobserver.www.root.news.local-news.judge-seeks-rehab-check;rf=0;a=p-w9vzu-sGKCA0U;url=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check;uht=2;fpan=1;fpa=P0-1259657904-1638589983713;pbc=;ns=0;ce=1;qjs=1;qv=92a3679b-20211110211611;cm=;gdpr=0;ref=;d=theobserver.ca;je=0;sr=1600x1200x24;dst=0;et=1638589983713;tzo=0;ogl=site_name.theobserver%2Ctype.article%2Ctitle.Judge%20seeks%20rehab%20check%2Cimage.https%3A%2F%2Fnexus%252Eprod%252Epostmedia%252Edigital%2Fwp-content%2Fuploads%2F2018%2F08%2F1297679496675_OR%2Cimage%3Awidth.433%2Cimage%3Aheight.650
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:2d66:77a6:9085:a5fa , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:03 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
match
c1.adform.net/serving/cookie/ Frame 2390
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=A2587587-5D22-460D-A9DD-58C5B0E676AF
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=A2587587-5D22-460D-A9DD-58C5B0E676AF
35 B
477 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=A2587587-5D22-460D-A9DD-58C5B0E676AF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 04 Dec 2021 03:53:03 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Sat, 04 Dec 2021 03:53:03 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=A2587587-5D22-460D-A9DD-58C5B0E676AF
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame C0D3
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YarmHwAJalmNkwBG&gdpr=0&gdpr_consent=
1 B
256 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YarmHwAJalmNkwBG&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 04 Dec 2021 03:53:03 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
njrpug007:0:570
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Varnish
retry-after
0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YarmHwAJalmNkwBG&gdpr=0&gdpr_consent=
accept-ranges
bytes
date
Sat, 04 Dec 2021 03:53:03 GMT
via
1.1 varnish
x-served-by
cache-yul12827-YUL
x-cache
HIT
x-cache-hits
0
x-timer
S1638589984.745740,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
ecm3
s.amazon-adsystem.com/ Frame E4C5 		43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=A2587587-5D22-460D-A9DD-58C5B0E676AF&ex=pubmatic.com
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Server
Server
Date
Sat, 04 Dec 2021 03:53:03 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
7QD5YCRDGM5XB0A6B7MY
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7BB1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=olh1h10iRg2p3VjFsOZ2rw%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:03 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=144996
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Sun, 05 Dec 2021 20:09:39 GMT

Redirect headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:03 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
458249.gif
idsync.rlcdn.com/ Frame 7BB1
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=A2587587-5D22-460D-A9DD-58C5B0E676AF
  • https://pippio.com/api/sync?pid=5324&it=1&iv=3e80d9062efc7a8f675bf3c4020944279f3ca548343f5b27f3c70c9f3242152d791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAzZTgwZDkwNjJlZmM3YThmNjc1YmYzYzQwMjA5NDQyNzlmM2NhNTQ4MzQzZjViMjdmM2M3MGM5ZjMyNDIxNTJkNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAzZTgwZDkwNjJlZmM3YThmNjc1YmYzYzQwMjA5NDQyNzlmM2NhNTQ4MzQzZjViMjdmM2M3MGM5ZjMyNDIxNTJkNzkxNDI2YjU0MTdkY2UyMRAAGgwIn8yrjQYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=1843238f-ed40-468a-be65-03b8de890079
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=1843238f-ed40-468a-be65-03b8de890079
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Dec 2021 03:53:04 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=1843238f-ed40-468a-be65-03b8de890079
date
Sat, 04 Dec 2021 03:53:04 GMT
via
1.1 google
x-samesite
secure
alt-svc
clear
content-length
111
content-type
text/html; charset=utf-8
SPug
image4.pubmatic.com/AdServer/ Frame 7BB1
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=38d561aa-e620-4500-a835-726ec1cd5433
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=38d561aa-e620-4500-a835-726ec1cd5433
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Server
104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:03 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sat, 04 Dec 2021 03:53:03 GMT
Server
MT3 4103 f8fad19 master ord-pixel-x51 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=38d561aa-e620-4500-a835-726ec1cd5433
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 04 Dec 2021 03:53:02 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 7BB1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTI1ODc1ODctNUQyMi00NjBELUE5REQtNThDNUIwRTY3NkFG&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:03 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug019:0:657
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:03 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 7BB1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPb6scENDEwSNDCJ0TcMiaQ&google_cver=1
42 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPb6scENDEwSNDCJ0TcMiaQ&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:03 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug015:0:528
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:03 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPb6scENDEwSNDCJ0TcMiaQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 7BB1
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:738B91C76CE54A558D37C79C24F614F8
42 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:738B91C76CE54A558D37C79C24F614F8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:03 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug001:0:661
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Sat, 04 Dec 2021 03:53:03 GMT
x-content-type-options
nosniff
server
nginx
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:738B91C76CE54A558D37C79C24F614F8
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Fri, 03 Dec 2021 03:53:03 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 7BB1
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3682604531038301826&gdpr=0&gdpr_consent=&us_privacy=
1 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3682604531038301826&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:03 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug003:0:666
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3682604531038301826&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sat, 04 Dec 2021 03:53:03 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 7BB1
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=96202975-3807-4288-a32a-8d03bb6cadd8
42 B
605 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=96202975-3807-4288-a32a-8d03bb6cadd8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:03 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug004:0:474
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:03 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=96202975-3807-4288-a32a-8d03bb6cadd8
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
intl-messageformat.06c238bfc76d6e0e6833.js
cdn.viafoura.net/chunks/vendors~languages/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vendors~languages/intl-messageformat.06c238bfc76d6e0e6833.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:c000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
746ea217d97acf20cdc0b81fcbf171d21337861cb596446bfb9bba8582025507

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 16:44:02 GMT
content-encoding
br
last-modified
Thu, 02 Dec 2021 16:43:24 GMT
server
AmazonS3
age
126542
etag
W/"a2c6f9dfc2f0ec66875f3af508ccdfe2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
W6muPHJ0AAHd13wZ5Z7AOsaiqr0NEGHo
via
1.1 3f65d34f6010e326e59d2f311de6e203.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-replication-status
COMPLETED
x-amz-cf-pop
EWR53-P1
content-type
application/javascript; charset=utf-8
x-amz-cf-id
bVCSg9MRYLE0A8TxCgmSvFOgrPPuOAtTC1rbQ3Yj6gsV-uLhIvzjMQ==
intl-messageformat.9c9b9e914db65728c80a.js
cdn.viafoura.net/chunks/languages/ 		134 B
565 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/intl-messageformat.9c9b9e914db65728c80a.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:c000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f2b56a0633deb0afff95a7242062134c704d6782a10f2345be43fb3fe65a3ab2

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 16:44:08 GMT
via
1.1 3f65d34f6010e326e59d2f311de6e203.cloudfront.net (CloudFront)
last-modified
Thu, 02 Dec 2021 16:43:30 GMT
server
AmazonS3
age
126536
etag
"d2c88014fabe4c73fe643c7c7f6a2c88"
x-cache
Hit from cloudfront
x-amz-version-id
oy3Q4q08ycZABjpGwCXvYGCdPabATGAE
cache-control
max-age=31536000
x-amz-replication-status
COMPLETED
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
134
x-amz-cf-id
elkBcC8IE9ZrdqGXZKbhfUHwdZFN9urIe94PSxTswGa5yQ-6Yt6uTw==
en-us-base-json.241472773f9d27dd324c.js
cdn.viafoura.net/chunks/languages/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/en-us-base-json.241472773f9d27dd324c.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:c000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d93b1d50966d2867f165afdfe3bde6a3fc9b094976a8d3aee38ef1c275c36cac

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 16:44:08 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 16:43:33 GMT
server
AmazonS3
age
126535
etag
W/"a711624b070c3ad01bef194a3184a90a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
3mMyYmaRtoMq1jqin66gDWbYCTa5nfLo
via
1.1 3f65d34f6010e326e59d2f311de6e203.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-replication-status
COMPLETED
x-amz-cf-pop
EWR53-P1
content-type
application/javascript; charset=utf-8
x-amz-cf-id
OdmLHA8kyFEmzMSU1tRJV6CABUKDMQ2eY_H69fB4ygDYq9bYyiniog==
users
dmx.districtm.io/s/v1/ Frame 1712 		0
642 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/users
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://cdn.districtm.io/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 04 Dec 2021 03:53:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-allow-origin
https://cdn.districtm.io
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6b8215e78d752c95-ORD
access-control-allow-headers
Origin, Content-Type
users
dmx.districtm.io/s/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://cdn.districtm.io
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sat, 04 Dec 2021 03:53:03 GMT
cf-ray
6b8215e70b7e6342-ORD
access-control-allow-origin
https://cdn.districtm.io
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-max-age
14400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
utsync.ashx
ml314.com/ Frame 1A4F 		878 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=748&ct=js&pi=&fp=&clid=&if=1&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fcdn.krxd.net%2Fpartnerjs%2Fxdi%2Fproxy.3d2100fd7107262ecb55ce6847f01fa5.html%23!kxcid%3Duthtxmddg%26kxt%3Dhttps%253A%252F%252Fwww.theobserver.ca%26kxcl%3Dcdn%26kxp%3D&pv=1638589983771_gb9njpuiv&bl=en-us&cb=6624076&return=https%3A%2F%2Fml314.com%2Fcsync.ashx%3Ffp%3DOhRU6U2r%26person_id%3D%5BPersonID%5D%26eid%3D748%26return%3Dhttps%253A%252F%252Fbeacon.krxd.net%252Fusermatch.gif%253Fpartner%253Dmadisonlogic%2526partner_uid%253D%5BPersonID%5D&ht=&d=&dc=&si=1638589983771_gb9njpuiv&cid=&s=1600x1200&rp=https%3A%2F%2Fwww.theobserver.ca%2F
Requested by
Host: ml314.com
URL: https://ml314.com/tag.aspx?4112021
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.103.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-103-61.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4efb66ebed6d2ed79756390a56c9e9219bb9a93389076bc35aaba7c5e39ec9a9

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Dec 2021 03:53:03 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
p3P
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control
private
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
564
Expires
0
vf-css.a8f768d66798d43605eb.js
cdn.viafoura.net/chunks/ 		119 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vf-css.a8f768d66798d43605eb.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:c000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4253eeffa7e2615ed928c93b3a121f78f5204a9d309b0f337a99df4e075c7f0c

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 16:44:10 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 16:43:43 GMT
server
AmazonS3
age
126534
etag
W/"54839dd8565ca6a510830e450ea486ed"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
mlRwXUb5rGmEqADdQIsswBRBXpR9TAK3
via
1.1 3f65d34f6010e326e59d2f311de6e203.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-replication-status
COMPLETED
x-amz-cf-pop
EWR53-P1
content-type
application/javascript; charset=utf-8
x-amz-cf-id
bQE4eKBomyDHfVwFtM495kBoUB_Rbqs3JRJLCyJhNpwJWrISnPzUMA==
ecm3
s.amazon-adsystem.com/ Frame B2D5
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=KWRA63A3-1D-AIR0&ex=d-rubiconproject.com&status=ok
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=KWRA63A3-1D-AIR0&ex=d-rubiconproject.com&status=ok
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Dec 2021 03:53:03 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
83YRD509XFPYCTMQZ440
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://s.amazon-adsystem.com/ecm3?id=KWRA63A3-1D-AIR0&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
382e2818ca015d35b02cd449aa60881d
Expires
0
ds_vplayer_detached.min.js
c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20210408_1900/ 		1 MB
395 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20210408_1900/ds_vplayer_detached.min.js
Requested by
Host: c.jsrdn.com
URL: https://c.jsrdn.com/s/cs.js?p=22507
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
df98e63771a8b0f9021b15dc46722c799a6c57d23b8346397881bf22949dfb6b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:03 GMT
content-encoding
gzip
last-modified
Fri, 09 Apr 2021 02:00:55 GMT
etag
"1617933655"
x-hw
1638589983.dop004.tr2.t,1638589983.cds201.tr2.hn,1638589983.cds209.tr2.c
content-type
application/javascript
cache-control
max-age=80595
accept-ranges
bytes
content-length
404108
comscore.streaming.5.4.0.161011.min.js
c5x8i7c7.ssl.hwcdn.net/comscore/ 		104 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c5x8i7c7.ssl.hwcdn.net/comscore/comscore.streaming.5.4.0.161011.min.js
Requested by
Host: c.jsrdn.com
URL: https://c.jsrdn.com/s/cs.js?p=22507
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
b1b74ea07c463aedbea9edda89204250207897ec3622ebef4786cc81edae4f23

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:03 GMT
content-encoding
gzip
last-modified
Fri, 23 Dec 2016 19:23:14 GMT
etag
"1482520994"
x-hw
1638589983.dop004.tr2.t,1638589983.cds201.tr2.hn,1638589983.cds209.tr2.c
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
19733
1.gif
i.jsrdn.com/i/ 		42 B
392 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=jorf&k=ZQlpbQlhCTQ2MwlkCXVzLWVhc3QtMWUJaAlpLTBiOWQ0NmZmZTE2ZDUzYzRiCXUJNmMxNDFmMDQtNjA5Yi00YjAxLWE5NTAtMzAxNTVlZWM1ODUwCXYJOWNmZDNjOGEtMDJmMS00MmI2LTliNWMtODdhYThmYjIwYWE4CXZsCTIwMjExMjA0LjAzMDAJdnQJMjAyMTEyMDQuMDMwMAl2cwkyMDIxMDUwNQl2YwkyMDIxMDEyNQlzdAkyMDIxMTIwNC4wMzUzMDMJaQlhZWI4MTc4OS1kZjZlLTQ1Y2EtOWYyNS01NTkzMjQyZGUyZjMJZglodHRwczovL3d3dy50aGVvYnNlcnZlci5jYS9uZXdzL2xvY2FsLW5ld3MvanVkZ2Utc2Vla3MtcmVoYWItY2hlY2sJcQkxN2FmZDBjNi1kY2Q3LTQ1ZGItOGQ1My01NzIyYjIzOGNmOTEJbQkyMjM0MgliCTQzMwlnCTk0Mwl0CTUzMjEJYwk1Mzc2CWwJMTQ5NDUJegkxNDE0MQlzCTU3OTYJcAkyMjUwNwl3CW5ld3MJY3MJSUFCMTIJY3oJCWdjCUNBCWdyCVFDCWdkCTAJZ24JZmFsc2UJbmUJaW0JbgkwCW5kCWltCW5uCTAJc2QJdGhlb2JzZXJ2ZXIuY2EJc2UJNjI0MzE5NzAwOQltYwkzMDgxCW5mCWl2CXFwCTUwCXF0CTI1MDAJcG4JMzc4NQl2bgkxNDYzOTE4
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.221.224.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-224-161.compute-1.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Dec 2021 03:53:03 GMT
Server
Apache
P3P
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
Cache-Control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Mon, 26 Jul 1997 05:00:00 GMT
dslogo_sm.png
a.jsrdn.com/creatives/site_logos/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.jsrdn.com/creatives/site_logos/dslogo_sm.png
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
5ea71bd07e560ea69f4bf12e5e48de530ce4a977ee361ed45ddcb581b060fd6c

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:03 GMT
last-modified
Tue, 11 Apr 2017 20:07:40 GMT
etag
"1491941260"
x-hw
1638589983.dop210.tr2.t,1638589983.cds211.tr2.hn,1638589983.cds210.tr2.c
content-type
image/png
cache-control
max-age=68575
accept-ranges
bytes
content-length
2119
1.gif
i.jsrdn.com/i/ 		42 B
392 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=v08i&k=ZQlyZAlhCTQ2NwlkCXVzLWVhc3QtMWUJaAlpLTBiOWQ0NmZmZTE2ZDUzYzRiCXUJNmMxNDFmMDQtNjA5Yi00YjAxLWE5NTAtMzAxNTVlZWM1ODUwCXYJOWNmZDNjOGEtMDJmMS00MmI2LTliNWMtODdhYThmYjIwYWE4CXZsCTIwMjExMjA0LjAzMDAJdnQJMjAyMTEyMDQuMDMwMAl2cwkyMDIxMDUwNQl2YwkyMDIxMDEyNQlzdAkyMDIxMTIwNC4wMzUzMDMJaQlhZWI4MTc4OS1kZjZlLTQ1Y2EtOWYyNS01NTkzMjQyZGUyZjMJZglodHRwczovL3d3dy50aGVvYnNlcnZlci5jYS9uZXdzL2xvY2FsLW5ld3MvanVkZ2Utc2Vla3MtcmVoYWItY2hlY2sJcQkxN2FmZDBjNi1kY2Q3LTQ1ZGItOGQ1My01NzIyYjIzOGNmOTEJbQkyMjM0MgliCTQzMwlnCTk0Mwl0CTUzMjEJYwk1Mzc2CWwJMTQ5NDUJegkxNDE0MQlzCTU3OTYJcAkyMjUwNwl3CW5ld3MJY3MJSUFCMTIJY3oJCWdjCUNBCWdyCVFDCWdkCTAJZ24JZmFsc2UJbmUJaW0JbmQJaW0Jc2QJdGhlb2JzZXJ2ZXIuY2EJc2UJNjI0MzE5NzAwOQltYwkzMDgxCW5mCWl2CXFwCTUwCXF0CTI1MDAJcG4JMzc4NQl2bgkxNDYzOTE4
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.221.224.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-224-161.compute-1.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Dec 2021 03:53:03 GMT
Server
Apache
P3P
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
Cache-Control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Mon, 26 Jul 1997 05:00:00 GMT
1.gif
i.jsrdn.com/i/ 		42 B
392 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=jbvm&k=ZQlodglhCTQ2OAlkCXVzLWVhc3QtMWUJaAlpLTBiOWQ0NmZmZTE2ZDUzYzRiCXUJNmMxNDFmMDQtNjA5Yi00YjAxLWE5NTAtMzAxNTVlZWM1ODUwCXYJOWNmZDNjOGEtMDJmMS00MmI2LTliNWMtODdhYThmYjIwYWE4CXZsCTIwMjExMjA0LjAzMDAJdnQJMjAyMTEyMDQuMDMwMAl2cwkyMDIxMDUwNQl2YwkyMDIxMDEyNQlzdAkyMDIxMTIwNC4wMzUzMDMJaQlhZWI4MTc4OS1kZjZlLTQ1Y2EtOWYyNS01NTkzMjQyZGUyZjMJZglodHRwczovL3d3dy50aGVvYnNlcnZlci5jYS9uZXdzL2xvY2FsLW5ld3MvanVkZ2Utc2Vla3MtcmVoYWItY2hlY2sJcQkxN2FmZDBjNi1kY2Q3LTQ1ZGItOGQ1My01NzIyYjIzOGNmOTEJbQkyMjM0MgliCTQzMwlnCTk0Mwl0CTUzMjEJYwk1Mzc2CWwJMTQ5NDUJegkxNDE0MQlzCTU3OTYJcAkyMjUwNwl3CW5ld3MJY3MJSUFCMTIJY3oJCWdjCUNBCWdyCVFDCWdkCTAJZ24JZmFsc2UJbmUJaW0JbmQJaW0Jc2QJdGhlb2JzZXJ2ZXIuY2EJc2UJNjI0MzE5NzAwOQltYwkzMDgxCW5mCWl2CXFwCTUwCXF0CTI1MDAJcG4JMzc4NQl2bgkxNDYzOTE4
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.221.224.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-224-161.compute-1.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Dec 2021 03:53:03 GMT
Server
Apache
P3P
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
Cache-Control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Mon, 26 Jul 1997 05:00:00 GMT
1.gif
i.jsrdn.com/i/ 		42 B
392 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=9njh&k=ZQl3cwlhCTQ4MwlkCXVzLWVhc3QtMWUJaAlpLTBiOWQ0NmZmZTE2ZDUzYzRiCXUJNmMxNDFmMDQtNjA5Yi00YjAxLWE5NTAtMzAxNTVlZWM1ODUwCXYJOWNmZDNjOGEtMDJmMS00MmI2LTliNWMtODdhYThmYjIwYWE4CXZsCTIwMjExMjA0LjAzMDAJdnQJMjAyMTEyMDQuMDMwMAl2cwkyMDIxMDUwNQl2YwkyMDIxMDEyNQlzdAkyMDIxMTIwNC4wMzUzMDMJaQlhZWI4MTc4OS1kZjZlLTQ1Y2EtOWYyNS01NTkzMjQyZGUyZjMJZglodHRwczovL3d3dy50aGVvYnNlcnZlci5jYS9uZXdzL2xvY2FsLW5ld3MvanVkZ2Utc2Vla3MtcmVoYWItY2hlY2sJcQkxN2FmZDBjNi1kY2Q3LTQ1ZGItOGQ1My01NzIyYjIzOGNmOTEJbQkyMjM0MgliCTQzMwlnCTk0Mwl0CTUzMjEJYwk1Mzc2CWwJMTQ5NDUJegkxNDE0MQlzCTU3OTYJcAkyMjUwNwl3CW5ld3MJY3MJSUFCMTIJY3oJCWdjCUNBCWdyCVFDCWdkCTAJZ24JZmFsc2UJbmUJaW0JbmQJaW0Jc2QJdGhlb2JzZXJ2ZXIuY2EJc2UJNjI0MzE5NzAwOQltYwkzMDgxCW5mCWl2CXFwCTUwCXF0CTI1MDAJcG4JMzc4NQl2bgkxNDYzOTE4CXdzCTAwOiBzaXplIDU2NCwzMTc
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.221.224.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-224-161.compute-1.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Dec 2021 03:53:03 GMT
Server
Apache
P3P
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
Cache-Control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Mon, 26 Jul 1997 05:00:00 GMT
1.gif
i.jsrdn.com/i/ 		42 B
392 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=m0rm&k=ZQl3dwlhCTQ4NAlkCXVzLWVhc3QtMWUJaAlpLTBiOWQ0NmZmZTE2ZDUzYzRiCXUJNmMxNDFmMDQtNjA5Yi00YjAxLWE5NTAtMzAxNTVlZWM1ODUwCXYJOWNmZDNjOGEtMDJmMS00MmI2LTliNWMtODdhYThmYjIwYWE4CXZsCTIwMjExMjA0LjAzMDAJdnQJMjAyMTEyMDQuMDMwMAl2cwkyMDIxMDUwNQl2YwkyMDIxMDEyNQlzdAkyMDIxMTIwNC4wMzUzMDMJaQlhZWI4MTc4OS1kZjZlLTQ1Y2EtOWYyNS01NTkzMjQyZGUyZjMJZglodHRwczovL3d3dy50aGVvYnNlcnZlci5jYS9uZXdzL2xvY2FsLW5ld3MvanVkZ2Utc2Vla3MtcmVoYWItY2hlY2sJcQkxN2FmZDBjNi1kY2Q3LTQ1ZGItOGQ1My01NzIyYjIzOGNmOTEJbQkyMjM0MgliCTQzMwlnCTk0Mwl0CTUzMjEJYwk1Mzc2CWwJMTQ5NDUJegkxNDE0MQlzCTU3OTYJcAkyMjUwNwl3CW5ld3MJY3MJSUFCMTIJY3oJCWdjCUNBCWdyCVFDCWdkCTAJZ24JZmFsc2UJbmUJaW0JbmQJaW0Jc2QJdGhlb2JzZXJ2ZXIuY2EJc2UJNjI0MzE5NzAwOQltYwkzMDgxCW5mCWl2CXFwCTUwCXF0CTI1MDAJcG4JMzc4NQl2bgkxNDYzOTE4CXd3CUdEUFI6MDo6OkNDUEE6MDo
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.221.224.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-224-161.compute-1.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Dec 2021 03:53:03 GMT
Server
Apache
P3P
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
Cache-Control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Mon, 26 Jul 1997 05:00:00 GMT
1.gif
i.jsrdn.com/i/ 		42 B
392 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=3x2b&k=ZQltYwlhCTQ4NQlkCXVzLWVhc3QtMWUJaAlpLTBiOWQ0NmZmZTE2ZDUzYzRiCXUJNmMxNDFmMDQtNjA5Yi00YjAxLWE5NTAtMzAxNTVlZWM1ODUwCXYJOWNmZDNjOGEtMDJmMS00MmI2LTliNWMtODdhYThmYjIwYWE4CXZsCTIwMjExMjA0LjAzMDAJdnQJMjAyMTEyMDQuMDMwMAl2cwkyMDIxMDUwNQl2YwkyMDIxMDEyNQlzdAkyMDIxMTIwNC4wMzUzMDMJaQlhZWI4MTc4OS1kZjZlLTQ1Y2EtOWYyNS01NTkzMjQyZGUyZjMJZglodHRwczovL3d3dy50aGVvYnNlcnZlci5jYS9uZXdzL2xvY2FsLW5ld3MvanVkZ2Utc2Vla3MtcmVoYWItY2hlY2sJcQkxN2FmZDBjNi1kY2Q3LTQ1ZGItOGQ1My01NzIyYjIzOGNmOTEJbQkyMjM0MgliCTQzMwlnCTk0Mwl0CTUzMjEJYwk1Mzc2CWwJMTQ5NDUJegkxNDE0MQlzCTU3OTYJcAkyMjUwNwl3CW5ld3MJY3MJSUFCMTIJY3oJCWdjCUNBCWdyCVFDCWdkCTAJZ24JZmFsc2UJbmUJaW0JbmQJaW0Jc2QJdGhlb2JzZXJ2ZXIuY2EJc2UJNjI0MzE5NzAwOQluZglpdglxcAk1MAlxdAkyNTAwCXBuCTM3ODUJdm4JMTQ2MzkxOAltYwlhbHJlYWR5LC8vcHViYWRzLmcuZG91YmxlY2xpY2submV0L2dhbXBhZC9hZHM_aXU9LzIxODc0MTU1MTMzLDMwODEvMjI1MDdfNDk1MzAzNjcwOSZkZXNjcmlwdGlvbl91cmw9aHR0cHMlM0ElMkYlMkZ3d3cudGhlb2JzZXJ2ZXIuY2ElMkZuZXdzJTJGbG9jYWwtbmV3cyUyRmp1ZGdlLXNlZWtzLXJlaGFiLWNoZWNrJnRmY2Q9MCZucGE9MCZzej02NDB4NDgwJTdDMTI4MHg3MjAlN0MxOTIweDEwODAlN0M0MDB4MzAwJmN1c3RfcGFyYW1zPWRzbWNtJTNEMSUyNmRzZCUzRHRoZW9ic2VydmVyLmNhJmdkZnBfcmVxPTEmb3V0cHV0PXZhc3QmdW52aWV3ZWRfcG9zaXRpb25fc3RhcnQ9MSZlbnY9dnAmaW1wbD1zJmNvcnJlbGF0b3I9OTIzNDEzJmdkcHI9MCZnZHByX2NvbnNlbnQ9JnVzX3ByaXZhY3k9
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.221.224.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-224-161.compute-1.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Dec 2021 03:53:03 GMT
Server
Apache
P3P
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
Cache-Control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Mon, 26 Jul 1997 05:00:00 GMT
demconf.jpg
dpm.demdex.net/ Frame 1A4F
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3623455489792147513&redir=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3623455489792147513&redir=
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3623455489792147513&redir=
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
HTTP/1.1
Server
52.36.124.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-36-124-159.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v017-0c8486365.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
oujWfHHYQvg=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-usw2-2-v017-023710fb1.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
oVwJdYlERFU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3623455489792147513&redir=
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
csync.ashx
ml314.com/ Frame 1A4F
Redirect Chain
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3623455489792147513
  • https://ml314.com/csync.ashx?fp=677c5e5012794a0c20fa4d640440b1efd6a21afbad0efc289fb498d6c1e33c45f4cb09cee1a4f8eb&person_id=3623455489792147513&eid=50082
43 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/csync.ashx?fp=677c5e5012794a0c20fa4d640440b1efd6a21afbad0efc289fb498d6c1e33c45f4cb09cee1a4f8eb&person_id=3623455489792147513&eid=50082
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
HTTP/1.1
Server
34.233.103.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-103-61.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 04 Dec 2021 03:53:03 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
private
Connection
keep-alive
Content-Length
43
Expires
Sat, 04 Dec 2021 22:53:03 GMT

Redirect headers

date
Sat, 04 Dec 2021 03:53:03 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ml314.com/csync.ashx?fp=677c5e5012794a0c20fa4d640440b1efd6a21afbad0efc289fb498d6c1e33c45f4cb09cee1a4f8eb&person_id=3623455489792147513&eid=50082
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
utsync.ashx
ml314.com/ Frame 1A4F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1
  • https://ml314.com/utsync.ashx?eid=53819&et=0&fp=96202975-3807-4288-a32a-8d03bb6cadd8&gdpr=0&gdpr_consent=
43 B
517 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/utsync.ashx?eid=53819&et=0&fp=96202975-3807-4288-a32a-8d03bb6cadd8&gdpr=0&gdpr_consent=
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
HTTP/1.1
Server
34.233.103.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-103-61.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Dec 2021 03:53:03 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
p3P
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control
private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0,Sat, 04 Dec 2021 22:53:03 GMT

Redirect headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:03 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ml314.com/utsync.ashx?eid=53819&et=0&fp=96202975-3807-4288-a32a-8d03bb6cadd8&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
241
csync.ashx
ml314.com/ Frame 1A4F
Redirect Chain
  • https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3623455489792147513
  • https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3623455489792147513
  • https://ml314.com/csync.ashx?fp=1b725e17968450711ca2e2b3a8963760&eid=50146&person_id=3623455489792147513
43 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/csync.ashx?fp=1b725e17968450711ca2e2b3a8963760&eid=50146&person_id=3623455489792147513
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
HTTP/1.1
Server
34.233.103.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-103-61.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 04 Dec 2021 03:53:04 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
private
Connection
keep-alive
Content-Length
43
Expires
Sat, 04 Dec 2021 22:53:04 GMT

Redirect headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:04 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://ml314.com/csync.ashx?fp=1b725e17968450711ca2e2b3a8963760&eid=50146&person_id=3623455489792147513
cache-control
no-cache
x-server
10.40.35.113
content-length
0
expires
0
pixel
ps.eyeota.net/ Frame 1A4F 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.234.8.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-8-37.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 04 Dec 2021 03:53:03 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
usermatch.gif
beacon.krxd.net/ Frame 1A4F
Redirect Chain
  • https://ml314.com/csync.ashx?fp=OhRU6U2r&person_id=3623455489792147513&eid=748&return=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dmadisonlogic%26partner_uid%3D3623455489792147513
  • https://beacon.krxd.net/usermatch.gif?partner=madisonlogic&partner_uid=3623455489792147513
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=madisonlogic&partner_uid=3623455489792147513
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Server
3.222.44.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-44-99.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:03 GMT
cache-control
private, no-cache, no-store
x-request-time
D=26 t=1638589983
x-served-by
beacon-n002-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Sat, 04 Dec 2021 03:53:03 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/html; charset=utf-8
Location
https://beacon.krxd.net/usermatch.gif?partner=madisonlogic&partner_uid=3623455489792147513
Cache-Control
private
Connection
keep-alive
Content-Length
211
Expires
Sat, 04 Dec 2021 22:53:03 GMT
pixel;r=190612777;labels=campaign.22342.433.943.5321;event=refresh;rf=0;a=p-w9vzu-sGKCA0U;url=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check;uht=2;fpan=0;fpa=P0-1259...
pixel.quantserve.com/ 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=190612777;labels=campaign.22342.433.943.5321;event=refresh;rf=0;a=p-w9vzu-sGKCA0U;url=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check;uht=2;fpan=0;fpa=P0-1259657904-1638589983713;pbc=;ns=0;ce=1;qjs=1;qv=92a3679b-20211110211611;cm=;gdpr=0;ref=;d=theobserver.ca;je=0;sr=1600x1200x24;dst=0;et=1638589983882;tzo=0;ogl=site_name.theobserver%2Ctype.article%2Ctitle.Judge%20seeks%20rehab%20check%2Cimage.https%3A%2F%2Fnexus%252Eprod%252Epostmedia%252Edigital%2Fwp-content%2Fuploads%2F2018%2F08%2F1297679496675_OR%2Cimage%3Awidth.433%2Cimage%3Aheight.650
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:2d66:77a6:9085:a5fa , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:03 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
css
fonts.googleapis.com/ 		16 KB
952 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9583896b055daf21c4eb2e4badf13da0f2a0415d52107f5cf32717fac3eac9fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 04 Dec 2021 03:40:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 04 Dec 2021 03:53:03 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 04 Dec 2021 03:53:03 GMT
en-us-trending_articles-json.97aa05a07284acde7a0d.js
cdn.viafoura.net/chunks/languages/ 		1 KB
958 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/en-us-trending_articles-json.97aa05a07284acde7a0d.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:c000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cbd733a98f36b50b6854a7e3c61c025ec3f7a84df97a61b5d5e2ad959e32f35c

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 16:44:02 GMT
content-encoding
br
last-modified
Thu, 02 Dec 2021 16:43:31 GMT
server
AmazonS3
age
126542
etag
W/"0138b467dc9658633e623c083a7ab773"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
wnEQboXjrSEziaQ7z_9tU8o1gpqh1FLg
via
1.1 3f65d34f6010e326e59d2f311de6e203.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-replication-status
COMPLETED
x-amz-cf-pop
EWR53-P1
content-type
application/javascript; charset=utf-8
x-amz-cf-id
8PYYWzKw-U5TH6KjVEonT-lfxFDxkEcb3m3szsxiigHFC1fugTGX0w==
en-us-conversations-json.d5c68b915c7224d72c10.js
cdn.viafoura.net/chunks/languages/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/en-us-conversations-json.d5c68b915c7224d72c10.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:c000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
82d439e39616002635aa2917ecbf7fdd8593ed2cee85e202fbb9edb7944422c4

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 16:44:02 GMT
content-encoding
br
last-modified
Thu, 02 Dec 2021 16:43:33 GMT
server
AmazonS3
age
126542
etag
W/"5a68d82cab09c9bd68f909eff176bd6c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
Qv3os1QisNlxrdxIi5z7jR_gnhUg5vyR
via
1.1 3f65d34f6010e326e59d2f311de6e203.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-replication-status
COMPLETED
x-amz-cf-pop
EWR53-P1
content-type
application/javascript; charset=utf-8
x-amz-cf-id
0LoiCOFDoSBEDgLz05kZqdI1VtTtMLa6XIKcIXcxr0sgeCA2jfaX8A==
0.14315e14057ef1169f50.css
cdn.viafoura.net/ 		85 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/0.14315e14057ef1169f50.css
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:c000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2ec855206935e32d9ad48b5919e4c66b5f4366e04ab07fdade79bab9ff58033c

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 16:44:02 GMT
content-encoding
br
last-modified
Thu, 02 Dec 2021 16:43:49 GMT
server
AmazonS3
age
126542
etag
W/"e49f659039883c906a18c5cf42510824"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
cPv59zSrcCGMGMPhxas5860CKghN1qHv
via
1.1 3f65d34f6010e326e59d2f311de6e203.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-replication-status
PENDING
x-amz-cf-pop
EWR53-P1
content-type
text/css; charset=utf-8
x-amz-cf-id
tCZzztXKJDZg3F3tDvy1iTGxHTBdG-8BFoi3989J9I-fFkHcU3d_DA==
da.35a0e42c27fc17ed28dc.js
cdn.viafoura.net/chunks/ 		143 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/da.35a0e42c27fc17ed28dc.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:c000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8294de57306d8898d2048ffa7bc8165d2472c392ff29f746503e9d433b6adb59

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 16:44:04 GMT
content-encoding
br
last-modified
Thu, 02 Dec 2021 16:43:42 GMT
server
AmazonS3
age
126540
etag
W/"d097ea2699b9baba069984f8c589d8b7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
3Lw8nmXV7YifqWN3eQT3yxWBTG2jrYo5
via
1.1 3f65d34f6010e326e59d2f311de6e203.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-replication-status
COMPLETED
x-amz-cf-pop
EWR53-P1
content-type
application/javascript; charset=utf-8
x-amz-cf-id
b9pcn7UtSjxQ54r3mSwB1ZlqQ1-HonsIVgwpBnfAkYnNSIFr3nqRmQ==
134.8b79879f3451251f1383.css
cdn.viafoura.net/ 		1 KB
859 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/134.8b79879f3451251f1383.css
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:c000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b9e2fefadf988dca2c87bffd051ea7b25f02d776056128a8ce9b7970f55ca5b7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 16:44:02 GMT
content-encoding
br
last-modified
Thu, 02 Dec 2021 16:43:47 GMT
server
AmazonS3
age
126542
etag
W/"e068adfaef403ad9a8968cf7eff6c96a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
aW3GrKXH.rETeIzPlUqdM3jfsC.gVK6m
via
1.1 3f65d34f6010e326e59d2f311de6e203.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-replication-status
PENDING
x-amz-cf-pop
EWR53-P1
content-type
text/css; charset=utf-8
x-amz-cf-id
-t76ZoGtEOxMoegewxqvV9owFQaJ2rJAGuh_vH1y58g2xJxPPm1ZBw==
tray-trigger.3ff1f0973d1259d077db.js
cdn.viafoura.net/chunks/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/tray-trigger.3ff1f0973d1259d077db.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:c000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
db6c618914e6a2fdccd07b49757043e07eac10a2fcfad246e1e61a1323bb9a5b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 16:44:04 GMT
content-encoding
br
last-modified
Thu, 02 Dec 2021 16:43:41 GMT
server
AmazonS3
age
126540
etag
W/"c9fd3b294d2c50cc5aa74bae18351330"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
xd9oEb066WiU9bslEPj69xGKQ.w0FlQL
via
1.1 3f65d34f6010e326e59d2f311de6e203.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-replication-status
COMPLETED
x-amz-cf-pop
EWR53-P1
content-type
application/javascript; charset=utf-8
x-amz-cf-id
nzGZ4uF0rkq4SRRrt5sX9otW9YkmrlEzdjcYE1zZxx3YytCK4ftIKg==
ingest
i.viafoura.co/v3/www.theobserver.ca/ 		67 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.viafoura.co/v3/www.theobserver.ca/ingest?t=%7B%22view%22%3A%7B%22domain%22%3A%22www.theobserver.ca%22%2C%22siteUuid%22%3A%2200000000-0000-4000-8000-675209adf16b%22%2C%22pageViews%22%3A1%2C%22outgoing%22%3A10%2C%22sessionStart%22%3A1638589984%2C%22isRecirculation%22%3Afalse%2C%22referrerStart%22%3A1638589984%2C%22refVisitCount%22%3A1%2C%22ref%22%3A%7B%22medium%22%3A%22direct%22%2C%22source%22%3A%22%22%2C%22sharer_uuid%22%3A%22%22%2C%22terms%22%3A%22%22%7D%2C%22uniqueId%22%3A%22c7184620-2b24-4fd0-a35e-b99b33971f5f%22%2C%22firstVisit%22%3A1638589984%2C%22previousVisit%22%3A1638589984%2C%22currentVisit%22%3A1638589984%2C%22visitCount%22%3A1%7D%2C%22meta%22%3A%7B%22domain%22%3A%22www.theobserver.ca%22%2C%22site%22%3A%2200000000-0000-4000-8000-675209adf16b%22%2C%22section%22%3A%2200000000-0000-4000-8000-675209adf16b%22%2C%22pageImage%22%3A%22https%3A%2F%2Fnexus.prod.postmedia.digital%2Fwp-content%2Fuploads%2F2018%2F08%2F1297679496675_ORIGINAL.jpg%22%2C%22ref%22%3A%7B%7D%2C%22vf%22%3Afalse%2C%22url%22%3A%22https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check%22%2C%22path%22%3A%22%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check%22%2C%22title%22%3A%22Judge%20seeks%20rehab%20check%22%2C%22privilege%22%3A%22guest%22%2C%22page_type%22%3A%22article%22%2C%22page_description%22%3A%22Troubled%20that%20a%20methamphetamine%20addict%20will%20not%20follow%20through%20on%20a%20rehabilitation%20plan%20a%20Sarnia%20judge%20required%20a%20woman%20to%20return%20for%20a%20progress%20report.%22%2C%22topics%22%3A%5B%5D%2C%22git%22%3A%226509c207d1279146795bf8480722a57237b60386%22%2C%22amp%22%3Afalse%2C%22thirdparty_enabled%22%3Atrue%2C%22container_id%22%3A%220da4e23b-a39c-4158-b12d-572347c6e2aa%22%7D%2C%22ua%22%3A%7B%22nl%22%3A%22en-US%22%2C%22nu%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.45%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%2C%22sd%22%3A24%2C%22vp%22%3A%221600x1200%22%2C%22dt%22%3A%22Judge%20seeks%20rehab%20check%20%7C%20The%20Sarnia%20Observer%22%2C%22de%22%3A%22UTF-8%22%2C%22dl%22%3A%22en-CA%22%7D%2C%22rq%22%3A%22bec4c686-9386-42fa-8ba8-27506f6fb029%22%2C%22rs%22%3A0%2C%22w%22%3A%5B%22vf-content-recirculation%22%2C%22vf-conversations%22%2C%22vf-tray-trigger%22%2C%22vf-tray%22%5D%2C%22v%22%3A5%2C%22event_type%22%3A%22analytics.view%22%7D
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.17.45.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-45-48.compute-1.amazonaws.com
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/png
content-length
67
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
ads.yahoo.com/cms/ Frame B2D5
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KWRA63A3-1D-AIR0&sigv=1&esig=2~a0be5515f3aaf0dc991fa6520d1985d0f2e58014
0
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KWRA63A3-1D-AIR0&sigv=1&esig=2~a0be5515f3aaf0dc991fa6520d1985d0f2e58014
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H2
Server
2001:4998:14:800::1001 Ashburn, United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:04 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KWRA63A3-1D-AIR0&sigv=1&esig=2~a0be5515f3aaf0dc991fa6520d1985d0f2e58014
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c3b5432477546c086cd062707f625a76
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame B2D5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGOtWwzzJy59kNnf1UyOFm4&google_cver=1
42 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGOtWwzzJy59kNnf1UyOFm4&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
9a0c641c0479142b55591fdf2031b15f
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:03 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGOtWwzzJy59kNnf1UyOFm4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame B2D5
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=38d561aa-e620-4500-a835-726ec1cd5433&expires=28
42 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=38d561aa-e620-4500-a835-726ec1cd5433&expires=28
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
e1bddfc34a927e97bda010c0d8a62b62
Content-Type
image/gif

Redirect headers

Date
Sat, 04 Dec 2021 03:53:03 GMT
Server
MT3 4103 f8fad19 master ord-pixel-x55 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=38d561aa-e620-4500-a835-726ec1cd5433&expires=28
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 04 Dec 2021 03:53:02 GMT
tap.php
pixel.rubiconproject.com/ Frame B2D5
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YarmHwAJalmNkwBG
42 B
677 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YarmHwAJalmNkwBG
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
84e0f527cd81a00b0210e20b4ee7ed94
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:03 GMT
via
1.1 varnish
server
Varnish
x-timer
S1638589984.972989,VS0,VE0
x-served-by
cache-yul12827-YUL
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YarmHwAJalmNkwBG
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tap.php
pixel.rubiconproject.com/ Frame B2D5
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/chOYmg_L6SjaQDkGZGXTvMn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3129778739929973358
42 B
677 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3129778739929973358
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
b5ba23d75d0dcd35432b720d73e3149b
Content-Type
image/gif

