urlscan.io logo urlscan.io
SecurityTrails logo

nationalpost.com Open in urlscan Pro
34.111.249.109  Public Scan

Go To Rescan Add Verdict Report
URL: https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Submission: On November 23 via api from RU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 111 IPs in 12 countries across 72 domains to perform 375 HTTP transactions. The main IP is 34.111.249.109, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is nationalpost.com. The Cisco Umbrella rank of the primary domain is 121300.
TLS certificate: Issued by GTS CA 1D4 on October 24th 2022. Valid for: 3 months.
This is the only time nationalpost.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 34.111.249.109 396982 (GOOGLE-CL...)
7 2a00:1450:400... 15169 (GOOGLE)
3 104.18.36.94 13335 (CLOUDFLAR...)
1 2a02:2638:1::3 44788 (ASN-CRITE...)
4 23.205.241.117 16625 (AKAMAI-AS)
1 3 13.224.195.78 16509 (AMAZON-02)
1 2600:9000:20e... 16509 (AMAZON-02)
3 96.16.141.156 16625 (AKAMAI-AS)
1 13.225.78.96 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
4 13.224.189.15 16509 (AMAZON-02)
1 13.225.78.24 16509 (AMAZON-02)
37 34.117.54.29 396982 (GOOGLE-CL...)
13 34.149.157.221 15169 (GOOGLE)
7 34.209.185.64 16509 (AMAZON-02)
1 52.30.108.27 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 35.71.131.137 16509 (AMAZON-02)
1 34.120.133.55 396982 (GOOGLE-CL...)
1 23.205.239.15 16625 (AKAMAI-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 23.206.210.112 16625 (AKAMAI-AS)
1 35.241.9.51 15169 (GOOGLE)
3 13 185.89.210.101 29990 (ASN-APPNEX)
1 104.19.149.54 13335 (CLOUDFLAR...)
12 34.107.254.252 396982 (GOOGLE-CL...)
32 18.156.195.47 16509 (AMAZON-02)
1 13.225.87.188 16509 (AMAZON-02)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 8 104.18.33.19 13335 (CLOUDFLAR...)
3 35.244.159.8 15169 (GOOGLE)
2 63.251.14.3 14744 (INTERNAP-...)
1 2602:803:c003... 26667 (RUBICONPR...)
4 2a02:2638::24 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
2 99.83.154.140 16509 (AMAZON-02)
8 10 142.250.186.162 15169 (GOOGLE)
1 2 2a02:2638:1::13 44788 (ASN-CRITE...)
4 2606:4700:10:... 13335 (CLOUDFLAR...)
5 3.125.23.102 16509 (AMAZON-02)
3 52.17.188.115 16509 (AMAZON-02)
1 178.250.2.146 44788 (ASN-CRITE...)
4 18.159.85.30 16509 (AMAZON-02)
1 23.35.228.23 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 2606:4700::68... 13335 (CLOUDFLAR...)
24 2600:9000:20e... 16509 (AMAZON-02)
8 2a00:1450:400... 15169 (GOOGLE)
1 5 13.225.78.39 16509 (AMAZON-02)
1 2a04:4e42:600... 54113 (FASTLY)
3 2a00:1450:400... 15169 (GOOGLE)
3 2600:1f18:44f... 14618 (AMAZON-AES)
4 2a04:4e42:400... 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2600:9000:20e... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 151.101.66.207 54113 (FASTLY)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 13.225.78.64 16509 (AMAZON-02)
1 13.225.85.39 16509 (AMAZON-02)
5 2a04:4e42::645 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
3 2001:4860:480... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 13.225.78.93 16509 (AMAZON-02)
1 13.225.78.94 16509 (AMAZON-02)
2 13.224.189.70 16509 (AMAZON-02)
1 5 3.122.82.80 16509 (AMAZON-02)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 3.120.78.142 16509 (AMAZON-02)
1 3.120.69.109 16509 (AMAZON-02)
1 52.17.99.225 16509 (AMAZON-02)
10 2606:4700::68... 13335 (CLOUDFLAR...)
1 142.132.142.222 24940 (HETZNER-AS)
1 151.101.194.207 54113 (FASTLY)
2 2600:9000:21f... 16509 (AMAZON-02)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 216.239.32.21 15169 (GOOGLE)
1 216.239.36.21 15169 (GOOGLE)
1 1 3.75.15.124 16509 (AMAZON-02)
1 2600:9000:20e... 16509 (AMAZON-02)
1 13.248.245.213 16509 (AMAZON-02)
2 2a03:2880:f11... 32934 (FACEBOOK)
8 2600:1f13:800... 16509 (AMAZON-02)
2 52.206.146.55 14618 (AMAZON-AES)
1 3.210.251.205 14618 (AMAZON-AES)
1 2600:1901:0:8... 15169 (GOOGLE)
2 23.205.235.133 16625 (AKAMAI-AS)
1 23.35.236.188 16625 (AKAMAI-AS)
2 23.35.236.201 16625 (AKAMAI-AS)
1 185.64.190.78 62713 (AS-PUBMATIC)
3 4 37.157.6.233 198622 (ADFORM)
2 2 185.29.134.248 30419 (MEDIAMATH...)
4 185.64.189.110 62713 (AS-PUBMATIC)
2 2 213.155.156.185 1299 (TWELVE99 ...)
3 185.64.190.80 62713 (AS-PUBMATIC)
1 1 178.250.2.151 44788 (ASN-CRITE...)
3 5 67.220.226.234 16509 (AMAZON-02)
2 198.47.127.20 3257 (GTT-BACKB...)
2 2 146.59.148.16 16276 (OVH)
2 2 18.198.69.109 16509 (AMAZON-02)
1 34.91.62.186 396982 (GOOGLE-CL...)
3 5 52.46.130.91 16509 (AMAZON-02)
1 2 185.80.39.216 27381 (CASALE-MEDIA)
2 2 18.156.0.31 16509 (AMAZON-02)
1 2 2a05:d018:d29... 16509 (AMAZON-02)
1 1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 63.251.232.170 32475 (SINGLEHOP...)
4 4 69.173.144.138 26667 (RUBICONPR...)
1 2620:1ec:21::14 8068 (MICROSOFT...)
2 4 69.173.144.139 26667 (RUBICONPR...)
1 3.216.12.14 14618 (AMAZON-AES)
375 111
1    34.111.249.109 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 109.249.111.34.bc.googleusercontent.com
nationalpost.com
7    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
adservice.google.com
3    104.18.36.94 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
1    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
4    23.205.241.117 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-241-117.deploy.static.akamaitechnologies.com
c.aaxads.com
l3.aaxads.com
3    13.224.195.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-195-78.fra2.r.cloudfront.net
c.amazon-adsystem.com
1    2600:9000:20eb:2400:11:1ed0:3900:21 (United States)