Redirect headers

date
Sat, 04 Dec 2021 03:53:04 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3129778739929973358
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
tap.php
pixel.rubiconproject.com/ Frame B2D5
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=96202975-3807-4288-a32a-8d03bb6cadd8&gdpr=0&gdpr_consent=&expires=30
42 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=96202975-3807-4288-a32a-8d03bb6cadd8&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
382e2818ca015d35b02cd449aa60881d
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:03 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=96202975-3807-4288-a32a-8d03bb6cadd8&gdpr=0&gdpr_consent=&expires=30
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
289
709414.gif
id.rlcdn.com/ Frame B2D5 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Dec 2021 03:53:03 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
pixel
cm.g.doubleclick.net/ Frame B2D5
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmFjMDE4NDE5NDVhNmQ5Mjg0ZDYzY2E5YjlmYTg1NzY0NmExYzllZg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmFjMDE4NDE5NDVhNmQ5Mjg0ZDYzY2E5YjlmYTg1NzY0NmExYzllZg
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmFjMDE4NDE5NDVhNmQ5Mjg0ZDYzY2E5YjlmYTg1NzY0NmExYzllZg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
20e8391fc78a9019eb67dba4b22f0ac2
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
www.facebook.com/tr/ Frame EE49 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f162:81:face:b00c:0:25de Houston, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
Origin
https://www.theobserver.ca
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/

Response headers

content-type
text/plain
access-control-allow-origin
https://www.theobserver.ca
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
date
Sat, 04 Dec 2021 03:53:04 GMT
loaded
interaction.viafoura.co/v4/interaction/00000000-0000-4000-8000-675209adf16b/indicator/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://interaction.viafoura.co/v4/interaction/00000000-0000-4000-8000-675209adf16b/indicator/loaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.17.45.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-45-48.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.theobserver.ca
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sat, 04 Dec 2021 03:53:04 GMT
content-length
0
access-control-allow-credentials
true
access-control-allow-origin
https://www.theobserver.ca
access-control-allow-methods
GET,POST,DELETE,PUT,PATCH
access-control-allow-headers
authorization,X-REQUEST-SIGNATURE,content-type
access-control-max-age
43200
loaded
interaction.viafoura.co/v4/interaction/00000000-0000-4000-8000-675209adf16b/indicator/ 		0
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://interaction.viafoura.co/v4/interaction/00000000-0000-4000-8000-675209adf16b/indicator/loaded
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.17.45.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-45-48.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://www.theobserver.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

access-control-allow-origin
https://www.theobserver.ca
date
Sat, 04 Dec 2021 03:53:04 GMT
access-control-allow-credentials
true
content-length
0
content-type
application/json; charset=utf-8
content-module-js.8d905cd0f47d42cf6419.js
cdn.viafoura.net/chunks/vuex_store/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vuex_store/content-module-js.8d905cd0f47d42cf6419.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:c000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0bd4673f315181ab94e3abf00ec333e25c1efccc6f2d5757d9b9b5a5722688b9

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 16:44:04 GMT
content-encoding
br
last-modified
Thu, 02 Dec 2021 16:43:34 GMT
server
AmazonS3
age
126541
etag
W/"6a015d69da584395a2ed8975258abcbf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
NaAA6umcNvtmGjdnzqdI7oU80BbLsfyJ
via
1.1 3f65d34f6010e326e59d2f311de6e203.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-replication-status
COMPLETED
x-amz-cf-pop
EWR53-P1
content-type
application/javascript; charset=utf-8
x-amz-cf-id
KwiUnC93-XMz581dfbYhbrZ80Qx_b-f4lXF54VFi0yZTL3lFBSWiIA==
container.html
cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 391D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sat, 04 Dec 2021 03:53:03 GMT
expires
Sun, 04 Dec 2022 03:53:03 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D432 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sat, 04 Dec 2021 03:53:03 GMT
expires
Sun, 04 Dec 2022 03:53:03 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
index.html
c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20210408_1900/ima_html5/ Frame A8A1 		20 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20210408_1900/ima_html5/index.html
Requested by
Host: c5x8i7c7.ssl.hwcdn.net
URL: https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20210408_1900/ds_vplayer_detached.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
d26f8222d0adcd1fbad49294831f0fe838927c25701b7df89dde1cc3039f859f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/

Response headers

date
Sat, 04 Dec 2021 03:53:04 GMT
etag
"1617933754"
cache-control
max-age=80560
content-encoding
gzip
content-length
6724
content-type
text/html
last-modified
Fri, 09 Apr 2021 02:02:34 GMT
accept-ranges
bytes
x-hw
1638589984.dop004.tr2.t,1638589984.cds201.tr2.hn,1638589984.cds002.tr2.c
truncated
/ 		226 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2e8db71249f82bb7584f1a2b6744275d18a4b5940ec8d48da133c65e81d5a23b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
dgv_postmedia_trending_stories_20200811143513_5f32ab7be0267_new.jpg
a.jsrdn.com/videos/dgv_postmedia/20200811143513_5f32ab7be0267/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.jsrdn.com/videos/dgv_postmedia/20200811143513_5f32ab7be0267/dgv_postmedia_trending_stories_20200811143513_5f32ab7be0267_new.jpg
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
b0b66e9b2d7a137f63d9bc86ce2dfc28a3f46ea84324e2b918a054e6a49a85c0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:04 GMT
last-modified
Tue, 11 Aug 2020 14:35:15 GMT
etag
"1597156515"
x-hw
1638589984.dop210.tr2.t,1638589984.cds211.tr2.hn,1638589984.cds003.tr2.c
content-type
image/jpeg
cache-control
max-age=57786
accept-ranges
bytes
content-length
16911
all
notifications.viafoura.co/v5/notifications/00000000-0000-4000-8000-675209adf16b/ 		36 B
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://notifications.viafoura.co/v5/notifications/00000000-0000-4000-8000-675209adf16b/all
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.17.45.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-45-48.compute-1.amazonaws.com
Software
/
Resource Hash
b6dc85459fbb9d03f478d91eae99e6627e04c8f805b08e4b97423ffbc3870d9d

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theobserver.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
https://www.theobserver.ca
date
Sat, 04 Dec 2021 03:53:04 GMT
content-encoding
gzip
access-control-allow-credentials
true
content-length
59
content-type
application/json; charset=utf-8
dgv_postmedia_trending_stories_20200811143513_5f32ab7be0267_new.mp4
a.jsrdn.com/videos/dgv_postmedia/20200811143513_5f32ab7be0267/ 		214 KB
214 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://a.jsrdn.com/videos/dgv_postmedia/20200811143513_5f32ab7be0267/dgv_postmedia_trending_stories_20200811143513_5f32ab7be0267_new.mp4
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
bbb35e1bb748abf8ef59ead19ab638cecf479a9c241496f07362504900035511

Request headers

Referer
https://www.theobserver.ca/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range
bytes=0-

Response headers

date
Sat, 04 Dec 2021 03:53:04 GMT
last-modified
Tue, 11 Aug 2020 14:35:14 GMT
etag
"1597156514"
x-hw
1638589984.dop210.tr2.t,1638589984.cds211.tr2.hn,1638589984.cds213.tr2.c
content-type
video/mp4
Content-Range
bytes 0-218654/218655
cache-control
max-age=50852
accept-ranges
bytes
Content-Length
218655
p
sb.scorecardresearch.com/ 		64 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=22807838&ns_type=hidden&ns_st_sv=5.4.0.161011&ns_st_smv=5.6&ns_st_it=r&ns_st_id=1638589984192&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=30000&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=5.4.0.161011&ns_st_pn=1&ns_st_tp=0&ns_st_ci=1463918&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_ts=1638589984193&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc11&ns_st_ge=*null&ns_st_st=*null&ns_st_ce=*null&ns_st_ia=*null&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=distroscale&c3=news&c4=*null&c6=*null&c7=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check&c8=Judge%20seeks%20rehab%20check%20%7C%20The%20Sarnia%20Observer&c9=&distroscale_guid=c_5321_5796_aeb81789-df6e-45ca-9f25-5593242de2f3
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-28.ewr53.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:04 GMT
via
1.1 6a2d00c5c73022efc4bc2786f44b3cdc.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-P1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
ggI9z6d8l0GkDOJ6oZEjkjBNaDTTUH6elY2g9pBlBpXNBewahRJMiQ==
pixel;r=895865983;labels=cm.content;event=refresh;rf=0;a=p-w9vzu-sGKCA0U;url=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check;uht=2;fpan=0;fpa=P0-1259657904-1638589983...
pixel.quantserve.com/ 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=895865983;labels=cm.content;event=refresh;rf=0;a=p-w9vzu-sGKCA0U;url=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check;uht=2;fpan=0;fpa=P0-1259657904-1638589983713;pbc=;ns=0;ce=1;qjs=1;qv=92a3679b-20211110211611;cm=;gdpr=0;ref=;d=theobserver.ca;je=0;sr=1600x1200x24;dst=0;et=1638589984203;tzo=0;ogl=site_name.theobserver%2Ctype.article%2Ctitle.Judge%20seeks%20rehab%20check%2Cimage.https%3A%2F%2Fnexus%252Eprod%252Epostmedia%252Edigital%2Fwp-content%2Fuploads%2F2018%2F08%2F1297679496675_OR%2Cimage%3Awidth.433%2Cimage%3Aheight.650
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:2d66:77a6:9085:a5fa , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:04 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame A8A1 		374 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: c5x8i7c7.ssl.hwcdn.net
URL: https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20210408_1900/ima_html5/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b630bfefb18b047f36806ca3d09555730a686f944adedef8ef6fabc3751b58f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://c5x8i7c7.ssl.hwcdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126291
x-xss-protection
0
expires
Sat, 04 Dec 2021 03:53:04 GMT
minimal.mp4
c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20210408_1900/ima_html5/ Frame A8A1 		843 B
996 B 		Media
General
Check archive.org
Download Go to
Full URL
https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20210408_1900/ima_html5/minimal.mp4
Requested by
Host: c5x8i7c7.ssl.hwcdn.net
URL: https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20210408_1900/ima_html5/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
4c81a618f5d53d3380ec72a4c754c3e4fdda31319bb82126f5702f652101ccf6

Request headers

Referer
https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20210408_1900/ima_html5/index.html
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range
bytes=0-

Response headers

date
Sat, 04 Dec 2021 03:53:04 GMT
last-modified
Fri, 09 Apr 2021 02:02:37 GMT
etag
"1617933757"
x-hw
1638589984.dop004.tr2.t,1638589984.cds201.tr2.hn,1638589984.cds213.tr2.c
content-type
video/mp4
Content-Range
bytes 0-842/843
cache-control
max-age=80504
accept-ranges
bytes
Content-Length
843
jload
pixel.adsafeprotected.com/ Frame D15D 		47 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=928934&campId=970x250&pubId=4823385567&chanId=21725210297&placementId=5845404894&pubCreative=138364017234&pubOrder=2944631174&cb=1891085319&custom=story&custom2=2&adsafe_par&impId=add3def7-54b5-11ec-bcfd-021c8b152da9
Requested by
Host: cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com
URL: https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.23.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-23-149.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6637ce0c48f5468bd2873031bdb66ea520577440b8d5898c4a85d0d9de5bf1b0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:04 GMT
content-encoding
gzip
x-server-name
app07.va.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame D432 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com
URL: https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:24:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41327
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 03 Dec 2022 16:24:17 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame D432 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com
URL: https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c45a7b49c14477cd160a83d4ee1fb8c311e12314e042d0647c68bec62f16fe29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:43:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
602
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4486
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 19:29:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 04 Dec 2021 04:43:02 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D432 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com
URL: https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 04 Dec 2021 03:53:04 GMT
jload
pixel.adsafeprotected.com/ Frame B7AB 		47 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=928934&campId=300x250&pubId=4823385567&chanId=21725210297&placementId=5845404894&pubCreative=138364361962&pubOrder=2944631174&cb=459201512&custom=story&custom2=1&adsafe_par&impId=add3def6-54b5-11ec-bcfd-021c8b152da9
Requested by
Host: cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com
URL: https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.23.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-23-149.compute-1.amazonaws.com
Software
nginx /
Resource Hash
7743ec010780cf35ff4d5342a9d9645f81262efc2ea92eacd8dcc44127c8ac71

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:04 GMT
content-encoding
gzip
x-server-name
app12.va.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 391D 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com
URL: https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:24:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41327
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 03 Dec 2022 16:24:17 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame 391D 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com
URL: https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c45a7b49c14477cd160a83d4ee1fb8c311e12314e042d0647c68bec62f16fe29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:43:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
602
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4486
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 19:29:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 04 Dec 2021 04:43:02 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 391D 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com
URL: https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 04 Dec 2021 03:53:04 GMT
jsdiagnostic
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/jsdiagnostic?code:pet_profile&anid:928934&sessionId:2b48f95f-36b9-f5fc-0df4-262618469e0c&err:responsetime%3A185%26probability%3A10
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.23.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-23-149.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:04 GMT
x-server-name
app01.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
view
securepubads.g.doubleclick.net/pcs/ Frame D432 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssc2i7nkzfQVj-3rRWy7-AeBi7TIA13Em8ET7dwbAm11kP4CaMfhjIt_ORAPo400ALdu5Plp_C0x3KkgZuVDAf2jgAf8OXxV7Xr2eFKjNJ_DB36SLpAWLj2tTqZrib7yFPL69dMPsWm5IJ-5cHAlHb9anbj_jSxgmcWcftZxAisYk6bwnkjkeyL2To2yHdxaX2r2AMipL3INodgiVpYXBMk1YgEfzTbieMETYRG224bAHxyLOppO88VA1C9TAyGIDf-OYUl48VxDme0GkxjO4nNgKS75Y5Bv7gbL8aDbelw59VDntZtLZVYMrqjw35mzw4D85qUihWcpJAUzZAFWDJxTOMsGKrggs34Qnqwk74&sai=AMfl-YSgPq1-yUbpXS95c4dbnvxDVMRb9bgqgAduIQR2NcCYGJ3iEA70wY8g3keZ5hO4QeQB8MziXLEaGvy2n3bGtBUxQD7Ci23JiQte8gz6FxKla22d_QoXt3bOduZjcKCabYVLquUqC0OfEH2CZzxN&sig=Cg0ArKJSzOVHri50h2nZEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com
URL: https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Dec 2021 03:53:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
impl_v81.js
www.googletagservices.com/dcm/ Frame D432 		41 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v81.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 28 Nov 2021 01:46:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
526024
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17189
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 20:08:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 28 Nov 2022 01:46:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 391D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuX-udAmc3PFqhQ61utBLqYGUMEfqR-oXAxl4qpMiL1ktLyrk4TINfMSX9uui4qHfFvIl0InDrP0lfm1hldtd538iIgk9wpx5rZ_bJGBSOhCFbWJYKrUix9OpQq7zLd6WM92NMiTx6a1FbcfFUa3vJCffs7GqimEHLX4z8X9bB1D9cr5U4_6a8VQZw5oAWZvYwGeLZikbhpS0eaf08pGNJT4zuR3wmSeeMnvtOWgCjJuvE8QT4BytKwKd6zz_LnPVm_I9hHfVzMasccvKmu-vWbHoROYaPvcHzk0xvbbTpyZWmsmARa2qYa9vUyptL5RHuM5RwEyuuIxol8g_YZWkc_PZrCfvMOvY4yg3J-elk&sai=AMfl-YRyjX_oSv7oDb9w8k2vvt9s8tYGNkVAnc9wvdkKtqwMCo5KxB5PBgXfOhOMzv11GgEUjX-f-RfBj8_i3NSu7KzyRCpVySrx59Apafok9QReJbC_uaJQwA_H8_rubBvoJveH5NVB8G9iXZjhBVTd&sig=Cg0ArKJSzEyDE9xIIQ6AEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com
URL: https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Dec 2021 03:53:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
impl_v81.js
www.googletagservices.com/dcm/ Frame 391D 		41 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v81.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 28 Nov 2021 01:46:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
526024
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17189
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 20:08:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 28 Nov 2022 01:46:00 GMT
main.gr.19.8.270.js
static.adsafeprotected.com/ Frame D15D 		187 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.270.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=928934&campId=970x250&pubId=4823385567&chanId=21725210297&placementId=5845404894&pubCreative=138364017234&pubOrder=2944631174&cb=1891085319&custom=story&custom2=2&adsafe_par&impId=add3def7-54b5-11ec-bcfd-021c8b152da9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:5e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
255d7536bc23ccf8c9daaffa1e8985fad893b4a6e879989d4a743cef3a14a234

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 21:41:17 GMT
content-encoding
gzip
age
972708
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 22 Nov 2021 21:26:13 GMT
server
AmazonS3
etag
W/"97555862abc91b6f26be3ae590ed242e"
vary
Accept-Encoding
x-amz-version-id
SdE4MbHi75sePjhKKdXAKekDupsz0WTg
via
1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
EWR53-P1
content-type
application/javascript
x-amz-cf-id
aEbpdYLbzRCEbZkGt7eOqdUxOezIQ0kR4Xmipdit_Tozgw52lGlmCA==
main.gr.19.8.270.js
static.adsafeprotected.com/ Frame B7AB 		187 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.270.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=928934&campId=300x250&pubId=4823385567&chanId=21725210297&placementId=5845404894&pubCreative=138364361962&pubOrder=2944631174&cb=459201512&custom=story&custom2=1&adsafe_par&impId=add3def6-54b5-11ec-bcfd-021c8b152da9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:5e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
255d7536bc23ccf8c9daaffa1e8985fad893b4a6e879989d4a743cef3a14a234

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 21:41:17 GMT
content-encoding
gzip
age
972708
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 22 Nov 2021 21:26:13 GMT
server
AmazonS3
etag
W/"97555862abc91b6f26be3ae590ed242e"
vary
Accept-Encoding
x-amz-version-id
SdE4MbHi75sePjhKKdXAKekDupsz0WTg
via
1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
EWR53-P1
content-type
application/javascript
x-amz-cf-id
MVQ6dm490_QUxeUXK-fldY4AQYA5O6QjnTRwIpROdpcaKDzpCdp7xQ==
bridge3.490.0_en.html
imasdk.googleapis.com/js/core/ Frame AAB8 		595 KB
193 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
448a333dfdb98768c6308de7aeb073d319ec34bef67636b30fdf97abba0683b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://c5x8i7c7.ssl.hwcdn.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
197951
date
Tue, 30 Nov 2021 23:07:22 GMT
expires
Wed, 30 Nov 2022 23:07:22 GMT
last-modified
Tue, 30 Nov 2021 18:00:51 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
276342
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame A8A1 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://c5x8i7c7.ssl.hwcdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 04 Dec 2021 03:53:04 GMT
B24337981.277935643;dc_ver=81.236;sz=300x250;u_sd=1;dc_adk=3183312129;ord=y11bmg;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssH5jyUcbP8wTNChjlfjqaxWvProwE4oW7whu_QW7KG...
ad.doubleclick.net/ddm/adi/N9597.3243117POSTMEDIA/ Frame 167B 		49 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adi/N9597.3243117POSTMEDIA/B24337981.277935643;dc_ver=81.236;sz=300x250;u_sd=1;dc_adk=3183312129;ord=y11bmg;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssH5jyUcbP8wTNChjlfjqaxWvProwE4oW7whu_QW7KGayGNRhouPTl_Agz3RrGaU5XOT4_piwgHs400mUSUN_LHOG1fi5hvfDqcegWr2ejvkuBz5YgTU-OpJnw-IfsNH50Qq7TtlzCVkgAc751G_kaSU0yzV0I8UbIPwsmgLsIBsU4St0VlCSixtRUR1eTjSt1uleyHARJaLu5XIFfzSfFkxBS5xzI_NQ8NDDqQjJq-m5s4rCGYqUoeGSNcQwi54snzE0OjX56lPE-wxorf56CF__ChtoVwqgZZ9kawrgmUMeYeN9v7Bzx3nz9C3_J4XKEH24EV4AmJYishYbF9oQBJpuSz6gdDzblpXlw%26sai%3DAMfl-YTnzMqsB93r2RgAJ3ca-dfOC6ejG6Imz863WXvNRWaI0VfyTO4BhT7v9IxYw-wa1GNCwmJeVEglTSrIReTQggR8lFckyBRiQBzgCzD4V5S_NMCYp7z08lWtrss-UckgNaxk_Z8eL5nXW0D9s5dT%26sig%3DCg0ArKJSzMEzDVBL5vUpEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.theobserver.ca%2F$0;xdt=1;crlt=JY!BkmYF(T;sttr=74;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.165.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f6.1e100.net
Software
cafe /
Resource Hash
57cd853330bf03475d3d7ebfe73961821ef2e95620f9a5ac8aa8f7ff5ea3c324
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sat, 04 Dec 2021 03:53:04 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
server
cafe
content-length
23648
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
B24337981.277935643;dc_ver=81.236;sz=970x250;u_sd=1;dc_adk=1224509250;ord=kt7pf8;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsumZ76qxfoHOuRzwtl_heEvN6bVR72uRTvrWWv81ioT...
ad.doubleclick.net/ddm/adi/N9597.3243117POSTMEDIA/ Frame 82D1 		41 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adi/N9597.3243117POSTMEDIA/B24337981.277935643;dc_ver=81.236;sz=970x250;u_sd=1;dc_adk=1224509250;ord=kt7pf8;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsumZ76qxfoHOuRzwtl_heEvN6bVR72uRTvrWWv81ioTbD05Ibd0SbHWKqgZHu7zQRJnm460x7tjrNB40Us_xaaSkhGZi0I3K6F2GcS4SixX2FGg4VnvmMbsieV8NCbPyvMVW3wJbhGmZY_4pexFvlgW16syFOqLpX1TukgdlCfyfuRENZppFPKGYo1Ds1ndtkP-1CJm2t-wunUFPvkDLjE_hJiQGpfoFytAg773jgtZ14Bton3GqOo90xXQFVS0v4bB-RnGahJHkhtrnGvyjI93HhB3dJT3ZcSQw6m84lh9rSkwyMlX-_qk_Cm5TIcOUq5ca5WkS0P_vbG3WDfgvNNB0xhOJsXho9wGEuI%26sai%3DAMfl-YROVQ-Wl8jxI57hMQWUM4EhytVe4cRZXRvKwV2iJU9YPY6wrOwekgKeaGOXYM6EELUoxC7nPLHlyHFa3veyPxxlM4Mts82swB44tVXhCnik5XK1AwB4-lfVzhjotZx0Nnely28U6gV_TLJrRVWT%26sig%3DCg0ArKJSzEXsmSl67DFDEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.theobserver.ca%2F$0;xdt=1;crlt=JY!BkmYF(T;sttr=109;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.165.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f6.1e100.net
Software
cafe /
Resource Hash
4f8750b52fe9c49a36f99ef73d172841b6a7215611963e95bdb3528ecae7ce23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sat, 04 Dec 2021 03:53:04 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
server
cafe
content-length
20971
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame D432 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss9RWJEGxiTW8-7Bpse5pGrncaMJfp11r5UkF12WZKowIQtIzZCdneb3jp5q9cNmnV9msfcEvI_zY2TfnJnyPitmJbd_1-LZTh-QMaRCoUqYqfaQEeFRj_MRpXkEqABAUYbP-zYZlKR7YEWtSj56fmWHRiEBgQBQfTAHn9FdrS4qebauE2qvFRjrZOxxqyiCVTE1O1xpSJhTzni3C1lBRAtf6kSsFA9teh5r4F5DM1LtcG6Js3_Cmk7ozagfDi8RRLaFRs2t1dPMO89DQGFo8ECFwvz0DpudH2hQBTinZztf9M7cARXL42MLD6w0nPgwodZsO3Uk5egWYphKOmunN0SUqzdEpLb1C4BA9qd-BBYDw&sai=AMfl-YTjrbfroQdjMZLXa9MwnA_0aauqs51wof8wchHg14xeXtoCfSbukUXQwXYL6LdjjprNZvaC4gYuFFcSMrk0kjncVz9FVoeur8mkllNGxBX02fXxVbsKCFsAaNino7g_zP3vH93ozGZ6ANGjdNe_&sig=Cg0ArKJSzGmFd-59imuhEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Dec 2021 03:53:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sat, 04 Dec 2021 03:53:04 GMT
truncated
/ Frame D432 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e2b121ca9ed1664f65712c9e674a3251a77b70d02abd98acff9eaaeeb0de45e1

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
1.gif
i.jsrdn.com/i/ 		42 B
392 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=di0u&k=ZQl3YQlhCTExNzUJZAl1cy1lYXN0LTFlCWgJaS0wYjlkNDZmZmUxNmQ1M2M0Ygl1CTZjMTQxZjA0LTYwOWItNGIwMS1hOTUwLTMwMTU1ZWVjNTg1MAl2CTljZmQzYzhhLTAyZjEtNDJiNi05YjVjLTg3YWE4ZmIyMGFhOAl2bAkyMDIxMTIwNC4wMzAwCXZ0CTIwMjExMjA0LjAzMDAJdnMJMjAyMTA1MDUJdmMJMjAyMTAxMjUJc3QJMjAyMTEyMDQuMDM1MzAzCWkJYWViODE3ODktZGY2ZS00NWNhLTlmMjUtNTU5MzI0MmRlMmYzCWYJaHR0cHM6Ly93d3cudGhlb2JzZXJ2ZXIuY2EvbmV3cy9sb2NhbC1uZXdzL2p1ZGdlLXNlZWtzLXJlaGFiLWNoZWNrCXEJMTdhZmQwYzYtZGNkNy00NWRiLThkNTMtNTcyMmIyMzhjZjkxCW0JMjIzNDIJYgk0MzMJZwk5NDMJdAk1MzIxCWMJNTM3NglsCTE0OTQ1CXoJMTQxNDEJcwk1Nzk2CXAJMjI1MDcJdwluZXdzCWNzCUlBQjEyCWN6CQlnYwlDQQlncglRQwlnZAkwCWduCWZhbHNlCW5lCWltCW5kCWltCXNkCXRoZW9ic2VydmVyLmNhCXNlCTYyNDMxOTcwMDkJbWMJMzA4MQluZglpdglxcAk1MAlxdAkyNTAwCXBuCTM3ODUJdm4JMTQ2MzkxOAl2cAkxCXZnCXByCWNpCTU3ZmMyNDI5LTE3ZDQtMDA2Ni1iMGU4LTliMTAzZjA4MDYyZgljcAl0cAl2dgkyMDIxMDQwOF8xOTAwOmltYV9odG1sNTozLjQ5MC4wCXd0CTYzNAlhZFRhZwkvL3B1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldC9nYW1wYWQvYWRzP2l1PS8zMDgxL2Fybi1kaXN0cm8mZGVzY3JpcHRpb25fdXJsPWh0dHBzJTNBJTJGJTJGd3d3LnRoZW9ic2VydmVyLmNhJTJGbmV3cyUyRmxvY2FsLW5ld3MlMkZqdWRnZS1zZWVrcy1yZWhhYi1jaGVjayZlbnY9dnAmaW1wbD1zJmNvcnJlbGF0b3I9JnRmY2Q9MCZucGE9MCZnZGZwX3JlcT0xJm91dHB1dD12YXN0JnN6PTMyMHgyNDAmY3VzdF9wYXJhbXM9bmslM0RkaXN0cm8lMjZwciUzRHNvYiUyNmNrJTNEbmV3cyUyNmxvYyUzRHRvcCUyNnBhZ2UlM0RzdG9yeSUyNnNjayUzRGxvY2FsLW5ld3MlMjZhaWQlM0QwZGE0ZTIzYi1hMzljLTQxNTgtYjEyZC01NzIzNDdjNmUyYWElMkM1Njk0MCZ1bnZpZXdlZF9wb3NpdGlvbl9zdGFydD0xJnBwaWQ9MDAwMDAwMDBwcGlkcDY4NzQ3MzkyMDc4NTA4MTE2MzEmdXNfcHJpdmFjeT0mZ2Rwcj0wJmdkcHJfY29uc2VudD0
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.221.224.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-224-161.compute-1.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Dec 2021 03:53:04 GMT
Server
Apache
P3P
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
Cache-Control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Mon, 26 Jul 1997 05:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 391D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstG2GEf3B3u4RKiLCaAh5wqZqnkDmS76o1VXhFkZ6FpAJhgMcTlZ2dN9W5wlrorofFVkaasX8LW7BOqXWeJwxJnGM6UWxyvzln_Wb3jMU18ypUyebOULEV4AG2hdgoeIuaKj1-wakURWoLTxYMqkYeaN46SHxI8L255YzHEHxBAFVHV7sIDIVIK7FpD9W_BmlQ0M-gBiz3bXQ0QZnbUcHNXgOMUCmFrTmes-zBbQsb6LetqCC8UDQQya_P2EXU2GPa7arhQsnI7939vq-ZQNTUZKd2S8gWHt3OTq8QeY8n99Xz5DCSpCf5orz9Qdqak4NQwYU1xlQWSYpMQbSpJs2vN8f-dGhuqkQCoDJzT_FOc0Q&sai=AMfl-YQSnTdsZ1QJLfv3FrF2s3_HJfKIxIt-XThpxluY6RYsQi8mvKpHM9GtCssC_eg0bDETCWYGIfJTAqmcNN9sOBH6pOCTe64TM87xa8s42gnS-W0-fYuhAtWPtl6UBwxu1SsSNwrHx07xVV7th7-9&sig=Cg0ArKJSzP0cABsQm-stEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Dec 2021 03:53:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sat, 04 Dec 2021 03:53:04 GMT
truncated
/ Frame 391D 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d3c67862212b7aee1a2f32b31cbb1b35b9ed5f8209de397c2e32a1e6a6f2f54c