ASN16509 (AMAZON-02, US)
d3div1mtym39ic.cloudfront.net
3    96.16.141.156 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-141-156.deploy.static.akamaitechnologies.com
micro.rubiconproject.com
ads.rubiconproject.com
1    13.225.78.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-96.fra2.r.cloudfront.net
cdn.adsafeprotected.com
2    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:3030::6815:5476 (United States)

ASN13335 (CLOUDFLARENET, US)
www.npttech.com
2    2606:4700:10::6816:49e8 (United States)

ASN13335 (CLOUDFLARENET, US)
auth.lrcontent.com
4    13.224.189.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-15.fra2.r.cloudfront.net
cdn.browsiprod.com
1    13.225.78.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-24.fra2.r.cloudfront.net
ak.sail-horizon.com
37    34.117.54.29 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 29.54.117.34.bc.googleusercontent.com
fem.gprod.postmedia.digital
dcs-static.gprod.postmedia.digital
13    34.149.157.221 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 221.157.149.34.bc.googleusercontent.com
smartcdn.gprod.postmedia.digital
7    34.209.185.64 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-209-185-64.us-west-2.compute.amazonaws.com
events.browsiprod.com
1    52.30.108.27 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-108-27.eu-west-1.compute.amazonaws.com
yield-manager.browsiprod.com
6    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700::6812:1af (United States)

ASN13335 (CLOUDFLARENET, US)
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
5    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
1    23.205.239.15 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-239-15.deploy.static.akamaitechnologies.com
www.aaxdetect.com
1    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    23.206.210.112 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-210-112.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co
13    185.89.210.101 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
secure.adnxs.com
1    104.19.149.54 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
12    34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com
api.permutive.com
googlesync.permutive.com
32    18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
c2shb.pubgw.yahoo.com
c2shb.ssp.yahoo.com
1    13.225.87.188 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-188.fra2.r.cloudfront.net
aax-dtb-cf.amazon-adsystem.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
8    104.18.33.19 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
as-sec.casalemedia.com
ssum-sec.casalemedia.com
dsum.casalemedia.com
3    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
postmedia-d.openx.net
u.openx.net
2    63.251.14.3 (United States)

ASN14744 (INTERNAP-BLOCK-4, US)
ap.lijit.com
1    2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
4    2a02:2638::24 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    2a00:1450:4001:82b::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
2    99.83.154.140 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa7557bb34ea5624b.awsglobalaccelerator.com
api.sail-personalize.com
10    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
cm.g.doubleclick.net
2    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
4    2606:4700:10::ac43:835 (United States)

ASN13335 (CLOUDFLARENET, US)
config.lrcontent.com
5    3.125.23.102 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-23-102.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
3    52.17.188.115 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-188-115.eu-west-1.compute.amazonaws.com
pixel.adsafeprotected.com
1    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
4    18.159.85.30 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-85-30.eu-central-1.compute.amazonaws.com
postmedia.hub.loginradius.com
1    23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com
c21lg-d.media.net
1    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
5    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
dae8944e092e9c150a4f1ffb556c3c63.safeframe.googlesyndication.com
7    2606:4700::6811:b6b1 (United States)

ASN13335 (CLOUDFLARENET, US)
experience.tinypass.com
cdn.tinypass.com
buy.tinypass.com
24    2600:9000:20eb:9e00:8:2ae1:d740:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.viafoura.net
8    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    13.225.78.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-39.fra2.r.cloudfront.net
sb.scorecardresearch.com
1    2a04:4e42:600::645 (United States)

ASN54113 (FASTLY, US)
jssdkcdns.mparticle.com
3    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2600:1f18:44f0:4864:1a08:46f1:fe35:b27f (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
api.viafoura.co
4    2a04:4e42:400::645 (United States)

ASN54113 (FASTLY, US)
identity.mparticle.com
1    2606:4700::6810:2a41 (United States)

ASN13335 (CLOUDFLARENET, US)
c2.piano.io
2    2600:9000:20eb:6600:7:75d4:e40:93a1 (United States)

ASN16509 (AMAZON-02, US)
assets.ribn.com
3    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
6    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    151.101.66.207 (United States)

ASN54113 (FASTLY, US)
sdk.mrf.io
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    13.225.78.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-64.fra2.r.cloudfront.net
get.s-onetag.com
1    13.225.85.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-85-39.fra2.r.cloudfront.net
cdn.parsely.com
5    2a04:4e42::645 (United States)

ASN54113 (FASTLY, US)
jssdks.mparticle.com
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
region1.google-analytics.com
3    2a00:1450:400c:c1b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    13.225.78.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-93.fra2.r.cloudfront.net
onetag-geo.s-onetag.com
1    13.225.78.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-94.fra2.r.cloudfront.net
signal-beacon.s-onetag.com
2    13.224.189.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-70.fra2.r.cloudfront.net
signal-segments.s-onetag.com
5    3.122.82.80 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-82-80.eu-central-1.compute.amazonaws.com
eu.sportradarserving.com
1    2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
cdn.js7k.com
1    3.120.78.142 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-78-142.eu-central-1.compute.amazonaws.com
prod-m-node-3113.ssp.advertising.com
1    3.120.69.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-69-109.eu-central-1.compute.amazonaws.com
ghent-aws-fr.bidswitch.net
1    52.17.99.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-99-225.eu-west-1.compute.amazonaws.com
p1.parsely.com
10    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    142.132.142.222 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: haproxy03-new.cl03.k8s.mrf.io
events.newsroom.bi
1    151.101.194.207 (United States)

ASN54113 (FASTLY, US)
flowcards.mrf.io
2    2600:9000:21f3:2200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
1    2a02:26f0:3500:14::1724:a24f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
creatives.sportradarserving.com
1    216.239.32.21 (United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2015.1e100.net
tags.feedad.com
1    216.239.36.21 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2415.1e100.net
api.feedad.com
1    3.75.15.124 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-15-124.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    2600:9000:20eb:2a00:1a:5235:f980:93a1 (United States)

ASN16509 (AMAZON-02, US)
live.primis.tech
1    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
8    2600:1f13:800:7782:8bc3:3390:8885:975 (Boardman, United States)