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame A93E 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://c5x8i7c7.ssl.hwcdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:24:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1729
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 04 Dec 2021 04:24:15 GMT
integrator.js
adservice.google.com/adsid/ Frame A8A1 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=c5x8i7c7.ssl.hwcdn.net
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://c5x8i7c7.ssl.hwcdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Dec 2021 03:53:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
sca.17.5.12.js
static.adsafeprotected.com/ Frame D16C 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com
URL: https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:5e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 19 Aug 2021 16:31:41 GMT
content-encoding
gzip
age
9199284
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
EWR53-P1
content-type
application/javascript
x-amz-cf-id
WuAcTJ9-2_OmJZkgEvW76mv3_mL6l1-brkxrlTX9MsjozgKKWE8abA==
mon
pixel.adsafeprotected.com/ Frame D15D 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=928934&campId=970x250&pubId=4823385567&chanId=21725210297&placementId=5845404894&pubCreative=138364017234&pubOrder=2944631174&cb=1891085319&custom=story&custom2=2&adsafe_par&impId=add3def7-54b5-11ec-bcfd-021c8b152da9&adsafe_url=https%3A%2F%2Fwww.theobserver.ca%2F&adsafe_type=ce&adsafe_url=https%3A%2F%2Fcc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fcc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=bd&adsafe_jsinfo=,id:fad9fe0b-fe1b-8d80-b2a2-7103d9432bfe,c:vNrNPF,sl:na,em:true,fr:false,thd:1,mn:app07va,rg:va,pt:1-5-15,br:c,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,mtim:271,fm:sQAQAjM+11%7C12%7C13%7C1411%7C14121%7C14122%7C14123%7C1413%7C1414%7C1415%7C1416%7C1417%7C1418%7C1419%7C15%7C16%7C17%7C18%7C191%7C192%7C1a*.928934%7C1a1%7C1a2%7C1b1%7C1b2,idMap:1a*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:294,oid:aefa84d7-54b5-11ec-aa5d-0a8c0552005d,v:19.8.270,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com
URL: https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.23.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-23-149.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:04 GMT
x-server-name
app27.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame D15D 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=fad9fe0b-fe1b-8d80-b2a2-7103d9432bfe&tv=%7Bc:vNrNPH,pingTime:-8,time:295,type:l,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:0,n:295,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:292,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B20~1%5D,as:%5B20~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:sQAQAjM+11%7C12%7C13%7C1411%7C14121%7C14122%7C14123%7C1413%7C1414%7C1415%7C1416%7C1417%7C1418%7C1419%7C15%7C16%7C17%7C18%7C191%7C192%7C1a*.928934%7C1a1%7C1a2%7C1b1%7C1b2,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Requested by
Host: cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com
URL: https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.215.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-215-112.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:04 GMT
x-server-name
dt11.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame 831F 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com
URL: https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:5e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 19 Aug 2021 16:31:41 GMT
content-encoding
gzip
age
9199284
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
EWR53-P1
content-type
application/javascript
x-amz-cf-id
RGpH7pAwV9yc-TjiVMk3K-_mepfTHIZRbszoElQP3nFJxYdeFw4LcA==
mon
pixel.adsafeprotected.com/ Frame B7AB 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=928934&campId=300x250&pubId=4823385567&chanId=21725210297&placementId=5845404894&pubCreative=138364361962&pubOrder=2944631174&cb=459201512&custom=story&custom2=1&adsafe_par&impId=add3def6-54b5-11ec-bcfd-021c8b152da9&adsafe_url=https%3A%2F%2Fwww.theobserver.ca%2F&adsafe_type=ce&adsafe_url=https%3A%2F%2Fcc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fcc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=bd&adsafe_jsinfo=,id:dd5956ee-158c-50e8-af83-2e64ba7508de,c:vNrNQb,sl:na,em:true,fr:false,thd:1,mn:app12va,rg:va,pt:1-5-15,br:c,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,mtim:311,fm:sQAQAjQ+11%7C12%7C13%7C1411%7C14121%7C14122%7C14123%7C1413%7C1414%7C1415%7C1416%7C1417%7C1418%7C1419%7C15%7C16%7C17%7C18%7C19*.928934%7C191%7C192%7C1a1%7C1a2%7C1a3%7C1b1%7C1b2,idMap:19*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:321,oid:aefafa1a-54b5-11ec-812e-02c32c75c003,v:19.8.270,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com
URL: https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.23.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-23-149.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:04 GMT
x-server-name
app08.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
MCE_Vacc_5-11_web_banner_BIL_970x250_EN_Q2.gif
s0.2mdn.net/9676709/ Frame 82D1 		92 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9676709/MCE_Vacc_5-11_web_banner_BIL_970x250_EN_Q2.gif
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N9597.3243117POSTMEDIA/B24337981.277935643;dc_ver=81.236;sz=970x250;u_sd=1;dc_adk=1224509250;ord=kt7pf8;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsumZ76qxfoHOuRzwtl_heEvN6bVR72uRTvrWWv81ioTbD05Ibd0SbHWKqgZHu7zQRJnm460x7tjrNB40Us_xaaSkhGZi0I3K6F2GcS4SixX2FGg4VnvmMbsieV8NCbPyvMVW3wJbhGmZY_4pexFvlgW16syFOqLpX1TukgdlCfyfuRENZppFPKGYo1Ds1ndtkP-1CJm2t-wunUFPvkDLjE_hJiQGpfoFytAg773jgtZ14Bton3GqOo90xXQFVS0v4bB-RnGahJHkhtrnGvyjI93HhB3dJT3ZcSQw6m84lh9rSkwyMlX-_qk_Cm5TIcOUq5ca5WkS0P_vbG3WDfgvNNB0xhOJsXho9wGEuI%26sai%3DAMfl-YROVQ-Wl8jxI57hMQWUM4EhytVe4cRZXRvKwV2iJU9YPY6wrOwekgKeaGOXYM6EELUoxC7nPLHlyHFa3veyPxxlM4Mts82swB44tVXhCnik5XK1AwB4-lfVzhjotZx0Nnely28U6gV_TLJrRVWT%26sig%3DCg0ArKJSzEXsmSl67DFDEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.theobserver.ca%2F$0;xdt=1;crlt=JY!BkmYF(T;sttr=109;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
672657891028b4bcf02fe255aa65abee5dcca1ac4b64e33ba14769de91965670
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 19:35:51 GMT
x-content-type-options
nosniff
age
29833
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
94158
x-xss-protection
0
last-modified
Thu, 25 Nov 2021 21:16:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 04 Dec 2021 19:35:51 GMT
sodar_loader.js
pagead2.googlesyndication.com/pagead/js/r20211201/r20110914/xfa/ Frame 82D1 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211201/r20110914/xfa/sodar_loader.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N9597.3243117POSTMEDIA/B24337981.277935643;dc_ver=81.236;sz=970x250;u_sd=1;dc_adk=1224509250;ord=kt7pf8;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsumZ76qxfoHOuRzwtl_heEvN6bVR72uRTvrWWv81ioTbD05Ibd0SbHWKqgZHu7zQRJnm460x7tjrNB40Us_xaaSkhGZi0I3K6F2GcS4SixX2FGg4VnvmMbsieV8NCbPyvMVW3wJbhGmZY_4pexFvlgW16syFOqLpX1TukgdlCfyfuRENZppFPKGYo1Ds1ndtkP-1CJm2t-wunUFPvkDLjE_hJiQGpfoFytAg773jgtZ14Bton3GqOo90xXQFVS0v4bB-RnGahJHkhtrnGvyjI93HhB3dJT3ZcSQw6m84lh9rSkwyMlX-_qk_Cm5TIcOUq5ca5WkS0P_vbG3WDfgvNNB0xhOJsXho9wGEuI%26sai%3DAMfl-YROVQ-Wl8jxI57hMQWUM4EhytVe4cRZXRvKwV2iJU9YPY6wrOwekgKeaGOXYM6EELUoxC7nPLHlyHFa3veyPxxlM4Mts82swB44tVXhCnik5XK1AwB4-lfVzhjotZx0Nnely28U6gV_TLJrRVWT%26sig%3DCg0ArKJSzEXsmSl67DFDEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.theobserver.ca%2F$0;xdt=1;crlt=JY!BkmYF(T;sttr=109;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
806b4ea1a35d9a0327df2f3423b2792713d96cf9b2cafd5b3e0bc0b624eaaffa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 15:38:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44099
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4150
x-xss-protection
0
server
cafe
etag
7197913981456707621
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Dec 2021 15:38:05 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211201/r20110914/elements/html/ Frame 82D1 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211201/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N9597.3243117POSTMEDIA/B24337981.277935643;dc_ver=81.236;sz=970x250;u_sd=1;dc_adk=1224509250;ord=kt7pf8;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsumZ76qxfoHOuRzwtl_heEvN6bVR72uRTvrWWv81ioTbD05Ibd0SbHWKqgZHu7zQRJnm460x7tjrNB40Us_xaaSkhGZi0I3K6F2GcS4SixX2FGg4VnvmMbsieV8NCbPyvMVW3wJbhGmZY_4pexFvlgW16syFOqLpX1TukgdlCfyfuRENZppFPKGYo1Ds1ndtkP-1CJm2t-wunUFPvkDLjE_hJiQGpfoFytAg773jgtZ14Bton3GqOo90xXQFVS0v4bB-RnGahJHkhtrnGvyjI93HhB3dJT3ZcSQw6m84lh9rSkwyMlX-_qk_Cm5TIcOUq5ca5WkS0P_vbG3WDfgvNNB0xhOJsXho9wGEuI%26sai%3DAMfl-YROVQ-Wl8jxI57hMQWUM4EhytVe4cRZXRvKwV2iJU9YPY6wrOwekgKeaGOXYM6EELUoxC7nPLHlyHFa3veyPxxlM4Mts82swB44tVXhCnik5XK1AwB4-lfVzhjotZx0Nnely28U6gV_TLJrRVWT%26sig%3DCg0ArKJSzEXsmSl67DFDEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.theobserver.ca%2F$0;xdt=1;crlt=JY!BkmYF(T;sttr=109;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:39:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
809
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3140
x-xss-protection
0
server
cafe
etag
17163059639670574047
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Dec 2021 03:39:35 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211201/r20110914/elements/html/ Frame 167B 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211201/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N9597.3243117POSTMEDIA/B24337981.277935643;dc_ver=81.236;sz=300x250;u_sd=1;dc_adk=3183312129;ord=y11bmg;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssH5jyUcbP8wTNChjlfjqaxWvProwE4oW7whu_QW7KGayGNRhouPTl_Agz3RrGaU5XOT4_piwgHs400mUSUN_LHOG1fi5hvfDqcegWr2ejvkuBz5YgTU-OpJnw-IfsNH50Qq7TtlzCVkgAc751G_kaSU0yzV0I8UbIPwsmgLsIBsU4St0VlCSixtRUR1eTjSt1uleyHARJaLu5XIFfzSfFkxBS5xzI_NQ8NDDqQjJq-m5s4rCGYqUoeGSNcQwi54snzE0OjX56lPE-wxorf56CF__ChtoVwqgZZ9kawrgmUMeYeN9v7Bzx3nz9C3_J4XKEH24EV4AmJYishYbF9oQBJpuSz6gdDzblpXlw%26sai%3DAMfl-YTnzMqsB93r2RgAJ3ca-dfOC6ejG6Imz863WXvNRWaI0VfyTO4BhT7v9IxYw-wa1GNCwmJeVEglTSrIReTQggR8lFckyBRiQBzgCzD4V5S_NMCYp7z08lWtrss-UckgNaxk_Z8eL5nXW0D9s5dT%26sig%3DCg0ArKJSzMEzDVBL5vUpEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.theobserver.ca%2F$0;xdt=1;crlt=JY!BkmYF(T;sttr=74;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:39:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
809
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3140
x-xss-protection
0
server
cafe
etag
17163059639670574047
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Dec 2021 03:39:35 GMT
dt
dt.adsafeprotected.com/ Frame D15D 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=fad9fe0b-fe1b-8d80-b2a2-7103d9432bfe&tv=%7Bc:vNrNQO,pingTime:-3,time:364,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:970,h:250,t:293%7D,%7Bpiv:0,vs:o,r:l,t:364%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:364,n:364,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:292,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B89~1,0~0%5D,as:%5B89~970.250%5D%7D%7D,%7Bsl:o,t:364,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:sQAQAjM+11%7C12%7C13%7C1411%7C14121%7C14122%7C14123%7C1413%7C1414%7C1415%7C1416%7C1417%7C1418%7C1419%7C15%7C16%7C17%7C18%7C191%7C192%7C1a*.928934%7C1a1%7C1a2%7C1b1%7C1b2,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Requested by
Host: cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com
URL: https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.215.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-215-112.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:04 GMT
x-server-name
dt13.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame D15D 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=fad9fe0b-fe1b-8d80-b2a2-7103d9432bfe&tv=%7Bc:vNrNQP,pingTime:-6,time:365,type:i,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:366,n:364,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:292,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B89~1,0~0%5D,as:%5B89~970.250%5D%7D%7D,%7Bsl:o,t:364,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B2~0%5D,as:%5B2~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:sQAQAjM+11%7C12%7C13%7C1411%7C14121%7C14122%7C14123%7C1413%7C1414%7C1415%7C1416%7C1417%7C1418%7C1419%7C15%7C16%7C17%7C18%7C191%7C192%7C1a*.928934%7C1a1%7C1a2%7C1b1%7C1b2,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&tpiLookup=ao:www.theobserver.ca*&br=c
Requested by
Host: cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com
URL: https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.215.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-215-112.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:04 GMT
x-server-name
dt10.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame B7AB 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=dd5956ee-158c-50e8-af83-2e64ba7508de&tv=%7Bc:vNrNQX,pingTime:-3,time:369,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:320%7D,%7Bpiv:0,vs:o,r:l,t:368%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:369,n:368,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:320,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B56~1,0~0%5D,as:%5B56~300.250%5D%7D%7D,%7Bsl:o,t:368,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:sQAQAjM+11%7C12%7C13%7C1411%7C14121%7C14122%7C14123%7C1413%7C1414%7C1415%7C1416%7C1417%7C1418%7C1419%7C15%7C16%7C17%7C18%7C19*.928934%7C191%7C192%7C1a.928934%7C1a1%7C1a2%7C1a3%7C1b1%7C1b2,idMap:19*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Requested by
Host: cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com
URL: https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.215.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-215-112.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:04 GMT
x-server-name
dt08.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame B7AB 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=dd5956ee-158c-50e8-af83-2e64ba7508de&tv=%7Bc:vNrNQY,pingTime:-6,time:370,type:i,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:370,n:368,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:320,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B56~1,0~0%5D,as:%5B56~300.250%5D%7D%7D,%7Bsl:o,t:368,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B2~0%5D,as:%5B2~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:sQAQAjM+11%7C12%7C13%7C1411%7C14121%7C14122%7C14123%7C1413%7C1414%7C1415%7C1416%7C1417%7C1418%7C1419%7C15%7C16%7C17%7C18%7C19*.928934%7C191%7C192%7C1a.928934%7C1a1%7C1a2%7C1a3%7C1b1%7C1b2,idMap:19*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&tpiLookup=ao:www.theobserver.ca*&br=c
Requested by
Host: cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com
URL: https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.215.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-215-112.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:04 GMT
x-server-name
dt09.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 82D1 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N9597.3243117POSTMEDIA/B24337981.277935643;dc_ver=81.236;sz=970x250;u_sd=1;dc_adk=1224509250;ord=kt7pf8;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsumZ76qxfoHOuRzwtl_heEvN6bVR72uRTvrWWv81ioTbD05Ibd0SbHWKqgZHu7zQRJnm460x7tjrNB40Us_xaaSkhGZi0I3K6F2GcS4SixX2FGg4VnvmMbsieV8NCbPyvMVW3wJbhGmZY_4pexFvlgW16syFOqLpX1TukgdlCfyfuRENZppFPKGYo1Ds1ndtkP-1CJm2t-wunUFPvkDLjE_hJiQGpfoFytAg773jgtZ14Bton3GqOo90xXQFVS0v4bB-RnGahJHkhtrnGvyjI93HhB3dJT3ZcSQw6m84lh9rSkwyMlX-_qk_Cm5TIcOUq5ca5WkS0P_vbG3WDfgvNNB0xhOJsXho9wGEuI%26sai%3DAMfl-YROVQ-Wl8jxI57hMQWUM4EhytVe4cRZXRvKwV2iJU9YPY6wrOwekgKeaGOXYM6EELUoxC7nPLHlyHFa3veyPxxlM4Mts82swB44tVXhCnik5XK1AwB4-lfVzhjotZx0Nnely28U6gV_TLJrRVWT%26sig%3DCg0ArKJSzEXsmSl67DFDEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.theobserver.ca%2F$0;xdt=1;crlt=JY!BkmYF(T;sttr=109;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 04 Dec 2021 03:53:04 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 82D1 		0
524 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssyFOdhswECQtPNY1znpRLga_XA3fYhw9AyNvjhHg2RNN5cWyxOU8cp34A_7Gb06N3UzA_D5coRBJNSk-6BWLKI529tIFAq5qPnE_naPMxjSl8riq3yYMhJIiIFYxLIORHY4CEQBNu2FcZzpn6W42tRfQ&sig=Cg0ArKJSzHbxiTrCg9LUEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211201.50564&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N9597.3243117POSTMEDIA/B24337981.277935643;dc_ver=81.236;sz=970x250;u_sd=1;dc_adk=1224509250;ord=kt7pf8;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsumZ76qxfoHOuRzwtl_heEvN6bVR72uRTvrWWv81ioTbD05Ibd0SbHWKqgZHu7zQRJnm460x7tjrNB40Us_xaaSkhGZi0I3K6F2GcS4SixX2FGg4VnvmMbsieV8NCbPyvMVW3wJbhGmZY_4pexFvlgW16syFOqLpX1TukgdlCfyfuRENZppFPKGYo1Ds1ndtkP-1CJm2t-wunUFPvkDLjE_hJiQGpfoFytAg773jgtZ14Bton3GqOo90xXQFVS0v4bB-RnGahJHkhtrnGvyjI93HhB3dJT3ZcSQw6m84lh9rSkwyMlX-_qk_Cm5TIcOUq5ca5WkS0P_vbG3WDfgvNNB0xhOJsXho9wGEuI%26sai%3DAMfl-YROVQ-Wl8jxI57hMQWUM4EhytVe4cRZXRvKwV2iJU9YPY6wrOwekgKeaGOXYM6EELUoxC7nPLHlyHFa3veyPxxlM4Mts82swB44tVXhCnik5XK1AwB4-lfVzhjotZx0Nnely28U6gV_TLJrRVWT%26sig%3DCg0ArKJSzEXsmSl67DFDEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.theobserver.ca%2F$0;xdt=1;crlt=JY!BkmYF(T;sttr=109;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Sat, 04 Dec 2021 03:53:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 82D1 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N9597.3243117POSTMEDIA/B24337981.277935643;dc_ver=81.236;sz=970x250;u_sd=1;dc_adk=1224509250;ord=kt7pf8;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsumZ76qxfoHOuRzwtl_heEvN6bVR72uRTvrWWv81ioTbD05Ibd0SbHWKqgZHu7zQRJnm460x7tjrNB40Us_xaaSkhGZi0I3K6F2GcS4SixX2FGg4VnvmMbsieV8NCbPyvMVW3wJbhGmZY_4pexFvlgW16syFOqLpX1TukgdlCfyfuRENZppFPKGYo1Ds1ndtkP-1CJm2t-wunUFPvkDLjE_hJiQGpfoFytAg773jgtZ14Bton3GqOo90xXQFVS0v4bB-RnGahJHkhtrnGvyjI93HhB3dJT3ZcSQw6m84lh9rSkwyMlX-_qk_Cm5TIcOUq5ca5WkS0P_vbG3WDfgvNNB0xhOJsXho9wGEuI%26sai%3DAMfl-YROVQ-Wl8jxI57hMQWUM4EhytVe4cRZXRvKwV2iJU9YPY6wrOwekgKeaGOXYM6EELUoxC7nPLHlyHFa3veyPxxlM4Mts82swB44tVXhCnik5XK1AwB4-lfVzhjotZx0Nnely28U6gV_TLJrRVWT%26sig%3DCg0ArKJSzEXsmSl67DFDEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.theobserver.ca%2F$0;xdt=1;crlt=JY!BkmYF(T;sttr=109;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 09:38:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
152081
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Fri, 02 Dec 2022 09:38:23 GMT
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 167B 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N9597.3243117POSTMEDIA/B24337981.277935643;dc_ver=81.236;sz=300x250;u_sd=1;dc_adk=3183312129;ord=y11bmg;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssH5jyUcbP8wTNChjlfjqaxWvProwE4oW7whu_QW7KGayGNRhouPTl_Agz3RrGaU5XOT4_piwgHs400mUSUN_LHOG1fi5hvfDqcegWr2ejvkuBz5YgTU-OpJnw-IfsNH50Qq7TtlzCVkgAc751G_kaSU0yzV0I8UbIPwsmgLsIBsU4St0VlCSixtRUR1eTjSt1uleyHARJaLu5XIFfzSfFkxBS5xzI_NQ8NDDqQjJq-m5s4rCGYqUoeGSNcQwi54snzE0OjX56lPE-wxorf56CF__ChtoVwqgZZ9kawrgmUMeYeN9v7Bzx3nz9C3_J4XKEH24EV4AmJYishYbF9oQBJpuSz6gdDzblpXlw%26sai%3DAMfl-YTnzMqsB93r2RgAJ3ca-dfOC6ejG6Imz863WXvNRWaI0VfyTO4BhT7v9IxYw-wa1GNCwmJeVEglTSrIReTQggR8lFckyBRiQBzgCzD4V5S_NMCYp7z08lWtrss-UckgNaxk_Z8eL5nXW0D9s5dT%26sig%3DCg0ArKJSzMEzDVBL5vUpEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.theobserver.ca%2F$0;xdt=1;crlt=JY!BkmYF(T;sttr=74;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Origin
https://ad.doubleclick.net
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 09:38:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65678
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 04 Dec 2021 09:38:26 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 167B 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N9597.3243117POSTMEDIA/B24337981.277935643;dc_ver=81.236;sz=300x250;u_sd=1;dc_adk=3183312129;ord=y11bmg;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssH5jyUcbP8wTNChjlfjqaxWvProwE4oW7whu_QW7KGayGNRhouPTl_Agz3RrGaU5XOT4_piwgHs400mUSUN_LHOG1fi5hvfDqcegWr2ejvkuBz5YgTU-OpJnw-IfsNH50Qq7TtlzCVkgAc751G_kaSU0yzV0I8UbIPwsmgLsIBsU4St0VlCSixtRUR1eTjSt1uleyHARJaLu5XIFfzSfFkxBS5xzI_NQ8NDDqQjJq-m5s4rCGYqUoeGSNcQwi54snzE0OjX56lPE-wxorf56CF__ChtoVwqgZZ9kawrgmUMeYeN9v7Bzx3nz9C3_J4XKEH24EV4AmJYishYbF9oQBJpuSz6gdDzblpXlw%26sai%3DAMfl-YTnzMqsB93r2RgAJ3ca-dfOC6ejG6Imz863WXvNRWaI0VfyTO4BhT7v9IxYw-wa1GNCwmJeVEglTSrIReTQggR8lFckyBRiQBzgCzD4V5S_NMCYp7z08lWtrss-UckgNaxk_Z8eL5nXW0D9s5dT%26sig%3DCg0ArKJSzMEzDVBL5vUpEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.theobserver.ca%2F$0;xdt=1;crlt=JY!BkmYF(T;sttr=74;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 09:38:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
152081
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Fri, 02 Dec 2022 09:38:23 GMT
dt
dt.adsafeprotected.com/ Frame D15D 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=fad9fe0b-fe1b-8d80-b2a2-7103d9432bfe&tv=%7Bc:vNrNRx,pingTime:-2,time:409,type:a,im:%7Bsf:1,pom:1,prf:%7BbeA:136,beZ:138,mfA:407,cmA:409,inA:409,inZ:414,prA:414,prZ:421,si:430,poA:432,poZ:450,cmZ:450,mfZ:450,loA:501,loZ:504,ltA:545,ltZ:545,idA:450,idZ:481%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.254,dom:body%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:970,h:250,t:293%7D,%7Bpiv:0,vs:o,r:l,t:364%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:410,n:364,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:292,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B89~1,0~0%5D,as:%5B89~970.250%5D%7D%7D,%7Bsl:o,t:364,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B46~0%5D,as:%5B46~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:sQAQAjM+11%7C12%7C13%7C1411%7C14121%7C14122%7C14123%7C1413%7C1414%7C1415%7C1416%7C1417%7C1418%7C1419%7C15%7C16%7C17%7C18%7C19.928934%7C191%7C192%7C1a*.928934%7C1a1%7C1a2%7C1b1%7C1b2,idMap:1a*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:DIV.qs.sn,sinceFw:113,readyFired:true%7D&br=c
Requested by
Host: cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com
URL: https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.215.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-215-112.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:04 GMT
x-server-name
dt15.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame B7AB 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=dd5956ee-158c-50e8-af83-2e64ba7508de&tv=%7Bc:vNrNRB,pingTime:-2,time:409,type:a,im:%7Bsf:1,pom:1,prf:%7BbeA:134,beZ:135,mfA:444,cmA:445,inA:445,inZ:446,prA:446,prZ:451,si:454,poA:454,poZ:465,cmZ:465,mfZ:465,loA:503,loZ:504,ltA:542,ltZ:542,idA:465,idZ:499%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.254,dom:body%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:320%7D,%7Bpiv:0,vs:o,r:l,t:368%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:409,n:368,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:320,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B56~1,0~0%5D,as:%5B56~300.250%5D%7D%7D,%7Bsl:o,t:368,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B41~0%5D,as:%5B41~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:sQAQAjM+11%7C12%7C13%7C1411%7C14121%7C14122%7C14123%7C1413%7C1414%7C1415%7C1416%7C1417%7C1418%7C1419%7C15%7C16%7C17%7C18%7C19*.928934%7C191%7C192%7C1a.928934%7C1a1%7C1a2%7C1a3%7C1b1%7C1b2,idMap:19*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:DIV.qs.sn,sinceFw:87,readyFired:true%7D&br=c
Requested by
Host: cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com
URL: https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.215.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-215-112.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:04 GMT
x-server-name
dt18.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame B7AB 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=dd5956ee-158c-50e8-af83-2e64ba7508de&tv=%7Bc:vNrNRG,pingTime:0,time:414,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:320%7D,%7Bpiv:0,vs:o,r:l,t:368%7D,%7Bpiv:100,vs:i,r:,t:414%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:414,n:368,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:320,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B56~1,0~0%5D,as:%5B56~300.250%5D%7D%7D,%7Bsl:o,t:368,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B46~0%5D,as:%5B46~300.250%5D%7D%7D,%7Bsl:i,t:414,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1~100%5D,as:%5B1~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:0,fm:sQAQAjM+11%7C12%7C13%7C1411%7C14121%7C14122%7C14123%7C1413%7C1414%7C1415%7C1416%7C1417%7C1418%7C1419%7C15%7C16%7C17%7C18%7C19*.928934%7C191%7C192%7C1a.928934%7C1a1%7C1a2%7C1a3%7C1b1%7C1b2,idMap:19*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Requested by
Host: cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com
URL: https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.215.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-215-112.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:04 GMT
x-server-name
dt01.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sodar
pagead2.googlesyndication.com/getconfig/ Frame 82D1 		6 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20211201/r20110914/xfa/sodar_loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
378ad9a5e1ccb65f19006c6e982a679380bee490d655c33bb493871ba142cfc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Dec 2021 03:53:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4466
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 82D1 		0
60 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssyFOdhswECQtPNY1znpRLga_XA3fYhw9AyNvjhHg2RNN5cWyxOU8cp34A_7Gb06N3UzA_D5coRBJNSk-6BWLKI529tIFAq5qPnE_naPMxjSl8riq3yYMhJIiIFYxLIORHY4CEQBNu2FcZzpn6W42tRfQ&sig=Cg0ArKJSzHbxiTrCg9LUEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=91&vt=11&dtpt=90&dett=2&cstd=0&cisv=r20211201.50564&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N9597.3243117POSTMEDIA/B24337981.277935643;dc_ver=81.236;sz=970x250;u_sd=1;dc_adk=1224509250;ord=kt7pf8;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsumZ76qxfoHOuRzwtl_heEvN6bVR72uRTvrWWv81ioTbD05Ibd0SbHWKqgZHu7zQRJnm460x7tjrNB40Us_xaaSkhGZi0I3K6F2GcS4SixX2FGg4VnvmMbsieV8NCbPyvMVW3wJbhGmZY_4pexFvlgW16syFOqLpX1TukgdlCfyfuRENZppFPKGYo1Ds1ndtkP-1CJm2t-wunUFPvkDLjE_hJiQGpfoFytAg773jgtZ14Bton3GqOo90xXQFVS0v4bB-RnGahJHkhtrnGvyjI93HhB3dJT3ZcSQw6m84lh9rSkwyMlX-_qk_Cm5TIcOUq5ca5WkS0P_vbG3WDfgvNNB0xhOJsXho9wGEuI%26sai%3DAMfl-YROVQ-Wl8jxI57hMQWUM4EhytVe4cRZXRvKwV2iJU9YPY6wrOwekgKeaGOXYM6EELUoxC7nPLHlyHFa3veyPxxlM4Mts82swB44tVXhCnik5XK1AwB4-lfVzhjotZx0Nnely28U6gV_TLJrRVWT%26sig%3DCg0ArKJSzEXsmSl67DFDEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.theobserver.ca%2F$0;xdt=1;crlt=JY!BkmYF(T;sttr=109;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Sat, 04 Dec 2021 03:53:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 167B 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 04 Dec 2021 03:53:04 GMT
Index.html
s0.2mdn.net/9676709/1638301806568/ Frame 203E 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9676709/1638301806568/Index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f77d08d2ebf25624be58be1e98bbbaa87d22091a13ea0ccebadb71fcfc6e5fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length
1737
date
Fri, 03 Dec 2021 21:39:15 GMT
expires
Sat, 04 Dec 2021 21:39:15 GMT
last-modified
Tue, 30 Nov 2021 19:50:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
22429
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 167B 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssxByUk4PrGkggyscoVLOtYr89YYrB8iRCSHlxm88i8JVMIsSSNeOQ7pN1-fCop0Zu4RTqdtVx2mIVG8dVBMewm8wYmoz5M01edvFC3ST0SUGjcqTjh92Z9z5EmtOjmfEWGvHelQnrM73HNoCp0iSlNKA&sig=Cg0ArKJSzMxtwy9GI2k-EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=143&cbvp=1&cstd=140&cisv=r20211201.20448&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N9597.3243117POSTMEDIA/B24337981.277935643;dc_ver=81.236;sz=300x250;u_sd=1;dc_adk=3183312129;ord=y11bmg;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssH5jyUcbP8wTNChjlfjqaxWvProwE4oW7whu_QW7KGayGNRhouPTl_Agz3RrGaU5XOT4_piwgHs400mUSUN_LHOG1fi5hvfDqcegWr2ejvkuBz5YgTU-OpJnw-IfsNH50Qq7TtlzCVkgAc751G_kaSU0yzV0I8UbIPwsmgLsIBsU4St0VlCSixtRUR1eTjSt1uleyHARJaLu5XIFfzSfFkxBS5xzI_NQ8NDDqQjJq-m5s4rCGYqUoeGSNcQwi54snzE0OjX56lPE-wxorf56CF__ChtoVwqgZZ9kawrgmUMeYeN9v7Bzx3nz9C3_J4XKEH24EV4AmJYishYbF9oQBJpuSz6gdDzblpXlw%26sai%3DAMfl-YTnzMqsB93r2RgAJ3ca-dfOC6ejG6Imz863WXvNRWaI0VfyTO4BhT7v9IxYw-wa1GNCwmJeVEglTSrIReTQggR8lFckyBRiQBzgCzD4V5S_NMCYp7z08lWtrss-UckgNaxk_Z8eL5nXW0D9s5dT%26sig%3DCg0ArKJSzMEzDVBL5vUpEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.theobserver.ca%2F$0;xdt=1;crlt=JY!BkmYF(T;sttr=74;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Sat, 04 Dec 2021 03:53:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 877F 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Thu, 02 Dec 2021 09:38:23 GMT
expires
Fri, 02 Dec 2022 09:38:23 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
152081
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame EFF5 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Thu, 02 Dec 2021 09:38:23 GMT
expires
Fri, 02 Dec 2022 09:38:23 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
152081
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
normalize.css
s0.2mdn.net/9676709/1638301806568/css/ Frame 203E 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9676709/1638301806568/css/normalize.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9676709/1638301806568/Index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
580818700724d42d7fcc4979b0197971fca1c6d2e0286769237a0ac897df5512
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/9676709/1638301806568/Index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 21:39:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22430
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1738
x-xss-protection
0
last-modified
Tue, 30 Nov 2021 19:50:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 04 Dec 2021 21:39:15 GMT
main.css
s0.2mdn.net/9676709/1638301806568/css/ Frame 203E 		2 KB
455 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9676709/1638301806568/css/main.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9676709/1638301806568/Index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89e20a27fafaccaa64642ae27c267e2e3a37676cea8101b98e598ef79c209e6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/9676709/1638301806568/Index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 21:39:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22430
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
429
x-xss-protection
0
last-modified
Tue, 30 Nov 2021 19:50:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 04 Dec 2021 21:39:15 GMT
Logos.png
s0.2mdn.net/9676709/1638301806568/img/ Frame 203E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9676709/1638301806568/img/Logos.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9676709/1638301806568/Index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
deddf1b908c497ef2816724eb531a7455ac542eb9e174efb223bc6fab1f3f706
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/9676709/1638301806568/Index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 21:39:15 GMT
x-content-type-options
nosniff
age
22430
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1864
x-xss-protection
0
last-modified
Tue, 30 Nov 2021 19:50:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 04 Dec 2021 21:39:15 GMT
cta.svg
s0.2mdn.net/9676709/1638301806568/img/ Frame 203E 		7 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9676709/1638301806568/img/cta.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9676709/1638301806568/Index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74abbc2deced2708428d1ade35e77a7e3eb6d6fe366c0e53448415f69242f207
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/9676709/1638301806568/Index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 21:39:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22430
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2406
x-xss-protection
0
last-modified
Tue, 30 Nov 2021 19:50:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 04 Dec 2021 21:39:15 GMT
BB_04.png
s0.2mdn.net/9676709/1638301806568/img/ Frame 203E 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9676709/1638301806568/img/BB_04.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9676709/1638301806568/Index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e6a11c0786c5b945cb6f852a0556fcbd73e16271453fdaaa56ac2085cda9e75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/9676709/1638301806568/Index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 21:39:15 GMT
x-content-type-options
nosniff
age
22430
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2609
x-xss-protection
0
last-modified
Tue, 30 Nov 2021 19:50:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 04 Dec 2021 21:39:15 GMT
BB_03.jpg
s0.2mdn.net/9676709/1638301806568/img/ Frame 203E 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9676709/1638301806568/img/BB_03.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9676709/1638301806568/Index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d15bd49b3782d9c5f38fd67631bb4a4e1295fadc2cd04b3f664c43115088253a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/9676709/1638301806568/Index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 21:39:15 GMT
x-content-type-options
nosniff
age
22430
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14834
x-xss-protection
0
last-modified
Tue, 30 Nov 2021 19:50:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 04 Dec 2021 21:39:15 GMT
BB_02.jpg
s0.2mdn.net/9676709/1638301806568/img/ Frame 203E 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9676709/1638301806568/img/BB_02.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9676709/1638301806568/Index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9f1c74c1ed2cac750e4e61a78a25b33f3ec186f65a51d0cf79e5bd930245035
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/9676709/1638301806568/Index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 21:39:15 GMT
x-content-type-options
nosniff
age
22430
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17954
x-xss-protection
0
last-modified
Tue, 30 Nov 2021 19:50:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 04 Dec 2021 21:39:15 GMT
BB_01.jpg
s0.2mdn.net/9676709/1638301806568/img/ Frame 203E 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9676709/1638301806568/img/BB_01.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9676709/1638301806568/Index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
25530b8702160f27d8ca73bb521ecb14c6dcc537e7936b8bcf3f61313bc750ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/9676709/1638301806568/Index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 21:39:15 GMT
x-content-type-options
nosniff
age
22430
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26455
x-xss-protection
0
last-modified
Tue, 30 Nov 2021 19:50:06 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 04 Dec 2021 21:39:15 GMT
Footer.svg
s0.2mdn.net/9676709/1638301806568/img/ Frame 203E 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9676709/1638301806568/img/Footer.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9676709/1638301806568/Index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
173149620ea50ea8e7f5094f280fb9b43664dfceb9e698de15698672fe217069
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/9676709/1638301806568/Index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 21:39:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22430
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2329
x-xss-protection
0
last-modified
Tue, 30 Nov 2021 19:50:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 04 Dec 2021 21:39:15 GMT
analytics.js
www.google-analytics.com/ Frame 203E 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9676709/1638301806568/Index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5470
date
Sat, 04 Dec 2021 02:21:55 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 04 Dec 2021 04:21:55 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame AAB8 		27 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F3081%2Farn-distro&description_url=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check&env=vp&correlator=4190424788544526&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=320x240&cust_params=nk%3Ddistro%26pr%3Dsob%26ck%3Dnews%26loc%3Dtop%26page%3Dstory%26sck%3Dlocal-news%26aid%3D0da4e23b-a39c-4158-b12d-572347c6e2aa%2C56940&unviewed_position_start=1&ppid=00000000ppidp6874739207850811631&us_privacy&gdpr=0&gdpr_consent&vpa=auto&vpmute=1&sdkv=h.3.490.0&osd=2&frm=2&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=517738578&sdk_apis=2%2C8&media_url=https%3A%2F%2Fc5x8i7c7.ssl.hwcdn.net%2Fvplayer-parallel%2F20210408_1900%2Fima_html5%2Fminimal.mp4&sid=976389F4-DA9F-4216-851A-68BCF68251E6&nel=0&url=https%3A%2F%2Fwww.theobserver.ca%2F&ref=https%3A%2F%2Fwww.theobserver.ca%2F&dt=1638589985074&scor=3041132389051127&ged=ve4_td1_tt0_pd1_la1000_er0.0.154.300_vi0.0.317.564_vp100_eb24427
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
cafe /
Resource Hash
0d7898a114b4efe59ac34b9d2fa2227cffe3bf377be8794a44a52f05e71d8c46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6619
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 82D1 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20211201/r20110914/xfa/sodar_loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sat, 04 Dec 2021 03:53:05 GMT
dt
dt.adsafeprotected.com/ Frame D15D 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=fad9fe0b-fe1b-8d80-b2a2-7103d9432bfe&tv=%7Bc:vNrNXg,pingTime:-10,time:764,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Ni4wLjQ2NjQuNDUgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1638589985141%7C%7C71b76615f49f735f32b4178f89f89af8%7C%7Cb4088f046bf9a570f2964ffc86d258ff%7C%7C2360f31ac98ee952abbf24acbc9eaeda%7C%7C1fae2a8b45fd59683413c9ae3e0aeff6%7C%7Cd90467c903d8b66a43c2c13970f2d5b9%7C%7C6ca2621a145f7219b4c6c230827f1f78%7C%7Cb0f8653c6b1320215d6a33d21b955013%7C%7C1629390669,env:%7Bar:self.0%7D%7D
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.215.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-215-112.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:05 GMT
x-server-name
dt04.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
lpsW2_ffPYTZ8rZJjb0UUxqN4MuIngUyqdH9Px88Rrc.js
pagead2.googlesyndication.com/bg/ Frame 877F 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/lpsW2_ffPYTZ8rZJjb0UUxqN4MuIngUyqdH9Px88Rrc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
969b16dbf7df3d84d9f2b6498dbd14531a8de0cb889e0532a9d1fd3f1f3c46b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 15:20:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
304373
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13349
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 30 Nov 2022 15:20:12 GMT
lpsW2_ffPYTZ8rZJjb0UUxqN4MuIngUyqdH9Px88Rrc.js
pagead2.googlesyndication.com/bg/ Frame EFF5 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/lpsW2_ffPYTZ8rZJjb0UUxqN4MuIngUyqdH9Px88Rrc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
969b16dbf7df3d84d9f2b6498dbd14531a8de0cb889e0532a9d1fd3f1f3c46b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 15:20:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
304373
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13349
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 30 Nov 2022 15:20:12 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 167B 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssxByUk4PrGkggyscoVLOtYr89YYrB8iRCSHlxm88i8JVMIsSSNeOQ7pN1-fCop0Zu4RTqdtVx2mIVG8dVBMewm8wYmoz5M01edvFC3ST0SUGjcqTjh92Z9z5EmtOjmfEWGvHelQnrM73HNoCp0iSlNKA&sig=Cg0ArKJSzMxtwy9GI2k-EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=410&vt=11&dtpt=267&dett=3&cstd=140&cisv=r20211201.20448&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N9597.3243117POSTMEDIA/B24337981.277935643;dc_ver=81.236;sz=300x250;u_sd=1;dc_adk=3183312129;ord=y11bmg;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssH5jyUcbP8wTNChjlfjqaxWvProwE4oW7whu_QW7KGayGNRhouPTl_Agz3RrGaU5XOT4_piwgHs400mUSUN_LHOG1fi5hvfDqcegWr2ejvkuBz5YgTU-OpJnw-IfsNH50Qq7TtlzCVkgAc751G_kaSU0yzV0I8UbIPwsmgLsIBsU4St0VlCSixtRUR1eTjSt1uleyHARJaLu5XIFfzSfFkxBS5xzI_NQ8NDDqQjJq-m5s4rCGYqUoeGSNcQwi54snzE0OjX56lPE-wxorf56CF__ChtoVwqgZZ9kawrgmUMeYeN9v7Bzx3nz9C3_J4XKEH24EV4AmJYishYbF9oQBJpuSz6gdDzblpXlw%26sai%3DAMfl-YTnzMqsB93r2RgAJ3ca-dfOC6ejG6Imz863WXvNRWaI0VfyTO4BhT7v9IxYw-wa1GNCwmJeVEglTSrIReTQggR8lFckyBRiQBzgCzD4V5S_NMCYp7z08lWtrss-UckgNaxk_Z8eL5nXW0D9s5dT%26sig%3DCg0ArKJSzMEzDVBL5vUpEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.theobserver.ca%2F$0;xdt=1;crlt=JY!BkmYF(T;sttr=74;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Sat, 04 Dec 2021 03:53:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
syncframe
gum.criteo.com/ Frame 188D 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.theobserver.ca
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
6de355c79c0d5e8d4c373e4b79a36d59aacca27ecc8c5cbd2e3191ab2871c440
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
2143
date
Sat, 04 Dec 2021 03:53:04 GMT
content-length
4684
optout_check
beacon.krxd.net/ 		82 B
241 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon.krxd.net/optout_check?callback=Krux.ns.postmedia.kxjsonp_optOutCheck
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.44.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-44-99.compute-1.amazonaws.com
Software
/
Resource Hash
4d286d29d71c52500e17a5f2534274b3c0bb4bf8f90969a677dfd0ce0122e730

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:05 GMT
cache-control
private, max-age=0, s-max-age=0
x-request-time
D=38 t=1638589985
x-served-by
beacon-n009-ash-prod.krxd.net
content-type
text/javascript
get
cdn.krxd.net/userdata/ 		364 B
509 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/userdata/get?pub=42fb57ac-2013-45a6-8dad-332d53e17c1b&technographics=1&callback=Krux.ns.postmedia.kxjsonp_userdata
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
230f8be1f2494988ebf9a1e09d66ee7820559dd3d9b0eb5cb2e6bae40790e553

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_userdata_ash_prod_krxd_net___UserData_Service_V2
date
Sat, 04 Dec 2021 03:53:05 GMT
content-encoding
gzip
age
0
x-served-by
userdata-a005-ash-prod.krxd.net, cache-yul12828-YUL
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript
via
1.1 varnish
cache-control
private, max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1638589985.214245,VS0,VE29
content-length
281
x-cache-hits
0, 0
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021113001&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a8efa8f4bd8ed7d938cc5ff60d168673064da4df090c3dec4fe60517885eba3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Dec 2021 03:53:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8557
x-xss-protection
0
dt
dt.adsafeprotected.com/ Frame B7AB 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=dd5956ee-158c-50e8-af83-2e64ba7508de&tv=%7Bc:vNrNYj,time:825,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:411,o:414,n:368,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:320,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B56~1,0~0%5D,as:%5B56~300.250%5D%7D%7D,%7Bsl:o,t:368,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B46~0%5D,as:%5B46~300.250%5D%7D%7D,%7Bsl:i,t:414,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B411~100%5D,as:%5B411~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:59,fm:sQAQAjM+11%7C12%7C13%7C1411%7C14121%7C14122%7C14123%7C1413%7C1414%7C1415%7C1416%7C1417%7C1418%7C1419%7C15%7C16%7C17%7C18%7C19*.928934%7C191%7C192%7C1a.928934%7C1a1%7C1a2%7C1a3%7C1b1%7C1b2,idMap:19*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.215.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-215-112.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:05 GMT
x-server-name
dt09.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
ribn-postmedia.min.js
assets.ribn.com/v2/production/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.ribn.com/v2/production/ribn-postmedia.min.js
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:6000:7:75d4:e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c81cab8c63d469329c0e0724770c6c8622f0d5d1fb8b6f919b6d7dddfadba190

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 08:20:43 GMT
content-encoding
gzip
last-modified
Wed, 01 Sep 2021 18:06:03 GMT
server
AmazonS3
age
95097
etag
W/"baaa6497dd2dea88d8fdb6d6cca08cf2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6f9ef5ae165c9835aa6935d9fb7e2072.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-P1
x-amz-cf-id
TYOdsJ9RUb_k2DG1E-rbQlznfPH0LCbV5pNGBVOtwIers1q5JeDKnA==
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/10276888/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
347 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol
H2
Server
52.85.61.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-28.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:47:54 GMT
via
1.1 6a2d00c5c73022efc4bc2786f44b3cdc.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
last-modified
Mon, 01 Mar 2021 20:42:20 GMT
server
AmazonS3
age
312
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-length
0
x-amz-cf-id
baCRsq361jzUl0klqegA6vgnggXGwizhOhcv0lw7Vs_4E6-BkH9gCA==

Redirect headers

date
Sat, 04 Dec 2021 03:53:05 GMT
via
1.1 6a2d00c5c73022efc4bc2786f44b3cdc.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-P1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
/internal-c2/default/cs.js
content-length
48
x-amz-cf-id
4nfta9nXNQUq_jOE7XxhbfUPBV-wnQ9cfBmRJyF4tspavsgrC-ab7w==
dt
dt.adsafeprotected.com/ Frame B7AB 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=dd5956ee-158c-50e8-af83-2e64ba7508de&tv=%7Bc:vNrNYq,pingTime:-10,time:832,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Ni4wLjQ2NjQuNDUgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1638589985141%7C%7C71b76615f49f735f32b4178f89f89af8%7C%7Cb4088f046bf9a570f2964ffc86d258ff%7C%7C2360f31ac98ee952abbf24acbc9eaeda%7C%7C1fae2a8b45fd59683413c9ae3e0aeff6%7C%7Cd90467c903d8b66a43c2c13970f2d5b9%7C%7C6ca2621a145f7219b4c6c230827f1f78%7C%7Cb0f8653c6b1320215d6a33d21b955013%7C%7C1629390669,sca:%7Bspg:fad9fe0b-fe1b-8d80-b2a2-7103d9432bfe%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.215.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-215-112.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:05 GMT
x-server-name
dt08.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
lpsW2_ffPYTZ8rZJjb0UUxqN4MuIngUyqdH9Px88Rrc.js
pagead2.googlesyndication.com/bg/ Frame DCB2 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/lpsW2_ffPYTZ8rZJjb0UUxqN4MuIngUyqdH9Px88Rrc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
969b16dbf7df3d84d9f2b6498dbd14531a8de0cb889e0532a9d1fd3f1f3c46b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 15:20:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
304373
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13349
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 30 Nov 2022 15:20:12 GMT
42fb57ac-2013-45a6-8dad-332d53e17c1b
consumer.krxd.net/consent/get/ 		224 B
310 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/42fb57ac-2013-45a6-8dad-332d53e17c1b?idt=device&dt=kxcookie&callback=Krux.ns.postmedia.kxjsonp_consent_get_1
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e892f664f24788968d221cabbe1d1e3dec45c96216fdb9ab0d696dd0847c5d45

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:05 GMT
via
1.1 varnish
age
0
x-served-by
consumer-a015-ash-prod.krxd.net, cache-yul12829-YUL
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
content-encoding
gzip
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1638589985.299686,VS0,VE19
content-length
187
x-cache-hits
0, 0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021113001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sat, 04 Dec 2021 03:53:05 GMT
sid
mug.criteo.com/ Frame 188D
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=theobserver.ca&sn=ChromeSyncframe&so=0&topUrl=www.theobserver.ca&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=TZfMynx3RXYyMmlIWGxXSlpGYmxJT3pmdXJWUHl4bzA5TEVnQTdhaWs3VjZ1bHJ6dTIvM3BnZURiVHR0eGNHVXBDcUdkN0dlbVk0ZlVBU2RjQ3hiSWpUUGNGZ3A5bGVSM1FiYmlhbzhyVUdZb3hXWTBxOTR2VzZSdk4wSE...
435 B
621 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=TZfMynx3RXYyMmlIWGxXSlpGYmxJT3pmdXJWUHl4bzA5TEVnQTdhaWs3VjZ1bHJ6dTIvM3BnZURiVHR0eGNHVXBDcUdkN0dlbVk0ZlVBU2RjQ3hiSWpUUGNGZ3A5bGVSM1FiYmlhbzhyVUdZb3hXWTBxOTR2VzZSdk4wSENpa0Z4SnQ4OVpXWFFzenNBUEdNZUNwWXkyMVBCaENoSGc0K0o1TzFwVlZrS3NLTzIxWVYzMGpJRlYzOWtjUW1PZFpBMFVMaU5EdndTdXoyMndhbUZIUm1GV2tvakJabFI1WjIrK0lodmV1b3kvM2dmblFpSDR5MU1LVjFtMjdnRjdWbHhEeW1KaUtZc2NMTHpON1BTTW1RYzdVME9CUT09fA&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
881970ff5a30f45093a6ddbb1da7dc20197b80941bc53b77527d9ca2963531b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sat, 04 Dec 2021 03:53:04 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4158
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 04 Dec 2021 03:53:04 GMT
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=TZfMynx3RXYyMmlIWGxXSlpGYmxJT3pmdXJWUHl4bzA5TEVnQTdhaWs3VjZ1bHJ6dTIvM3BnZURiVHR0eGNHVXBDcUdkN0dlbVk0ZlVBU2RjQ3hiSWpUUGNGZ3A5bGVSM1FiYmlhbzhyVUdZb3hXWTBxOTR2VzZSdk4wSENpa0Z4SnQ4OVpXWFFzenNBUEdNZUNwWXkyMVBCaENoSGc0K0o1TzFwVlZrS3NLTzIxWVYzMGpJRlYzOWtjUW1PZFpBMFVMaU5EdndTdXoyMndhbUZIUm1GV2tvakJabFI1WjIrK0lodmV1b3kvM2dmblFpSDR5MU1LVjFtMjdnRjdWbHhEeW1KaUtZc2NMTHpON1BTTW1RYzdVME9CUT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1659
content-length
541
expires
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C9C7 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
date
Fri, 03 Dec 2021 18:15:28 GMT
expires
Sat, 03 Dec 2022 18:15:28 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
34657
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 9342 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b0c01119006753e7e619f6d11c5d91ae3ecb7859031f9af5144b558212100b7c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-XRYU7CcafVbQZvE/r/qguw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sat, 04 Dec 2021 03:53:05 GMT
date
Sat, 04 Dec 2021 03:53:05 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-XRYU7CcafVbQZvE/r/qguw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel.gif
beacon.krxd.net/ 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/pixel.gif?source=smarttag&fired=report&confid=uthtxmddg&_kpid=42fb57ac-2013-45a6-8dad-332d53e17c1b&_kcp_s=communities&_kcp_d=www.theobserver.ca&_knifr=14&_kua_kx_tz=0&geo_country=ca&geo_region=qc&geo_dma=124462&_kua_kx_lang=en-us&_kua_kx_tech_browser_language=en-us&_kua_mpid=6874739207850811631&_kua_ad_light_user=false&_kua_kx_tech_browser=Chrome%209&_kua_kx_tech_manufacturer=Microsoft%20Corporation&_kua_kx_tech_device=Computer&_kua_kx_tech_os=Windows%2010&_kua_kx_geo_country=ca&_kua_kx_geo_region=qc&_kua_kx_geo_dma=124462&_kua_kx_whistle=0&_kpa_communities_url_path_1=news&_kpa_communities_url_path_2=local-news&_kpa_communities_url_path_3=judge-seeks-rehab-check&_kpa_domain=www.theobserver.ca&_kpa_url_path_1=news&_kpa_url_path_2=local-news&_kpa_url_path_3=judge-seeks-rehab-check&_kpa_authors=Neil%20Bowen&_kpa_nlp_category=Law%20Enforcement%7C%20Health%7C%20Crime%7CLaw%20Enforcement&_kpa_page_type=story&_kpa_tags=sarnia-courts&_kpa_communities_authors=Neil%20Bowen&_kpa_communities_nlp_category=Law%20Enforcement%7C%20Health%7C%20Crime%7CLaw%20Enforcement&_kpa_communities_page_type=story&_kpa_communities_tags=sarnia-courts&_kpa_main_category=local-news&_kpa_login_status=false&_kpa_paywall_whitelist=false&_kpa_wire_content=false&_kpa_word_count=448&_kpa_env=prod&_kpa_view_type=HTML&t_navigation_type=0&t_dns=68&t_tcp=53&t_http_request=-1&t_http_response=24&t_content_ready=333&t_window_load=3374&t_redirect=0&interchange_ran=false&userdata_was_requested=true&userdata_did_respond=true&store_user_after=ww6pc3ozh&_kurl_=https%3A%2F%2Ftheobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check&userdata_user=OhRU6U2r%2Cww6pc3ozh&sview=1&kplt0=41818&kplt1=42920&kplt2=42921&kplt3=42922&kplt4=44981&kplt5=45977&kplt6=46302&jsonp_requests=https%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2F42fb57ac-2013-45a6-8dad-332d53e17c1b%2C277%2Chttps%3A%2F%2Fbeacon.krxd.net%2Foptout_check%2C136%2Chttps%3A%2F%2Fcdn.krxd.net%2Fuserdata%2Fget%2C161%2Chttps%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2F42fb57ac-2013-45a6-8dad-332d53e17c1b%2C120
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.44.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-44-99.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:05 GMT
cache-control
private, no-cache, no-store
x-request-time
D=51 t=1638589985
x-served-by
beacon-n033-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
activeview
pagead2.googlesyndication.com/pcs/ Frame D432 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuBqxMD2sOs5I7FGt557T3NcQrm4o23roQGI6QP_uLcR080z_QXNKeNrGRX-XKySe_re7LIotGV01VDbY1DFQ6Od9Z1fbMih10zhPEBDDooRyPOHgXs&sig=Cg0ArKJSzNfB_1HQ34DEEAE&id=lidar2&mcvt=1027&p=1116,315,1366,1285&mtos=0,0,0,1027,1027&tos=0,0,0,1027,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=0.34&if=1&app=0&itpl=19&adk=3740308771&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638589984162&rpt=369&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9342 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021113001&jk=3249841735357916&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 391D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvUdWMsCxCarkjuzpgIkb5n4YKO2XfFdAzML1o5I2fl_2uSqjvdMYm6tgH92P1Km_NmA1rDnXKmaH5b7BohBgZRReCSz5_Cf8FdEp8Q73iv4v7TOTO4&sig=Cg0ArKJSzNOWhEU8akj0EAE&id=lidar2&mcvt=1013&p=108,650,358,950&mtos=1013,1013,1013,1013,1013&tos=1013,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=19&adk=101662019&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638589984155&rpt=434&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame AAB8 		21 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BfzkV0B1yYdbkMar1aGk5uHD-Pe8wVb85X-X-_ReFvy2JiVFnawthtMRhoAbhyl46kAZMPpngMEnczDYfmMjDBNx-mMQ&dbm_d=AKAmf-BU8cuZnX6w2JTRtUfj-YIQb0mLgQOsjmAUcGQTkWs9TecdBMHBdANOuyUves1LXxku8L42lZNStheZ0NtapIwPJUsQt4-JoJ7c3TGfkeAA4fBPdvSJuaZ158HgFzscApJ5j9HwJbpzht6dXQnQMTJ7oOkveW20gpNAH1yPJvgyyNsKMAIgRUk8F0pDf7-7UHpEBfp-96100J_LoHbvjWbAI0UWQ8rk6JKGFk91AonLiukhRKg0TubSxsmIfmwkbh6gH6VOb2UpWiAz_9OXN4-D7Jff8Pk6RjrydbPMJxWfEn2HDYy88Dr8oGgv0-WSQGL_Td3NHJqxso4xS3st5dzUTiMPecOnz8upQyXLcrjM1gslvHu5H46-G-cJCFY6d7ggRsWa6E-BUy2AJP19MDmPbuOJFgaF3iIEMDL51OPys95xFwmnG0DnaIP2jyjaHotwKK5QEPpPhRkTkXB96Z-FeVL7sABp7qdc9EyuxMI6zITm54fgsRsX7qYdu2sRay__lVDrUnZqUlSD2adZ_xe31DuJM7fqP3gk6G7N67Z6kFsbNz-tA68cgaFr8PSWamVWZW3juQKGlQSYGnVZxQh6aNXvd-m1oxKFpNWk_zMOmmtwsXcGGEvF0LpxCRBW-aazlnbroZpCrrjxlpI58vnsPBENG8q6mzYWbRSTDxSpxQZ_fSnBKAH-9Ib2hXKdGpAcfx2WuzMwNAR90T3U-kyhRVs3QoJovO3woCz_dphdz1yaPOFcFpU9XDyf9sO7KiGodOQd4PiUidQ18lBVMShIMt1bFAt32imz-7i4q_xiqqQflV4SXx9uuKKoKKC6NoXzXkjtazCn2qFNrqIfpCnmBfB4tQ0CX4BlPL2YDDNPC1bqEjuiKcbIdh5N-480fcjLSJD-mZj9PcURMZq8biyLanHT-PRAvjYEdh3Q7Cqo_3HL91L7-l2TZiIUdECu6Dv_KhiMe49a_zNLmRLqEIY0B1RFZbCOqYdZOv1TAET4S4Ql4cXiZ3gXoMRgGjd1ZU-YqMkUZIsHCo4P2Wkdsx3-kJmlJkPaa5IKbphDrROiNACw3BWtw5hpGpem4X5dQ_zVCVFo436rcu_SJjpVZdbcynk0iWN_tntPmKB1rUcEJaXzrmhL2mDUkqB0KWdoA9GnS_oZaWod2Ovl29rbaPpz17qTsDi0lCEzYHq4AM45JbaB0Mw8SeWs4RF-kDwdDd5xee-4yVp2Ml0k7aJ0D2KkGOVxmNxrI6YPPtGF8cFFRwXfdGTDKRmC8Ei9gQhbcxZGnaTPKGg3PWOWkMdGAgc3hLPTfbzE10EA4_rWjrJqkYNlK02YkCUj9E2xsd5mZQv8ezufpizPTJyIM0eQPH3RWG5zG_Qy_gcIn0Y-5Q2w_1qbhDjxZDiz_pyjQIX7SVIsL2UYbOA8T3DHb-PS7tfNxoLnxNAoavxli1QyRJshICUNqoFrhgIOHJiw-x0xcV0FnIBUyC3K_g9uP2DlRfJtIrAc-GVLMhW5S5AWpOBmS4fem0C6ra7Hi7qpwvB2WRM39yS5rFucOcSI7qnWxHrcVipSaAII0ltPaa9wXAz-hcc8En7fDyWbTyAZqFdiRxLHd6TBHOexuS2UmbuVBZbUG9O0Dw3mCeryEZOXqbcEIGIbtD1JGMKlvg1lqsaM40HfJriZopklUGM85TeegEErcgG2PhqmxcG3Zkh6NjSzKuiATyZhqwUDxQJGUkodNxeALG2QF2aZliR1c833927DFtEPiLCjBm062DaFkyavCe6vWDa_3cRNtbaLwURcILGEC_QEGo5N2b2YeVSJDePpGEqKuPsRdtU8Ek_LX41Lf4WzXh7RemKbjs2PT3wwUmB3wSjxl334r2Lbllu2unxwq9RVekYuGBBeCBNm1lPsCAWI-YXQEpSxOK5f6cdd452sfZgNcKN2Odhq-VvqOal5CXzb0Wxz1pbMCn1R4N3819JPr4l8jM1_QyBF2NEO7yplKZVPbKOyUF3qcJ1s472R6OXJqR3HnEJZxlIymZ7Nj2yPxvY8duaZAECwSyyK7Wwc-h7lO0-9GFjVxMquVMqucprCzbzTtiZV4h_CgOqkazJ10AZwXRS1vLrxoIwFh9mghi19PAG_dpii3P_VZnYT9ei8tU36OHaOuqyfgAb2MMCgji4OSbqhbTkLh1gUWwd5o2ErtkVdnpmRbd6SSyMnz2FHi2NUftB68R_1P2-iHFHhI6E3AIE9lLb_dr5ejHLFzEJz-FegaK3nrzxpIbsAzi5rWMwxACF2yadtn0fP71RRbPx5lhxy2ay2v1K-Oa1pE9e2udo-2rghhoR7Y-wgaeuvmjZJYFSAAHeEC4jB9eQAKCUXYN_KjGqnfScGHvnOl4qhIrfM4u8TjXxMjq7QahmHg0uH_MswOfdMf5qanjqGACV3Qx1PVHC8eb1WJ_Z1D_j7KNscXcYqt_bFWTrJk9vE_GCOzFA-U9sQ7I-LxftvLtdQrZI85CGrbaofV4QMvlh7d143H7w-ca2EMQoF7ych5T60bGgO2VZI2uCysPyfmqRdY_ZjHPnma_amByAlwZubZh42lvdmKF8oaLUvexrOhdfmJDLnXW657Efn2ir1HqE_yGRKTz1NHLCy_WPinEP3SBX32eB0IvL2pyJ1BcXawFWMysmwZw_cvm42a-ez2RV07kWZA9FLC__ngR0rFk2wQ_q5O8csy-Tr7KlO2hwO90SG2fSEfSDlmXvDsk4oIzLYhK-_mrz-DmWDFksFOkhWHX4j6fWHmQm1pt-MtNHgU4xFIdM_YG5xNlq1hRkKPD1aNdFfcy1J9QFqqOZGnxEoDTuINzakzAxbWhWOADYO3bYkTWud9myJuvqejbSK--6rmMWWsUlhALcMk5pC4qQHSJ5_TUlzmb522Uy-PPIbYk28dW-sUcCAwPurMq0L2DcX4PvyNMcA7ikWkWqSu9ayq0eoQE6frpTdG2ShPiw2sRxLDgLETDMD2GNI5CgaHcqt1zC9svh-YCh8alhJOrm-TmxtvDYiJ0NyupQN8XA8RDYdyLlUrHm4LEep39LtJkZgzdodMNkk1PCEU-0FCp5KCUNA1dZ1T-wFdtimdAxi0Jx2oVtFEH5DuWVvjjv24edq3yCC8DEIeCq3_9HjE6QyJP5Ox9AadS1AGa1WZPqMH-mu-nKAFZGApYCDX2435DSKaFfqiqKCWIKMZscDyobt1zBRmMC3WZE3-1lCez4J00RZvSB-sx0ubZhnn5naqYB61jkpAROXOCSQIX7EcBj0EJ5XBSh3Js7APaGFatT7WQ&cid=CAASEuRoq7_WRZJZquim5xzLhjlJIg&vpa=auto&vpmute=1&sdkv=h.3.490.0&osd=2&frm=2&vis=1&sdr=1&is_amp=0&hl=en&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&gdpr=0&sdki=44d&adk=517738578&sdk_apis=2%2C8&media_url=https%3A%2F%2Fc5x8i7c7.ssl.hwcdn.net%2Fvplayer-parallel%2F20210408_1900%2Fima_html5%2Fminimal.mp4&sid=976389F4-DA9F-4216-851A-68BCF68251E6&nel=0&url=https%3A%2F%2Fwww.theobserver.ca%2F&ref=https%3A%2F%2Fwww.theobserver.ca%2F&dt=1638589985616&ged=ve4_td2_tt1_pd2_la2000_er0.0.154.300_vi0.0.317.564_vp100_ts1_eb24427
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.112.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ga-in-f154.1e100.net
Software
cafe /
Resource Hash
658372a72d43162faaf90cadf3b6966a0f4e74b9c0932063b58d0826473a6b97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12722
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
lpsW2_ffPYTZ8rZJjb0UUxqN4MuIngUyqdH9Px88Rrc.js
pagead2.googlesyndication.com/bg/ Frame C9C7 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/lpsW2_ffPYTZ8rZJjb0UUxqN4MuIngUyqdH9Px88Rrc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
969b16dbf7df3d84d9f2b6498dbd14531a8de0cb889e0532a9d1fd3f1f3c46b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 15:20:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
304373
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13349
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 30 Nov 2022 15:20:12 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 877F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BCNWfIOaqYfWHIYaWowa3tZHoCQAAAAA4AeAEAg&bg=!qqmlqe3NAAaQHwIOkB87ACkAdvg8WrLfzEWuGJhI8MO33jNFVKL0NfzspnixQrfugqN1Al-ACt2kmQIAAAFdUgAAAB1oAQeZAxa1PPMcvW-DaQYZxDZS_qkS2dSCrNrVGzAS9a9s_-wR-iU1p_KFQln8KTiZpZDeniJWk04oWyJEdX94k5pvSgHnHH4hnstdJfZMMgbzfZc_EPW_bYJVTzk9kUFyOjMyuTQYFyabdABlgopIRJh204NpXfEd2HQYwr7u6G7VblPNT17TqwGwz3MuQ63iXt54RQt3p1-SV_syIFb_FYlJqkPlse_Nib9rlZwMjbo1kBdXngRna6sTo78LODQd9KuyVH_XAR_8vg4coJ6zB8U8xMvNMuFV9wg6n4SS3dJh5ao3d-uUbVqYbDVkOxBH_x7pc0h7e-RJEdYhj8yK2ftFmLrxzi0vNrnUI-UYf6bbflEPAru3V--15Kj7tGKQyGUbWte3NA9Fg6je2ifQQGm999onI6P_O8Yn6U2g_DzmFcdCHjxV-MRw8fpyj0vgsrILtOfusdFIwfMLFRmILfaJ55n27s9Mxy_lyX8yLsyXdP5UhWk2TjdGvrytYhxcgCRJzUjdn83KvvIMdClSN5nb5VnPlloK8Dv7giu2uDKUmKSN1b5pI3A5vLC1Jr8LyE7Q4TLzCbxffviwq4m21iB_K9tc8BwiVdIwLBAkC5A6FZ1LCCiQFwfxes88Iv9dHraLpc8fJfwaqtUMHWRRGIxAeJPb5G-Hx6Jnw5Nu2NI1qOoolLKPXfFkxKzuFYbtH3Rblo2Q3MacKcDnrjVIz_IuBmIFS5EqYiI9lMTHbZRsRVZ_VToSrQar_9Mcr68CpZTiHes5bwxWnN7gIJpKO-gIkefK_hOOSjz_mE-BwcwZe5LjXfaYXpjHG5u8s9bJU0N_5SwFtkqzoz7i53ZrPQoRZsruE4aYIvvQQdV5RSP48Q_nV6YSoly_lFUWzEBx9QIk943fWGOcIrSl2ZupjyosMMkIwe76qkikvsCLwTtD_U8nRkNz2Ntb7MlDW6EHpaUD28BidOEeptYjjw9_YfBGAh0InZ2zLpOiitRqCB3vOl32QxcHoB-qVun2f_WJlO-x9T0E19UeMFOK7Q4fFSZQ-FF776bDX2eg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EFF5 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BUnIaIOaqYZWRIZu3Ndi-k5AOAAAAADgB4AQC&bg=!nZ6lntrNAAaQHwIOkB87ACkAdvg8WvsHPaVE_L4eqLY_4yS0aYRCG-hb9TL1XXS8nmeW90HOs6FFswIAAAFbUgAAABFoAQeZAxRo5sQHRLr8LzI3C3Km1QBSyEgK3oAamE3sPqiWE2X0WopejkyKAdopyqHSbYLlUub74C1t_51iCTr4G2S9jHWsyHQDWKIwfvGvcUKlgxzOmQJ51e6gIQZXSMRXisBa57vvEX8QO6OS-Qipe3rSqjRvN6Np4ekje1jWvr0kOGgGYxy6nysxlNY6vjGKGtPkzuidfNjF8Thf8Bu6MEl8s50fcg0nlWC-Uy4op9l_Nsgmxis5d4iGK3DDtmwj6nr9nIPrVi4zjRIZLM3IU_2XpXWkrU79yzut6w3vN9oAJIih-rXkvGVBP-lOWgdRLhgtBaQma5fLPDktlrristP-SKAs3xTIeCL5AaIvCSuIKLE5BEoeopEaqJEktestnQjQ29aGpCHXFZhXGymX6SjHH2xl3MYqniRxyyo4UfCAoI6hUkmxzjGzd_zr1SXK87CcJcTUMkGWAjACTAa-E7AJ4TXVYX6ag7d3T31mHxiYe5Okvc2g85KGrq_TwKIm1rRUkTvh9KZGep6ksA2jW1Iik5siSB4szFxDa6shMuxspGlS3QVkpKbTvA_ZYqiiKUijIS99IB_edChEOFuPrMp5NieOu62NEZh_qVXb86dgRPo3RpYQfLhlaWg8pLaXBd-ozvZFi-_Ka0UrjY7lJGRtuiUcIV6ZBYkByRvIjp7AphLaiL-yvbwOilPAUrB30gN9kRAp6YmnlHcrTUwovXvzThCiBMD_yOdCIyQQKk0BNjqDW-pFSwfyMHHBRHOc9zPg9MsiU7A-7utFOSBFq-zyt5dvs7frImBEEz3i9dZLsE_cO8Zl1slwRG7Ekg7ulSUjNlA0NvEu7Hu92Sdqmdzbv-6Pm5qqrpPw81UYDAFmW_8a_KALG6YR2EDViMGkxyz0x36GCJQp7w7MfgR3K6gz2XYcSUpCKRNNClGdWRCtghl3Hqbt7kaAV9iwsXwX02aPXZQ42jCaViqVwucK8gBTSnJ2UZmZWlHn0jUB8K-WF6EQ_WM8x5FdE-JAxs1-o1_8fUPTo0Hp0sOSun4t_NANjTTB3TxyYQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 7BB1 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:05 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021113001&jk=3249841735357916&bg=!3d6l3prNAAaQHwIOkB87ACkAdvg8WpdB27300ZthDcj5f6OnmlUEd2g9ysAFj5TUZ_mpbNQErU_hsgIAAABqUgAAAA1oAQeZAsNG2bcUzVrPJcdQqfdEefRTRuoCfGnQjjcYqvT_EDQhvxojRGhPXV1yS2ovZQmH-ZPfwj-fZRJR_ofltL0wLeBjUe2DAr8kgFXpwy00CPVWkW0pdCw5mqy3nQRzmnlU7NGiw3LCklKUN2UBJz-8YHSkxLcuSm6-vrAQoGrHv0_JA51t5Iel_xzhYEvvMirBFx6i4tySYWYMQISSi5iAAgG0eTa2VWQ5X4LgX3-cwfKHsgm00SumMD6jWTvQXCJRrU28593C9GI7-uZrS8lkxlOVhcjJqxUnvyGqIcpShFphEDl-FFvTo968LqpDrZg9wtfp1de2tBTca_wJ-EUIMlyL-GD0xsLfOpNAUhgQL8fAbOFqnVkJZ3WNw2nLf0kEkGt4jESI9mc9qDo1AijokvRnKMSHqxpidUnLxB5PMnPwUOxjswrU_JPm8Z4D1VV0Sop-wIuKwHxTHA6yT3C3XKN3WdS9I1Uca8N3qlNsAWtjDEx8QO8Mv-5TO1fca3Z-u_tdb9hla4np3UY3IF211N3Jb6ArT2MgLw1-7ZdMNCB8qbnOktlvrt2SKRs6M_es-Jt2sUQO1AJ-aNh1zllBQJKgo7otP6TGL4-SNKWcKILPnd8YlZQx4_c94An-EL-ZSGybxiUwpf96k9M_WvlLpe-iATHZ4lvVEGZYN-__4fdzozW76Os6KucTM0laFlSJzT-Eb7GLnD2SF1rNVNlv4qoSG4TIawQ-1dhIJkywTGkLJOSi8cTnz1mMdLe5BJVmRT1dsD1HODEmi-8M_xlgjOJUjJ0Hcy_jYu5rSBAl-8b4og4VavjVP-8W3_UUf7EBZdKhqualLXG0YDrNbRV68me_cJla6HtDdah2kTxdl0ZqgXW8VEC3XLL5h768VnvBZQyTysGALjpfTJRq1PsUmflneOTohXpJB75JbzQKTzCn7lcGTQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame B7AB 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=dd5956ee-158c-50e8-af83-2e64ba7508de&tv=%7Bc:vNrO7V,pingTime:1,time:1421,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:320%7D,%7Bpiv:0,vs:o,r:l,t:368%7D,%7Bpiv:100,vs:i,r:,t:414%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1007,o:414,n:368,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:320,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B56~1,0~0%5D,as:%5B56~300.250%5D%7D%7D,%7Bsl:o,t:368,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B46~0%5D,as:%5B46~300.250%5D%7D%7D,%7Bsl:i,t:414,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1007~100%5D,as:%5B1007~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:127,fm:sQAQAjM+11%7C12%7C13%7C1411%7C14121%7C14122%7C14123%7C1413%7C1414%7C1415%7C1416%7C1417%7C1418%7C1419%7C15%7C16%7C17%7C18%7C19*.928934%7C191%7C192%7C1a.928934%7C1a1%7C1a2%7C1a3%7C1b1%7C1b2,idMap:19*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.215.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-215-112.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:05 GMT
x-server-name
dt05.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame B7AB 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=dd5956ee-158c-50e8-af83-2e64ba7508de&tv=%7Bc:vNrO7W,pingTime:1,time:1422,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:320%7D,%7Bpiv:0,vs:o,r:l,t:368%7D,%7Bpiv:100,vs:i,r:,t:414%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1008,o:414,n:368,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:320,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B56~1,0~0%5D,as:%5B56~300.250%5D%7D%7D,%7Bsl:o,t:368,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B46~0%5D,as:%5B46~300.250%5D%7D%7D,%7Bsl:i,t:414,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1008~100%5D,as:%5B1008~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:127,fm:sQAQAjM+11%7C12%7C13%7C1411%7C14121%7C14122%7C14123%7C1413%7C1414%7C1415%7C1416%7C1417%7C1418%7C1419%7C15%7C16%7C17%7C18%7C19*.928934%7C191%7C192%7C1a.928934%7C1a1%7C1a2%7C1a3%7C1b1%7C1b2,idMap:19*,rmeas:1,rend:1,renddet:DIV.qs.sn,metricId:publ1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.215.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-215-112.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:05 GMT
x-server-name
dt03.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame B7AB 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=dd5956ee-158c-50e8-af83-2e64ba7508de&tv=%7Bc:vNrO7W,pingTime:1,time:1422,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:320%7D,%7Bpiv:0,vs:o,r:l,t:368%7D,%7Bpiv:100,vs:i,r:,t:414%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1008,o:414,n:368,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:320,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B56~1,0~0%5D,as:%5B56~300.250%5D%7D%7D,%7Bsl:o,t:368,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B46~0%5D,as:%5B46~300.250%5D%7D%7D,%7Bsl:i,t:414,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1008~100%5D,as:%5B1008~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:127,fm:sQAQAjM+11%7C12%7C13%7C1411%7C14121%7C14122%7C14123%7C1413%7C1414%7C1415%7C1416%7C1417%7C1418%7C1419%7C15%7C16%7C17%7C18%7C19*.928934%7C191%7C192%7C1a.928934%7C1a1%7C1a2%7C1a3%7C1b1%7C1b2,idMap:19*,rmeas:1,rend:1,renddet:DIV.qs.sn,metricId:grpm1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.215.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-215-112.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:05 GMT
x-server-name
dt02.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame D15D 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=fad9fe0b-fe1b-8d80-b2a2-7103d9432bfe&tv=%7Bc:vNrO7Y,pingTime:1,time:1428,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:970,h:250,t:293%7D,%7Bpiv:0,vs:o,r:l,t:364%7D,%7Bpiv:34,vs:pp,r:,t:420%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:420,n:364,pp:1008,pm:0%7D,slEvents:%5B%7Bsl:n,t:292,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B89~1,0~0%5D,as:%5B89~970.250%5D%7D%7D,%7Bsl:o,t:364,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B56~0%5D,as:%5B56~970.250%5D%7D%7D,%7Bsl:pp,t:420,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:34,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1008~30%5D,as:%5B1008~970.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:68,fm:sQAQAjM+11%7C12%7C13%7C1411%7C14121%7C14122%7C14123%7C1413%7C1414%7C1415%7C1416%7C1417%7C1418%7C1419%7C15%7C16%7C17%7C18%7C19.928934%7C191%7C192%7C1a*.928934%7C1a1%7C1a2%7C1b1%7C1b2,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.215.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-215-112.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:05 GMT
x-server-name
dt04.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame D15D 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=fad9fe0b-fe1b-8d80-b2a2-7103d9432bfe&tv=%7Bc:vNrO7Y,pingTime:1,time:1428,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:970,h:250,t:293%7D,%7Bpiv:0,vs:o,r:l,t:364%7D,%7Bpiv:34,vs:pp,r:,t:420%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:420,n:364,pp:1008,pm:0%7D,slEvents:%5B%7Bsl:n,t:292,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B89~1,0~0%5D,as:%5B89~970.250%5D%7D%7D,%7Bsl:o,t:364,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B56~0%5D,as:%5B56~970.250%5D%7D%7D,%7Bsl:pp,t:420,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:34,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1008~30%5D,as:%5B1008~970.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:68,fm:sQAQAjM+11%7C12%7C13%7C1411%7C14121%7C14122%7C14123%7C1413%7C1414%7C1415%7C1416%7C1417%7C1418%7C1419%7C15%7C16%7C17%7C18%7C19.928934%7C191%7C192%7C1a*.928934%7C1a1%7C1a2%7C1b1%7C1b2,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn,metricId:publ1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.215.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-215-112.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:05 GMT
x-server-name
dt06.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
vast
vast.doubleverify.com/v3/ Frame AAB8 		18 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vast.doubleverify.com/v3/vast?_media=3&ctx=16604586&cmp=26735762&sid=4450143&plc=319372882&adsrv=166&blk=1&psf=1&_vast=https://ad.doubleclick.net/ddm/pfadx/N232601.125865GOOGLECANADA0/B26735762.319372882%3Bsz%3D0x0%3Bord%3D%5Btimestamp%5D%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bdcmt%3Dtext/xml%3Bdc_sdkv%3Dh.3.490.0%3Bdc_osd%3D2%3Bdc_frm%3D2%3Bdc_adk%3D517738578%3Bdc_sdr%3D1%3Bdc_ref%3Dhttps://www.theobserver.ca/%3Bdc_vast%3D4%3Bnel%3D0%3Bdc_ves%3DdGltZXN0YW1wOiAxNjM4NTg5OTg1NzcxCg%3Bdc_cid%3D161204881%3Bdc_adid%3D512228999%3Bdc_vpaid%3D0%3B&_api=2,8&_ssm=0&_tsm=2021-12-04T03%3A53%3A05.829Z&gdpr=0&gdpr_consent=&_abm=-1&_pum=https%3A%2F%2Fwww.theobserver.ca%2F&turl=https://www.theobserver.ca/&aubndl=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.189.49.44 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e08bf45f56ce3bcf2289537cae2a1e55b6735eaf96fff69ea54b8aaebfdecee7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:05 GMT
content-encoding
br
vary
origin, accept-encoding
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
accept-ranges
none
timing-allow-origin
https://vpaid.doubleverify.com
link
<//cdn.doubleverify.com>; rel=preconnect; pr=1.0, <//rtb0.doubleverify.com>; rel=preconnect; pr=1.0, <//tps.doubleverify.com>; rel=preconnect; pr=1.0, <https://vpaid.doubleverify.com>; rel=preconnect, <https://gcdn.2mdn.net>; rel=preconnect, <https://vtrk.doubleverify.com>; rel=preconnect
expires
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 82D1 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssixXnU79EC-CLGiVjsWTITZpv3i4kZ3HUr_80CHE6UvqBde9BUBv73B9lNYVyhZA10xEMbf-9aEEelfiddsD1KTmz5vjnh&sig=Cg0ArKJSzFYFzCYa_wrFEAE&id=lidar2&mcvt=1003&p=0,0,250,970&mtos=0,0,0,1003,1003&tos=0,0,0,1003,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=0.34&if=1&app=0&itpl=33&adk=1224509250&rs=6&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638589984457&rpt=441&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 167B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvs_F9FLs88I-QvwkmzXzKBE3hIXqi2T5ibCemZ-TspyRrKnWa6UwaxXpEkvLzP2MeEM14yoRt3246apotAQixE-Qo1WzHa&sig=Cg0ArKJSzP9kKJBn_Q-iEAE&id=lidar2&mcvt=1001&p=0,0,250,300&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=34&adk=3183312129&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638589984452&rpt=615&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame AAB8 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kwra6478&c=3984276159555&slotId=1992138079777.5&qqid=CNOc_K-fyfQCFRgEwwodpR0IZg&gqid=IeaqYYeGBsmrjAa5grUQ&fb=ima_html5-lima&sdkv=h.3.490.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&wta=1&vmfc=1&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:06 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame AAB8 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C5VVpIeaqYZOICJiIjAalu6CwBqrus79m34usofcOm8eys8AiEAEg0JWkF2D96KKB8APIAQWpAgjmwTgoIKo-qAMByAMTmAQAqgSVAk_QPlSbrplREq3n1rKu2xOBOOHDKqP7VUSQ31Qet9jt50OmEbR8HkAJSTAlA1vHaj_J7mUDoXfHjbHwcOJMJAJrxXEFHDSGHcipDRkauF5r8yykrtotw9F9WUvzSKC_AqTxDLUxKtszrV4Qa1oz6zEkrVkcWYgUyYNyNA1bS2hsI5soTSKLPakjIVbshQkYtJaSn43GqzBthmW2Ea0O-Fi4zmnodIYDBsdOt6f1SbfKs6QfqcGnaUIAQn9l36B-H6fMCQUAs1S77KEjpVkf1ZkakhbeKlNr8ZofmeZoonAuWQBCjSo7Uum1ViY-2wEhYhNwaPmMlcWKavnmOQNchCRNkGUOp_pYqL3f5ZgfufRUQdwGuo7ABJm_vObaA-AEA5AGAaAGToAH1fuk_wKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBsBOO8Z4N0BMA2BMDiBQB2BQB0BUBgBcB&sigh=r8lmSlwdgzs&label=video_ad_loaded&acvw=[VIEWABILITY]&sdkv=h.3.490.0&vci=[CREATIVE_PLAYBACK]
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
loader.js
imasdk.googleapis.com/js/sdkloader/ Frame 128C 		52 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/loader.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
655c7648ff1f548347a176a58c150bcb924837f0d879b9b37c32dd647937b68c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://c5x8i7c7.ssl.hwcdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:48:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
290
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18620
x-xss-protection
0
last-modified
Tue, 30 Nov 2021 18:03:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=900
accept-ranges
bytes
expires
Sat, 04 Dec 2021 04:03:16 GMT
1.gif
i.jsrdn.com/i/ 		42 B
392 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=7asg&k=ZQl3aAlhCTI5MDEJZAl1cy1lYXN0LTFlCWgJaS0wYjlkNDZmZmUxNmQ1M2M0Ygl1CTZjMTQxZjA0LTYwOWItNGIwMS1hOTUwLTMwMTU1ZWVjNTg1MAl2CTljZmQzYzhhLTAyZjEtNDJiNi05YjVjLTg3YWE4ZmIyMGFhOAl2bAkyMDIxMTIwNC4wMzAwCXZ0CTIwMjExMjA0LjAzMDAJdnMJMjAyMTA1MDUJdmMJMjAyMTAxMjUJc3QJMjAyMTEyMDQuMDM1MzAzCWkJYWViODE3ODktZGY2ZS00NWNhLTlmMjUtNTU5MzI0MmRlMmYzCWYJaHR0cHM6Ly93d3cudGhlb2JzZXJ2ZXIuY2EvbmV3cy9sb2NhbC1uZXdzL2p1ZGdlLXNlZWtzLXJlaGFiLWNoZWNrCXEJMTdhZmQwYzYtZGNkNy00NWRiLThkNTMtNTcyMmIyMzhjZjkxCW0JMjIzNDIJYgk0MzMJZwk5NDMJdAk1MzIxCWMJNTM3NglsCTE0OTQ1CXoJMTQxNDEJcwk1Nzk2CXAJMjI1MDcJdwluZXdzCWNzCUlBQjEyCWN6CQlnYwlDQQlncglRQwlnZAkwCWduCWZhbHNlCW5lCWltCW5kCWltCXNkCXRoZW9ic2VydmVyLmNhCXNlCTYyNDMxOTcwMDkJbWMJMzA4MQluZglpdglxcAk1MAlxdAkyNTAwCXBuCTM3ODUJdm4JMTQ2MzkxOAl2cAkxCXZnCXByCWNpCTU3ZmMyNDI5LTE3ZDQtMDA2Ni1iMGU4LTliMTAzZjA4MDYyZgljcAl0cAl2dgkyMDIxMDQwOF8xOTAwOmltYV9odG1sNTozLjQ5MC4wCXd0CTYzNA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.221.224.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-224-161.compute-1.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Dec 2021 03:53:06 GMT
Server
Apache
P3P
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
Cache-Control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Mon, 26 Jul 1997 05:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame AAB8 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C5VVpIeaqYZOICJiIjAalu6CwBqrus79m34usofcOm8eys8AiEAEg0JWkF2D96KKB8APIAQWpAgjmwTgoIKo-qAMByAMTmAQAqgSVAk_QPlSbrplREq3n1rKu2xOBOOHDKqP7VUSQ31Qet9jt50OmEbR8HkAJSTAlA1vHaj_J7mUDoXfHjbHwcOJMJAJrxXEFHDSGHcipDRkauF5r8yykrtotw9F9WUvzSKC_AqTxDLUxKtszrV4Qa1oz6zEkrVkcWYgUyYNyNA1bS2hsI5soTSKLPakjIVbshQkYtJaSn43GqzBthmW2Ea0O-Fi4zmnodIYDBsdOt6f1SbfKs6QfqcGnaUIAQn9l36B-H6fMCQUAs1S77KEjpVkf1ZkakhbeKlNr8ZofmeZoonAuWQBCjSo7Uum1ViY-2wEhYhNwaPmMlcWKavnmOQNchCRNkGUOp_pYqL3f5ZgfufRUQdwGuo7ABJm_vObaA-AEA5AGAaAGToAH1fuk_wKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBsBOO8Z4N0BMA2BMDiBQB2BQB0BUBgBcB&sigh=r8lmSlwdgzs&label=show_ad&acvw=[VIEWABILITY]&sdkv=h.3.490.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1NjEwMTI4ODc3NDBA9gMKOQgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MTIyMjg5OTkyCTE2MTIwNDg4MUDRAQpZCAESFXZhc3QuZG91YmxldmVyaWZ5LmNvbRoDRENNIAQqCTUxMjIyODk5OTIJMTYxMjA0ODgxQJMDUh4lAABwQSgBOgsxNjEyMDQ4ODEtMUIER0RDTVAAYAEYAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame AAB8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=Ciq9cIeaqYZOICJiIjAalu6CwBqrus79m34usofcOm8eys8AiEAEg0JWkF2D96KKB8APIAQWpAgjmwTgoIKo-qAMBmAQAqgSSAk_QPlSbrplREq3n1rKu2xOBOOHDKqP7VUSQ31Qet9jt50OmEbR8HkAJSTAlA1vHaj_J7mUDoXfHjbHwcOJMJAJrxXEFHDSGHcipDRkauF5r8yykrtotw9F9WUvzSKC_AqTxDLUxKtszrV4Qa1oz6zEkrVkcWYgUyYNyNA1bS2hsI5soTSKLPakjIVbshQkYtJaSn43GqzBthmW2Ea0O-Fi4zmnodIYDBsdOt6f1SbfKs6QfqcGnaUIAQn9l36B-H6fMCQUAs1S77KEjpVkf1ZkakhbeKlNr8cIeAxP7MDa8vovD3o66CWY8c6m3jKS8PbbFeOSGRcyjchR2qCbTL-xZvn2RGn8HDQIf8bQHXErNEnjABJm_vObaA-AEA4gF_YaD3DiSBQYIAxABGAGSBQYIGxABGAGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBk6AB9X7pP8CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBw0QrKzlBRiV0PS6ASAE0ggHCIBhEAEYHYAKA8gLAbATjvGeDcgT3eLk3gPQEwDYEwOIFAHYFAHQFQGAFwGyFx4KHAgAEhRwdWItNTYxMTA1MzY2MjYxMzM5MBjN9RE&sigh=NVZlHcVShtY&cmd=Ch1jYS12aWRlby1wdWItNTYxMTA1MzY2MjYxMzM5MBAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&cid=CAQSOwCNIrLM8QqtQglU8xkR4e6RLNMzUl21_i0yu4-YOKh5Ffyv-fORXVDwMuZOiBdClehBbjXf0JpAAva8&vt=10&sdkv=h.3.490.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1NjEwMTI4ODc3NDBA9gMKOQgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MTIyMjg5OTkyCTE2MTIwNDg4MUDRAQpZCAESFXZhc3QuZG91YmxldmVyaWZ5LmNvbRoDRENNIAQqCTUxMjIyODk5OTIJMTYxMjA0ODgxQJMDUh4lAABwQSgBOgsxNjEyMDQ4ODEtMUIER0RDTVAAYAEYAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
vpaid-transformer-no-csw.js
vpaid.doubleverify.com/js/vpaid-transformer/0.21.11/ Frame 128C 		150 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.doubleverify.com/js/vpaid-transformer/0.21.11/vpaid-transformer-no-csw.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.8.18 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
1c07a6d8b9bdea1e19dbc16b478e4af7e4945c5fc4b3d6f67d21b7391825167f

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://c5x8i7c7.ssl.hwcdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:06 GMT
content-encoding
gzip
last-modified
Tue, 12 Oct 2021 11:39:28 GMT
server
NetDNA-cache/2.2
x-amz-request-id
V289R7M6N0FTST7R
etag
W/"22b6596e9563664050d1ced56ffb3498"
x-cache
HIT
x-amz-version-id
OIioV8GYB4FApfWX1hQ9HzKdKXJCwDkm
cache-control
public, max-age=86400
content-type
application/javascript
x-amz-id-2
qI/3n+OhCN+2dnknlKVxEDFqXJPQn7vAJT5P+c60oAXv4luwIRawIVLm/GVNKH7WObTOvvnJU7U=
/
vtrk.doubleverify.com/ Frame 128C 		0
188 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://vtrk.doubleverify.com/?v=1&t=event&tid=ZW-12000000&cid=e0f73906-3b47-4e5d-a882-51bcf32572a2&ec=vpaid&ea=load%2F10&cd100=normal&cd101=vast&cd102=src&cd103=https%3A%2F%2Fgcdn.2mdn.net%2Fvideoplayback%2Fid%2F66199ea1b96022d7%2Fitag%2F18%2Fsource%2Fdoubleclick_dmm%2Fctier%2FL%2Facao%2Fyes%2Fip%2F0.0.0.0%2Fipbits%2F0%2Fexpire%2F3781005170%2Fsparams%2Fid%2Citag%2Csource%2Cctier%2Cacao%2Cip%2Cipbits%2Cexpire%2Fsignature%2F2F134F6F9F7F7E58D2964C57D622DA9DEAC330C5.111A27796E067BCBDF71D14E51A0A3620E87647%2Fkey%2Fck2%2Ffile%2Ffile.mp4&cd104=video%2Fmp4&cd105=vpaid-transformer%400.21.11%2Bjs&cd107=complete&cd111=inline&cd112=unwrapped&cd117=2&cd137=YNNY&cd138=1&cd139=1&cd140=NNNNN&cd170=166&cd171=c5x8i7c7.ssl.hwcdn.net&cd182=vpaid-transformer%400.21.11&cd188=fra1&cd189=droplet&cd190=16604586&cd191=26735762&cd192=4450143&cd193=319372882&cd195=1&cd196=3&cm91=0&cm92=0&cm94=189&cm95=189&cm100=564&cm101=317&cm104=-2&cm105=640&cm106=360&cm107=404&cm108=-1&cm109=10240&cm110=2&cm111=2&cm112=564&cm113=317&cm114=1&cm115=30&cm116=9&cm167=15&cm180=2&z=16385899864609013690
Requested by
Host: vpaid.doubleverify.com
URL: https://vpaid.doubleverify.com/js/vpaid-transformer/0.21.11/vpaid-transformer-no-csw.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.23.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-23-102.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://c5x8i7c7.ssl.hwcdn.net/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://c5x8i7c7.ssl.hwcdn.net
date
Sat, 04 Dec 2021 03:53:06 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
/
vtrk.doubleverify.com/ Frame 128C 		0
187 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://vtrk.doubleverify.com/?v=1&t=event&tid=ZW-12000000&cid=e0f73906-3b47-4e5d-a882-51bcf32572a2&ec=vpaid&ea=initAd%2F10&cd101=vast&cd102=src&cd105=vpaid-transformer%400.21.11%2Bjs&cd107=complete&cd111=inline&cd112=unwrapped&cd117=2&cd140=NNNNN&cd170=166&cd171=c5x8i7c7.ssl.hwcdn.net&cd182=vpaid-transformer%400.21.11&cd188=fra1&cd189=droplet&cd190=16604586&cd191=26735762&cd192=4450143&cd193=319372882&cd195=1&cd196=3&cm100=-2&cm101=-2&cm104=-2&cm109=10240&cm110=4&cm111=2&cm114=1&cm115=30&cm116=9&cm167=-2&cm180=2&cm181=2&z=16385899864624442707
Requested by
Host: vpaid.doubleverify.com
URL: https://vpaid.doubleverify.com/js/vpaid-transformer/0.21.11/vpaid-transformer-no-csw.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.23.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-23-102.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://c5x8i7c7.ssl.hwcdn.net/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://c5x8i7c7.ssl.hwcdn.net
date
Sat, 04 Dec 2021 03:53:06 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
dvbs_src.js
cdn.doubleverify.com/ Frame 128C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=16604586&cmp=26735762&sid=4450143&plc=319372882&crt=161204881&dup=e0f73906-3b47-4e5d-a882-51bcf32572a2&adsrv=166&tagtype=video&apifw=2%2C8&app=-1&aubndl=&blk=1&dvp_blk=1&dvp_pgurl=https%3A%2F%2Fwww.theobserver.ca%2F&dvp_psfst=ack&dvp_psfts=1638589985955&dvp_scripthashproxy=1&dvp_zjsver=0.21.11&dvtagver=dvot_0.8.49_b8310e9&gdpr=0&msrapi=jsVpaid&scripthash=1&turl=https%3A%2F%2Fwww.theobserver.ca%2F&vssd=0&vstvr=4.0-i&tagformat=2&adid=cb_kwra65cq30546689&DVP_DCB=cb_kwra65cu3b8af26b
Requested by
Host: vpaid.doubleverify.com
URL: https://vpaid.doubleverify.com/js/vpaid-transformer/0.21.11/vpaid-transformer-no-csw.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:58c::4469 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
44216edbcf372158d065f2c7062712c9c829648c355066e7cd14242843005d81

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://c5x8i7c7.ssl.hwcdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 04 Dec 2021 03:53:06 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Nov 2021 13:07:12 GMT
Server
Microsoft-IIS/10.0
ETag
"e066f48b4dbd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1168
truncated
/ Frame A8A1 		80 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3794d04c8283549cdb9bafa85354e9decf3c5f3a9fae1609b05ac56110a55f2e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
file.mp4
r1---sn-ab5sznlk.c.2mdn.net/videoplayback/id/66199ea1b96022d7/itag/18/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3781005170/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mi... Frame A8A1
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/66199ea1b96022d7/itag/18/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3781005170/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/sign...
  • https://r1---sn-ab5sznlk.c.2mdn.net/videoplayback/id/66199ea1b96022d7/itag/18/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3781005170/sparams/acao,ctier,expire,id,ip,ipbits,it...
134 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r1---sn-ab5sznlk.c.2mdn.net/videoplayback/id/66199ea1b96022d7/itag/18/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3781005170/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/628CD0191CADDF9EFBD646F65E4090DDF786909D.54599E607FACAE67839DC920EBCDC297C13305D0/key/cms1/cms_redirect/yes/mh/Hc/mip/2a0d:5600:9:4b00:c3::1/mm/42/mn/sn-ab5sznlk/ms/onc/mt/1638589599/mv/u/mvi/1/pl/49/file/file.mp4
Protocol
HTTP/1.1
Server
2607:f8b0:4006:3d::6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://c5x8i7c7.ssl.hwcdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 04 Dec 2021 03:53:06 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 10 Nov 2021 15:12:49 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-1127612/1127613
Cache-Control
private, max-age=86400
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
1127613
Expires
Sat, 04 Dec 2021 03:53:06 GMT

Redirect headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:06 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r1---sn-ab5sznlk.c.2mdn.net/videoplayback/id/66199ea1b96022d7/itag/18/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3781005170/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/628CD0191CADDF9EFBD646F65E4090DDF786909D.54599E607FACAE67839DC920EBCDC297C13305D0/key/cms1/cms_redirect/yes/mh/Hc/mip/2a0d:5600:9:4b00:c3::1/mm/42/mn/sn-ab5sznlk/ms/onc/mt/1638589599/mv/u/mvi/1/pl/49/file/file.mp4
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
653
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvbs_src_internal100.js
cdn.doubleverify.com/ Frame 128C 		56 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal100.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=16604586&cmp=26735762&sid=4450143&plc=319372882&crt=161204881&dup=e0f73906-3b47-4e5d-a882-51bcf32572a2&adsrv=166&tagtype=video&apifw=2%2C8&app=-1&aubndl=&blk=1&dvp_blk=1&dvp_pgurl=https%3A%2F%2Fwww.theobserver.ca%2F&dvp_psfst=ack&dvp_psfts=1638589985955&dvp_scripthashproxy=1&dvp_zjsver=0.21.11&dvtagver=dvot_0.8.49_b8310e9&gdpr=0&msrapi=jsVpaid&scripthash=1&turl=https%3A%2F%2Fwww.theobserver.ca%2F&vssd=0&vstvr=4.0-i&tagformat=2&adid=cb_kwra65cq30546689&DVP_DCB=cb_kwra65cu3b8af26b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:58c::4469 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
49a070133915e05e9b7723d25d8f07b12dda78f7d89c5334176329b5dc8019a6