ASN16509 (AMAZON-02, US)
dt.adsafeprotected.com
2    52.206.146.55 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-146-55.compute-1.amazonaws.com
i.viafoura.co
livecomments.viafoura.co
1    3.210.251.205 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-251-205.compute-1.amazonaws.com
notifications.viafoura.co
1    2600:1901:0:8344:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
lexicon.33across.com
2    23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com
acdn.adnxs.com
2    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    37.157.6.233 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
4    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    213.155.156.185 (Uppsala, Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-185.teliacarrier-cust.com
d5p.de17a.com
3    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
5    67.220.226.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image4.pubmatic.com
simage4.pubmatic.com
2    146.59.148.16 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-2.cloudy.ovh
pixel.onaudience.com
2    18.198.69.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
loada.exelator.com
1    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
5    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
2    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    2a05:d018:d29:3605:2eda:8ed6:2a73:2027 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
1    63.251.232.170 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: ams-mon-1.sys.adgear.com
cm.adgrx.com
4    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
4    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    3.216.12.14 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-12-14.compute-1.amazonaws.com
livecomments.viafoura.co
Apex Domain
Subdomains		 Transfer
50 postmedia.digital
fem.gprod.postmedia.digital — Cisco Umbrella Rank: 124661
dcs-static.gprod.postmedia.digital — Cisco Umbrella Rank: 110274
smartcdn.gprod.postmedia.digital — Cisco Umbrella Rank: 92540
732 KB
36 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 814
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1118
ups.analytics.yahoo.com — Cisco Umbrella Rank: 280
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 416
42 KB
24 viafoura.net
cdn.viafoura.net — Cisco Umbrella Rank: 10224
456 KB
19 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190
cm.g.doubleclick.net — Cisco Umbrella Rank: 203
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
173 KB
14 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 209
secure.adnxs.com — Cisco Umbrella Rank: 426
acdn.adnxs.com — Cisco Umbrella Rank: 579
27 KB
14 adsafeprotected.com
cdn.adsafeprotected.com — Cisco Umbrella Rank: 2994
pixel.adsafeprotected.com — Cisco Umbrella Rank: 605
static.adsafeprotected.com — Cisco Umbrella Rank: 546
dt.adsafeprotected.com — Cisco Umbrella Rank: 518
106 KB
14 rubiconproject.com
micro.rubiconproject.com — Cisco Umbrella Rank: 3004
ads.rubiconproject.com — Cisco Umbrella Rank: 2577
fastlane.rubiconproject.com — Cisco Umbrella Rank: 439
eus.rubiconproject.com — Cisco Umbrella Rank: 541
token.rubiconproject.com — Cisco Umbrella Rank: 544
pixel.rubiconproject.com — Cisco Umbrella Rank: 307
255 KB
14 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 290
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 503
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 915
s.amazon-adsystem.com — Cisco Umbrella Rank: 279
12 KB
13 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 449
ads.pubmatic.com — Cisco Umbrella Rank: 458
image6.pubmatic.com — Cisco Umbrella Rank: 662
simage2.pubmatic.com — Cisco Umbrella Rank: 671
image2.pubmatic.com — Cisco Umbrella Rank: 882
image4.pubmatic.com — Cisco Umbrella Rank: 822
simage4.pubmatic.com
27 KB
13 permutive.com
cdn.permutive.com — Cisco Umbrella Rank: 2407
api.permutive.com — Cisco Umbrella Rank: 1905
googlesync.permutive.com — Cisco Umbrella Rank: 8184
27 KB
12 browsiprod.com
cdn.browsiprod.com — Cisco Umbrella Rank: 11057
events.browsiprod.com — Cisco Umbrella Rank: 9834
yield-manager.browsiprod.com — Cisco Umbrella Rank: 10611
93 KB
10 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 201
94 KB
10 mparticle.com
jssdkcdns.mparticle.com — Cisco Umbrella Rank: 5362
identity.mparticle.com — Cisco Umbrella Rank: 2490
jssdks.mparticle.com — Cisco Umbrella Rank: 4814
56 KB
10 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 491
as-sec.casalemedia.com — Cisco Umbrella Rank: 1339
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 418
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 512
dsum.casalemedia.com — Cisco Umbrella Rank: 1372
8 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
dae8944e092e9c150a4f1ffb556c3c63.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 136
42 KB
8 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 53
501 KB
8 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 691
gum.criteo.com — Cisco Umbrella Rank: 390
mug.criteo.com — Cisco Umbrella Rank: 2725
dis.criteo.com — Cisco Umbrella Rank: 631
9 KB