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://c5x8i7c7.ssl.hwcdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 04 Dec 2021 03:53:06 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Nov 2021 13:07:26 GMT
Server
Microsoft-IIS/10.0
ETag
"0fb3411b4dbd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18242
/
vtrk.doubleverify.com/ Frame 128C 		0
187 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://vtrk.doubleverify.com/?v=1&t=event&tid=ZW-12000000&cid=e0f73906-3b47-4e5d-a882-51bcf32572a2&ec=vpaid&ea=timing&cd91=dvbs-boot&cd100=normal&cd101=vast&cd102=src&cd103=https%3A%2F%2Fgcdn.2mdn.net%2Fvideoplayback%2Fid%2F66199ea1b96022d7%2Fitag%2F18%2Fsource%2Fdoubleclick_dmm%2Fctier%2FL%2Facao%2Fyes%2Fip%2F0.0.0.0%2Fipbits%2F0%2Fexpire%2F3781005170%2Fsparams%2Fid%2Citag%2Csource%2Cctier%2Cacao%2Cip%2Cipbits%2Cexpire%2Fsignature%2F2F134F6F9F7F7E58D2964C57D622DA9DEAC330C5.111A27796E067BCBDF71D14E51A0A3620E87647%2Fkey%2Fck2%2Ffile%2Ffile.mp4&cd104=video%2Fmp4&cd105=vpaid-transformer%400.21.11%2Bjs&cd107=complete&cd111=inline&cd112=unwrapped&cd117=2&cd137=YNNY&cd138=1&cd139=1&cd140=NNNNN&cd170=166&cd171=c5x8i7c7.ssl.hwcdn.net&cd182=vpaid-transformer%400.21.11&cd188=fra1&cd189=droplet&cd190=16604586&cd191=26735762&cd192=4450143&cd193=319372882&cd195=1&cd196=3&cm91=31&cm92=53&cm94=1&cm95=27&cm100=564&cm101=317&cm104=-2&cm105=640&cm106=360&cm107=404&cm108=-1&cm109=10240&cm110=124&cm111=114&cm112=564&cm113=317&cm114=1&cm115=30&cm116=9&cm117=13&cm119=14&cm167=15&cm180=2&cm181=2&z=16385899865766522357
Requested by
Host: vpaid.doubleverify.com
URL: https://vpaid.doubleverify.com/js/vpaid-transformer/0.21.11/vpaid-transformer-no-csw.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.23.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-23-102.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://c5x8i7c7.ssl.hwcdn.net/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://c5x8i7c7.ssl.hwcdn.net
date
Sat, 04 Dec 2021 03:53:06 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
verify.js
rtb0.doubleverify.com/ Frame 128C 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_117074140367&jsTagObjCallback=__tagObject_callback_117074140367&num=6&ctx=16604586&cmp=26735762&plc=319372882&sid=4450143&advid=&adsrv=166&unit=&isdvvid=&uid=117074140367&tagtype=video&adID=cb_kwra65cq30546689&app=-1&sup=&isovv=0&gmnpo=&crt=161204881&vssd=0&apifw=2%2C8&vstvr=4.0-i&dvp_strhd=0.20&dvpx_strhd=0.20&brid=3&brver=96&bridua=3&dup=e0f73906-3b47-4e5d-a882-51bcf32572a2&turl=https%3A%2F%2Fwww.theobserver.ca%2F&tagformat=2&chro=1&hist=2&winh=317&winw=564&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=2&htmlmsging=1&dvp_blk=1&dvp_pgurl=https%3A%2F%2Fwww.theobserver.ca%2F&dvp_psfst=ack&dvp_psfts=1638589985955&dvp_scripthashproxy=1&dvp_zjsver=0.21.11&DVP_DCB=cb_kwra65cu3b8af26b&dvp_isBodyExistOnLoad=1&dvp_isOnHead=1&gdpr=0&m1=13&noc=4&fcifrms=13&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=148&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5DE96%403D6CG6C%5D42TauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DE96%403D6CG6C%5D42Tar9EEADTbpTauTau4dIg%3Af4f%5DDD%3D%5D9H45%3F%5D%3F6ETar9EEADTbpTauTau4dIg%3Af4f%5DDD%3D%5D9H45%3F%5D%3F6E&dvp_exetime=6.20&aubndl=&dvtagver=dvot_0.8.49_b8310e9&msrapi=jsVpaid&scripthash=1&callbackName=__verify_callback_117074140367&cbust=1638589986623780
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal100.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.154.111.105 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
nycp-hlb02.doubleverify.com
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
f01513c27bd5b4e154b2bb921556072951b536703e8be05eefb3c58a4f0cf44b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://c5x8i7c7.ssl.hwcdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
X-DV-Response
1
Content-Encoding
gzip
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Date
Sat, 04 Dec 2021 03:53:06 GMT
Expires
12/3/2021 3:53:06 AM
/
vtrk.doubleverify.com/ Frame 128C 		0
187 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://vtrk.doubleverify.com/?v=1&t=event&tid=ZW-12000000&cid=e0f73906-3b47-4e5d-a882-51bcf32572a2&ec=vpaid&ea=timing&cd91=dvbs-src&cd100=normal&cd101=vast&cd102=src&cd103=https%3A%2F%2Fgcdn.2mdn.net%2Fvideoplayback%2Fid%2F66199ea1b96022d7%2Fitag%2F18%2Fsource%2Fdoubleclick_dmm%2Fctier%2FL%2Facao%2Fyes%2Fip%2F0.0.0.0%2Fipbits%2F0%2Fexpire%2F3781005170%2Fsparams%2Fid%2Citag%2Csource%2Cctier%2Cacao%2Cip%2Cipbits%2Cexpire%2Fsignature%2F2F134F6F9F7F7E58D2964C57D622DA9DEAC330C5.111A27796E067BCBDF71D14E51A0A3620E87647%2Fkey%2Fck2%2Ffile%2Ffile.mp4&cd104=video%2Fmp4&cd105=vpaid-transformer%400.21.11%2Bjs&cd107=complete&cd111=inline&cd112=unwrapped&cd117=2&cd137=YNNY&cd138=1&cd139=1&cd140=NNNNN&cd170=166&cd171=c5x8i7c7.ssl.hwcdn.net&cd182=vpaid-transformer%400.21.11&cd188=fra1&cd189=droplet&cd190=16604586&cd191=26735762&cd192=4450143&cd193=319372882&cd195=1&cd196=3&cm91=0&cm92=0&cm94=363&cm95=363&cm100=564&cm101=317&cm104=-2&cm105=640&cm106=360&cm107=404&cm108=-1&cm109=10240&cm110=261&cm111=137&cm112=564&cm113=317&cm114=1&cm115=30&cm116=9&cm117=13&cm119=14&cm167=15&cm180=2&cm181=2&z=16385899867131169438
Requested by
Host: vpaid.doubleverify.com
URL: https://vpaid.doubleverify.com/js/vpaid-transformer/0.21.11/vpaid-transformer-no-csw.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.23.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-23-102.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://c5x8i7c7.ssl.hwcdn.net/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://c5x8i7c7.ssl.hwcdn.net
date
Sat, 04 Dec 2021 03:53:06 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
bsevent.gif
tps607.doubleverify.com/ Frame 128C 		0
0
bsevent.gif
tps607.doubleverify.com/ Frame 128C 		0
0
bsevent.gif
tps607.doubleverify.com/ Frame 128C 		0
0
/
vtrk.doubleverify.com/ Frame 128C 		0
0
bsevent.gif
tps607.doubleverify.com/ Frame 128C 		0
0
bsevent.gif
tps607.doubleverify.com/ Frame 128C 		0
0
/
vtrk.doubleverify.com/ Frame 128C 		0
0
/
vtrk.doubleverify.com/ Frame 128C 		0
0
/
googleads.g.doubleclick.net/pagead/interaction/ Frame AAB8 		0
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame AAB8 		0
0
/
vtrk.doubleverify.com/ Frame AAB8 		0
0
index.html
c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20210408_1900/ima_html5/ Frame 0E62 		20 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20210408_1900/ima_html5/index.html
Requested by
Host: c5x8i7c7.ssl.hwcdn.net
URL: https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20210408_1900/ds_vplayer_detached.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
d26f8222d0adcd1fbad49294831f0fe838927c25701b7df89dde1cc3039f859f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/

Response headers

date
Sat, 04 Dec 2021 03:53:06 GMT
etag
"1617933754"
cache-control
max-age=80558
content-encoding
gzip
content-length
6724
content-type
text/html
last-modified
Fri, 09 Apr 2021 02:02:34 GMT
accept-ranges
bytes
x-hw
1638589986.dop004.tr2.t,1638589986.cds201.tr2.hn,1638589986.cds002.tr2.c
csi
csi.gstatic.com/ Frame AAB8 		0
0
/
vtrk.doubleverify.com/ Frame 128C 		0
0
bsevent.gif
tps607.doubleverify.com/ Frame 128C 		0
0
1.gif
i.jsrdn.com/i/ 		42 B
392 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=wea7&k=ZQl3ZQlhCTMzOTcJZAl1cy1lYXN0LTFlCWgJaS0wYjlkNDZmZmUxNmQ1M2M0Ygl1CTZjMTQxZjA0LTYwOWItNGIwMS1hOTUwLTMwMTU1ZWVjNTg1MAl2CTljZmQzYzhhLTAyZjEtNDJiNi05YjVjLTg3YWE4ZmIyMGFhOAl2bAkyMDIxMTIwNC4wMzAwCXZ0CTIwMjExMjA0LjAzMDAJdnMJMjAyMTA1MDUJdmMJMjAyMTAxMjUJc3QJMjAyMTEyMDQuMDM1MzAzCWkJYWViODE3ODktZGY2ZS00NWNhLTlmMjUtNTU5MzI0MmRlMmYzCWYJaHR0cHM6Ly93d3cudGhlb2JzZXJ2ZXIuY2EvbmV3cy9sb2NhbC1uZXdzL2p1ZGdlLXNlZWtzLXJlaGFiLWNoZWNrCXEJMTdhZmQwYzYtZGNkNy00NWRiLThkNTMtNTcyMmIyMzhjZjkxCW0JMjIzNDIJYgk0MzMJZwk5NDMJdAk1MzIxCWMJNTM3NglsCTE0OTQ1CXoJMTQxNDEJcwk1Nzk2CXAJMjI1MDcJdwluZXdzCWNzCUlBQjEyCWN6CQlnYwlDQQlncglRQwlnZAkwCWduCWZhbHNlCW5lCWltCW5kCWltCXNkCXRoZW9ic2VydmVyLmNhCXNlCTYyNDMxOTcwMDkJbWMJMzA4MQluZglpdglxcAk1MAlxdAkyNTAwCXBuCTM3ODUJdm4JMTQ2MzkxOAl2cAkxCXZnCXByCWNpCTU3ZmMyNDI5LTE3ZDQtMDA2Ni1iMGU4LTliMTAzZjA4MDYyZgljcAl0cAl2dgkyMDIxMDQwOF8xOTAwOmltYV9odG1sNTozLjQ5MC4wCXd0CTYzNAl3ZQlbOTAxXSBhZE1hbmFnZXJFcnJvciBzdGFnZTppOkFuIHVuZXhwZWN0ZWQgZXJyb3Igb2NjdXJyZWQgd2l0aGluIHRoZSBWUEFJRCBjcmVhdGl2ZS4gUmVmZXIgdG8gdGhlIGlubmVyIGVycm9yIGZvciBtb3JlIGluZm8uCWFkCSxzeXM6RENNfERCTXxBZFNlbnNlL0FkWCxhaWQ6NTEyMjI4OTk5fDUxMjIyODk5OXw1NjEwMTI4ODc3NDAsY2lkOjE2MTIwNDg4MXwxNjEyMDQ4ODEsZGVhbDo4NzgyOTQ5NTYzNTU0MzI0MCx0aXRsZTpJbi1TdHJlYW0gVmlkZW8sZHVyOjE1LHVuaTpHRENNXzE2MTIwNDg4MS0xLGFwaWZ3OlZQQUlECWFkVGFnCS8vcHViYWRzLmcuZG91YmxlY2xpY2submV0L2dhbXBhZC9hZHM_aXU9LzMwODEvYXJuLWRpc3RybyZkZXNjcmlwdGlvbl91cmw9aHR0cHMlM0ElMkYlMkZ3d3cudGhlb2JzZXJ2ZXIuY2ElMkZuZXdzJTJGbG9jYWwtbmV3cyUyRmp1ZGdlLXNlZWtzLXJlaGFiLWNoZWNrJmVudj12cCZpbXBsPXMmY29ycmVsYXRvcj0mdGZjZD0wJm5wYT0wJmdkZnBfcmVxPTEmb3V0cHV0PXZhc3Qmc3o9MzIweDI0MCZjdXN0X3BhcmFtcz1uayUzRGRpc3RybyUyNnByJTNEc29iJTI2Y2slM0RuZXdzJTI2bG9jJTNEdG9wJTI2cGFnZSUzRHN0b3J5JTI2c2NrJTNEbG9jYWwtbmV3cyUyNmFpZCUzRDBkYTRlMjNiLWEzOWMtNDE1OC1iMTJkLTU3MjM0N2M2ZTJhYSUyQzU2OTQwJnVudmlld2VkX3Bvc2l0aW9uX3N0YXJ0PTEmcHBpZD0wMDAwMDAwMHBwaWRwNjg3NDczOTIwNzg1MDgxMTYzMSZ1c19wcml2YWN5PSZnZHByPTAmZ2Rwcl9jb25zZW50PQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.221.224.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-224-161.compute-1.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Dec 2021 03:53:06 GMT
Server
Apache
P3P
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
Cache-Control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Mon, 26 Jul 1997 05:00:00 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 0E62 		374 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: c5x8i7c7.ssl.hwcdn.net
URL: https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20210408_1900/ima_html5/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b630bfefb18b047f36806ca3d09555730a686f944adedef8ef6fabc3751b58f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://c5x8i7c7.ssl.hwcdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126291
x-xss-protection
0
expires
Sat, 04 Dec 2021 03:53:06 GMT
minimal.mp4
c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20210408_1900/ima_html5/ Frame 0E62 		843 B
965 B 		Media
General
Check archive.org
Download Go to
Full URL
https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20210408_1900/ima_html5/minimal.mp4
Requested by
Host: c5x8i7c7.ssl.hwcdn.net
URL: https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20210408_1900/ima_html5/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
4c81a618f5d53d3380ec72a4c754c3e4fdda31319bb82126f5702f652101ccf6

Request headers

Referer
https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20210408_1900/ima_html5/index.html
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range
bytes=0-

Response headers

date
Sat, 04 Dec 2021 03:53:06 GMT
last-modified
Fri, 09 Apr 2021 02:02:37 GMT
etag
"1617933757"
x-hw
1638589986.dop004.tr2.t,1638589986.cds201.tr2.hn,1638589986.cds213.tr2.c
content-type
video/mp4
Content-Range
bytes 0-842/843
cache-control
max-age=80502
accept-ranges
bytes
Content-Length
843
bridge3.490.0_en.html
imasdk.googleapis.com/js/core/ Frame 0DCA 		595 KB
193 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
448a333dfdb98768c6308de7aeb073d319ec34bef67636b30fdf97abba0683b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://c5x8i7c7.ssl.hwcdn.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
197951
date
Tue, 30 Nov 2021 23:07:22 GMT
expires
Wed, 30 Nov 2022 23:07:22 GMT
last-modified
Tue, 30 Nov 2021 18:00:51 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
276344
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 0E62 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://c5x8i7c7.ssl.hwcdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 04 Dec 2021 03:53:06 GMT
1.gif
i.jsrdn.com/i/ 		42 B
392 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=om9j&k=ZQl3YQlhCTM1NjYJZAl1cy1lYXN0LTFlCWgJaS0wYjlkNDZmZmUxNmQ1M2M0Ygl1CTZjMTQxZjA0LTYwOWItNGIwMS1hOTUwLTMwMTU1ZWVjNTg1MAl2CTljZmQzYzhhLTAyZjEtNDJiNi05YjVjLTg3YWE4ZmIyMGFhOAl2bAkyMDIxMTIwNC4wMzAwCXZ0CTIwMjExMjA0LjAzMDAJdnMJMjAyMTA1MDUJdmMJMjAyMTAxMjUJc3QJMjAyMTEyMDQuMDM1MzAzCWkJYWViODE3ODktZGY2ZS00NWNhLTlmMjUtNTU5MzI0MmRlMmYzCWYJaHR0cHM6Ly93d3cudGhlb2JzZXJ2ZXIuY2EvbmV3cy9sb2NhbC1uZXdzL2p1ZGdlLXNlZWtzLXJlaGFiLWNoZWNrCXEJMTdhZmQwYzYtZGNkNy00NWRiLThkNTMtNTcyMmIyMzhjZjkxCW0JMjIzNDIJYgk0MzMJZwk5NDMJdAk1MzIxCWMJNTM3NglsCTE0OTQ1CXoJMTQxNDEJcwk1Nzk2CXAJMjI1MDcJdwluZXdzCWNzCUlBQjEyCWN6CQlnYwlDQQlncglRQwlnZAkwCWduCWZhbHNlCW5lCWltCW5kCWltCXNkCXRoZW9ic2VydmVyLmNhCXNlCTYyNDMxOTcwMDkJbWMJMzA4MQluZglpdglxcAk1MAlxdAkyNTAwCXBuCTM3ODUJdm4JMTQ2MzkxOAl2cAkxCXZnCXByCWNpCWU5MjRiZDk0LWEzODUtNWI4Ny0zMWY4LTJlYzA1ZWY5ZmMzNwljcAlnMgl2dgkyMDIxMDQwOF8xOTAwOmltYV9odG1sNTozLjQ5MC4wCXd0CTUzOAlhZFRhZwkvL3B1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldC9nYW1wYWQvYWRzP2l1PS8yMTg3NDE1NTEzMywzMDgxLzIyNTA3XzQ5NTMwMzY3MDkmZGVzY3JpcHRpb25fdXJsPWh0dHBzJTNBJTJGJTJGd3d3LnRoZW9ic2VydmVyLmNhJTJGbmV3cyUyRmxvY2FsLW5ld3MlMkZqdWRnZS1zZWVrcy1yZWhhYi1jaGVjayZ0ZmNkPTAmbnBhPTAmc3o9NjQweDQ4MCU3QzEyODB4NzIwJTdDMTkyMHgxMDgwJTdDNDAweDMwMCZjdXN0X3BhcmFtcz1kc21jbSUzRDElMjZkc2QlM0R0aGVvYnNlcnZlci5jYSZnZGZwX3JlcT0xJm91dHB1dD12YXN0JnVudmlld2VkX3Bvc2l0aW9uX3N0YXJ0PTEmZW52PXZwJmltcGw9cyZjb3JyZWxhdG9yPTkyMzQxMyZnZHByPTAmZ2Rwcl9jb25zZW50PSZ1c19wcml2YWN5PQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.221.224.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-224-161.compute-1.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Dec 2021 03:53:06 GMT
Server
Apache
P3P
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
Cache-Control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Mon, 26 Jul 1997 05:00:00 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame A44C 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://c5x8i7c7.ssl.hwcdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:24:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1731
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 04 Dec 2021 04:24:15 GMT
integrator.js
adservice.google.com/adsid/ Frame 0E62 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=c5x8i7c7.ssl.hwcdn.net
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://c5x8i7c7.ssl.hwcdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Dec 2021 03:53:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame 0DCA 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21874155133%2C3081%2F22507_4953036709&description_url=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check&tfcd=0&npa=0&sz=640x480%7C1280x720%7C1920x1080%7C400x300&cust_params=dsmcm%3D1%26dsd%3Dtheobserver.ca&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2533137651398095&gdpr=0&gdpr_consent&us_privacy&vpa=auto&vpmute=1&sdkv=h.3.490.0&osd=2&frm=2&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=239201517&sdk_apis=2%2C8&media_url=https%3A%2F%2Fc5x8i7c7.ssl.hwcdn.net%2Fvplayer-parallel%2F20210408_1900%2Fima_html5%2Fminimal.mp4&sid=E762C3C7-F742-452B-8DD3-275C1D193201&nel=0&eid=44752711&url=https%3A%2F%2Fwww.theobserver.ca%2F&ref=https%3A%2F%2Fwww.theobserver.ca%2F&dlt=1638589986800&idt=238&dt=1638589987068&scor=2783124899579599&ged=ve4_td0_tt0_pd0_la0_er0.0.154.300_vi0.0.317.564_vp100_eb24427
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:07 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 763F 		374 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: c5x8i7c7.ssl.hwcdn.net
URL: https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20210408_1900/ds_vplayer_detached.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b630bfefb18b047f36806ca3d09555730a686f944adedef8ef6fabc3751b58f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126291
x-xss-protection
0
expires
Sat, 04 Dec 2021 03:53:07 GMT
191231-96143263832481.js
js-sec.indexww.com/ht/p/ Frame 763F 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/191231-96143263832481.js
Requested by
Host: c5x8i7c7.ssl.hwcdn.net
URL: https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20210408_1900/ds_vplayer_detached.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3eb6b450e09da3c00ba344a44a690b004402dc62ddf0d3cf3bbdec5ab33310e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 04 Dec 2021 03:53:07 GMT
Content-Encoding
gzip
Last-Modified
Sat, 04 Dec 2021 03:41:18 GMT
Server
Apache
ETag
"764244-930a-5d249cbde8cd7"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3052
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
12789
Expires
Sat, 04 Dec 2021 04:43:59 GMT
events
jssdks.mparticle.com/v3/JS/580aa374a095754d9f83e996ce038321/ 		41 B
180 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v3/JS/580aa374a095754d9f83e996ce038321/events
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/580aa374a095754d9f83e996ce038321/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
c2dba0f55b1c1df01c70b7409c85ae8747e4723b4365edbb26a680ff39e0691e

Request headers

Accept
text/plain;charset=UTF-8
Referer
https://www.theobserver.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 04 Dec 2021 03:53:07 GMT
content-encoding
gzip
server
Kestrel
x-timer
S1638589988.727212,VS0,VE17
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-served-by
cache-yul12828-YUL
vary
Accept-Encoding
x-cache
MISS
content-type
application/json
access-control-allow-origin
*
accept-ranges
bytes
via
1.1 varnish
x-cache-hits
0
minimal.mp4
c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20210408_1900/pd1_html5/ Frame 763F 		843 B
999 B 		Media
General
Check archive.org
Download Go to
Full URL
https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20210408_1900/pd1_html5/minimal.mp4
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
4c81a618f5d53d3380ec72a4c754c3e4fdda31319bb82126f5702f652101ccf6

Request headers

Referer
https://www.theobserver.ca/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range
bytes=0-

Response headers

date
Sat, 04 Dec 2021 03:53:07 GMT
last-modified
Fri, 09 Apr 2021 02:00:44 GMT
etag
"1617933644"
x-hw
1638589987.dop004.tr2.t,1638589987.cds201.tr2.hn,1638589987.cds010.tr2.c
content-type
video/mp4
Content-Range
bytes 0-842/843
cache-control
max-age=80489
accept-ranges
bytes
Content-Length
843
bridge3.490.0_en.html
imasdk.googleapis.com/js/core/ Frame 3FE1 		595 KB
193 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
448a333dfdb98768c6308de7aeb073d319ec34bef67636b30fdf97abba0683b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
197951
date
Tue, 30 Nov 2021 23:07:22 GMT
expires
Wed, 30 Nov 2022 23:07:22 GMT
last-modified
Tue, 30 Nov 2021 18:00:51 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
276345
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 763F 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 04 Dec 2021 03:53:08 GMT
p22507-ds-desktop.json
a.jsrdn.com/prebid/tags/ Frame 763F 		21 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.jsrdn.com/prebid/tags/p22507-ds-desktop.json?aca=1&env.sd=theobserver.ca&env.gc=CA
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
910f4f27d43f79b85b95af7d807844a73af3f19580992bc7985a4860952e1cdd

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:07 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 22:56:29 GMT
etag
"1638485789"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-hw
1638589987.dop011.tr2.t,1638589987.cds005.tr2.hn,1638589987.cds211.tr2.c
content-type
application/json
access-control-allow-origin
https://www.theobserver.ca
access-control-max-age
3600
cache-control
max-age=68605
access-control-allow-credentials
true
access-control-allow-methods
GET, HEAD
accept-ranges
bytes
content-length
1940
headerstats
as-sec.casalemedia.com/ Frame 763F 		0
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=476694&u=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/191231-96143263832481.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theobserver.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Sat, 04 Dec 2021 03:53:07 GMT
X-AK-INITIAL-GEO
CC:[CA], RC:[QC], CN:[NA], CIP:[37.120.205.149], XFF:[]
Server
Apache
Access-Control-Allow-Origin
https://www.theobserver.ca
X-CS-CLIENT-GEO
19
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-AK-CLIENT-GEO
19
Expires
Sat, 04 Dec 2021 03:53:07 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame A9B8 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:24:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1732
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 04 Dec 2021 04:24:15 GMT
1.gif
i.jsrdn.com/i/ 		42 B
392 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=czk3&k=ZQl3YQlhCTQ2NDIJZAl1cy1lYXN0LTFlCWgJaS0wYjlkNDZmZmUxNmQ1M2M0Ygl1CTZjMTQxZjA0LTYwOWItNGIwMS1hOTUwLTMwMTU1ZWVjNTg1MAl2CTljZmQzYzhhLTAyZjEtNDJiNi05YjVjLTg3YWE4ZmIyMGFhOAl2bAkyMDIxMTIwNC4wMzAwCXZ0CTIwMjExMjA0LjAzMDAJdnMJMjAyMTA1MDUJdmMJMjAyMTAxMjUJc3QJMjAyMTEyMDQuMDM1MzAzCWkJYWViODE3ODktZGY2ZS00NWNhLTlmMjUtNTU5MzI0MmRlMmYzCWYJaHR0cHM6Ly93d3cudGhlb2JzZXJ2ZXIuY2EvbmV3cy9sb2NhbC1uZXdzL2p1ZGdlLXNlZWtzLXJlaGFiLWNoZWNrCXEJMTdhZmQwYzYtZGNkNy00NWRiLThkNTMtNTcyMmIyMzhjZjkxCW0JMjIzNDIJYgk0MzMJZwk5NDMJdAk1MzIxCWMJNTM3NglsCTE0OTQ1CXoJMTQxNDEJcwk1Nzk2CXAJMjI1MDcJdwluZXdzCWNzCUlBQjEyCWN6CQlnYwlDQQlncglRQwlnZAkwCWduCWZhbHNlCW5lCWltCW5kCWltCXNkCXRoZW9ic2VydmVyLmNhCXNlCTYyNDMxOTcwMDkJbWMJMzA4MQluZglpdglxcAk1MAlxdAkyNTAwCXBuCTM3ODUJdm4JMTQ2MzkxOAl2cAkxCXZnCXByCWNpCWI5MWJmNzMwLTIyNTktMmZlNC1lNTA4LTNlMDg4NWMyYjJjZQljcAlwZAl2dgkyMDIxMDQwOF8xOTAwOnBkMV9odG1sNTozLjQ5MC4wCXd0CTUxOAlhZFRhZwkvL2EuanNyZG4uY29tL3ByZWJpZC90YWdzL3AyMjUwNy1kcy1kZXNrdG9wLmpzb24_YWNhPTEmZW52LnNkPXRoZW9ic2VydmVyLmNhJmVudi5nYz1DQQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.221.224.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-224-161.compute-1.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Dec 2021 03:53:08 GMT
Server
Apache
P3P
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
Cache-Control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Mon, 26 Jul 1997 05:00:00 GMT
attention-event
sr.studiostack.com/track/ 		0
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sr.studiostack.com/track/attention-event
Requested by
Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.49.104.19 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theobserver.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sat, 04 Dec 2021 03:53:08 GMT
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin
*
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
0
request-context
appId=cid-v1:c374023b-8354-459d-b51b-039919730c2c
attention-event
sr.studiostack.com/track/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sr.studiostack.com/track/attention-event
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.49.104.19 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.theobserver.ca
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Allow
POST
Content-Length
4
Content-Type
text/html; charset=utf-8
Expires
0
ETag
W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
request-context
appId=cid-v1:c374023b-8354-459d-b51b-039919730c2c
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD, PUT
Date
Sat, 04 Dec 2021 03:53:07 GMT
translator
hbopenbid.pubmatic.com/ Frame 763F 		0
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theobserver.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.theobserver.ca
date
Sat, 04 Dec 2021 03:53:06 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
282435
search.spotxchange.com/openrtb/2.3/dados/ Frame 763F 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/282435
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.35.249.123 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theobserver.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 04 Dec 2021 03:53:08 GMT
X-SpotX-Timing-Transform
0.041666
X-SpotX-Timing-SpotMarket
0.104356
X-SpotX-Timing-Page-Mux
0.023585
X-SpotX-Timing-Page-Require
0.003032
X-fe
060
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000059
X-SpotX-Timing-Page
0.325770
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.003697
Last-Modified
Sat, 04 Dec 2021 03:53:08 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.104356
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.theobserver.ca
X-SpotX-Timing-Page-Misc
0.149356
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000018
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
avjp
distroscale-d.openx.net/v/1.0/ Frame 763F 		106 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://distroscale-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=4758d8e4-4011-43b9-ac7a-225428db1137&nocache=1638589988036&schain=1.0%2C1!distroscale.com%2C6243197009%2C1%2C%2C%2C&mimes=video%2Fmp4%2Cvideo%2Fogg%2Cvideo%2Fwebm%2Capplication%2Fjavascript&protocols=1%2C2%2C3%2C4%2C5%2C6%2C7%2C8&api=2&maxduration=60&linearity=1&auid=540884776&vwd=640&vht=480&vmimes=video%2Fmp4%2Cvideo%2Fogg%2Cvideo%2Fwebm%2Capplication%2Fjavascript
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.221.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.theobserver.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:08 GMT
via
1.1 google
server
OXGW/16.221.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.theobserver.ca
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
mvo
tag.1rx.io/rmp/211334/0/ Frame 763F 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/211334/0/mvo?z=1r&hbv=4.34,2.1
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.162 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theobserver.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.theobserver.ca
pragma
no-cache
date
Sat, 04 Dec 2021 03:53:08 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
cygnus
htlb.casalemedia.com/ Frame 763F 		36 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=448676&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%229699a59976adf4%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.34.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22distroscale.com%22%2C%22sid%22%3A%226243197009%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2296202975-3807-4288-a32a-8d03bb6cadd8%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-12-04T03%3A53%3A02%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22101728327db87ba%22%2C%22ext%22%3A%7B%22siteID%22%3A%22448676%22%2C%22sid%22%3A%22640x480%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fogg%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A60%2C%22w%22%3A640%2C%22h%22%3A480%2C%22placement%22%3A1%2C%22linearity%22%3A1%2C%22startdelay%22%3A0%7D%7D%5D%7D
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.237.164 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-237-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
985b3f39420cba66479d428f526f313f10390ad8b4c683a81a4acd76742cf453

Request headers

Referer
https://www.theobserver.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:08 GMT
x-ak-initial-geo
CC:[CA], RC:[QC], CN:[NA], CIP:[37.120.205.149], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.theobserver.ca
x-cs-client-geo
19
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
19
expires
Sat, 04 Dec 2021 03:53:08 GMT
openrtb
ads.adaptv.advertising.com/rtb/ Frame 763F 		0
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=DistroScaleExchange
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.198.206.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-206-24.compute-1.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theobserver.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.theobserver.ca
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
prebid
ib.adnxs.com/ut/v3/ Frame 763F 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.212 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
801.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
a333a56f77c1db5f51e0ea290125ad4afe411e1989673fb55817c607a6489934
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.theobserver.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 04 Dec 2021 03:53:08 GMT
X-Proxy-Origin
37.120.205.149; 37.120.205.149; 801.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
6cb5e27f-9819-4dbe-b4ea-f66a9d14d0e3
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.theobserver.ca
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 763F 		185 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.131.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-131-242.compute-1.amazonaws.com
Software
/
Resource Hash
4ab07e2e2b75d34d9948e780893b3269c29d3bcae8a62ccccaa15113751153ff

Request headers

Referer
https://www.theobserver.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:08 GMT
content-encoding
gzip
x-prebid
pbs-java/1.79.0
content-type
application/json
access-control-allow-origin
https://www.theobserver.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
expires
0
tag
5ew8d-b3mmu.ads.tremorhub.com/ad/ Frame 763F
Redirect Chain
  • https://5ew8d-b3mmu.ads.tremorhub.com/ad/tag?adCode=5ew8d-hg1g0&playerWidth=640&playerHeight=480&srcPageUrl=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check&supplyCode...
  • https://5ew8d-b3mmu.ads.tremorhub.com/ad/tag?adCode=5ew8d-hg1g0&playerWidth=640&playerHeight=480&srcPageUrl=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check&supplyCode...
55 B
694 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://5ew8d-b3mmu.ads.tremorhub.com/ad/tag?adCode=5ew8d-hg1g0&playerWidth=640&playerHeight=480&srcPageUrl=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check&supplyCode=5ew8d-b3mmu&skip=0&delivery=1&placement=1&schain=1.0,1!distroscale.com,6243197009,1,,,&transactionId=4758d8e4-4011-43b9-ac7a-225428db1137&referrer=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check&hb=1&fmt=json&_tur=T
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Server
2600:1f18:612b:4264:b32e:f80d:5f2d:5164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
2a93908cd6fedcb5a8e4bd04300e4061ed0f8f6939f6fad80f334c2b592c7433

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:08 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.theobserver.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-tremorvideo-status
NO_AD
content-type
application/json;charset=UTF-8

Redirect headers

location
https://5ew8d-b3mmu.ads.tremorhub.com/ad/tag?adCode=5ew8d-hg1g0&playerWidth=640&playerHeight=480&srcPageUrl=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check&supplyCode=5ew8d-b3mmu&skip=0&delivery=1&placement=1&schain=1.0,1!distroscale.com,6243197009,1,,,&transactionId=4758d8e4-4011-43b9-ac7a-225428db1137&referrer=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check&hb=1&fmt=json&_tur=T
date
Sat, 04 Dec 2021 03:53:08 GMT
access-control-allow-credentials
true
server
Apache-Coyote/1.1
access-control-allow-origin
https://www.theobserver.ca
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
1.gif
i.jsrdn.com/i/ 		42 B
392 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=foaf&k=ZQl3d2EJYQk0NjcyCWQJdXMtZWFzdC0xZQloCWktMGI5ZDQ2ZmZlMTZkNTNjNGIJdQk2YzE0MWYwNC02MDliLTRiMDEtYTk1MC0zMDE1NWVlYzU4NTAJdgk5Y2ZkM2M4YS0wMmYxLTQyYjYtOWI1Yy04N2FhOGZiMjBhYTgJdmwJMjAyMTEyMDQuMDMwMAl2dAkyMDIxMTIwNC4wMzAwCXZzCTIwMjEwNTA1CXZjCTIwMjEwMTI1CXN0CTIwMjExMjA0LjAzNTMwMwlpCWFlYjgxNzg5LWRmNmUtNDVjYS05ZjI1LTU1OTMyNDJkZTJmMwlmCWh0dHBzOi8vd3d3LnRoZW9ic2VydmVyLmNhL25ld3MvbG9jYWwtbmV3cy9qdWRnZS1zZWVrcy1yZWhhYi1jaGVjawlxCTE3YWZkMGM2LWRjZDctNDVkYi04ZDUzLTU3MjJiMjM4Y2Y5MQltCTIyMzQyCWIJNDMzCWcJOTQzCXQJNTMyMQljCTUzNzYJbAkxNDk0NQl6CTE0MTQxCXMJNTc5NglwCTIyNTA3CXcJbmV3cwljcwlJQUIxMgljegkJZ2MJQ0EJZ3IJUUMJZ2QJMAlnbglmYWxzZQluZQlpbQluZAlpbQlzZAl0aGVvYnNlcnZlci5jYQlzZQk2MjQzMTk3MDA5CW1jCTMwODEJbmYJaXYJcXAJNTAJcXQJMjUwMAlwbgkzNzg1CXZuCTE0NjM5MTgJdnAJMQl2ZwlwcgljaQliOTFiZjczMC0yMjU5LTJmZTQtZTUwOC0zZTA4ODVjMmIyY2UJY3AJcGQJdnYJMjAyMTA0MDhfMTkwMDpwZDFfaHRtbDU6My40OTAuMAl3dAk1MTgJd3dhCWJpZGRlcjpwdWJtYXRpY3xzcG90eHxvcGVueHxyaHl0aG1vbmV8aXh8b25lVmlkZW98YXBwbmV4dXN8cnViaWNvbnx0ZWxhcmlhCWFkVGFnCS8vYS5qc3Jkbi5jb20vcHJlYmlkL3RhZ3MvcDIyNTA3LWRzLWRlc2t0b3AuanNvbj9hY2E9MSZlbnYuc2Q9dGhlb2JzZXJ2ZXIuY2EmZW52LmdjPUNB
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.221.224.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-224-161.compute-1.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Dec 2021 03:53:08 GMT
Server
Apache
P3P
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
Cache-Control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Mon, 26 Jul 1997 05:00:00 GMT
1.gif
i.jsrdn.com/i/ 		42 B
392 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=dljr&k=ZQl3d2gJYQk1MzU3CWQJdXMtZWFzdC0xZQloCWktMGI5ZDQ2ZmZlMTZkNTNjNGIJdQk2YzE0MWYwNC02MDliLTRiMDEtYTk1MC0zMDE1NWVlYzU4NTAJdgk5Y2ZkM2M4YS0wMmYxLTQyYjYtOWI1Yy04N2FhOGZiMjBhYTgJdmwJMjAyMTEyMDQuMDMwMAl2dAkyMDIxMTIwNC4wMzAwCXZzCTIwMjEwNTA1CXZjCTIwMjEwMTI1CXN0CTIwMjExMjA0LjAzNTMwMwlpCWFlYjgxNzg5LWRmNmUtNDVjYS05ZjI1LTU1OTMyNDJkZTJmMwlmCWh0dHBzOi8vd3d3LnRoZW9ic2VydmVyLmNhL25ld3MvbG9jYWwtbmV3cy9qdWRnZS1zZWVrcy1yZWhhYi1jaGVjawlxCTE3YWZkMGM2LWRjZDctNDVkYi04ZDUzLTU3MjJiMjM4Y2Y5MQltCTIyMzQyCWIJNDMzCWcJOTQzCXQJNTMyMQljCTUzNzYJbAkxNDk0NQl6CTE0MTQxCXMJNTc5NglwCTIyNTA3CXcJbmV3cwljcwlJQUIxMgljegkJZ2MJQ0EJZ3IJUUMJZ2QJMAlnbglmYWxzZQluZQlpbQluZAlpbQlzZAl0aGVvYnNlcnZlci5jYQlzZQk2MjQzMTk3MDA5CW1jCTMwODEJbmYJaXYJcXAJNTAJcXQJMjUwMAlwbgkzNzg1CXZuCTE0NjM5MTgJdnAJMQl2ZwlwcgljaQliOTFiZjczMC0yMjU5LTJmZTQtZTUwOC0zZTA4ODVjMmIyY2UJY3AJcGQJdnYJMjAyMTA0MDhfMTkwMDpwZDFfaHRtbDU6My40OTAuMAl3dAk1MTgJd3doCWJpZGRlcjpub25lLGNwbTowCWFkVGFnCS8vYS5qc3Jkbi5jb20vcHJlYmlkL3RhZ3MvcDIyNTA3LWRzLWRlc2t0b3AuanNvbj9hY2E9MSZlbnYuc2Q9dGhlb2JzZXJ2ZXIuY2EmZW52LmdjPUNB
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.221.224.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-224-161.compute-1.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Dec 2021 03:53:08 GMT
Server
Apache
P3P
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
Cache-Control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Mon, 26 Jul 1997 05:00:00 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame DEA6 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.239.200.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-239-200-177.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
d8c62b0d4ac621bedd0ca5a4e96b12a77118338d4166f94d65c15bb154d455aa

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 01:04:12 GMT
content-encoding
gzip
age
10135
x-cache
Hit from cloudfront
timing-allow-origin
*
server
Server
x-amz-rid
1AXJK7YK9WCP0270HSY0
etag
4da12c74ee926b2a11a4e43bfb72b2fd
vary
Accept-Encoding
x-amz-version-id
4VmutqpMSKe44XUliQiub0_OOWAXoLbl
via
1.1 34deee8ac34d726c1404a3045667664b.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
bZpM5_9tcaSSpvg43Qkn7RNOXcf0BtScNrRCajjIb1qAl1Yqyn_VGw==
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame DEA6 		374 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: c5x8i7c7.ssl.hwcdn.net
URL: https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20210408_1900/ds_vplayer_detached.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b630bfefb18b047f36806ca3d09555730a686f944adedef8ef6fabc3751b58f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126291
x-xss-protection
0
expires
Sat, 04 Dec 2021 03:53:08 GMT
1.gif
i.jsrdn.com/i/ 		42 B
392 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=r1vn&k=ZQl3ZQlhCTUzNjgJZAl1cy1lYXN0LTFlCWgJaS0wYjlkNDZmZmUxNmQ1M2M0Ygl1CTZjMTQxZjA0LTYwOWItNGIwMS1hOTUwLTMwMTU1ZWVjNTg1MAl2CTljZmQzYzhhLTAyZjEtNDJiNi05YjVjLTg3YWE4ZmIyMGFhOAl2bAkyMDIxMTIwNC4wMzAwCXZ0CTIwMjExMjA0LjAzMDAJdnMJMjAyMTA1MDUJdmMJMjAyMTAxMjUJc3QJMjAyMTEyMDQuMDM1MzAzCWkJYWViODE3ODktZGY2ZS00NWNhLTlmMjUtNTU5MzI0MmRlMmYzCWYJaHR0cHM6Ly93d3cudGhlb2JzZXJ2ZXIuY2EvbmV3cy9sb2NhbC1uZXdzL2p1ZGdlLXNlZWtzLXJlaGFiLWNoZWNrCXEJMTdhZmQwYzYtZGNkNy00NWRiLThkNTMtNTcyMmIyMzhjZjkxCW0JMjIzNDIJYgk0MzMJZwk5NDMJdAk1MzIxCWMJNTM3NglsCTE0OTQ1CXoJMTQxNDEJcwk1Nzk2CXAJMjI1MDcJdwluZXdzCWNzCUlBQjEyCWN6CQlnYwlDQQlncglRQwlnZAkwCWduCWZhbHNlCW5lCWltCW5kCWltCXNkCXRoZW9ic2VydmVyLmNhCXNlCTYyNDMxOTcwMDkJbWMJMzA4MQluZglpdglxcAk1MAlxdAkyNTAwCXBuCTM3ODUJdm4JMTQ2MzkxOAl2cAkxCXZnCXByCWNpCWI5MWJmNzMwLTIyNTktMmZlNC1lNTA4LTNlMDg4NWMyYjJjZQljcAlwZAl2dgkyMDIxMDQwOF8xOTAwOnBkMV9odG1sNTozLjQ5MC4wCXd0CTUxOAl3ZQlbd2VdIGVycm9yOk5vIHZhbGlkIGJpZHMgcmVjZWl2ZWQJYWRUYWcJLy9hLmpzcmRuLmNvbS9wcmViaWQvdGFncy9wMjI1MDctZHMtZGVza3RvcC5qc29uP2FjYT0xJmVudi5zZD10aGVvYnNlcnZlci5jYSZlbnYuZ2M9Q0E
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.221.224.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-224-161.compute-1.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Dec 2021 03:53:08 GMT
Server
Apache
P3P
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
Cache-Control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Mon, 26 Jul 1997 05:00:00 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame DEA6 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.239.200.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-239-200-177.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 20:52:47 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
25222
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Tue, 09 Nov 2021 22:55:20 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
gYbY2ORQY5Qmsyt0ob0SiGH6tjIhuo4B
via
1.1 35c803afef083002d824403342d4c62e.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
EWR53-P1
content-type
application/javascript
x-amz-cf-id
iqtKyjShvk_NFpZDCJwHzlq8eVVlaf_gqUKRbbAR_-jAkukHq6eD9g==
minimal.mp4
c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20210408_1900/aps_html5/ Frame DEA6 		843 B
999 B 		Media
General
Check archive.org
Download Go to
Full URL
https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20210408_1900/aps_html5/minimal.mp4
Requested by
Host: www.theobserver.ca
URL: https://www.theobserver.ca/news/local-news/judge-seeks-rehab-check
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
4c81a618f5d53d3380ec72a4c754c3e4fdda31319bb82126f5702f652101ccf6