7 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
region1.google-analytics.com — Cisco Umbrella Rank: 2536
40 KB
7 viafoura.co
api.viafoura.co — Cisco Umbrella Rank: 10527
i.viafoura.co — Cisco Umbrella Rank: 10383
notifications.viafoura.co — Cisco Umbrella Rank: 12421
livecomments.viafoura.co — Cisco Umbrella Rank: 12613
6 KB
7 tinypass.com
experience.tinypass.com — Cisco Umbrella Rank: 7015
cdn.tinypass.com — Cisco Umbrella Rank: 5292
buy.tinypass.com — Cisco Umbrella Rank: 9075
148 KB
6 sportradarserving.com
eu.sportradarserving.com — Cisco Umbrella Rank: 61777
creatives.sportradarserving.com — Cisco Umbrella Rank: 63664
150 KB
6 google.com
adservice.google.com — Cisco Umbrella Rank: 72
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 4753
2 KB
6 gstatic.com
fonts.gstatic.com
183 KB
6 lrcontent.com
auth.lrcontent.com — Cisco Umbrella Rank: 44107
config.lrcontent.com — Cisco Umbrella Rank: 18001
96 KB
5 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 3508
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 4295
signal-beacon.s-onetag.com — Cisco Umbrella Rank: 4474
signal-segments.s-onetag.com — Cisco Umbrella Rank: 8686
18 KB
5 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 146
3 KB
5 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 961
566 B
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 341
1 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 582
2 KB
4 google.de
adservice.google.de — Cisco Umbrella Rank: 8709
www.google.de — Cisco Umbrella Rank: 5922
1 KB
4 loginradius.com
postmedia.hub.loginradius.com — Cisco Umbrella Rank: 128123
1 KB
4 aaxads.com
c.aaxads.com — Cisco Umbrella Rank: 2372
l3.aaxads.com — Cisco Umbrella Rank: 3234
123 KB
3 mrf.io
sdk.mrf.io — Cisco Umbrella Rank: 14989
flowcards.mrf.io — Cisco Umbrella Rank: 15398
30 KB
3 openx.net
postmedia-d.openx.net — Cisco Umbrella Rank: 150334
u.openx.net — Cisco Umbrella Rank: 656
627 B
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43
storage.googleapis.com — Cisco Umbrella Rank: 398
170 KB
3 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 587
cdn.indexww.com — Cisco Umbrella Rank: 1490
47 KB
2 exelator.com
loada.exelator.com — Cisco Umbrella Rank: 25718
2 KB
2 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3206
918 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4495
560 B
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 446
1 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 106
203 B
2 feedad.com
tags.feedad.com — Cisco Umbrella Rank: 25737
api.feedad.com — Cisco Umbrella Rank: 9773
626 B
2 bidswitch.net
ghent-aws-fr.bidswitch.net — Cisco Umbrella Rank: 10299
x.bidswitch.net — Cisco Umbrella Rank: 281
904 B
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 2489
p1.parsely.com — Cisco Umbrella Rank: 1889
26 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 139
113 KB
2 ribn.com
assets.ribn.com — Cisco Umbrella Rank: 126140
8 KB
2 sail-personalize.com
api.sail-personalize.com — Cisco Umbrella Rank: 2699
497 B
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 599
1 KB
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 355
705 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1298
282 B
1 dotomi.com
casale-match.dotomi.com — Cisco Umbrella Rank: 2733
181 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 752
612 B
1 33across.com
lexicon.33across.com — Cisco Umbrella Rank: 1762
296 B
1 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 339
140 B
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 2419
398 B
1 newsroom.bi
events.newsroom.bi — Cisco Umbrella Rank: 11460
1010 B
1 advertising.com
prod-m-node-3113.ssp.advertising.com — Cisco Umbrella Rank: 27308
171 B
1 js7k.com
cdn.js7k.com — Cisco Umbrella Rank: 903
17 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 185
48 KB
1 piano.io
c2.piano.io — Cisco Umbrella Rank: 3929
3 KB
1 media.net
c21lg-d.media.net — Cisco Umbrella Rank: 1906
296 B
1 prmutv.co
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co — Cisco Umbrella Rank: 164841
394 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1250
17 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 374
2 KB
1 aaxdetect.com
www.aaxdetect.com — Cisco Umbrella Rank: 4650
323 B
1 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 762
360 B
1 permutive.app
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app — Cisco Umbrella Rank: 131181
107 KB
1 sail-horizon.com
ak.sail-horizon.com — Cisco Umbrella Rank: 2674
44 KB
1 npttech.com
www.npttech.com — Cisco Umbrella Rank: 7580
3 KB
1 cloudfront.net
d3div1mtym39ic.cloudfront.net
44 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 623
40 KB
1 nationalpost.com
nationalpost.com — Cisco Umbrella Rank: 121300
99 KB
375 72
Domain Requested by
32 dcs-static.gprod.postmedia.digital nationalpost.com
dcs-static.gprod.postmedia.digital
24 cdn.viafoura.net fem.gprod.postmedia.digital
cdn.viafoura.net
20 c2shb.ssp.yahoo.com js-sec.indexww.com
13 smartcdn.gprod.postmedia.digital nationalpost.com
12 c2shb.pubgw.yahoo.com micro.rubiconproject.com
11 api.permutive.com 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
10 cdnjs.cloudflare.com buy.tinypass.com
10 cm.g.doubleclick.net 8 redirects
8 dt.adsafeprotected.com
8 www.googletagmanager.com fem.gprod.postmedia.digital
jssdkcdns.mparticle.com
www.googletagmanager.com
8 ib.adnxs.com 3 redirects 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
micro.rubiconproject.com
js-sec.indexww.com
acdn.adnxs.com
7 events.browsiprod.com cdn.browsiprod.com
6 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
6 fonts.gstatic.com fonts.googleapis.com
6 securepubads.g.doubleclick.net nationalpost.com
securepubads.g.doubleclick.net
www.googletagservices.com
5 s.amazon-adsystem.com 3 redirects ssum-sec.casalemedia.com
5 aax-eu.amazon-adsystem.com 3 redirects ads.pubmatic.com
5 eu.sportradarserving.com 1 redirects nationalpost.com
eu.sportradarserving.com
5 buy.tinypass.com cdn.tinypass.com
buy.tinypass.com
5 jssdks.mparticle.com jssdkcdns.mparticle.com
5 sb.scorecardresearch.com 1 redirects fem.gprod.postmedia.digital
5 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
5 secure.adnxs.com js-sec.indexww.com
5 btlr.sharethrough.com js-sec.indexww.com
5 match.adsrvr.org js-sec.indexww.com
ads.pubmatic.com
ssum-sec.casalemedia.com
5 fem.gprod.postmedia.digital nationalpost.com
fem.gprod.postmedia.digital
4 pixel.rubiconproject.com 2 redirects
4 token.rubiconproject.com 4 redirects
4 simage2.pubmatic.com ads.pubmatic.com
4 c1.adform.net 3 redirects ads.pubmatic.com
4 identity.mparticle.com jssdkcdns.mparticle.com
4 postmedia.hub.loginradius.com fem.gprod.postmedia.digital
auth.lrcontent.com
4 config.lrcontent.com auth.lrcontent.com
4 bidder.criteo.com micro.rubiconproject.com
static.criteo.net
4 cdn.browsiprod.com nationalpost.com
cdn.browsiprod.com
3 image2.pubmatic.com ads.pubmatic.com
3 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
3 www.google.de
3 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
3 www.google.com tpc.googlesyndication.com
3 api.viafoura.co cdn.viafoura.net
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 pixel.adsafeprotected.com cdn.adsafeprotected.com
nationalpost.com
3 c.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
3 c.aaxads.com nationalpost.com
c.aaxads.com
2 livecomments.viafoura.co cdn.viafoura.net
2 pr-bh.ybp.yahoo.com 1 redirects ssum-sec.casalemedia.com
2 ups.analytics.yahoo.com 2 redirects
2 dsum.casalemedia.com ssum-sec.casalemedia.com
2 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
2 loada.exelator.com 2 redirects
2 pixel.onaudience.com 2 redirects
2 d5p.de17a.com 2 redirects
2 sync.mathtag.com 2 redirects
2 ads.pubmatic.com micro.rubiconproject.com
ads.pubmatic.com
2 eus.rubiconproject.com micro.rubiconproject.com
eus.rubiconproject.com
2 www.facebook.com
2 static.adsafeprotected.com pixel.adsafeprotected.com
nationalpost.com
2 signal-segments.s-onetag.com get.s-onetag.com
2 region1.analytics.google.com www.googletagmanager.com
2 connect.facebook.net nationalpost.com
connect.facebook.net
2 sdk.mrf.io nationalpost.com
sdk.mrf.io
2 assets.ribn.com www.googletagmanager.com
nationalpost.com
2 gum.criteo.com 1 redirects static.criteo.net
2 api.sail-personalize.com ak.sail-horizon.com
2 ap.lijit.com micro.rubiconproject.com
js-sec.indexww.com
2 postmedia-d.openx.net micro.rubiconproject.com
js-sec.indexww.com
2 htlb.casalemedia.com micro.rubiconproject.com
js-sec.indexww.com
2 ads.rubiconproject.com micro.rubiconproject.com
securepubads.g.doubleclick.net
2 auth.lrcontent.com nationalpost.com
cdn.viafoura.net
2 fonts.googleapis.com nationalpost.com
buy.tinypass.com
2 js-sec.indexww.com nationalpost.com
micro.rubiconproject.com
1 simage4.pubmatic.com ads.pubmatic.com
1 px.ads.linkedin.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 cm.adgrx.com ssum-sec.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 um.simpli.fi ads.pubmatic.com
1 image4.pubmatic.com ads.pubmatic.com
1 dis.criteo.com 1 redirects
1 image6.pubmatic.com ads.pubmatic.com
1 u.openx.net micro.rubiconproject.com
1 acdn.adnxs.com micro.rubiconproject.com
1 lexicon.33across.com micro.rubiconproject.com
1 notifications.viafoura.co cdn.viafoura.net
1 i.viafoura.co cdn.viafoura.net
1 eb2.3lift.com eu.sportradarserving.com
1 live.primis.tech eu.sportradarserving.com
1 x.bidswitch.net 1 redirects
1 api.feedad.com eu.sportradarserving.com
1 tags.feedad.com eu.sportradarserving.com
1 creatives.sportradarserving.com eu.sportradarserving.com
1 flowcards.mrf.io
1 events.newsroom.bi sdk.mrf.io
1 p1.parsely.com
1 ghent-aws-fr.bidswitch.net nationalpost.com
1 prod-m-node-3113.ssp.advertising.com nationalpost.com
1 cdn.js7k.com nationalpost.com
1 signal-beacon.s-onetag.com get.s-onetag.com
1 onetag-geo.s-onetag.com get.s-onetag.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagservices.com securepubads.g.doubleclick.net
1 cdn.parsely.com www.googletagmanager.com
1 get.s-onetag.com www.googletagmanager.com
1 c2.piano.io cdn.tinypass.com
1 cdn.tinypass.com experience.tinypass.com
1 jssdkcdns.mparticle.com fem.gprod.postmedia.digital
1 experience.tinypass.com fem.gprod.postmedia.digital
1 dae8944e092e9c150a4f1ffb556c3c63.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 as-sec.casalemedia.com js-sec.indexww.com