Request headers

Referer
https://www.theobserver.ca/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range
bytes=0-

Response headers

date
Sat, 04 Dec 2021 03:53:08 GMT
last-modified
Fri, 09 Apr 2021 02:01:16 GMT
etag
"1617933676"
x-hw
1638589988.dop004.tr2.t,1638589988.cds201.tr2.hn,1638589988.cds202.tr2.c
content-type
video/mp4
Content-Range
bytes 0-842/843
cache-control
max-age=80510
accept-ranges
bytes
Content-Length
843
bridge3.490.0_en.html
imasdk.googleapis.com/js/core/ Frame 0595 		595 KB
193 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
448a333dfdb98768c6308de7aeb073d319ec34bef67636b30fdf97abba0683b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
197951
date
Tue, 30 Nov 2021 23:07:22 GMT
expires
Wed, 30 Nov 2022 23:07:22 GMT
last-modified
Tue, 30 Nov 2021 18:00:51 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
276346
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame DEA6 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 04 Dec 2021 03:53:08 GMT
config
c.amazon-adsystem.com/cdn/prod/ Frame DEA6 		0
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.theobserver.ca&pubid=510b2083-6681-4521-93bd-7d95b5afa83c
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.239.200.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-239-200-177.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 22:22:41 GMT
via
1.1 34deee8ac34d726c1404a3045667664b.cloudfront.net (CloudFront)
server
Server
age
19826
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.theobserver.ca
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
EWR53-P1
x-amz-cf-id
MRxmCchjcA332hyC_npstkoMSHVjMmWZuq-deYAkp2NvgiFRSNNhjA==
1.gif
i.jsrdn.com/i/ 		42 B
392 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=55se&k=ZQl3YQlhCTU1MDUJZAl1cy1lYXN0LTFlCWgJaS0wYjlkNDZmZmUxNmQ1M2M0Ygl1CTZjMTQxZjA0LTYwOWItNGIwMS1hOTUwLTMwMTU1ZWVjNTg1MAl2CTljZmQzYzhhLTAyZjEtNDJiNi05YjVjLTg3YWE4ZmIyMGFhOAl2bAkyMDIxMTIwNC4wMzAwCXZ0CTIwMjExMjA0LjAzMDAJdnMJMjAyMTA1MDUJdmMJMjAyMTAxMjUJc3QJMjAyMTEyMDQuMDM1MzAzCWkJYWViODE3ODktZGY2ZS00NWNhLTlmMjUtNTU5MzI0MmRlMmYzCWYJaHR0cHM6Ly93d3cudGhlb2JzZXJ2ZXIuY2EvbmV3cy9sb2NhbC1uZXdzL2p1ZGdlLXNlZWtzLXJlaGFiLWNoZWNrCXEJMTdhZmQwYzYtZGNkNy00NWRiLThkNTMtNTcyMmIyMzhjZjkxCW0JMjIzNDIJYgk0MzMJZwk5NDMJdAk1MzIxCWMJNTM3NglsCTE0OTQ1CXoJMTQxNDEJcwk1Nzk2CXAJMjI1MDcJdwluZXdzCWNzCUlBQjEyCWN6CQlnYwlDQQlncglRQwlnZAkwCWduCWZhbHNlCW5lCWltCW5kCWltCXNkCXRoZW9ic2VydmVyLmNhCXNlCTYyNDMxOTcwMDkJbWMJMzA4MQluZglpdglxcAk1MAlxdAkyNTAwCXBuCTM3ODUJdm4JMTQ2MzkxOAl2cAkxCXZnCXByCWNpCTU5Mzc2ZWRkLTZiM2UtNWMwMy02ZTJiLTRiMjY0YmY3NmI2MQljcAlhegl2dgkyMDIxMDQwOF8xOTAwOmFwc19odG1sNTozLjQ5MC4wCXd0CTYzNwlhZFRhZwkvL2MuYW1hem9uLWFkc3lzdGVtLmNvbS9lL2R0Yi9iaWQ_YXBzU2xvdElEPURlc2t0b3Amc2lkPTYyNDMxOTcwMDk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.221.224.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-224-161.compute-1.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Dec 2021 03:53:08 GMT
Server
Apache
P3P
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
Cache-Control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Mon, 26 Jul 1997 05:00:00 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame C96C 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:24:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1733
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 04 Dec 2021 04:24:15 GMT
bid
c.amazon-adsystem.com/e/dtb/ Frame DEA6 		118 B
590 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check&pid=aO8ssuJmQ0AIy&cb=0&ws=564x317&v=7.71.1&t=2000&slots=%5B%7B%22id%22%3A%22Desktop%22%2C%22mt%22%3A%22v%22%7D%5D&cfgv=1&pubid=510b2083-6681-4521-93bd-7d95b5afa83c&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.239.200.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-239-200-177.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
3126bdff9344c6b6ee8dc5073bda9c319582fb7334cd77ea543bcc67bddfb3e9
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:08 GMT
via
1.1 34deee8ac34d726c1404a3045667664b.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR53-P1
x-amz-rid
8TAEF7GG2E4187P8QH8M
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.theobserver.ca
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
118
x-amz-cf-id
xWS4giHPJURIRphMdyET3nxX0BVG8QK3cvXFK4--cVG0b75kZd_GvQ==
135.12a6f1c6e642186dd14a.css
cdn.viafoura.net/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/135.12a6f1c6e642186dd14a.css
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:c000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
22b518a35f90caaf1b6055c7d21c3b79a03cfcf1a5aa9921a13de983ec143760

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 16:44:08 GMT
content-encoding
br
last-modified
Thu, 02 Dec 2021 16:43:48 GMT
server
AmazonS3
age
126541
etag
W/"cfaee6b202f4daa8fe1f08bc148fca0f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
I_hAdLFUXVtUdPC10VLmuVlxsDmG51r5
via
1.1 3f65d34f6010e326e59d2f311de6e203.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-replication-status
PENDING
x-amz-cf-pop
EWR53-P1
content-type
text/css; charset=utf-8
x-amz-cf-id
TZYd-V9emwRcjiJfbYyaB58TPzMrEHZGIGnhvu6GTyGCamZXRAhtIw==
trending_articles_js.beea977e2fbccf6197d7.js
cdn.viafoura.net/chunks/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/trending_articles_js.beea977e2fbccf6197d7.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:c000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2f9d1137793c3a020f9fc3a23a9e715f3f85209a83a49e7b1b37c0bed1bbadb1

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 16:44:19 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 16:43:44 GMT
server
AmazonS3
age
126530
etag
W/"32f91e6079603838735ba3ba5d3eb979"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
bJ_T3abgU4lS.5QTQxPHQiNqujgSGrOJ
via
1.1 3f65d34f6010e326e59d2f311de6e203.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-replication-status
COMPLETED
x-amz-cf-pop
EWR53-P1
content-type
application/javascript; charset=utf-8
x-amz-cf-id
3Xd-ynASF3vq3VtT3_r4k55qFu0UU45cU2CTxGAqtZSK0Ho5nHZWsg==
trending_articles-module-js.50fb694cdf51956c28f9.js
cdn.viafoura.net/chunks/vuex_store/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vuex_store/trending_articles-module-js.50fb694cdf51956c28f9.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:c000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
04fe6c7746ec923f1e12d09039bc394b93415975b5be544b42e5e8a37d29fb1f

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 16:44:19 GMT
via
1.1 3f65d34f6010e326e59d2f311de6e203.cloudfront.net (CloudFront)
age
126530
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
2742
last-modified
Thu, 02 Dec 2021 16:43:35 GMT
server
AmazonS3
etag
"fa98ac20cede9a7563c00b40974278d3"
vary
Accept-Encoding
x-amz-version-id
3x.b0YAfDc5ZkBwwDO3yTPZ0M7RiDIg.
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-amz-cf-id
ReysXMwuWtSpbUZvYsSVCAik6m7OaNqRuIBJ3G2jGDeJpXmSX1V_SQ==
trending
livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-675209adf16b/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-675209adf16b/trending?limit=6&content_container_window_days=7&content_window_hours=3&sorted_by=total_visible_contents
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.17.45.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-45-48.compute-1.amazonaws.com
Software
/
Resource Hash
73653c262c76c7b2705713b297db5a1f316ec446db431c8e17a2aceafb8eda7f

Request headers

Accept
application/json
Referer
https://www.theobserver.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json;charset=utf-8

Response headers

access-control-allow-origin
https://www.theobserver.ca
date
Sat, 04 Dec 2021 03:53:09 GMT
content-encoding
gzip
access-control-allow-credentials
true
content-length
1598
content-type
application/json
trending
livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-675209adf16b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-675209adf16b/trending?limit=6&content_container_window_days=7&content_window_hours=3&sorted_by=total_visible_contents
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.17.45.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-45-48.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.theobserver.ca
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sat, 04 Dec 2021 03:53:09 GMT
content-length
0
access-control-allow-credentials
true
access-control-allow-origin
https://www.theobserver.ca
access-control-allow-methods
POST,PUT,GET,DELETE,PATCH
access-control-allow-headers
content-type,authorization,X-REQUEST-SIGNATURE
access-control-max-age
43200
index.html
c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20210408_1900/ima_html5/ Frame 5522 		20 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20210408_1900/ima_html5/index.html
Requested by
Host: c5x8i7c7.ssl.hwcdn.net
URL: https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20210408_1900/ds_vplayer_detached.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
d26f8222d0adcd1fbad49294831f0fe838927c25701b7df89dde1cc3039f859f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/

Response headers

date
Sat, 04 Dec 2021 03:53:09 GMT
etag
"1617933754"
cache-control
max-age=80555
content-encoding
gzip
content-length
6724
content-type
text/html
last-modified
Fri, 09 Apr 2021 02:02:34 GMT
accept-ranges
bytes
x-hw
1638589989.dop004.tr2.t,1638589989.cds201.tr2.hn,1638589989.cds002.tr2.c
1.gif
i.jsrdn.com/i/ 		42 B
392 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=cl7o&k=ZQl3ZQlhCTU2MzAJZAl1cy1lYXN0LTFlCWgJaS0wYjlkNDZmZmUxNmQ1M2M0Ygl1CTZjMTQxZjA0LTYwOWItNGIwMS1hOTUwLTMwMTU1ZWVjNTg1MAl2CTljZmQzYzhhLTAyZjEtNDJiNi05YjVjLTg3YWE4ZmIyMGFhOAl2bAkyMDIxMTIwNC4wMzAwCXZ0CTIwMjExMjA0LjAzMDAJdnMJMjAyMTA1MDUJdmMJMjAyMTAxMjUJc3QJMjAyMTEyMDQuMDM1MzAzCWkJYWViODE3ODktZGY2ZS00NWNhLTlmMjUtNTU5MzI0MmRlMmYzCWYJaHR0cHM6Ly93d3cudGhlb2JzZXJ2ZXIuY2EvbmV3cy9sb2NhbC1uZXdzL2p1ZGdlLXNlZWtzLXJlaGFiLWNoZWNrCXEJMTdhZmQwYzYtZGNkNy00NWRiLThkNTMtNTcyMmIyMzhjZjkxCW0JMjIzNDIJYgk0MzMJZwk5NDMJdAk1MzIxCWMJNTM3NglsCTE0OTQ1CXoJMTQxNDEJcwk1Nzk2CXAJMjI1MDcJdwluZXdzCWNzCUlBQjEyCWN6CQlnYwlDQQlncglRQwlnZAkwCWduCWZhbHNlCW5lCWltCW5kCWltCXNkCXRoZW9ic2VydmVyLmNhCXNlCTYyNDMxOTcwMDkJbWMJMzA4MQluZglpdglxcAk1MAlxdAkyNTAwCXBuCTM3ODUJdm4JMTQ2MzkxOAl2cAkxCXZnCXByCWNpCTU5Mzc2ZWRkLTZiM2UtNWMwMy02ZTJiLTRiMjY0YmY3NmI2MQljcAlhegl2dgkyMDIxMDQwOF8xOTAwOmFwc19odG1sNTozLjQ5MC4wCXd0CTYzNwl3ZQlbd2VdIGVycm9yOk5vIHZhbGlkIGJpZHMgcmVjZWl2ZWQJYWRUYWcJLy9jLmFtYXpvbi1hZHN5c3RlbS5jb20vZS9kdGIvYmlkP2Fwc1Nsb3RJRD1EZXNrdG9wJnNpZD02MjQzMTk3MDA5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.221.224.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-224-161.compute-1.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Dec 2021 03:53:09 GMT
Server
Apache
P3P
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
Cache-Control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Mon, 26 Jul 1997 05:00:00 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 5522 		374 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: c5x8i7c7.ssl.hwcdn.net
URL: https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20210408_1900/ima_html5/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b630bfefb18b047f36806ca3d09555730a686f944adedef8ef6fabc3751b58f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://c5x8i7c7.ssl.hwcdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:09 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-doubleclick-instream-static
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126291
x-xss-protection
0
expires
Sat, 04 Dec 2021 03:53:09 GMT
minimal.mp4
c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20210408_1900/ima_html5/ Frame 5522 		843 B
965 B 		Media
General
Check archive.org
Download Go to
Full URL
https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20210408_1900/ima_html5/minimal.mp4
Requested by
Host: c5x8i7c7.ssl.hwcdn.net
URL: https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20210408_1900/ima_html5/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
4c81a618f5d53d3380ec72a4c754c3e4fdda31319bb82126f5702f652101ccf6

Request headers

Referer
https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20210408_1900/ima_html5/index.html
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range
bytes=0-

Response headers

date
Sat, 04 Dec 2021 03:53:09 GMT
last-modified
Fri, 09 Apr 2021 02:02:37 GMT
etag
"1617933757"
x-hw
1638589989.dop004.tr2.t,1638589989.cds201.tr2.hn,1638589989.cds213.tr2.c
content-type
video/mp4
Content-Range
bytes 0-842/843
cache-control
max-age=80499
accept-ranges
bytes
Content-Length
843
136.4699927e96ec45f5f859.css
cdn.viafoura.net/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/136.4699927e96ec45f5f859.css
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:c000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a3fe1e47be2347ac812746ba22881223cec2e43cd18ddc42ba10dee63a98f2fc

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 16:44:06 GMT
content-encoding
br
last-modified
Thu, 02 Dec 2021 16:43:49 GMT
server
AmazonS3
age
126544
etag
W/"f4939936fab61ad1acc1ce2e655a9e50"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
hG7_1i.lnaRCAmGIqHDyk97upYZgIG0o
via
1.1 3f65d34f6010e326e59d2f311de6e203.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-replication-status
PENDING
x-amz-cf-pop
EWR53-P1
content-type
text/css; charset=utf-8
x-amz-cf-id
FiTLxl-928jCXrsN976zx3XVaRNsROnC7N_srdsPFiNohn2BjGK9xw==
vendors~content_recirculation_js.449889ff3c0e98150f13.js
cdn.viafoura.net/chunks/ 		139 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vendors~content_recirculation_js.449889ff3c0e98150f13.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:c000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6ead4958834809400e2bcd23b9e0341d31ca8f2da3c4ea46f912ec7b445545c1

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 16:44:20 GMT
via
1.1 3f65d34f6010e326e59d2f311de6e203.cloudfront.net (CloudFront)
age
126530
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
142719
last-modified
Thu, 02 Dec 2021 16:43:40 GMT
server
AmazonS3
etag
"f64370a235cdd7bfa85a86f2a5a73c37"
vary
Accept-Encoding
x-amz-version-id
qbu9oDpV1rIHoCe9zg23XghLgdt6sM4J
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-amz-cf-id
CvvbLNKn-uVhAyKnZeGy_frc0Y26M3zdq4849jBhL9ywEik163BNfw==
34.5f7c10f2c30add74d86a.css
cdn.viafoura.net/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/34.5f7c10f2c30add74d86a.css
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:c000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c9b283aaedb8ff261f92ff44b305ff9c045dd163fb8f5e5e6a71d1d78ffdec90

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 16:44:06 GMT
content-encoding
br
last-modified
Thu, 02 Dec 2021 16:43:48 GMT
server
AmazonS3
age
126544
etag
W/"5fc015d0a60431254384d04892cec358"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
qy0lk59LW6xEAU3fu8tYHiDpxup5P9Py
via
1.1 3f65d34f6010e326e59d2f311de6e203.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-replication-status
PENDING
x-amz-cf-pop
EWR53-P1
content-type
text/css; charset=utf-8
x-amz-cf-id
fBQ56CThUBw8zoXomIPcxhWgNVBaCEXaLnsM_3-isO1fQdH1DC1vDQ==
content_recirculation_js.89fbfeefd8bcf2042c56.js
cdn.viafoura.net/chunks/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/content_recirculation_js.89fbfeefd8bcf2042c56.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:c000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a774a29570383d0816ae0ebdd1d445f8f9c7d222c3ac045024dd2e1dee3b7365

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 16:44:20 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 16:43:43 GMT
server
AmazonS3
age
126530
etag
W/"f470e2dcc0aad8307522e3ad3d3ad5db"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
0lrr3OYT1lNH6z7gKMS3BQoAknknReLX
via
1.1 3f65d34f6010e326e59d2f311de6e203.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-replication-status
COMPLETED
x-amz-cf-pop
EWR53-P1
content-type
application/javascript; charset=utf-8
x-amz-cf-id
-S_iEfHadORJ-NuKNvr3G_n0zn_nPdaYEM4Zum3mB46QjtJLotX2QA==
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.theobserver.ca
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 01:28:42 GMT
x-content-type-options
nosniff
age
95067
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 03 Dec 2022 01:28:42 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.theobserver.ca
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 16:23:56 GMT
x-content-type-options
nosniff
age
300553
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 30 Nov 2022 16:23:56 GMT
bridge3.490.0_en.html
imasdk.googleapis.com/js/core/ Frame C760 		595 KB
193 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
448a333dfdb98768c6308de7aeb073d319ec34bef67636b30fdf97abba0683b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://c5x8i7c7.ssl.hwcdn.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
197951
date
Tue, 30 Nov 2021 23:07:22 GMT
expires
Wed, 30 Nov 2022 23:07:22 GMT
last-modified
Tue, 30 Nov 2021 18:00:51 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
276347
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 5522 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://c5x8i7c7.ssl.hwcdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 04 Dec 2021 03:53:09 GMT
1.gif
i.jsrdn.com/i/ 		42 B
392 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=bggj&k=ZQl3YQlhCTU4MTUJZAl1cy1lYXN0LTFlCWgJaS0wYjlkNDZmZmUxNmQ1M2M0Ygl1CTZjMTQxZjA0LTYwOWItNGIwMS1hOTUwLTMwMTU1ZWVjNTg1MAl2CTljZmQzYzhhLTAyZjEtNDJiNi05YjVjLTg3YWE4ZmIyMGFhOAl2bAkyMDIxMTIwNC4wMzAwCXZ0CTIwMjExMjA0LjAzMDAJdnMJMjAyMTA1MDUJdmMJMjAyMTAxMjUJc3QJMjAyMTEyMDQuMDM1MzAzCWkJYWViODE3ODktZGY2ZS00NWNhLTlmMjUtNTU5MzI0MmRlMmYzCWYJaHR0cHM6Ly93d3cudGhlb2JzZXJ2ZXIuY2EvbmV3cy9sb2NhbC1uZXdzL2p1ZGdlLXNlZWtzLXJlaGFiLWNoZWNrCXEJMTdhZmQwYzYtZGNkNy00NWRiLThkNTMtNTcyMmIyMzhjZjkxCW0JMjIzNDIJYgk0MzMJZwk5NDMJdAk1MzIxCWMJNTM3NglsCTE0OTQ1CXoJMTQxNDEJcwk1Nzk2CXAJMjI1MDcJdwluZXdzCWNzCUlBQjEyCWN6CQlnYwlDQQlncglRQwlnZAkwCWduCWZhbHNlCW5lCWltCW5kCWltCXNkCXRoZW9ic2VydmVyLmNhCXNlCTYyNDMxOTcwMDkJbWMJMzA4MQluZglpdglxcAk1MAlxdAkyNTAwCXBuCTM3ODUJdm4JMTQ2MzkxOAl2cAkxCXZnCXByCWNpCTYxMTYxMjUxLTQzZjMtNTM5Yi1hY2I1LTVlODdlMzY4MWY3MwljcAlyYgl2dgkyMDIxMDQwOF8xOTAwOmltYV9odG1sNTozLjQ5MC4wCXd0CTE4NQlhZFRhZwkvL3ZpZGVvLWFkcy5ydWJpY29ucHJvamVjdC5jb20vdmlkZW8vMTY1NzgvMTM1OTg4LzE0NDAwNDYvMjAxL3Zhc3QueG1sP3RnX2MubGFuZ3VhZ2U9ZW4md2lkdGg9NTY0JmhlaWdodD0zMTcmcnBfc2NoYWluPTEuMCwxIWRpc3Ryb3NjYWxlLmNvbSw2MjQzMTk3MDA5LDEsLCwmdGdfaS5kb21haW49dGhlb2JzZXJ2ZXIuY2EmcmY9aHR0cHMlM0ElMkYlMkZ3d3cudGhlb2JzZXJ2ZXIuY2ElMkZuZXdzJTJGbG9jYWwtbmV3cyUyRmp1ZGdlLXNlZWtzLXJlaGFiLWNoZWNrJnVzX3ByaXZhY3k9JmdkcHI9MCZnZHByX2NvbnNlbnQ9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.221.224.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-224-161.compute-1.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Dec 2021 03:53:09 GMT
Server
Apache
P3P
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
Cache-Control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Mon, 26 Jul 1997 05:00:00 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame D4DD 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://c5x8i7c7.ssl.hwcdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:24:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1734
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 04 Dec 2021 04:24:15 GMT
integrator.js
adservice.google.com/adsid/ Frame 5522 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=c5x8i7c7.ssl.hwcdn.net
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://c5x8i7c7.ssl.hwcdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Dec 2021 03:53:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
vast.xml
video-ads.rubiconproject.com/video/16578/135988/1440046/201/ Frame C760 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video-ads.rubiconproject.com/video/16578/135988/1440046/201/vast.xml?tg_c.language=en&width=564&height=317&rp_schain=1.0,1!distroscale.com,6243197009,1,,,&tg_i.domain=theobserver.ca&rf=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check&us_privacy=&gdpr=0&gdpr_consent=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.28.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-28-180.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) PHP/5.4.16 / PHP/5.4.16
Resource Hash
d09436ab9254f3d92325a8eabfe50f78b7bab4a8c76664341bb6611965683907

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Dec 2021 03:53:09 GMT
Content-Encoding
gzip
Server
Apache/2.4.6 (CentOS) PHP/5.4.16
X-Powered-By
PHP/5.4.16
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type
text/xml
Access-Control-Allow-Origin
https://imasdk.googleapis.com
Cache-Control
public, must-revalidate, max-age=0, s-maxage=600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Accept-Charset,X-Accept,Content-Type
Content-Length
1047
Expires
Sat, 04 Dec 2021 03:53:09 GMT
csi
csi.gstatic.com/ Frame C760 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kwra67iq&c=1965149681003&slotId=982574840501.5&fb=ima_html5-lima&sdkv=h.3.490.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vmfc=1&vhc=0&ghmsh_eids=44725356
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:09 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
loader.js
imasdk.googleapis.com/js/sdkloader/ Frame FC41 		52 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/loader.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
655c7648ff1f548347a176a58c150bcb924837f0d879b9b37c32dd647937b68c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://c5x8i7c7.ssl.hwcdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:48:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
293
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18620
x-xss-protection
0
last-modified
Tue, 30 Nov 2021 18:03:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=900
accept-ranges
bytes
expires
Sat, 04 Dec 2021 04:03:16 GMT
1.gif
i.jsrdn.com/i/ 		42 B
392 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=q24t&k=ZQl3aAlhCTYwOTcJZAl1cy1lYXN0LTFlCWgJaS0wYjlkNDZmZmUxNmQ1M2M0Ygl1CTZjMTQxZjA0LTYwOWItNGIwMS1hOTUwLTMwMTU1ZWVjNTg1MAl2CTljZmQzYzhhLTAyZjEtNDJiNi05YjVjLTg3YWE4ZmIyMGFhOAl2bAkyMDIxMTIwNC4wMzAwCXZ0CTIwMjExMjA0LjAzMDAJdnMJMjAyMTA1MDUJdmMJMjAyMTAxMjUJc3QJMjAyMTEyMDQuMDM1MzAzCWkJYWViODE3ODktZGY2ZS00NWNhLTlmMjUtNTU5MzI0MmRlMmYzCWYJaHR0cHM6Ly93d3cudGhlb2JzZXJ2ZXIuY2EvbmV3cy9sb2NhbC1uZXdzL2p1ZGdlLXNlZWtzLXJlaGFiLWNoZWNrCXEJMTdhZmQwYzYtZGNkNy00NWRiLThkNTMtNTcyMmIyMzhjZjkxCW0JMjIzNDIJYgk0MzMJZwk5NDMJdAk1MzIxCWMJNTM3NglsCTE0OTQ1CXoJMTQxNDEJcwk1Nzk2CXAJMjI1MDcJdwluZXdzCWNzCUlBQjEyCWN6CQlnYwlDQQlncglRQwlnZAkwCWduCWZhbHNlCW5lCWltCW5kCWltCXNkCXRoZW9ic2VydmVyLmNhCXNlCTYyNDMxOTcwMDkJbWMJMzA4MQluZglpdglxcAk1MAlxdAkyNTAwCXBuCTM3ODUJdm4JMTQ2MzkxOAl2cAkxCXZnCXByCWNpCTYxMTYxMjUxLTQzZjMtNTM5Yi1hY2I1LTVlODdlMzY4MWY3MwljcAlyYgl2dgkyMDIxMDQwOF8xOTAwOmltYV9odG1sNTozLjQ5MC4wCXd0CTE4NQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.221.224.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-224-161.compute-1.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Dec 2021 03:53:09 GMT
Server
Apache
P3P
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
Cache-Control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Mon, 26 Jul 1997 05:00:00 GMT
bridge-31042.js
video-ads.rubiconproject.com/video/ Frame FC41 		65 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video-ads.rubiconproject.com/video/bridge-31042.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.28.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-28-180.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash
441190ba2b13013b7493f024e780f07c29817bbc83f6b81d507c406605718711

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://c5x8i7c7.ssl.hwcdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 04 Dec 2021 03:53:09 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Nov 2021 09:48:04 GMT
Server
Apache/2.4.6 (CentOS) PHP/5.4.16
ETag
"103d9-5d185c1183d00-gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type
application/javascript
Access-Control-Allow-Origin
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Accept-Charset,X-Accept,Content-Type
Content-Length
20289
sw.1209-sw-club.jpg
smartcdn.prod.postmedia.digital/nexus/wp-content/uploads/2021/12/ 		93 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.prod.postmedia.digital/nexus/wp-content/uploads/2021/12/sw.1209-sw-club.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.2 -, , ASN (),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e065a3bf6690fb554a205457157528668fd6cd38bca07344beec3380a1c46cf4

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nexus
date
Sat, 04 Dec 2021 00:48:43 GMT
via
1.1 5035c434ac92f0eed9f2b400824fa6e9.cloudfront.net (CloudFront)
server
nginx/1.19.10
age
11066
etag
"8f53d3a69c6d95a34d98415154cb6be37b7c83aa"
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=31536000,public
x-amz-cf-pop
IAD89-P2
x-pmd-smart-cdn-proxy
adcb541fa9c1
content-length
94760
x-amz-cf-id
2o4fC_YWbn-POVFnDYKsnrH17gOjBfoIwe_iAGWMZ_bAp53PCpcb7w==
expires
Sun, 04 Dec 2022 00:48:43 GMT
0910-SW-Bluewater-1.jpg
smartcdn.prod.postmedia.digital/nexus/wp-content/uploads/2021/03/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.prod.postmedia.digital/nexus/wp-content/uploads/2021/03/0910-SW-Bluewater-1.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.2 -, , ASN (),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
423a60f3bf63a8dd41915cf3c83b09cb32ccac117552f8d45e4058e05c42f019

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nexus
date
Mon, 29 Nov 2021 18:36:25 GMT
via
1.1 5035c434ac92f0eed9f2b400824fa6e9.cloudfront.net (CloudFront)
server
nginx/1.19.10
age
379004
etag
"7588fc2ed12d9c5d19fae320d02d9f22fc054d1a"
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=31536000,public
x-amz-cf-pop
IAD89-P2
x-pmd-smart-cdn-proxy
a3ceca77dbb1
content-length
47546
x-amz-cf-id
nHXN6wZk6HhlHinZa24vvjdrjz3SDq0T13jgvK2vvxU2Q0UFi13j6g==
expires
Tue, 29 Nov 2022 18:36:25 GMT
so.1202-so-covid-1.jpg
smartcdn.prod.postmedia.digital/nexus/wp-content/uploads/2021/12/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.prod.postmedia.digital/nexus/wp-content/uploads/2021/12/so.1202-so-covid-1.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.2 -, , ASN (),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
1ce62cbc7831ac1ab07918330912cd442b57e9ee7ac8870d07c1edeacfeae30b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nexus
date
Wed, 01 Dec 2021 21:38:59 GMT
via
1.1 5035c434ac92f0eed9f2b400824fa6e9.cloudfront.net (CloudFront)
server
nginx/1.19.10
age
195250
etag
"74685e44c460cfe641f44907a3b6ea78f9755d41"
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=31536000,public
x-amz-cf-pop
IAD89-P2
x-pmd-smart-cdn-proxy
adcb541fa9c1
content-length
45630
x-amz-cf-id
FkLSh7HzNO2OAPTMDUsNmXODHj_XrQqi1sN9QwSqP4v9_EYrKpL8KA==
expires
Thu, 01 Dec 2022 21:38:59 GMT
1001-so-watson-cropped-e1601491813893.jpg
smartcdn.prod.postmedia.digital/nexus/wp-content/uploads/2021/05/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.prod.postmedia.digital/nexus/wp-content/uploads/2021/05/1001-so-watson-cropped-e1601491813893.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.2 -, , ASN (),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
28c70d7f9642ee779b45d3eccafe0fbbed60a09124758b5940b7622cc2e83611

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nexus
date
Tue, 30 Nov 2021 21:42:37 GMT
via
1.1 5035c434ac92f0eed9f2b400824fa6e9.cloudfront.net (CloudFront)
server
nginx/1.19.10
age
281432
etag
"f5e6108b068460811f544e1ffef2a82a7dede377"
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=31536000,public
x-amz-cf-pop
IAD89-P2
x-pmd-smart-cdn-proxy
ac623d914542
content-length
33142
x-amz-cf-id
WYL4f9MdRDH_iczcyPW1dAhZjzwGB4KASMOkKfumhQrOEOiIO9yAuQ==
expires
Wed, 30 Nov 2022 21:42:37 GMT
so.0120-so-bridge2.jpg
smartcdn.prod.postmedia.digital/nexus/wp-content/uploads/2021/06/ 		99 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.prod.postmedia.digital/nexus/wp-content/uploads/2021/06/so.0120-so-bridge2.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.2 -, , ASN (),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e7b25f4f0930f009e0a0ea07f764ea34b3a5e9ec0ecb95b5660f8c51b09b2c16

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nexus
date
Fri, 03 Dec 2021 03:48:13 GMT
via
1.1 5035c434ac92f0eed9f2b400824fa6e9.cloudfront.net (CloudFront)
server
nginx/1.19.10
age
86696
etag
"1ba4eea748ae6ea54bbc91f544b0ec1fa7176c0f"
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=31536000,public
x-amz-cf-pop
IAD89-P2
x-pmd-smart-cdn-proxy
2ab61d13932b
content-length
100948
x-amz-cf-id
AA9UwqQuqu4v1_9hRYTYvGk10chGs_bI2BhnfeZzcuLmtYJFM6K_EA==
expires
Sat, 03 Dec 2022 03:48:13 GMT
vast.xml
optimized-by.rubiconproject.com/a/api/ Frame FC41 		28 B
893 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?gdpr=0&gdpr_consent=&account_id=16578&site_id=135988&zone_id=1440046&size_id=201&tg_c.language=en&width=564&height=317&rp_schain=1.0,1!distroscale.com,6243197009,1,,,&tg_i.domain=montrealgazette.com&rf=https://montrealgazette.com/business/local-business/aerospace/business-jet-orders-continue-to-outpace-deliveries-bombardier-ceo&p_window.depth=1&p_window.url=https%3A%2F%2Fwww.theobserver.ca%2F&p_window.w=564&p_window.h=317&p_aso.video.ext.ad.w=564&p_aso.video.ext.ad.h=317&p_aso.video.api=2&p_aso.video.mimes=application/javascript,video/mp4&tk_vpaid=1&cb=8360566923296628&rp_secure=1
Requested by
Host: video-ads.rubiconproject.com
URL: https://video-ads.rubiconproject.com/video/bridge-31042.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.204.94 -, , ASN (),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
71a904ba726ae38a8aa08425bae824e9850452b5c41a182bdc526a139ba3a9bc

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://c5x8i7c7.ssl.hwcdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:09 GMT
server
nginx/1.16.0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://c5x8i7c7.ssl.hwcdn.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-type
application/xml
content-length
28
expires
Wed, 17 Sep 1975 21:32:10 GMT
dt
dt.adsafeprotected.com/ Frame B7AB 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=dd5956ee-158c-50e8-af83-2e64ba7508de&tv=%7Bc:vNrPam,pingTime:5,time:5416,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:320%7D,%7Bpiv:0,vs:o,r:l,t:368%7D,%7Bpiv:100,vs:i,r:,t:414%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5002,o:414,n:368,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:320,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B56~1,0~0%5D,as:%5B56~300.250%5D%7D%7D,%7Bsl:o,t:368,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B46~0%5D,as:%5B46~300.250%5D%7D%7D,%7Bsl:i,t:414,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5002~100%5D,as:%5B5002~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:33,fm:sQAQAjM+11%7C12%7C13%7C1411%7C14121%7C14122%7C14123%7C1413%7C1414%7C1415%7C1416%7C1417%7C1418%7C1419%7C15%7C16%7C17%7C18%7C19*.928934%7C191%7C192%7C1a.928934%7C1a1%7C1a2%7C1a3%7C1b1%7C1b2,idMap:19*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.215.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-215-112.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:09 GMT
x-server-name
dt13.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame D15D 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=fad9fe0b-fe1b-8d80-b2a2-7103d9432bfe&tv=%7Bc:vNrPan,pingTime:5,time:5421,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:970,h:250,t:293%7D,%7Bpiv:0,vs:o,r:l,t:364%7D,%7Bpiv:34,vs:pp,r:,t:420%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:420,n:364,pp:5001,pm:0%7D,slEvents:%5B%7Bsl:n,t:292,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B89~1,0~0%5D,as:%5B89~970.250%5D%7D%7D,%7Bsl:o,t:364,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B56~0%5D,as:%5B56~970.250%5D%7D%7D,%7Bsl:pp,t:420,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:34,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~30%5D,as:%5B5001~970.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:31,fm:sQAQAjM+11%7C12%7C13%7C1411%7C14121%7C14122%7C14123%7C1413%7C1414%7C1415%7C1416%7C1417%7C1418%7C1419%7C15%7C16%7C17%7C18%7C19.928934%7C191%7C192%7C1a*.928934%7C1a1%7C1a2%7C1b1%7C1b2,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.215.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-215-112.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:09 GMT
x-server-name
dt14.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
csi
csi.gstatic.com/ Frame C760 		0
0
1.gif
i.jsrdn.com/i/ 		42 B
392 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=sk8o&k=ZQl3ZQlhCTcwNjEJZAl1cy1lYXN0LTFlCWgJaS0wYjlkNDZmZmUxNmQ1M2M0Ygl1CTZjMTQxZjA0LTYwOWItNGIwMS1hOTUwLTMwMTU1ZWVjNTg1MAl2CTljZmQzYzhhLTAyZjEtNDJiNi05YjVjLTg3YWE4ZmIyMGFhOAl2bAkyMDIxMTIwNC4wMzAwCXZ0CTIwMjExMjA0LjAzMDAJdnMJMjAyMTA1MDUJdmMJMjAyMTAxMjUJc3QJMjAyMTEyMDQuMDM1MzAzCWkJYWViODE3ODktZGY2ZS00NWNhLTlmMjUtNTU5MzI0MmRlMmYzCWYJaHR0cHM6Ly93d3cudGhlb2JzZXJ2ZXIuY2EvbmV3cy9sb2NhbC1uZXdzL2p1ZGdlLXNlZWtzLXJlaGFiLWNoZWNrCXEJMTdhZmQwYzYtZGNkNy00NWRiLThkNTMtNTcyMmIyMzhjZjkxCW0JMjIzNDIJYgk0MzMJZwk5NDMJdAk1MzIxCWMJNTM3NglsCTE0OTQ1CXoJMTQxNDEJcwk1Nzk2CXAJMjI1MDcJdwluZXdzCWNzCUlBQjEyCWN6CQlnYwlDQQlncglRQwlnZAkwCWduCWZhbHNlCW5lCWltCW5kCWltCXNkCXRoZW9ic2VydmVyLmNhCXNlCTYyNDMxOTcwMDkJbWMJMzA4MQluZglpdglxcAk1MAlxdAkyNTAwCXBuCTM3ODUJdm4JMTQ2MzkxOAl2cAkxCXZnCXByCWNpCTYxMTYxMjUxLTQzZjMtNTM5Yi1hY2I1LTVlODdlMzY4MWY3MwljcAlyYgl2dgkyMDIxMDQwOF8xOTAwOmltYV9odG1sNTozLjQ5MC4wCXd0CTE4NQl3ZQlbOTAxXSBhZE1hbmFnZXJFcnJvciBzdGFnZTppOkFuIHVuZXhwZWN0ZWQgZXJyb3Igb2NjdXJyZWQgd2l0aGluIHRoZSBWUEFJRCBjcmVhdGl2ZS4gUmVmZXIgdG8gdGhlIGlubmVyIGVycm9yIGZvciBtb3JlIGluZm8uCWFkCSxzeXM6UnViaWNvbixhaWQ6MSx0aXRsZTpWUEFJRCBXcmFwcGVyLGR1cjozMCxhcGlmdzpWUEFJRAlhZFRhZwkvL3ZpZGVvLWFkcy5ydWJpY29ucHJvamVjdC5jb20vdmlkZW8vMTY1NzgvMTM1OTg4LzE0NDAwNDYvMjAxL3Zhc3QueG1sP3RnX2MubGFuZ3VhZ2U9ZW4md2lkdGg9NTY0JmhlaWdodD0zMTcmcnBfc2NoYWluPTEuMCwxIWRpc3Ryb3NjYWxlLmNvbSw2MjQzMTk3MDA5LDEsLCwmdGdfaS5kb21haW49dGhlb2JzZXJ2ZXIuY2EmcmY9aHR0cHMlM0ElMkYlMkZ3d3cudGhlb2JzZXJ2ZXIuY2ElMkZuZXdzJTJGbG9jYWwtbmV3cyUyRmp1ZGdlLXNlZWtzLXJlaGFiLWNoZWNrJnVzX3ByaXZhY3k9JmdkcHI9MCZnZHByX2NvbnNlbnQ9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.221.224.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-224-161.compute-1.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Dec 2021 03:53:10 GMT
Server
Apache
P3P
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
Cache-Control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Mon, 26 Jul 1997 05:00:00 GMT
p
sb.scorecardresearch.com/ 		64 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=22807838&ns_type=hidden&ns_st_sv=5.4.0.161011&ns_st_smv=5.6&ns_st_it=r&ns_st_id=1638589984192&ns_st_ec=2&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=pause&ns_st_po=6253&ns_st_cl=30000&ns_st_mp=js_api&ns_st_mv=5.4.0.161011&ns_st_pn=1&ns_st_tp=0&ns_st_ci=1463918&ns_st_pt=6253&ns_st_dpt=6253&ns_st_ipt=6253&ns_st_et=6253&ns_st_det=6253&ns_st_upc=6253&ns_st_dupc=6253&ns_st_iupc=6253&ns_st_upa=6253&ns_st_dupa=6253&ns_st_iupa=6253&ns_st_lpc=6253&ns_st_dlpc=6253&ns_st_lpa=6253&ns_st_dlpa=6253&ns_st_pa=6253&ns_ts=1638589990446&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=1&ns_st_dpc=1&ns_st_pp=1&ns_st_br=0&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc11&ns_st_ge=*null&ns_st_st=*null&ns_st_ce=*null&ns_st_ia=*null&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=distroscale&c3=news&c4=*null&c6=*null&c7=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check&c8=Judge%20seeks%20rehab%20check%20%7C%20The%20Sarnia%20Observer&c9=&distroscale_guid=c_5321_5796_aeb81789-df6e-45ca-9f25-5593242de2f3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-28.ewr53.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:10 GMT
via
1.1 6a2d00c5c73022efc4bc2786f44b3cdc.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-P1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
I3OxJU044YQmNEBEpQlajXLCyjmwwLoHBRZNVu8HZgnSwnFBKN9H6Q==
p
sb.scorecardresearch.com/ 		64 B
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=22807838&ns_type=hidden&ns_st_sv=5.4.0.161011&ns_st_smv=5.6&ns_st_it=r&ns_st_id=1638589984192&ns_st_ec=3&ns_st_sp=1&ns_st_sc=1&ns_st_psq=2&ns_st_asq=2&ns_st_sq=2&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=6253&ns_st_cl=30000&ns_st_mp=js_api&ns_st_mv=5.4.0.161011&ns_st_pn=1&ns_st_tp=0&ns_st_ci=1463918&ns_st_pt=6253&ns_st_dpt=0&ns_st_ipt=0&ns_st_et=6254&ns_st_det=1&ns_st_upc=6253&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=6253&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=6253&ns_st_dlpc=0&ns_st_lpa=6253&ns_st_dlpa=0&ns_st_pa=6253&ns_ts=1638589990447&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=1&ns_st_dpc=0&ns_st_pp=1&ns_st_br=0&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc11&ns_st_ge=*null&ns_st_st=*null&ns_st_ce=*null&ns_st_ia=*null&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=distroscale&c3=news&c4=*null&c6=*null&c7=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check&c8=Judge%20seeks%20rehab%20check%20%7C%20The%20Sarnia%20Observer&c9=&distroscale_guid=c_5321_5796_aeb81789-df6e-45ca-9f25-5593242de2f3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-28.ewr53.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:10 GMT
via
1.1 6a2d00c5c73022efc4bc2786f44b3cdc.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-P1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
2LH8DfRTHMqAbYQUmKRj-1RNLTf4i4MVYyuJLtm77Fbw4OwfNtJRXg==
pixel;r=1882910463;labels=cm.content;event=refresh;rf=0;a=p-w9vzu-sGKCA0U;url=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check;uht=2;fpan=0;fpa=P0-1259657904-163858998...
pixel.quantserve.com/ 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1882910463;labels=cm.content;event=refresh;rf=0;a=p-w9vzu-sGKCA0U;url=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check;uht=2;fpan=0;fpa=P0-1259657904-1638589983713;pbc=;ns=0;ce=1;qjs=1;qv=92a3679b-20211110211611;cm=;gdpr=0;ref=;d=theobserver.ca;je=0;sr=1600x1200x24;dst=0;et=1638589990451;tzo=0;ogl=site_name.theobserver%2Ctype.article%2Ctitle.Judge%20seeks%20rehab%20check%2Cimage.https%3A%2F%2Fnexus%252Eprod%252Epostmedia%252Edigital%2Fwp-content%2Fuploads%2F2018%2F08%2F1297679496675_OR%2Cimage%3Awidth.433%2Cimage%3Aheight.650
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:2d66:77a6:9085:a5fa , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:10 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
attention-event
sr.studiostack.com/track/ 		0
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sr.studiostack.com/track/attention-event
Requested by
Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.49.104.19 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theobserver.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sat, 04 Dec 2021 03:53:12 GMT
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin
*
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
0
request-context
appId=cid-v1:c374023b-8354-459d-b51b-039919730c2c
attention-event
sr.studiostack.com/track/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sr.studiostack.com/track/attention-event
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.49.104.19 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.theobserver.ca
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Allow
POST
Content-Length
4
Content-Type
text/html; charset=utf-8
Expires
0
ETag
W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
request-context
appId=cid-v1:c374023b-8354-459d-b51b-039919730c2c
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD, PUT
Date
Sat, 04 Dec 2021 03:53:12 GMT
vendors~chat_js~comments_js~liveblog_js.4bbfed244948437c6708.js
cdn.viafoura.net/chunks/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vendors~chat_js~comments_js~liveblog_js.4bbfed244948437c6708.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:c000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4a3f41a1a3c2493b17f54da39d63d0ceed277bc0c9d0bdc392d18b8c26452614

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 16:44:16 GMT
content-encoding
br
last-modified
Thu, 02 Dec 2021 16:43:38 GMT
server
AmazonS3
age
126538
etag
W/"c55460950ed14148e64f4d53baff20b3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
KATwXIl3Fk95tE.KUD4UOABWgWtpEG5_
via
1.1 3f65d34f6010e326e59d2f311de6e203.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-replication-status
COMPLETED
x-amz-cf-pop
EWR53-P1
content-type
application/javascript; charset=utf-8
x-amz-cf-id
bpiYZHeLw2xc_V5PL3MoKaVOqGjzrAdcDC5Ep2ja_NwUf25oDTl7aA==
00000000-0000-4000-8000-675209adf16b
livecomments.viafoura.co/v4/livecomments/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-675209adf16b?limit=5&container_id=0da4e23b-a39c-4158-b12d-572347c6e2aa&reply_limit=0&sorted_by=newest
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.17.45.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-45-48.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.theobserver.ca
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sat, 04 Dec 2021 03:53:13 GMT
content-length
0
access-control-allow-credentials
true
access-control-allow-origin
https://www.theobserver.ca
access-control-allow-methods
POST,PUT,GET,DELETE,PATCH
access-control-allow-headers
content-type,authorization,X-REQUEST-SIGNATURE
access-control-max-age
43200
vendors~comments_js~liveblog_js.6b9393414ccb3233d3e3.js
cdn.viafoura.net/chunks/ 		251 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vendors~comments_js~liveblog_js.6b9393414ccb3233d3e3.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:c000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0c9f058353e51ee746b2e129659fef78300d1f86a4ad54eeb5b65653d2f68215

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 16:44:16 GMT
content-encoding
br
last-modified
Thu, 02 Dec 2021 16:43:41 GMT
server
AmazonS3
age
126538
etag
W/"610a9f36cadb26e42aa0feedead752aa"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
4s7LTqkAhFShvCBCs8GFPljHm0SyMOMb
via
1.1 3f65d34f6010e326e59d2f311de6e203.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-replication-status
COMPLETED
x-amz-cf-pop
EWR53-P1
content-type
application/javascript; charset=utf-8
x-amz-cf-id
yWtDnTPVy0G1Vv22b7A585tXNRhUeL752zFctcdRk8siaKH8qYYmTA==
4.02baa30de605399861a3.css
cdn.viafoura.net/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/4.02baa30de605399861a3.css
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:c000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
be9a51815a4c32f35f64b1e707d53beb414d99ffe0ecc534b9a6a188a09fcbe6

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 16:44:03 GMT
content-encoding
br
last-modified
Thu, 02 Dec 2021 16:43:46 GMT
server
AmazonS3
age
126551
etag
W/"bc9d6d37618dcbda0174ba47f776fa4a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
zFjmqROQxKaqGXj7ul8gdwHDTuq.jBgW
via
1.1 3f65d34f6010e326e59d2f311de6e203.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-replication-status
PENDING
x-amz-cf-pop
EWR53-P1
content-type
text/css; charset=utf-8
x-amz-cf-id
LCF6pspE8ZjYMSP8UA_wexaMu_OvpkYpcgLF6gHSH6jc3l0hpPqtvw==
default~chat_js~comments_js~liveblog_js.a1638665550fd6f748d9.js
cdn.viafoura.net/chunks/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/default~chat_js~comments_js~liveblog_js.a1638665550fd6f748d9.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:c000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eeb62f156bfb914c07db1348ae2ea462277a738d143561d3875da7d71a50b34a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 16:44:16 GMT
content-encoding
br
last-modified
Thu, 02 Dec 2021 16:43:40 GMT
server
AmazonS3
age
126538
etag
W/"876d27587b5104ebdcc24cb5e6a23601"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
Rxyeia654CcKvz4BZgp3iMffasiUBIb1
via
1.1 3f65d34f6010e326e59d2f311de6e203.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-replication-status
COMPLETED
x-amz-cf-pop
EWR53-P1
content-type
application/javascript; charset=utf-8
x-amz-cf-id
vTn_leHHVmmoLD60YA1_yB0vVINNdXuRWnrWH3y4FY2cWApuWxNyZQ==
31.d3d6e34e29ec85a4f21e.css
cdn.viafoura.net/ 		68 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/31.d3d6e34e29ec85a4f21e.css
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:c000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a4d0662bb73d6ea37688b2fc9807fcbf173ceb2b2a634fcdcb6bffec8fa30399

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 16:44:03 GMT
content-encoding
br
last-modified
Thu, 02 Dec 2021 16:43:49 GMT
server
AmazonS3
age
126551
etag
W/"53761d663f88158ea119beb25009116f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
uVRxswm4lQ5aUNONNzvW.g6OskoEhLCC
via
1.1 3f65d34f6010e326e59d2f311de6e203.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-replication-status
PENDING
x-amz-cf-pop
EWR53-P1
content-type
text/css; charset=utf-8
x-amz-cf-id
kZoMljh69HphvS3qmWS2G9MpBWQyCoCvIrVxQsoeJm80JQNBPEZ6Ow==
comments_js.88c02fd9c7c66b1380b2.js
cdn.viafoura.net/chunks/ 		225 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/comments_js.88c02fd9c7c66b1380b2.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:c000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5e4cc6951fc687e9db04308c01a73695f4556f2f5fe6c97aa56bab037e4e1e76

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 16:44:16 GMT
content-encoding
br
last-modified
Thu, 02 Dec 2021 16:43:39 GMT
server
AmazonS3
age
126538
etag
W/"317a90673d00cfbd6240ed4fc7d01100"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
hpa3RRdKUIBu0UXKxYqYqd2i6BNzwl6g
via
1.1 3f65d34f6010e326e59d2f311de6e203.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-replication-status
COMPLETED
x-amz-cf-pop
EWR53-P1
content-type
application/javascript; charset=utf-8
x-amz-cf-id
N-YEzH7zKDYLQsZ4E9VvF07xs63LqelAqvdEg7fMHg5s6vTJTyYT2g==
livecomments-module-js.ec246534003828aabd7a.js
cdn.viafoura.net/chunks/vuex_store/ 		30 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vuex_store/livecomments-module-js.ec246534003828aabd7a.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:c000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a6dba6a0da4d240371a99e4595e2184da556fefd2132a7009a8265025cae136a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 16:44:16 GMT
content-encoding
br
last-modified
Thu, 02 Dec 2021 16:43:35 GMT
server
AmazonS3
age
126538
etag
W/"30714be28ce7fcf85b4a9eef1ed77ee6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
j3xiKOouAYwMOeqCUDI7GeqmBkrZGob7
via
1.1 3f65d34f6010e326e59d2f311de6e203.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-replication-status
COMPLETED
x-amz-cf-pop
EWR53-P1
content-type
application/javascript; charset=utf-8
x-amz-cf-id
3t3CUDsX3L6xXit8byk98EV4rXHypxJRnMA3A-ge5obBzuijGK8JsQ==
content_container-module-js.26d7730211a673761a4c.js
cdn.viafoura.net/chunks/vuex_store/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vuex_store/content_container-module-js.26d7730211a673761a4c.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:c000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
07146c04133981ff3c7c1abbb80b08addc9ac8d4b3c9aaa4b8baf212d05b0976

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 16:44:06 GMT
content-encoding
br
last-modified
Thu, 02 Dec 2021 16:43:34 GMT
server
AmazonS3
age
126548
etag
W/"b9e4e3417fea6b7e173e102930b28ba2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
A2VOt_sfjWiujbZQQhouY1TYho8J0kaO
via
1.1 3f65d34f6010e326e59d2f311de6e203.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-replication-status
COMPLETED
x-amz-cf-pop
EWR53-P1
content-type
application/javascript; charset=utf-8
x-amz-cf-id
AzQYoHcLa2zbyEAO5mRS4OkIzpUMDyBu3-91OQQMqoxv5SU4idUXqw==
threads-module-js.7e006d87811ac87440d8.js
cdn.viafoura.net/chunks/vuex_store/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vuex_store/threads-module-js.7e006d87811ac87440d8.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:c000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
35966943f63f35ccf9155c554b3f790dc00a0f0fd85cee57110250ee821b7f85

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 16:44:16 GMT
content-encoding
br
last-modified
Thu, 02 Dec 2021 16:43:35 GMT
server
AmazonS3
age
126538
etag
W/"91256f07436cd12fcd72b707bd75ed8c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
fxIQYIyVeGaQzSLrCLUPh.AnTTcqIeqk
via
1.1 3f65d34f6010e326e59d2f311de6e203.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-replication-status
COMPLETED
x-amz-cf-pop
EWR53-P1
content-type
application/javascript; charset=utf-8
x-amz-cf-id
AnuVzPkuH3fGb5Dt3aYfRuRvyhAa8BL42fNHqPZ6oylmIwKIW87q9Q==
interaction-module-js.dae8dd9bcc860ca650e6.js
cdn.viafoura.net/chunks/vuex_store/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vuex_store/interaction-module-js.dae8dd9bcc860ca650e6.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:c000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eb9df1e86fe03e3ad65563beeb79841bc3ad8789cee27fba8f060c3c981cb478

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 16:44:16 GMT
content-encoding
br
last-modified
Thu, 02 Dec 2021 16:43:34 GMT
server
AmazonS3
age
126538
etag
W/"600f188e27bad5740ddd7028ceb0c30d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
SLcQ96k23fRWOJbZIdxzOswrE0zIiJmq
via
1.1 3f65d34f6010e326e59d2f311de6e203.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-replication-status
COMPLETED
x-amz-cf-pop
EWR53-P1
content-type
application/javascript; charset=utf-8
x-amz-cf-id
6NaEYNQ9VJyRAD58UL5GQF7C0K0PvmaVtb-2ofAgTnmnDAKeDUd7zQ==
00000000-0000-4000-8000-675209adf16b
livecomments.viafoura.co/v4/livecomments/ 		906 B
514 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-675209adf16b?limit=5&container_id=0da4e23b-a39c-4158-b12d-572347c6e2aa&reply_limit=0&sorted_by=newest
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.17.45.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-45-48.compute-1.amazonaws.com
Software
/
Resource Hash
7e8d9ec13ca7bc365fd81144451266061f2d9b6f600aa46c0aadd257a051c4f2

Request headers

Accept
application/json
Referer
https://www.theobserver.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json;charset=utf-8

Response headers

access-control-allow-origin
https://www.theobserver.ca
date
Sat, 04 Dec 2021 03:53:14 GMT
content-encoding
gzip
access-control-allow-credentials
true
content-length
358
content-type
application/json
ingest
i.viafoura.co/v3/www.theobserver.ca/ 		67 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.viafoura.co/v3/www.theobserver.ca/ingest?t=%7B%22view%22%3A%7B%22domain%22%3A%22www.theobserver.ca%22%2C%22siteUuid%22%3A%2200000000-0000-4000-8000-675209adf16b%22%2C%22pageViews%22%3A1%2C%22outgoing%22%3A10%2C%22sessionStart%22%3A1638589984%2C%22isRecirculation%22%3Afalse%2C%22referrerStart%22%3A1638589984%2C%22refVisitCount%22%3A1%2C%22ref%22%3A%7B%22medium%22%3A%22direct%22%2C%22source%22%3A%22%22%2C%22sharer_uuid%22%3A%22%22%2C%22terms%22%3A%22%22%7D%2C%22uniqueId%22%3A%22c7184620-2b24-4fd0-a35e-b99b33971f5f%22%2C%22firstVisit%22%3A1638589984%2C%22previousVisit%22%3A1638589984%2C%22currentVisit%22%3A1638589984%2C%22visitCount%22%3A1%7D%2C%22meta%22%3A%7B%22domain%22%3A%22www.theobserver.ca%22%2C%22site%22%3A%2200000000-0000-4000-8000-675209adf16b%22%2C%22section%22%3A%2200000000-0000-4000-8000-675209adf16b%22%2C%22pageImage%22%3A%22https%3A%2F%2Fnexus.prod.postmedia.digital%2Fwp-content%2Fuploads%2F2018%2F08%2F1297679496675_ORIGINAL.jpg%22%2C%22ref%22%3A%7B%7D%2C%22vf%22%3Afalse%2C%22url%22%3A%22https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check%22%2C%22path%22%3A%22%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check%22%2C%22title%22%3A%22Judge%20seeks%20rehab%20check%22%2C%22privilege%22%3A%22guest%22%2C%22page_type%22%3A%22article%22%2C%22page_description%22%3A%22Troubled%20that%20a%20methamphetamine%20addict%20will%20not%20follow%20through%20on%20a%20rehabilitation%20plan%20a%20Sarnia%20judge%20required%20a%20woman%20to%20return%20for%20a%20progress%20report.%22%2C%22topics%22%3A%5B%5D%2C%22git%22%3A%226509c207d1279146795bf8480722a57237b60386%22%2C%22amp%22%3Afalse%2C%22thirdparty_enabled%22%3Atrue%2C%22container_id%22%3A%220da4e23b-a39c-4158-b12d-572347c6e2aa%22%7D%2C%22ua%22%3A%7B%22nl%22%3A%22en-US%22%2C%22nu%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.45%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%2C%22sd%22%3A24%2C%22vp%22%3A%221600x1200%22%2C%22dt%22%3A%22Judge%20seeks%20rehab%20check%20%7C%20The%20Sarnia%20Observer%22%2C%22de%22%3A%22UTF-8%22%2C%22dl%22%3A%22en-CA%22%7D%2C%22rq%22%3A%22bec4c686-9386-42fa-8ba8-27506f6fb029%22%2C%22rs%22%3A0%2C%22w%22%3A%5B%22vf-content-recirculation%22%2C%22vf-conversations%22%2C%22vf-tray-trigger%22%2C%22vf-tray%22%5D%2C%22content_container_uuid%22%3A%22f6e078e8-b6fd-4dea-9e6d-e23a81172681%22%2C%22content_container_type%22%3A%22comments%22%2C%22widget_type%22%3A%22vf-conversations%22%2C%22v%22%3A1%2C%22event_type%22%3A%22analytics.container.load%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.17.45.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-45-48.compute-1.amazonaws.com
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:14 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/png
content-length
67
expires
Fri, 01 Jan 1990 00:00:00 GMT
comments
livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-675209adf16b/f6e078e8-b6fd-4dea-9e6d-e23a81172681/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-675209adf16b/f6e078e8-b6fd-4dea-9e6d-e23a81172681/comments?limit=5&reply_limit=0&sorted_by=newest&filtered_by=is_picked
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.17.45.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-45-48.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.theobserver.ca
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sat, 04 Dec 2021 03:53:14 GMT
content-length
0
access-control-allow-credentials
true
access-control-allow-origin
https://www.theobserver.ca
access-control-allow-methods
POST,PUT,GET,DELETE,PATCH
access-control-allow-headers
content-type,authorization,X-REQUEST-SIGNATURE
access-control-max-age
43200
comments
livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-675209adf16b/f6e078e8-b6fd-4dea-9e6d-e23a81172681/ 		38 B
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-675209adf16b/f6e078e8-b6fd-4dea-9e6d-e23a81172681/comments?limit=5&reply_limit=0&sorted_by=newest&filtered_by=is_picked
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.17.45.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-45-48.compute-1.amazonaws.com
Software
/
Resource Hash
accb30e351050abbd11d2f4211022c2118844bae7889c1ff506b27c29bc374e5

Request headers

Accept
application/json
Referer
https://www.theobserver.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json;charset=utf-8

Response headers

access-control-allow-origin
https://www.theobserver.ca
date
Sat, 04 Dec 2021 03:53:14 GMT
content-encoding
gzip
access-control-allow-credentials
true
content-length
64
content-type
application/json
loaded
interaction.viafoura.co/v4/interaction/00000000-0000-4000-8000-675209adf16b/indicator/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://interaction.viafoura.co/v4/interaction/00000000-0000-4000-8000-675209adf16b/indicator/loaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.17.45.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-45-48.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.theobserver.ca
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sat, 04 Dec 2021 03:53:14 GMT
content-length
0
access-control-allow-credentials
true
access-control-allow-origin
https://www.theobserver.ca
access-control-allow-methods
GET,POST,DELETE,PUT,PATCH
access-control-allow-headers
authorization,X-REQUEST-SIGNATURE,content-type
access-control-max-age
43200
defaultavatar.28fea6b8b2b5fdb61025943a5aac4c45.png
cdn.viafoura.net/assets/ 		676 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.viafoura.net/assets/defaultavatar.28fea6b8b2b5fdb61025943a5aac4c45.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:c000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e29a5291812a4e579ffa44abe6fe64763dc17fa2104fdc064e410f75f8dee8e0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 16:44:02 GMT
via
1.1 3f65d34f6010e326e59d2f311de6e203.cloudfront.net (CloudFront)
last-modified
Thu, 02 Dec 2021 16:43:24 GMT
server
AmazonS3
age
126553
etag
"28fea6b8b2b5fdb61025943a5aac4c45"
x-cache
Hit from cloudfront
x-amz-version-id
HWEuOEujvx.tCpAifQPu37f8KyjLJMb.
cache-control
max-age=31536000
x-amz-replication-status
COMPLETED
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-type
image/png
content-length
676
x-amz-cf-id
uKmoq21nROQC8tc-rAl6VVCD6FirQuqh8DCalI5XznXUlKuBVTcpqg==
loaded
interaction.viafoura.co/v4/interaction/00000000-0000-4000-8000-675209adf16b/indicator/ 		0
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://interaction.viafoura.co/v4/interaction/00000000-0000-4000-8000-675209adf16b/indicator/loaded
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.17.45.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-45-48.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://www.theobserver.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

access-control-allow-origin
https://www.theobserver.ca
date
Sat, 04 Dec 2021 03:53:14 GMT
access-control-allow-credentials
true
content-length
0
content-type
application/json; charset=utf-8
p
sb.scorecardresearch.com/ 		64 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=22807838&ns_type=hidden&ns_st_sv=5.4.0.161011&ns_st_smv=5.6&ns_st_it=r&ns_st_id=1638589984192&ns_st_ec=4&ns_st_sp=1&ns_st_sc=1&ns_st_psq=2&ns_st_asq=2&ns_st_sq=2&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=hb&ns_st_po=10000&ns_st_cl=30000&ns_st_hc=1&ns_st_mp=js_api&ns_st_mv=5.4.0.161011&ns_st_pn=1&ns_st_tp=0&ns_st_ci=1463918&ns_st_pt=10000&ns_st_dpt=3747&ns_st_ipt=3747&ns_st_et=10001&ns_st_det=3747&ns_st_upc=10000&ns_st_dupc=3747&ns_st_iupc=3747&ns_st_upa=10000&ns_st_dupa=3747&ns_st_iupa=3747&ns_st_lpc=10000&ns_st_dlpc=3747&ns_st_lpa=10000&ns_st_dlpa=3747&ns_st_pa=10000&ns_ts=1638589994194&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=1&ns_st_dpc=0&ns_st_pp=1&ns_st_br=0&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc11&ns_st_ge=*null&ns_st_st=*null&ns_st_ce=*null&ns_st_ia=*null&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=distroscale&c3=news&c4=*null&c6=*null&c7=https%3A%2F%2Fwww.theobserver.ca%2Fnews%2Flocal-news%2Fjudge-seeks-rehab-check&c8=Judge%20seeks%20rehab%20check%20%7C%20The%20Sarnia%20Observer&c9=&distroscale_guid=c_5321_5796_aeb81789-df6e-45ca-9f25-5593242de2f3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-28.ewr53.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theobserver.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 03:53:14 GMT
via
1.1 6a2d00c5c73022efc4bc2786f44b3cdc.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-P1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
wQbD1a5OwpNlwiaiLvtoOjGF7pIAhZSnF35CRDprPt1RE1WmZGsDGA==
dc_oe=ChMIlaHYr5_J9AIVm1sNCh1Y3wTiEAAYACDHjdJN;met=1;&timestamp=1638589995186;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 167B 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIlaHYr5_J9AIVm1sNCh1Y3wTiEAAYACDHjdJN;met=1;&timestamp=1638589995186;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.194 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 03:53:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attention-event
sr.studiostack.com/track/ 		0
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sr.studiostack.com/track/attention-event
Requested by
Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.49.104.19 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theobserver.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sat, 04 Dec 2021 03:53:17 GMT
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin
*
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
0
request-context
appId=cid-v1:c374023b-8354-459d-b51b-039919730c2c
attention-event
sr.studiostack.com/track/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sr.studiostack.com/track/attention-event
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.49.104.19 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.theobserver.ca
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Allow
POST
Content-Length
4
Content-Type
text/html; charset=utf-8
Expires
0
ETag
W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
request-context
appId=cid-v1:c374023b-8354-459d-b51b-039919730c2c
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD, PUT
Date
Sat, 04 Dec 2021 03:53:17 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tps607.doubleverify.com
URL
https://tps607.doubleverify.com/bsevent.gif?impid=9ee560fd44174bbba9951c5653b9137f&dvp_innovidImp=1&cbust=1638589986746198
Domain
tps607.doubleverify.com
URL
https://tps607.doubleverify.com/bsevent.gif?impid=9ee560fd44174bbba9951c5653b9137f&dvp_r8=1638589986746&cbust=1638589986746476
Domain
tps607.doubleverify.com
URL
https://tps607.doubleverify.com/bsevent.gif?impid=9ee560fd44174bbba9951c5653b9137f&vfdur=121&cbust=1638589986747292
Domain
vtrk.doubleverify.com
URL
https://vtrk.doubleverify.com/?v=1&t=event&tid=ZW-12000000&cid=e0f73906-3b47-4e5d-a882-51bcf32572a2&ec=vpaid&ea=dv-res-block&cd100=normal&cd101=vast&cd102=src&cd103=https%3A%2F%2Fgcdn.2mdn.net%2Fvideoplayback%2Fid%2F66199ea1b96022d7%2Fitag%2F18%2Fsource%2Fdoubleclick_dmm%2Fctier%2FL%2Facao%2Fyes%2Fip%2F0.0.0.0%2Fipbits%2F0%2Fexpire%2F3781005170%2Fsparams%2Fid%2Citag%2Csource%2Cctier%2Cacao%2Cip%2Cipbits%2Cexpire%2Fsignature%2F2F134F6F9F7F7E58D2964C57D622DA9DEAC330C5.111A27796E067BCBDF71D14E51A0A3620E87647%2Fkey%2Fck2%2Ffile%2Ffile.mp4&cd104=video%2Fmp4&cd105=vpaid-transformer%400.21.11%2Bjs&cd107=complete&cd111=inline&cd112=unwrapped&cd117=2&cd137=YNNY&cd138=1&cd139=1&cd140=NNNNN&cd170=166&cd171=c5x8i7c7.ssl.hwcdn.net&cd182=vpaid-transformer%400.21.11&cd188=fra1&cd189=droplet&cd190=16604586&cd191=26735762&cd192=4450143&cd193=319372882&cd195=1&cd196=3&cd197=decision&cm100=564&cm101=317&cm104=-2&cm105=640&cm106=360&cm107=404&cm108=-1&cm109=10240&cm110=296&cm111=35&cm112=564&cm113=317&cm114=1&cm115=30&cm116=9&cm117=13&cm119=14&cm120=298&cm167=15&cm180=2&cm181=2&z=16385899867483478678
Domain
tps607.doubleverify.com
URL
https://tps607.doubleverify.com/bsevent.gif?impid=9ee560fd44174bbba9951c5653b9137f&dvp_r9=1638589986750&cbust=1638589986750469
Domain
tps607.doubleverify.com
URL
https://tps607.doubleverify.com/bsevent.gif?impid=9ee560fd44174bbba9951c5653b9137f&bres=1&breason=28&dvp_blkDecUsed=true&dvp_cStartTS=1638589986464&dvp_cEndTS=1638589986465&dvp_dReceivedTS=1638589986746&dvp_wasAdPlayed=false&cbust=1638589986750451
Domain
vtrk.doubleverify.com
URL
https://vtrk.doubleverify.com/?v=1&t=event&tid=ZW-12000000&cid=e0f73906-3b47-4e5d-a882-51bcf32572a2&ec=vpaid&ea=timing&cd91=dvbs-verify&cd100=normal&cd101=vast&cd102=src&cd103=https%3A%2F%2Fgcdn.2mdn.net%2Fvideoplayback%2Fid%2F66199ea1b96022d7%2Fitag%2F18%2Fsource%2Fdoubleclick_dmm%2Fctier%2FL%2Facao%2Fyes%2Fip%2F0.0.0.0%2Fipbits%2F0%2Fexpire%2F3781005170%2Fsparams%2Fid%2Citag%2Csource%2Cctier%2Cacao%2Cip%2Cipbits%2Cexpire%2Fsignature%2F2F134F6F9F7F7E58D2964C57D622DA9DEAC330C5.111A27796E067BCBDF71D14E51A0A3620E87647%2Fkey%2Fck2%2Ffile%2Ffile.mp4&cd104=video%2Fmp4&cd105=vpaid-transformer%400.21.11%2Bjs&cd107=complete&cd111=inline&cd112=unwrapped&cd117=2&cd137=YNNY&cd138=1&cd139=1&cd140=NNNNN&cd170=166&cd171=c5x8i7c7.ssl.hwcdn.net&cd182=vpaid-transformer%400.21.11&cd188=fra1&cd189=droplet&cd190=16604586&cd191=26735762&cd192=4450143&cd193=319372882&cd195=1&cd196=3&cm91=0&cm92=0&cm94=496&cm95=496&cm100=564&cm101=317&cm104=-2&cm105=640&cm106=360&cm107=404&cm108=-1&cm109=10240&cm110=299&cm111=3&cm112=564&cm113=317&cm114=1&cm115=30&cm116=9&cm117=13&cm119=14&cm120=298&cm167=15&cm180=2&cm181=2&z=16385899867517185201
Domain
vtrk.doubleverify.com
URL
https://vtrk.doubleverify.com/?v=1&t=event&tid=ZW-12000000&cid=e0f73906-3b47-4e5d-a882-51bcf32572a2&ec=vpaid&ea=AdError&cd100=normal&cd101=vast&cd102=src&cd103=https%3A%2F%2Fgcdn.2mdn.net%2Fvideoplayback%2Fid%2F66199ea1b96022d7%2Fitag%2F18%2Fsource%2Fdoubleclick_dmm%2Fctier%2FL%2Facao%2Fyes%2Fip%2F0.0.0.0%2Fipbits%2F0%2Fexpire%2F3781005170%2Fsparams%2Fid%2Citag%2Csource%2Cctier%2Cacao%2Cip%2Cipbits%2Cexpire%2Fsignature%2F2F134F6F9F7F7E58D2964C57D622DA9DEAC330C5.111A27796E067BCBDF71D14E51A0A3620E87647%2Fkey%2Fck2%2Ffile%2Ffile.mp4&cd104=video%2Fmp4&cd105=vpaid-transformer%400.21.11%2Bjs&cd107=complete&cd110=Ad%20blocked&cd111=inline&cd112=unwrapped&cd117=2&cd137=YNNY&cd138=1&cd139=1&cd140=NNNNN&cd170=166&cd171=c5x8i7c7.ssl.hwcdn.net&cd182=vpaid-transformer%400.21.11&cd188=fra1&cd189=droplet&cd190=16604586&cd191=26735762&cd192=4450143&cd193=319372882&cd195=1&cd196=3&cm100=564&cm101=317&cm104=-2&cm105=640&cm106=360&cm107=404&cm108=-1&cm109=10240&cm110=300&cm111=1&cm112=564&cm113=317&cm114=1&cm115=30&cm116=9&cm117=13&cm119=14&cm120=298&cm167=15&cm180=2&cm181=2&z=16385899867527895631
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C5VVpIeaqYZOICJiIjAalu6CwBqrus79m34usofcOm8eys8AiEAEg0JWkF2D96KKB8APIAQWpAgjmwTgoIKo-qAMByAMTmAQAqgSVAk_QPlSbrplREq3n1rKu2xOBOOHDKqP7VUSQ31Qet9jt50OmEbR8HkAJSTAlA1vHaj_J7mUDoXfHjbHwcOJMJAJrxXEFHDSGHcipDRkauF5r8yykrtotw9F9WUvzSKC_AqTxDLUxKtszrV4Qa1oz6zEkrVkcWYgUyYNyNA1bS2hsI5soTSKLPakjIVbshQkYtJaSn43GqzBthmW2Ea0O-Fi4zmnodIYDBsdOt6f1SbfKs6QfqcGnaUIAQn9l36B-H6fMCQUAs1S77KEjpVkf1ZkakhbeKlNr8ZofmeZoonAuWQBCjSo7Uum1ViY-2wEhYhNwaPmMlcWKavnmOQNchCRNkGUOp_pYqL3f5ZgfufRUQdwGuo7ABJm_vObaA-AEA5AGAaAGToAH1fuk_wKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBsBOO8Z4N0BMA2BMDiBQB2BQB0BUBgBcB&sigh=r8lmSlwdgzs&label=videoplayfailed901&acvw=&sdkv=h.3.490.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1NjEwMTI4ODc3NDBA9gMKOQgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MTIyMjg5OTkyCTE2MTIwNDg4MUDRAQpeCAESFXZhc3QuZG91YmxldmVyaWZ5LmNvbRoDRENNIAQqCTUxMjIyODk5OTIJMTYxMjA0ODgxQJMDUiMQBCUAAHBBKAE6CzE2MTIwNDg4MS0xQgRHRENNSIEEUABgARgB
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=notify&exchange=adx&creative_id=391981077&creative_type=78&usl_id=27092704529&errorcode=901&asseturi=-1&ord=42471053&offset=[CONTENTPLAYHEAD]&d=APEucNVZUoKDz2cpja0M_NbaUYIfmnhNrn0eld2oXNP9RCLr9yI9c4855UPlnfEQhXzSnYzdeyD04QiM0LPWnx8-_Rfq5uPuXg
Domain
vtrk.doubleverify.com
URL
https://vtrk.doubleverify.com/?v=1&t=event&tid=ZW-12000000&ec=vast&cid=e0f73906-3b47-4e5d-a882-51bcf32572a2&el=https%3A%2F%2Fad.doubleclick.net%2Fddm%2Fpfadx%2FN232601.125865GOOGLECANADA0%2FB26735762.319372882%3Bsz%3D0x0%3Bord%3D%5Btimestamp%5D%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bdcmt%3Dtext%2Fxml%3Bdc_sdkv%3Dh.3.490.0%3Bdc_osd%3D2%3Bdc_frm%3D2%3Bdc_adk%3D517738578%3Bdc_sdr%3D1%3Bdc_ref%3Dhttps%3A%2F%2Fwww.theobserver.ca%2F%3Bdc_vast%3D4%3Bnel%3D0%3Bdc_ves%3DdGltZXN0YW1wOiAxNjM4NTg5OTg1NzcxCg%3Bdc_cid%3D161204881%3Bdc_adid%3D512228999%3Bdc_vpaid%3D0%3B&ea=error&cm114=1&cm115=30&cd101=vast&cd102=src&cd111=inline&cd112=unwrapped&cd117=2&cd170=166&cd182=vpaid-transformer%400.21.11&cd188=fra1&cd189=droplet&cd190=16604586&cd191=26735762&cd192=4450143&cd193=319372882&cd195=1&cd196=3&cd141=2%2C8&cd142=2021-12-04T03%3A53%3A05.829Z&cd143=2021-12-04T03%3A53%3A06.764Z&cd10=901&z=62994757&redir=https://tps.doubleverify.com/visit.jpg?ctx=818052&cmp=DV024064&sid=1234&plc=1234&advid=818053&crt=vastError&vasttrkevt=impression&dvp_ctx=16604586&dvp_cmp=26735762&dvp_sid=4450143&dvp_plc=319372882&dvp_crt=161204881&tagtype=video&adsrv=166&turl=https%3A%2F%2Fwww.theobserver.ca%2F&aubndl=&dup=e0f73906-3b47-4e5d-a882-51bcf32572a2&dvtagver=dvot_0.8.49_b8310e9&dvp_scripthashproxy=1&dvp_pgurl=https%3A%2F%2Fwww.theobserver.ca%2F&dvp_zjsver=0.21.11&apifw=2%2C8&vssd=0&gdpr=0&app=-1&dvp_psfts=1638589985955&dvp_psfst=ack&vstvr=4.0-i&essd=0&dvp_blk=1&verr=901
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~kwra656q&c=3984276159555&slotId=1992138079777.5&qqid=CNOc_K-fyfQCFRgEwwodpR0IZg&gqid=IeaqYYeGBsmrjAa5grUQ&fb=ima_html5-lima&sdkv=h.3.490.0&mrd=4&aab=1&itv=1&uet=2&met.4=err.kwra65l1&aec=901&rec=loaded-1%7Cshow_ad-1%7Cerror-1
Domain
vtrk.doubleverify.com
URL
https://vtrk.doubleverify.com/?v=1&t=event&tid=ZW-12000000&cid=e0f73906-3b47-4e5d-a882-51bcf32572a2&ec=vpaid&ea=global-unload%2F10&cd100=normal&cd101=vast&cd102=src&cd103=https%3A%2F%2Fgcdn.2mdn.net%2Fvideoplayback%2Fid%2F66199ea1b96022d7%2Fitag%2F18%2Fsource%2Fdoubleclick_dmm%2Fctier%2FL%2Facao%2Fyes%2Fip%2F0.0.0.0%2Fipbits%2F0%2Fexpire%2F3781005170%2Fsparams%2Fid%2Citag%2Csource%2Cctier%2Cacao%2Cip%2Cipbits%2Cexpire%2Fsignature%2F2F134F6F9F7F7E58D2964C57D622DA9DEAC330C5.111A27796E067BCBDF71D14E51A0A3620E87647%2Fkey%2Fck2%2Ffile%2Ffile.mp4&cd104=video%2Fmp4&cd105=vpaid-transformer%400.21.11%2Bjs&cd107=complete&cd111=inline&cd112=unwrapped&cd117=2&cd137=YNNY&cd138=1&cd139=1&cd140=NNNNN&cd170=166&cd171=c5x8i7c7.ssl.hwcdn.net&cd182=vpaid-transformer%400.21.11&cd188=fra1&cd189=droplet&cd190=16604586&cd191=26735762&cd192=4450143&cd193=319372882&cd195=1&cd196=3&cm100=564&cm101=317&cm104=-2&cm105=640&cm106=360&cm107=404&cm108=-1&cm109=10240&cm110=328&cm111=28&cm112=564&cm113=317&cm114=1&cm115=30&cm116=9&cm117=13&cm119=14&cm120=298&cm167=15&cm180=2&cm181=2&z=16385899867805998337
Domain
tps607.doubleverify.com
URL
https://tps607.doubleverify.com/bsevent.gif?impid=9ee560fd44174bbba9951c5653b9137f&pltfrm=Linux%20x86_64&cbust=1638589986781436
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~kwra67nv&c=1965149681003&slotId=982574840501.5&fb=ima_html5-lima&sdkv=h.3.490.0&mrd=4&aab=1&itv=1&uet=2&met.4=err.kwra68f7&aec=901&rec=loaded-1%7Cshow_ad-1%7CskippableStateChanged-1%7Cerror-1

Verdicts & Comments Add Verdict or Comment

156 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| setNptTechAdblockerCookie object| script object| LRNameSpace object| LoginRadiusDefaults function| LoginRadiusUtility function| LoginRadiusApiFramework function| setLoginRadiusDefaultSchema function| setLoginRadiusModuleFunctions function| LoginRadiusHooksModel function| SetLoginRadiusCommonFunctions function| LoginRadiusControllers function| LoginRadiusV2 function| FormValidator object| hash object| modern_script_elem object| legacy_script_elem object| ytAdTargetingLoadEvent function| script_onload string| locSrc object| ytVideoAdTargetingConfig object| webpackJsonpFrontEndModules object| FrontEndModules object| googletag object| aax object| janrain function| janrainCaptureWidgetOnLoad object| apstag function| Krux object| dataLayer object| KruxDataLayer object| __iasPET object| mParticle object| ggeac object| google_js_reporting_queue object| headertag object| Criteo function| headertag_render function| sovrn_render object| pbjs boolean| apstagLOADED object| districtmHeader object| diagPixSentCodes object| __iasAdRefreshConfig function| BlockAdBlock object| blockAdBlock object| criteo_pubtag object| criteo_pubtag_116 object| Criteo_116 object| webpackChunkdjango_content_services function| udm_ object| _comscore object| COMSCORE object| mpGoogleAnalyticsKit object| regeneratorRuntime string| GoogleAnalyticsObject function| ga boolean| _noReturnExperience number| _recaptchaVersion boolean| _recaptchaInvisible string| iasScores object| google_tag_manager function| postscribe object| google_tag_manager_external undefined| google_measure_js_timing object| google_tag_data string| _linkedin_data_partner_id function| fbq function| _fbq function| twq function| pbq function| onYouTubeIframeAPIReady object| gaplugins object| JANRAIN function| _array_contains string| uri boolean| cssNotFound object| Sailthru function| lintrk boolean| _already_called_lintrk object| twttr function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| d object| vf object| vfQ object| pbProcessor object| gaGlobal object| gaData object| googleToken object| googleIMState function| processGoogleToken string| ds_checkpoint object| vx object| B64 function| pad object| B64URL object| _qevents number| norm number| google_unique_id object| _vfP object| core boolean| vfLoaded function| setImmediate function| clearImmediate object| 95be6cd9a28b98671c1cb95f366258c8 object| viafoura function| quantserve function| __qc object| ezt object| _qoptions function| qtrack string| cName object| pCOOKIES number| bb object| NmeVal string| url function| ds_ct186296 object| replaced string| ct3p function| vxtrackaeb81789-df6e-45ca-9f25-5593242de2f3 function| dvptrack function| ds_trace_aeb81789-df6e-45ca-9f25-5593242de2f3 object| ns_ function| vxvideojsinit object| ampInaboxIframes object| ampInaboxPendingMessages function| ds_dvp_next function| ds_dvp_previous number| tmpval function| ds_ctwrap715606 function| ds_float_close object| __IntegralASExec object| Ribn object| GoogleGcLKhOms object| google_image_requests number| google_global_correlator object| closure_lm_402339 object| closure_lm_665782

135 Cookies

Domain/Path Name / Value
nexus.prod.postmedia.digital/ Name: AWSALBCORS
Value: 3T1rySQ/Lg9b5YEFS/tLFQ25z55iqN+roJd3VYfNzVCNseRrXWfs4TwuRx6r/ySZDY/ocAdhB2tsjscrxs6sFPlGGUbpFuvqtoOEdRTawwBQP9O+7FAxSqeMyr/0
www.theobserver.ca/ Name: x-id
Value: {"data":{"id":"i7tdlpnwhhvzftgrfrtebd1wrj2ac849","updated":1638589982193},"exp":604800000,"ts":1638589982213,"mac":-338490991}
static-nexus.prod.postmedia.digital/ Name: AWSALBCORS
Value: v8M/iJY3NTI7hJmGKaSQnzelwp9TJ45z6LNDptny36HUzYcSbnRg80B1tJms4F1g9B1Z89DMsgfPld8XfxJuEJCARCHJ0WBrL2PpokWCYMEOdjEeDTMNYEVQACZ/
.adsrvr.org/ Name: TDID
Value: 96202975-3807-4288-a32a-8d03bb6cadd8
.theobserver.ca/ Name: _gcl_au
Value: 1.1.526130370.1638589983
d395dw5zk780j2.cloudfront.net/ Name: x-id
Value: {"data":{"id":"i7tdlpnwhhvzftgrfrtebd1wrj2ac849","updated":1638589982193},"exp":604800000,"ts":1638589982610,"mac":-338371920}
www.theobserver.ca/ Name: political-ad-opt-out
Value: {"data":false,"exp":604800000,"ts":1638589982618,"mac":1615945761}
.scorecardresearch.com/ Name: UID
Value: 14WW0KKHV05NBVETYZNYK5g1638589983
www.theobserver.ca/ Name: __adblocker
Value: false
.doubleclick.net/ Name: IDE
Value: AHWqTUnSEdmbCmXt-i5A6ZAT_0WESMo4NVfg5efpRaOOOGQnaoDu8CGRDIc8PZ5hMPs
.theobserver.ca/ Name: mprtcl-v4_2E43801F
Value: {'gs':{'ie':1|'dt':'580aa374a095754d9f83e996ce038321'|'av':'1.0.0'|'cgid':'88e61f18-f4a0-47b9-bed2-b592c354a8c6'|'das':'51452624-2a4f-49f3-aa71-4d2d5a91212d'|'csm':'WyI2ODc0NzM5MjA3ODUwODExNjMxIl0='|'sid':'C0A0F439-EEB9-4FB0-B135-5DB02A44AB2F'|'les':1638589982682|'ssd':1638589982397}|'l':0|'6874739207850811631':{'fst':1638589982552|'csd':'eyI0MSI6MTYzODU4OTk4MjU1NH0='|'ui':'eyIwIjoiaTd0ZGxwbndoaHZ6ZnRncmZydGViZDF3cmoyYWM4NDkifQ=='}|'cu':'6874739207850811631'}
.openx.net/ Name: i
Value: 11208a7e-892f-0455-2f76-3acfd9f7b1f0|1638589982
www.theobserver.ca/ Name: sailthru_pageviews
Value: 1
.amazon-adsystem.com/ Name: ad-id
Value: AzpyqYv6tkgSkpbbXEmPKIk
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.lijit.com/ Name: ljt_reader
Value: 938fa8f1edfcc5795241704f
.theobserver.ca/ Name: __psid
Value: 1638589983006
.linkedin.com/ Name: li_sugr
Value: 69470d1d-8a4f-48cb-b7bf-029bce23199e
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&24edd37e-05ae-4bd2-87ca-052c964f81f4"
.linkedin.com/ Name: lidc
Value: "b=VGST00:s=V:r=V:a=V:p=V:g=2581:u=1:x=1:i=1638589983:t=1638676383:v=2:sig=AQFaRo3-XqLZy1w0fKDDHXCZZrZ2FCv5"
.yahoo.com/ Name: A3
Value: d=AQABBB7mqmECED8r-X7jD3B5dSht41WiBOUFEgEBAQE3rGG0YQAAAAAA_eMAAA&S=AQAAAoW4pMmMyoeFFrXoqIoYq18
.theobserver.ca/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.theobserver.ca/ Name: _ga
Value: GA1.2.1389068322.1638589983
.theobserver.ca/ Name: _gid
Value: GA1.2.1819214990.1638589983
.twitter.com/ Name: personalization_id
Value: "v1_J6VJzvoc/wh152y07GVZ1g=="
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YarmHwAJalmNkwBG
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-a0de3f19-dbfb-4e5e-4452-f0650b5cf295.p5BRAwNuvjvj5uUeq08zrzm7VWEPOsTVqRVxPjuPuVU
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A0-a0de3f19-dbfb-4e5e-4452-f0650b5cf295%24ip%2437.120.205.149.NrOXIdiAG%2BXnHfEer%2Fs9dY%2Fzfa6PW%2BsMXhf7%2FHany5A
.bidswitch.net/ Name: tuuid
Value: 1dd13624-9489-465b-b6b4-b624acf5784a
.bidswitch.net/ Name: c
Value: 1638589983
.bidswitch.net/ Name: tuuid_lu
Value: 1638589983
.theobserver.ca/ Name: _gat_mpgaTracker8
Value: 1
.dotomi.com/ Name: DotomiTest
Value: 30024edf91fc1225
.linkedin.com/ Name: UserMatchHistory
Value: AQJYdv_9hVIpbAAAAX2Dkuo2QVK5ZR7iBMz4SW_uPAwbN47yFwz0z72hpu1Fx5_Z7xGoqY4a7eD_TQ
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQLkEAIzStlbDwAAAX2Dkuo2FKnS-N4wP_u7u0exmCJQt0rNAfFsUfywiyUOqOBf3YceOYeyAbpnPtczOp78fQ
.krxd.net/ Name: _kuid_
Value: OhRU6U2r
www.theobserver.ca/ Name: sailthru_visitor
Value: 76ce0b35-5403-40c8-b00b-473ee06cdf01
.lijit.com/ Name: ljtrtbexp
Value: eJyrVrIwULIyNDO2NLe0NLUw1lEysUTlG6NyLdD5KMprAZkWEI8%3D
.theobserver.ca/ Name: _fbp
Value: fb.1.1638589983397.2104172101
.openx.net/ Name: pd
Value: v2|1638589983|vMgakWgyiK
.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.www.linkedin.com/ Name: bscookie
Value: "v=1&202112040353038da4ceb8-4503-4028-82f1-fce09537cce7AQHi4LwQk7FTT_3wxWuD0maNSOG2TLqO"
.sharethrough.com/ Name: stx_user_id
Value: fb0cb73a-25ce-45a8-ba8a-a9ffd6860b5d
.3lift.com/ Name: tluid
Value: 6614077142590073882
.creative-serving.com/ Name: tuuid
Value: 51db0490-a098-4fc3-be5c-52032bdb91a5
.creative-serving.com/ Name: c
Value: 1638589983
.creative-serving.com/ Name: tuuid_lu
Value: 1638589983
.adnxs.com/ Name: uuid2
Value: 8000251644872631429
.facebook.com/ Name: fr
Value: 0OiRswOdI9BXK86SH..BhquYf...1.0.BhquYf.
.bidr.io/ Name: bito
Value: AADVTE7DVcwAACsQRS7N7g
.bidr.io/ Name: bitoIsSecure
Value: ok
www.theobserver.ca/ Name: janrainSSO_session
Value: session
.viafoura.co/ Name: VfSess
Value: cmr5e50hu6fcq6od1udg04kcb8
.viafoura.co/ Name: vfThirdpartyCookiesEnabled
Value: true
.contextweb.com/ Name: V
Value: w6NTHLymKpa6
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1aty|7dW.0.1
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 591cb9ecb681b501
.mathtag.com/ Name: uuid
Value: 38d561aa-e620-4500-a835-726ec1cd5433
.openx.net/ Name: univ_id
Value: 537072971|96202975-3807-4288-a32a-8d03bb6cadd8|1638589983686939
.casalemedia.com/ Name: CMID
Value: YarmH1K3tMNJH9pjGD-FtgAA
.casalemedia.com/ Name: CMPS
Value: 138
.quantserve.com/ Name: d
Value: EGoBDQHwJMv7kwA
.pubmatic.com/ Name: KADUSERCOOKIE
Value: A2587587-5D22-460D-A9DD-58C5B0E676AF
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 156011:2
.pubmatic.com/ Name: DPSync3
Value: 1639180800%3A164%7C1638662400%3A174%7C1639785600%3A201_197
.pubmatic.com/ Name: SyncRTB3
Value: 1639785600%3A13_54_22_220_21%7C1639180800%3A2
.owneriq.net/ Name: si
Value: Q6918763831934181121
.owneriq.net/ Name: p2
Value: sv
.quantserve.com/ Name: mc
Value: 61aae61f-b2b98-533cf-57e91
.advertising.com/ Name: APID
Value: UPaea33ccf-54b5-11ec-b1b2-02422e731895
.casalemedia.com/ Name: CMPRO
Value: 508
.casalemedia.com/ Name: CMST
Value: YarmH2Gq5h8A
.theobserver.ca/ Name: __qca
Value: P0-1259657904-1638589983713
.lijit.com/ Name: _ljtrtb_3
Value: 38d561aa-e620-4500-a835-726ec1cd5433
.turn.com/ Name: uid
Value: 3682604531038301826
.lijit.com/ Name: _ljtrtb_80
Value: KWRA638C-2-59X6
.jsrdn.com/ Name: u
Value: 6c141f04-609b-4b01-a950-30155eec5850
.adsymptotic.com/ Name: U
Value: a86db29101e877cd4473a4a9385195bb
.ml314.com/ Name: u
Value: aHR0cHM6Ly9jZG4ua3J4ZC5uZXQvcGFydG5lcmpzL3hkaS9wcm94eS4zZDIxMDBmZDcxMDcyNjJlY2I1NWNlNjg0N2YwMWZhNS5odG1sIyFreGNpZD11dGh0eG1kZGcma3h0PWh0dHBzJTNBJTJGJTJGd3d3LnRoZW9ic2VydmVyLmNhJmt4Y2w9Y2RuJmt4cD0=
.ml314.com/ Name: pi
Value: 3623455489792147513
.ml314.com/ Name: tp
Value: 4%3b12%2f3%2f2021+10%3a53%3a03+PM%3b0
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd987FnXwG8mJiDAQgBX1f-c3U4HQrLIbsOPLhsCIi40vrJZhvX441WIWr2QGxbNJQC4TM1
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-96202975-3807-4288-a32a-8d03bb6cadd8&KRTB&22918-96202975-3807-4288-a32a-8d03bb6cadd8&KRTB&23031-96202975-3807-4288-a32a-8d03bb6cadd8
.pubmatic.com/ Name: PugT
Value: 1638589983
.pubmatic.com/ Name: PUBMDCID
Value: 2
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-YarmHwAJalmNkwBG&KRTB&22978-YarmHwAJalmNkwBG&KRTB&23194-YarmHwAJalmNkwBG&KRTB&23209-YarmHwAJalmNkwBG
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3682604531038301826
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEPb6scENDEwSNDCJ0TcMiaQ&KRTB&16514-CAESEPb6scENDEwSNDCJ0TcMiaQ&KRTB&23025-CAESEPb6scENDEwSNDCJ0TcMiaQ
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 5732659046028855531
.agkn.com/ Name: ab
Value: 0001%3AylQ7tkZhWhi%2BPaJ%2BRfI6qj5pR%2FvbE2QK
.pippio.com/ Name: didts
Value: 1638589983
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: did
Value: _uShNvt7ackPx-SB
.analytics.yahoo.com/ Name: IDSYNC
Value: 18za~21w3
.yahoo.com/ Name: APID
Value: UPaea33ccf-54b5-11ec-b1b2-02422e731895
.yahoo.com/ Name: APIDTS
Value: 1638589983
.rlcdn.com/ Name: pxrc
Value: CJ/Mq40GEgUI6EcQABIFCNtOEAA=
www.theobserver.ca/ Name: _vfb
Value: www%2Etheobserver%2Eca.00000000-0000-4000-8000-675209adf16b.1.10.1638589984....
www.theobserver.ca/ Name: _vfz
Value: www%2Etheobserver%2Eca.00000000-0000-4000-8000-675209adf16b.1638589984.1.medium=direct|source=|sharer_uuid=|terms=
www.theobserver.ca/ Name: _vfa
Value: www%2Etheobserver%2Eca.00000000-0000-4000-8000-675209adf16b.c7184620-2b24-4fd0-a35e-b99b33971f5f.1638589984.1638589984.1638589984.1
.simpli.fi/ Name: suid
Value: 738B91C76CE54A558D37C79C24F614F8
.districtm.io/ Name: _dm_uid
Value: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAwLCJ1c3IiOiJxZ2JTQWJJR0d6SXhibmMyVlUxdWNreEVXVlZLVDA1alJWQnphblJXYnpSc01ib0dJQWlYVGhJYlFVRkJSMk53ZWpCcU9EWlFiRUZPVVd0aFVVOUJRVUZCUVVGQnVnWXBDSmxPRWlReFpHUXhNell5TkMwNU5EZzVMVFEyTldJdFlqWmlOQzFpTmpJMFlXTm1OVGM0TkdHNkJoVUlvRTRTRUZsaGNtMUlkMEZLWVd4dFRtdDNRa2U2QmhzSXFVNFNGa0ZCUkZaVVJUZEVWbU4zUVVGRGMxRlNVemRPTjJlNkJpQUlxazRTRzI5T05GOUhaSFkzVkd3MVJWVjJRbXhETVhwNWJGTldOSHBhVmJvR0F3aXVUcm9HQXdpd1RnPT0iLCJpYXQiOjE2Mzg1ODk5ODN9.CF3fb1OOY5hkKd-Vu_YJC4k3lpxIaHx1XvtO6UO2VWacRinJvt00nrQj9hGN_Rj70iKKnEtWU3yAhE3eRuEviQ
.eyeota.net/ Name: SERVERID
Value: 24335~DM
.adsrvr.org/ Name: TDCPM
Value: CAESFAoFb3BlbngSCwjq-oWx87ibOhAFEhsKDHNoYXJldGhyb3VnaBILCJ7ir7HzuJs6EAUSFwoIcHVibWF0aWMSCwjmiJGy87ibOhAFEhYKB2QwdHJvMWoSCwi86bqz87ibOhAFEhYKB3J1Ymljb24SCwjyhpy087ibOhAFGAEgAigCMgsIvOG94Im5mzoQBTgBWgdkMHRybzFqYAI.
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:738B91C76CE54A558D37C79C24F614F8
.mathtag.com/ Name: mt_mop
Value: 9:1638589984
.lijit.com/ Name: _ljtrtb_49
Value: w6NTHLymKpa6
.viafoura.co/ Name: vfDeviceId
Value: 4980668f-4a2c-48f6-940b-f6240062a044
.theobserver.ca/ Name: __gads
Value: ID=844fd6d29e4b5023:T=1638589983:S=ALNI_MaqCCUBzUFkioaB1pusuNSbVT9t6A
.lijit.com/ Name: ljtrtb
Value: eJyrVjJWslIytkgxNTNMTNRNNTMy0DUxNTDQTbQwNtU1NzJLTTZMTjE1MTZW0lEysQSqLTfzC%2FHwqcz1Lkg0A4pZGADFvMODHM2MLZx1jXRNLSPMlGoBnI4VMQ%3D%3D
.lijit.com/ Name: _ljtrtb_83
Value: KWRA63G4-1L-JQDI
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 1b725e17968450711ca2e2b3a8963760
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQMEwyNzJNNTS3NLMwMTUwNzRMTjRKNUoyTrSwNDM2NzNgAILEVc8UQDQUAAA4pgoD"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIXPVMAUhBAQAaKgIS"
.pippio.com/ Name: pxrc
Value: CKDMq40GEgQIAhAAEgYI7OsBEAA=
.rubiconproject.com/ Name: khaos
Value: KWRA63A3-1D-AIR0
.rubiconproject.com/ Name: audit
Value: 1|Vr02SlKJc2JdQIyk1Sq5GYMZfJyq2bWDHEfW6RhNMGSB+d55h43RBhbtuaeQwT6gETpbvGyHWpgiZ07GJqnMno4BjqNRGrmz
.linksynergy.com/ Name: icts
Value: 2021-12-04T03:53:04Z
.linksynergy.com/ Name: rmuid
Value: 0f32092c-8101-4011-ab0d-a513102f7f78
.rlcdn.com/ Name: rlas3
Value: 5btd6YY4sLnC8TJQlDZldW9vzcr8/87bL5rDeZw+zgQ=
.demdex.net/ Name: demdex
Value: 67560472869993383283720323887865758578
.dpm.demdex.net/ Name: dpm
Value: 67560472869993383283720323887865758578
.criteo.com/ Name: uid
Value: 491b5d5b-036e-42d0-99b1-79d36fa2e46c
.theobserver.ca/ Name: cto_bundle
Value: Dsf0KV83bFRwOHUlMkZ5VUZ4emVUNWhDMGNZc3cyM2xxMyUyRmR1ekRUOVNNd0dJbzVvU21PMkxKamFuNlVkNVdQSFJuYUN5SVB1cTdSeGxSZzFuNnRlUXljajNBJTJGV0ZuVTdObG5aY1NwUzJuM0pWJTJGaXhDdzVmRXFSU2tBeVdBVGdMN3pwem1HN2w0RyUyRjFPT0xYd2t5eFFDeXNXTmpnJTNEJTNE
.pubmatic.com/ Name: SPugT
Value: 1638589985
www.theobserver.ca/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.adnxs.com/ Name: icu
Value: ChgIybE_EAoYASABKAEwpMyrjQY4AUABSAEQpMyrjQYYAA..
.tremorhub.com/ Name: tvid
Value: 11088698566b41f587021e2e0561fee5
.tremorhub.com/ Name: tvv
Value: 1
.tremorhub.com/ Name: tvrg_60265
Value: 1,1638589988
.spotxchange.com/ Name: audience
Value: b17bc7cf-54b5-11ec-8729-1c7e41240003

8 Console Messages

Source Level URL
Text
network error URL: https://static-nexus.prod.postmedia.digital/wp-content/uploads/2018/08/1297679496675_ORIGINAL.jpg?quality=90&strip=all&w=564&h=423&type=webp
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Message:
Failed to load resource: the server responded with a status of 451 ()
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

580448699.privacysandbox.googleadservices.com
5ew8d-b3mmu.ads.tremorhub.com
a.jsrdn.com
aa.agkn.com
ad.doubleclick.net
ad.turn.com
ade.googlesyndication.com
ads.adaptv.advertising.com
ads.creative-serving.com
ads.pubmatic.com
ads.yahoo.com
adservice.google.ca
adservice.google.com
ak.sail-horizon.com
ampcid.google.ca
ampcid.google.com
analytics.twitter.com
ap.lijit.com
api.rlcdn.com
api.sail-personalize.com
api.viafoura.co
as-sec.casalemedia.com
assets.ribn.com
auth.lrcontent.com
beacon.krxd.net
bh.contextweb.com
bid.g.doubleclick.net
bidder.criteo.com
bttrack.com
c.amazon-adsystem.com
c.jsrdn.com
c1.adform.net
c2shb.ssp.yahoo.com
c5x8i7c7.ssl.hwcdn.net
cc59aa0f8485c0c4847f35ca0f4b2e10.safeframe.googlesyndication.com
cdn.adsafeprotected.com
cdn.districtm.io
cdn.doubleverify.com
cdn.krxd.net
cdn.viafoura.net
ce.lijit.com
cm.g.doubleclick.net
connect.facebook.net
consumer.krxd.net
cookiesync.mparticle.com
csi.gstatic.com
d1lqe9temigv1p.cloudfront.net
d1v9u0bgi1uimx.cloudfront.net
d395dw5zk780j2.cloudfront.net
districtm-match.dotomi.com
distroscale-d.openx.net
dmpsync.3lift.com
dmx.districtm.io
dmx.us-east-33.districtm.io
dpm.demdex.net
dt.adsafeprotected.com
eb2.3lift.com
eus.rubiconproject.com
fem.prod.postmedia.digital
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb.districtm.io
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.jsrdn.com
i.viafoura.co
ib.adnxs.com
id.rlcdn.com
identity.mparticle.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
interaction.viafoura.co
js-sec.indexww.com
jssdkcdns.mparticle.com
jssdks.mparticle.com
livecomments.viafoura.co
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
ml314.com
mug.criteo.com
nexus.prod.postmedia.digital
notifications.viafoura.co
optimized-by.rubiconproject.com
p.adsymptotic.com
pagead2.googlesyndication.com
pippio.com
pixel-eu.rubiconproject.com
pixel-us-east.rubiconproject.com
pixel.adsafeprotected.com
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
postmedia-d.openx.net
postmedia.us.janrainsso.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
ps.eyeota.net
pubads.g.doubleclick.net
px.ads.linkedin.com
px.owneriq.net
px4.ads.linkedin.com
quilt-cdn.janrain.com
r1---sn-ab5sznlk.c.2mdn.net
rtb0.doubleverify.com
rules.quantcount.com
s.amazon-adsystem.com
s.jsrdn.com
s0.2mdn.net
sb.scorecardresearch.com
search.spotxchange.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
smartcdn.prod.postmedia.digital
snap.licdn.com
sr.studiostack.com
ssum-sec.casalemedia.com
stags.bluekai.com
static-nexus.prod.postmedia.digital
static.ads-twitter.com
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
storage.googleapis.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.mathtag.com
sync.srv.stackadapt.com
t.co
tag.1rx.io
tags.rd.linksynergy.com
token.rubiconproject.com
tpc.googlesyndication.com
tps607.doubleverify.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
vast.doubleverify.com
video-ads.rubiconproject.com
vpaid.doubleverify.com
vtrk.doubleverify.com
widgets-cdn.rpxnow.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
www.npttech.com
www.theobserver.ca
x.bidswitch.net
csi.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
tps607.doubleverify.com
vtrk.doubleverify.com
104.16.68.69
104.18.99.194
104.244.42.195
104.244.42.69
104.36.115.109
104.36.115.111
104.36.115.113
104.36.115.114
107.178.254.65
108.174.10.14
142.250.112.154
142.250.176.194
142.250.65.162
142.250.80.98
142.251.32.98
142.251.41.2
151.101.194.49
151.101.248.157
151.101.66.133
172.217.165.134
173.223.237.164
174.129.10.91
18.213.23.102
18.67.76.2
185.167.164.39
192.132.33.46
192.35.249.123
198.148.27.139
199.127.204.162
20.49.104.19
2001:4860:4802:32::3
2001:4998:14:800::1001
204.154.111.105
205.185.216.10
205.185.216.42
206.189.49.44
213.19.162.90
216.200.232.249
23.111.8.18
23.209.184.224
23.217.28.180
23.219.95.182
23.52.161.180
23.52.162.21
23.64.109.237
23.92.190.74
2600:1400:d:58c::4469
2600:1400:d::1721:ee10
2600:141b:13:1099::fa5
2600:141b:13::1732:35c1
2600:1f18:44f0:4816:6362:8f80:b427:2e9f
2600:1f18:4e9:5a02:1f9d:78fd:b4f5:2185
2600:1f18:612b:4264:b32e:f80d:5f2d:5164
2600:9000:2209:5e00:8:48e:53c0:93a1
2600:9000:2209:6000:7:75d4:e40:93a1
2600:9000:2209:7200:8:f216:eb80:93a1
2600:9000:2209:ba00:6:44e3:f8c0:93a1
2600:9000:2209:c000:8:2ae1:d740:93a1
2606:4700:10::6816:49e8
2606:4700:3037::6815:3c3f
2606:ae80:1451:22::760
2607:f8b0:4006:3d::6
2607:f8b0:4006:806::2001
2607:f8b0:4006:807::200e
2607:f8b0:4006:808::2010
2607:f8b0:4006:809::2002
2607:f8b0:4006:809::200a
2607:f8b0:4006:80a::2004
2607:f8b0:4006:80c::200e
2607:f8b0:4006:80e::2002
2607:f8b0:4006:80e::200e
2607:f8b0:4006:80f::2002
2607:f8b0:4006:816::2002
2607:f8b0:4006:817::200a
2607:f8b0:4006:81c::2001
2607:f8b0:4006:81c::200e
2607:f8b0:4006:81e::2003
2607:f8b0:4006:81e::2008
2607:f8b0:4006:822::2003
2607:f8b0:4006:822::2006
2607:f8b0:4006:823::2002
2607:f8b0:4023:1404::9a
2620:100:a001::4
2620:100:a001::c
2620:109:c002::6cae:a0e
2620:112:f002:bbbb::21
2620:116:800b:21:2d66:77a6:9085:a5fa
2620:1ec:21::14
2a03:2880:f065:e:face:b00c:0:3
2a03:2880:f162:81:face:b00c:0:25de
2a04:4e42:400::645
2a04:4e42:600::645
2a04:4e42::645
3.222.44.99
3.228.147.119
3.230.217.116
3.233.23.149
3.234.8.37
3.99.13.158
34.107.199.243
34.120.155.137
34.197.145.87
34.198.206.24
34.200.131.242
34.206.204.12
34.233.103.61
34.98.67.3
35.175.84.112
35.190.60.146
35.211.178.172
35.231.227.177
35.244.159.8
44.239.204.94
50.17.45.48
52.116.221.248
52.206.55.189
52.223.22.214
52.223.40.198
52.36.124.159
52.45.33.138
52.46.130.91
52.73.153.177
52.85.61.103
52.85.61.2
52.85.61.28
52.85.61.32
52.85.61.46
52.85.61.49
52.85.61.56
52.85.61.64
54.156.215.112
54.175.198.118
54.221.224.161
54.239.200.177
54.243.64.72
63.251.114.182
68.67.161.212
69.173.151.100
74.119.119.129
74.119.119.139
8.28.7.84
99.83.154.140
02a916d5620aa24b368e0230567db2144e3908a459ba256b14d98eaa135a2e11
04fe6c7746ec923f1e12d09039bc394b93415975b5be544b42e5e8a37d29fb1f
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0709502ac1b84f643f54315b1549680c1ba0aa282725bf59bc0b0e4509a53171
07146c04133981ff3c7c1abbb80b08addc9ac8d4b3c9aaa4b8baf212d05b0976
0826670086a8c44b8dec0839de47e4d3381083a69033ea8fdf16efae1f9de0ac
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0bd4673f315181ab94e3abf00ec333e25c1efccc6f2d5757d9b9b5a5722688b9
0c9f058353e51ee746b2e129659fef78300d1f86a4ad54eeb5b65653d2f68215
0d70c8a0aae74175852391d2840460ac68e84aa79875fd0d4d3609de559029a9
0d7898a114b4efe59ac34b9d2fa2227cffe3bf377be8794a44a52f05e71d8c46
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1357d050358d80ecda9a8a3f02d8d91a2ae71d683bc31d3659cd2a9db0b27030
173149620ea50ea8e7f5094f280fb9b43664dfceb9e698de15698672fe217069
1903f0c0a3cdf0cf442844a4c595c7698bf675b04ffe3319afff3145211eb457
199df8a1a830f317c7fd448a9c52c7c8f7cf3615fbb76f341d7836bd2c34dd38
1c07a6d8b9bdea1e19dbc16b478e4af7e4945c5fc4b3d6f67d21b7391825167f
1ce62cbc7831ac1ab07918330912cd442b57e9ee7ac8870d07c1edeacfeae30b
1fb82c9bb456f6d5336430ebb3d5b1e596ceb303ee99690f0c9187aa13a0cd43
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
22b518a35f90caaf1b6055c7d21c3b79a03cfcf1a5aa9921a13de983ec143760
230f8be1f2494988ebf9a1e09d66ee7820559dd3d9b0eb5cb2e6bae40790e553
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
244e55c513c83013afd0021e9b14d8c39d5c513fbd729c32ed5c64d2428cae4e
25530b8702160f27d8ca73bb521ecb14c6dcc537e7936b8bcf3f61313bc750ce
255d7536bc23ccf8c9daaffa1e8985fad893b4a6e879989d4a743cef3a14a234
259f7f95ff6ee7b1e465f7a4143de7467bec3294b44c45f7740c23739dcc7328
28c70d7f9642ee779b45d3eccafe0fbbed60a09124758b5940b7622cc2e83611
29fbf5476e720057c6a38e981e9e03833b2e93c77b4a0234df09e0b0bcbb9f6e
2a647bbfb5c6723ca10f9833ae08d3381b0061f982959571e56a55d7768cb7a5
2a93908cd6fedcb5a8e4bd04300e4061ed0f8f6939f6fad80f334c2b592c7433
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2b7a7cdb6cdfeea5b6d3a19b510a9f5ce868b73988b44333770d3326798320d9
2cdf80963bd339576cd2fa41ab42c93baa3499810a07f243cced7eb84d19aa6f
2e6a11c0786c5b945cb6f852a0556fcbd73e16271453fdaaa56ac2085cda9e75
2e8db71249f82bb7584f1a2b6744275d18a4b5940ec8d48da133c65e81d5a23b
2ec855206935e32d9ad48b5919e4c66b5f4366e04ab07fdade79bab9ff58033c
2f9d1137793c3a020f9fc3a23a9e715f3f85209a83a49e7b1b37c0bed1bbadb1
3126bdff9344c6b6ee8dc5073bda9c319582fb7334cd77ea543bcc67bddfb3e9
33f7b5e63afee605939830d22993b43e99745fab39e9e6c35208b01229695508
35966943f63f35ccf9155c554b3f790dc00a0f0fd85cee57110250ee821b7f85
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
378ad9a5e1ccb65f19006c6e982a679380bee490d655c33bb493871ba142cfc3
3794d04c8283549cdb9bafa85354e9decf3c5f3a9fae1609b05ac56110a55f2e
39b60d43449c02f9d0491b15138a75b36c377c67583b59c83e616cf505981130
3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9
3bd5a9fc21186f86dc7899696f378659e555a7f1978af4161de48552343a4d6f
3e27a1979bf4f8bd03e538e041ca8062e6376512c2b58d87d616fbd38b2c9142
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40e562e806ce113ae7879d0dd76db82797b5c274794751c260381f2c8b283641
41ff4b428bfb3371a5bd4bd343610428336c583892d0fa5c13f60289b754e183
423a60f3bf63a8dd41915cf3c83b09cb32ccac117552f8d45e4058e05c42f019
4253eeffa7e2615ed928c93b3a121f78f5204a9d309b0f337a99df4e075c7f0c
441190ba2b13013b7493f024e780f07c29817bbc83f6b81d507c406605718711
44216edbcf372158d065f2c7062712c9c829648c355066e7cd14242843005d81
448a333dfdb98768c6308de7aeb073d319ec34bef67636b30fdf97abba0683b7
4576f4b1362fdeba0cb45896fe5275005f2e3930a2e8016f9ba50259b7f8a77c
465b31f84196ddfdd21c859a1460c95d70093d91e3ae5ce5c688c398b9dc20f7
46e83497b5122bc313a5952b84761c5a09d8ce988100d3777e278fdb42cbced7
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4917a8e103df1c03fe1664e88809fd1168a2a8930976e4ac3ab7a8e0706fdfd6
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49a070133915e05e9b7723d25d8f07b12dda78f7d89c5334176329b5dc8019a6
4a3f41a1a3c2493b17f54da39d63d0ceed277bc0c9d0bdc392d18b8c26452614
4ab07e2e2b75d34d9948e780893b3269c29d3bcae8a62ccccaa15113751153ff
4bef0d2ce9ddd3dcd15889345ea8e4ae1eb38c2bcf50bcd76daed2dc63f0a424
4c81a618f5d53d3380ec72a4c754c3e4fdda31319bb82126f5702f652101ccf6
4d286d29d71c52500e17a5f2534274b3c0bb4bf8f90969a677dfd0ce0122e730
4d8e57e390bdad7acf647c9e9adb492cec559d61a736e421260d4838efdaf04b
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4da7e3b0dbc9d7f23bd16aeb38ba8cc78f9d2a104bcd8f6737669440c9ed8a26
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e83caf1cb9cc7a5ba0c7d5d0308796c3c41c0a85a6beec913378bf3ca5b2126
4efb66ebed6d2ed79756390a56c9e9219bb9a93389076bc35aaba7c5e39ec9a9
4f8750b52fe9c49a36f99ef73d172841b6a7215611963e95bdb3528ecae7ce23
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51e43d59ce914f13c7d982bc986c28527c5b51ed68f18517fcbcb67d0124542f
526801c2c7d1c1bead34d14e88ebd6f4b8f9f7a09a78dd06f1d4473f0de8e318
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57cd853330bf03475d3d7ebfe73961821ef2e95620f9a5ac8aa8f7ff5ea3c324
580818700724d42d7fcc4979b0197971fca1c6d2e0286769237a0ac897df5512
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4
5bfee1a430ede5828fcb00547e58f4121e6758b35517b4ee1b5387067a2e65e9
5dc729f58012bd361fd011c68209313e097ba21eb75d22b70a72a56b209f3686
5e4cc6951fc687e9db04308c01a73695f4556f2f5fe6c97aa56bab037e4e1e76
5ea71bd07e560ea69f4bf12e5e48de530ce4a977ee361ed45ddcb581b060fd6c
5f77d08d2ebf25624be58be1e98bbbaa87d22091a13ea0ccebadb71fcfc6e5fb
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356
61a9435112cb68acc5f8da27798416ac4082a71a8ee5d392fb39c30185e4bc73
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
655c7648ff1f548347a176a58c150bcb924837f0d879b9b37c32dd647937b68c
656221125e72b908c855f3124bf61f15239fdb1f08b864c75fcdadfe003b66f8
658372a72d43162faaf90cadf3b6966a0f4e74b9c0932063b58d0826473a6b97
662e2a3383679032296e6df6a3e801e849b0d1c2953ce1a065624f364130df41
6637ce0c48f5468bd2873031bdb66ea520577440b8d5898c4a85d0d9de5bf1b0
669cea0d3dc0c8458235b50ea674f11f29efa1042f2a5987d5858300604523fa
672657891028b4bcf02fe255aa65abee5dcca1ac4b64e33ba14769de91965670
6d31625f8592d84d2bbf194f654f20182c9ee55b4b7da66da1f7dce38a878c31
6de355c79c0d5e8d4c373e4b79a36d59aacca27ecc8c5cbd2e3191ab2871c440
6ead4958834809400e2bcd23b9e0341d31ca8f2da3c4ea46f912ec7b445545c1
71a904ba726ae38a8aa08425bae824e9850452b5c41a182bdc526a139ba3a9bc
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
7317a02358b2b617ba0934b570c313ee76f29176c4821a9a5fd1656413e5f41b
73653c262c76c7b2705713b297db5a1f316ec446db431c8e17a2aceafb8eda7f
73ce21104cbd5c5d38a7f58633f41f6aaf3cf9bb58d2166935871115df10086f
73f5cb8f7a137847e41aeb849588174535651b6e140d8b13575f46fff0c496a2
746ea217d97acf20cdc0b81fcbf171d21337861cb596446bfb9bba8582025507
74abbc2deced2708428d1ade35e77a7e3eb6d6fe366c0e53448415f69242f207
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b
75fa98b9284a6f23d1ade00b372fb743eb15255ae9a5a5c0654b5a9af20ad655
76a25ef33d68faae60dad591c81964f1e9fb44c21a9eec0433ed0cb3bd2d32b5
7743ec010780cf35ff4d5342a9d9645f81262efc2ea92eacd8dcc44127c8ac71
7a3bc8c32965f3f5733e386d24a6b5d42429b572f64f3cd469504fbdbc07f8e4
7e8d9ec13ca7bc365fd81144451266061f2d9b6f600aa46c0aadd257a051c4f2
806b4ea1a35d9a0327df2f3423b2792713d96cf9b2cafd5b3e0bc0b624eaaffa
8294de57306d8898d2048ffa7bc8165d2472c392ff29f746503e9d433b6adb59
82d439e39616002635aa2917ecbf7fdd8593ed2cee85e202fbb9edb7944422c4
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8663c4c012653545c9f9da9605cd23e7e412379704bcf9cdc72c6522b5447312
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
881970ff5a30f45093a6ddbb1da7dc20197b80941bc53b77527d9ca2963531b3
89e20a27fafaccaa64642ae27c267e2e3a37676cea8101b98e598ef79c209e6c
8a4ca8b668500fe34a37c8d27aaacfd2d71b28e9a0a0818e903fc99c21d47b67
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d59f2c7986bc73bf37e3da9d7d9a0cbf7686dede1cb5a1649c43569848bde6e
8ddf9e8fa96d1bbbeaf292ca94fc082dde61e4a6be90c87f8b2609fd88edbd4d
90494aea6b20f877f5bf2c0a133c658cfb620c4c671f9672b2bd35fb4897c3ea
910f4f27d43f79b85b95af7d807844a73af3f19580992bc7985a4860952e1cdd
91da9cf26e25d02b4185e1174ce6ad93fcc8cd581ed06ecda1e527d0bfcbacbe
91ece1c98f47c513ee0dff76ca9e6747bde5082d4a4e4fbad8cd9cdac63a008b
9583896b055daf21c4eb2e4badf13da0f2a0415d52107f5cf32717fac3eac9fa
961cc8bc25bc6551000e38b66ad016f1a463a135cf3adbae44e2c516f8b23f03
969b16dbf7df3d84d9f2b6498dbd14531a8de0cb889e0532a9d1fd3f1f3c46b7
975a64dc9bbc5e1884ba8ca2e76d9b2791d16d5c9f3619bf30477cd21a8636d2
985b3f39420cba66479d428f526f313f10390ad8b4c683a81a4acd76742cf453
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9918bde2114fe8132f96f2498adbe9a6b4a4aa9e19ae03fdbcbfe79b3df64bfc
99a6510b192118ff9b7de874ff61d03627bb0b3bc8461104080b55cdbbbb904b
9bb8cc0d3cd4048d2b1974f8084e37c9244cf70b9bffc1e9b6d3fa0f315475da
9c6ff3f20600ffae239cd18a4768de6bdde5e4ce1657d0d286bd29a8cb639ba2
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9fe6045252bd27f37a61668002b06cf91cd098daf27c6a536aadd838b03be15c
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a333a56f77c1db5f51e0ea290125ad4afe411e1989673fb55817c607a6489934
a3fe1e47be2347ac812746ba22881223cec2e43cd18ddc42ba10dee63a98f2fc
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c82916d7442c4595c1a67305814ec4f7c20e2f4cb70c8089578ce821b53a5c
a4d0662bb73d6ea37688b2fc9807fcbf173ceb2b2a634fcdcb6bffec8fa30399
a6dba6a0da4d240371a99e4595e2184da556fefd2132a7009a8265025cae136a
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a774a29570383d0816ae0ebdd1d445f8f9c7d222c3ac045024dd2e1dee3b7365
a8efa8f4bd8ed7d938cc5ff60d168673064da4df090c3dec4fe60517885eba3f
ab894cd89f0f24b1938bc78d2da0aa60bf6ac9e80c3ee7a0490832bbd44358fe
aba228999bf40536d3c9be43fba78eea158925c0fb200b1993324e695629fb63
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aca9b4cf53c3b000033746b6314c868ee8f25e92bc9201b1ef9e4f1cafd0a60a
accb30e351050abbd11d2f4211022c2118844bae7889c1ff506b27c29bc374e5
ad30fc772afe5ab92c1ee3fae4c2b4378baa49cb22f7456d0d42712590794435
ae8264ec552f76003b5335b0839b6fe29284e27617923b0b2c50357ade389091
aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0b66e9b2d7a137f63d9bc86ce2dfc28a3f46ea84324e2b918a054e6a49a85c0
b0c01119006753e7e619f6d11c5d91ae3ecb7859031f9af5144b558212100b7c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b15cf086ac8238d3ed10e56639d4ca2ce7f629b435fe9d4ea50548294d47a2e8
b1b74ea07c463aedbea9edda89204250207897ec3622ebef4786cc81edae4f23
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b630bfefb18b047f36806ca3d09555730a686f944adedef8ef6fabc3751b58f9
b68334d88010495e1aa7da9af914a6043408076b36ad5cf8368667b3e6f7b85c
b6dc85459fbb9d03f478d91eae99e6627e04c8f805b08e4b97423ffbc3870d9d
b8bf1ce94288681edefbce3053bacc05d1a5081dd4ad962da2e8cf734d044d40
b9e2fefadf988dca2c87bffd051ea7b25f02d776056128a8ce9b7970f55ca5b7
b9f1c74c1ed2cac750e4e61a78a25b33f3ec186f65a51d0cf79e5bd930245035
bab05e352c21048ba5634365c3cfbaa21b405364b0b051ad763f824e6ee63624
bb4fb0059425e84fccb29bdbdaa7c010b6fc4a5e831487b1eeb9c4b108e214b5
bbb35e1bb748abf8ef59ead19ab638cecf479a9c241496f07362504900035511
bd42ab1e963caae23b78541c50e8b5d8146d0c6b2151fcfcfa938c17c417f68e
bd550e9074e7a7041b3cddaa539e339c27023a993785e49974951c92b9079f00
be9a51815a4c32f35f64b1e707d53beb414d99ffe0ecc534b9a6a188a09fcbe6
c0fb763f2f2e80a902d63860360c9ae467315055f06d4ac3a8cf0bd5982573ef
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2dba0f55b1c1df01c70b7409c85ae8747e4723b4365edbb26a680ff39e0691e
c45a7b49c14477cd160a83d4ee1fb8c311e12314e042d0647c68bec62f16fe29
c81cab8c63d469329c0e0724770c6c8622f0d5d1fb8b6f919b6d7dddfadba190
c84d34072f03bc30d7cf97ca883897d97a137bf16e148a7f657175de9cbe0078
c86342e29c3615186162f1814ffd130066e4ff58994fb87ef0c99c5689673e05
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
c9b283aaedb8ff261f92ff44b305ff9c045dd163fb8f5e5e6a71d1d78ffdec90
ca39ac2106cae3b8e988a9a627162f3bd075d83794f0fadc5a27468f4d60c7f8
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cbd733a98f36b50b6854a7e3c61c025ec3f7a84df97a61b5d5e2ad959e32f35c
cbdb7ccb9eafa3f71216402c88bb174ea0893c7b6c4438bcd32403769bbd160f
cbe938bffb329d94400869712d557aff03a7f0b5f82854659c703cbdc0c9b64b
cbf82bc71e89c822b11480a6c7ad144d8f4a43b8395afd5c2b81608859c55aa5
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ce6cd860558c0112cb2f2f95bce9e16812b24ab25df073e326eabd213750f7c1
cf109434d21cad0bf9b51eef38b867bda7c44e9653c7c82cfa9ca844b6f8b023
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cffb3ce889cbcb84854ba3324b2fdd31018072aeb16f0a04b3512afcb9c6ac98
d00812b039ff3598df190e22fcf97790e40eff9e3185e6b9be76e5b520ead533
d06ae5e97e495832fc4526c3e93d7e9440f1faf5f77669b41678c9d564a25faf
d09436ab9254f3d92325a8eabfe50f78b7bab4a8c76664341bb6611965683907
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d15bd49b3782d9c5f38fd67631bb4a4e1295fadc2cd04b3f664c43115088253a
d26f8222d0adcd1fbad49294831f0fe838927c25701b7df89dde1cc3039f859f
d3c67862212b7aee1a2f32b31cbb1b35b9ed5f8209de397c2e32a1e6a6f2f54c
d5f7c1c0cbec2c27d4165db4cd06b7780f477fc9161008bde67c7a9d62b223aa
d781546a0e288f92f460e1d0893328358d25af8b4cb6de58300b38f27af5e330
d852c8c4a4916c22d524936925de15f0b1a519f4b42ed5aed98b4b8fb8fdd41c
d8c62b0d4ac621bedd0ca5a4e96b12a77118338d4166f94d65c15bb154d455aa
d93b1d50966d2867f165afdfe3bde6a3fc9b094976a8d3aee38ef1c275c36cac
dac552dfd69559c85c5d6f3122b64dccc57222f3e5fb9634349d299b3efbe630
db6c618914e6a2fdccd07b49757043e07eac10a2fcfad246e1e61a1323bb9a5b
dcb0f064f445c7ba21183d3c3db46452c64d05c90589a32d8eb1c8b552d62e08
de70035b9069675a3313f33aee3809e0030b5457fb04d19d9e2da42180078c77
deddf1b908c497ef2816724eb531a7455ac542eb9e174efb223bc6fab1f3f706
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
df98e63771a8b0f9021b15dc46722c799a6c57d23b8346397881bf22949dfb6b
e065a3bf6690fb554a205457157528668fd6cd38bca07344beec3380a1c46cf4
e08bf45f56ce3bcf2289537cae2a1e55b6735eaf96fff69ea54b8aaebfdecee7
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e29a5291812a4e579ffa44abe6fe64763dc17fa2104fdc064e410f75f8dee8e0
e2b121ca9ed1664f65712c9e674a3251a77b70d02abd98acff9eaaeeb0de45e1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3eb6b450e09da3c00ba344a44a690b004402dc62ddf0d3cf3bbdec5ab33310e
e48769b510137e582179b5beedb1adc108d4a0f9d2cabdc14adef3fdde340e25
e7b25f4f0930f009e0a0ea07f764ea34b3a5e9ec0ecb95b5660f8c51b09b2c16
e892f664f24788968d221cabbe1d1e3dec45c96216fdb9ab0d696dd0847c5d45
e9e511b8cadb6b4a7b8aa15647ce7fa8ede409a1f30d54fa568cd401ad91af56
ea664f57fe4d8da1f856406ea987de0701a49faed669b64a6b4b60d16e7ce1db
eb9df1e86fe03e3ad65563beeb79841bc3ad8789cee27fba8f060c3c981cb478
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
edb22ef77d103ce8ef172e7bf0d40d1529c2a386d573ae15ac418b0e7a0528ad
eeb62f156bfb914c07db1348ae2ea462277a738d143561d3875da7d71a50b34a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd0a16fb682e4fad72ad425fed5a22c810b0650be0277b23a754711ed1a8c9f
f01513c27bd5b4e154b2bb921556072951b536703e8be05eefb3c58a4f0cf44b
f2b56a0633deb0afff95a7242062134c704d6782a10f2345be43fb3fe65a3ab2
f3385adf33b15d77200af558761f6a92bbeeab7254fa981f16089d6ea81db1dd
f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e
fa21ff0b2d90b6b801869ec504dfbede0711c7011b4a26a0403106f3fbbe06c4
fc535219781182fe7936d4aabca6f414eeb8f44a53d896a9609b4588e2b30b59
fdd2957bdd15de48ec0fbf6539730dfe8942e910ab815503b7d4ba98566b001f
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3
ff881f658a1fa4c243a837f91832b5380574bfbc875634d82ac187a1cc806ca4