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 c21lg-d.media.net c.aaxads.com
1 mug.criteo.com
1 googlesync.permutive.com nationalpost.com
1 storage.googleapis.com dcs-static.gprod.postmedia.digital
1 fastlane.rubiconproject.com micro.rubiconproject.com
1 hbopenbid.pubmatic.com micro.rubiconproject.com
1 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
1 cdn.permutive.com 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
1 23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
1 secure.cdn.fastclick.net nationalpost.com
1 l3.aaxads.com nationalpost.com
1 cdn.jsdelivr.net micro.rubiconproject.com
1 www.aaxdetect.com nationalpost.com
1 api.rlcdn.com js-sec.indexww.com
1 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app fem.gprod.postmedia.digital
1 yield-manager.browsiprod.com cdn.browsiprod.com
1 ak.sail-horizon.com nationalpost.com
1 www.npttech.com nationalpost.com
1 cdn.adsafeprotected.com nationalpost.com
1 micro.rubiconproject.com nationalpost.com
1 d3div1mtym39ic.cloudfront.net nationalpost.com
1 static.criteo.net nationalpost.com
1 nationalpost.com
375 135
Subject Issuer Validity Valid
nationalpost.com
GTS CA 1D4		 2022-10-24 -
2023-01-22		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-10-06 -
2023-10-05		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
*.aaxads.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-11 -
2023-03-15		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh
*.adsafeprotected.com
Amazon		 2022-06-21 -
2023-07-20		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.browsiprod.com
Amazon		 2022-02-13 -
2023-03-14		 a year crt.sh
ak.sail-horizon.com
Amazon		 2022-01-06 -
2023-02-02		 a year crt.sh
gprod.postmedia.digital
GTS CA 1D4		 2022-11-12 -
2023-02-10		 3 months crt.sh
gobrowsi.com
Amazon		 2022-11-02 -
2023-11-30		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
permutive.app
Cloudflare Inc ECC CA-3		 2022-11-12 -
2023-02-10		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.aaxdetect.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-11 -
2023-03-15		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
secure.cdn.fastclick.net
DigiCert SHA2 Secure Server CA		 2022-01-15 -
2023-01-17		 a year crt.sh
*.prmutv.co
R3		 2022-09-28 -
2022-12-27		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
permutive.com
Cloudflare Inc ECC CA-3		 2022-02-26 -
2023-02-25		 a year crt.sh
api.permutive.com
R3		 2022-10-18 -
2023-01-16		 3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-02 -
2023-01-25		 6 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
storage.googleapis.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
api.sail-personalize.com
Amazon		 2022-05-25 -
2023-06-23		 a year crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
fw.adsafeprotected.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
*.loginradius.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-13 -
2022-12-13		 a year crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2022-02-20 -
2023-02-22		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
viafoura.com
Amazon		 2022-09-07 -
2023-10-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
jssdkcdns.mparticle.com
R3		 2022-10-23 -
2023-01-21		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
identity.mparticle.com
Go Daddy Secure Certificate Authority - G2		 2022-07-09 -
2023-07-07		 a year crt.sh
piano.io
Cloudflare Inc ECC CA-3		 2022-04-27 -
2023-04-26		 a year crt.sh
*.ribn.com
Amazon		 2022-08-21 -
2023-09-19		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
sdk.mrf.io
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-10-23 -
2023-11-24		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-09-01 -
2022-11-30		 3 months crt.sh
*.s-onetag.com
Amazon		 2022-01-04 -
2023-02-01		 a year crt.sh
*.parsely.com
Amazon		 2022-06-05 -
2023-07-04		 a year crt.sh
jssdks.mparticle.com
R3		 2022-10-23 -
2023-01-21		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.sportradarserving.com
Entrust Certification Authority - L1K		 2022-09-30 -
2023-10-15		 a year crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-10-17 -
2022-12-07		 2 months crt.sh
ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-09-21 -
2022-12-21		 3 months crt.sh
ghent-aws-fr.bidswitch.net
Amazon		 2022-09-07 -
2023-10-06		 a year crt.sh
ssl03.cert.cl03.k8s.mrf.io
R3		 2022-10-17 -
2023-01-15		 3 months crt.sh
flowcards.mrf.io
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-10-23 -
2023-11-24		 a year crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
tracker.ads.sportradar.com
R3		 2022-09-14 -
2022-12-13		 3 months crt.sh
tags.feedad.com
GTS CA 1D4		 2022-10-03 -
2023-01-01		 3 months crt.sh
api.feedad.com
GTS CA 1D4		 2022-10-26 -
2023-01-24		 3 months crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2022-11-04 -
2023-12-03		 a year crt.sh
lexicon.33across.com
GTS CA 1D4		 2022-10-24 -
2023-01-22		 3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2022-10-21 -
2023-10-22		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh

This page contains 25 frames:

Primary Page: https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Frame ID: CEA4362EC24B193BDD54CCEA48F218CC
Requests: 269 HTTP requests in this frame

Frame: https://fem.gprod.postmedia.digital/v70.0/xd.html
Frame ID: 2102A634A079CA0CA9FA500CC9C31689
Requests: 2 HTTP requests in this frame

Frame: https://c.aaxads.com/aacxs.php?flg=AAX24X4M7&fv=1&fy=37&ke=1&suylg=195%2C55%2C3012%2C222%2C274%2C214%2C292%2C159%2C141%2C203%2C271%2C241%2C368%2C272%2C175%2C282%2C229%2C251%2C295%2C310%2C356%2C97%2C51%2C265%2C267%2C108%2C172%2C3007%2C369%2C209&yvVbqf=1&uhiXuo=&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Frame ID: 72BEA1344A91685B5E5F91EDC01404C7
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=nationalpost.com
Frame ID: FE36AB6A446CF0ABE4EC45D7DCBE5A34
Requests: 2 HTTP requests in this frame

Frame: https://dae8944e092e9c150a4f1ffb556c3c63.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FF8AC4211E5BDC29166D74E56EA7A248
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6CC2FF99062524809447908CE0139A57
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D13148BDD2065408E32F4F55DD7FF380
Requests: 2 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/cacheableShow?aid=SE0WzqlbUG&templateId=OTR28KB0LWNT&offerId=fakeOfferId&experienceId=EX5RE37BQNGV&iframeId=offer_45037aba30d439a5a343-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fnationalpost.com
Frame ID: 5789ACD4D235A04061B04B502C832B38
Requests: 16 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=928934&campId=1x1&pubId=4946417229&chanId=396465421&placementId=6123534194&pubCreative=138406115165&pubOrder=3089429980&cb=737504996&custom=story&custom2=1&adsafe_par&impId=6de80bba-6ad7-11ed-b75c-0a6fa201f3de
Frame ID: 8C7B1A10413633CE6A8B7B7B808CF83A
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv0ENRVjaOvQUarakoNjz3nKRWndZmzz0fwU2RsLVC5BlW8vBiKWg8Hat-9IUtNi_uyFUSG6WXPBs4Uv530WJFp9_E9OLKR6p3djIrfnbvsQVSwzIBP_Q-DvVaYLA-GXSuQkqCi0j8byOBRL8Qf36whS9FY4SwKarmlOjEGxMXyMV1t4IuMlw_ze8QJWPSlmJi-Mxn-NmQiOBh_zlgGTduObHtMglWWq0BcrDrEPZH2PfzGXNksOi-Y8SQIZQddgQU9hfAFvBFcyv7d8fcAth4I76Cw3WbOHbnJHaO7Vcm4-0P96UMu4Dq17qdgII4yhwnDOLivTn-el3W9mzq90Vg&sai=AMfl-YQu7vqrrqwf9MH2dU_jBynD4Pq2ntrieJIEif-qDFsvA3coCPytco86zY2bvmXnPyc8EIVY8HfgBbKwfbdLebTkz8MoLh3wTo9zUg6FBCRE2Hu8B2zFpj84Nwv4uzHR&sig=Cg0ArKJSzOCvzbpmb0yhEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 56B2032D51A2B5F9E0090B08AA7CC62B
Requests: 9 HTTP requests in this frame

Frame: https://eu.sportradarserving.com/ul_cb/content/zT9uV-VvBMsXVbb5ZzIkdcgGLZsQkkmLlRiDTmVX2w5pJwQc9rhGBpcLYDJpiZbJ0XiPrbx9zVZRIytu6uGakNaAX-mi5w-uFUwLE-1B5ZejWL4duat4Hb-jF8Q8dQn358orQbCxSjVTozEcldJba6C9cjLax8ujEz6MZ9DmYgK4PqcyAM8haxz3VAOev1gu97LCbQYo56_AQ8I8P7NiXD4fQtHgqQ8vmUopPYYZrwNm9MDwuL9wEFqn0or_a94Flq0Jie_15CnO07t5Au6RyBkHnDjUtwSLNwcUOXk2CoGK-cSetNwBecomve3SbpwL2XHDMN9kUT0VWTSTJDNajHDopI2NXG58mLW1xB8E_rVQemApWbkJwzi6UliINL13n7sf0gTpcjxiVlZhxMjvcbz5qH1dgz-_CW4d51rlkbbCkONyq7PeauTAiabjiir-jNjJqcilWjcNIxy5tIKaFFUrvADJfSZ2UxABaocCjCL8cxrY4GKx0WYdbahCI3U1w9xGTSWxtdkG-rtuqpW5WWuDoPoXzAmT8qwa4lhgqqar8F42FDY5u45nqNNtCs5P49GJ5is7B2YE2Vx0XA2aqQPr0oH2scwKoQqHwwL5XdN_VvlgUuuxVJ6vTywwp5PpDsR12g3wC-CdYHjbn1tjxLOqAxXE8Yf4421cMfQYS62PIC54sZAqLKKfza6t0-ysUbtsQPNx8MhCn-dWkJxivCjgWc9uqDCPB_yMADChxkyJsFijLL0JB90yKomsBAtG13Cz-ha80xftxhE2G7M3WnbdFJO5Z3Dm5GPgaYw-DeaGhW3cqwnfWZwUSYW_JWS-Asp8ME5z2FpjKUKxhWdHOkxMUhZDflKlt5kP0nhiAAIR-JXj7ONIT84nuAg-g661raxi-1yG-Y0fxSox-NZiPJaoGORKk9t7DzjfcF0_RXNDvvPONylcA-pFwXQIena3I1oiIZqSoa5513hfy6vXVWIqOhLCZzFewR5tl-ACOKGm72XZP3SEhV3KqpakoJI-LWpv6Pg9q-M56WLu0QJZtiwMpAbSG0vKSB36qaEg19MtwGDBOVZjXsHgnwjKqGJC0n67J8OAZosSucTQSOhjiclVFEHXSfPMgACFlz9QYAJvC5cMdmlV_-maAYJGayPXY_ccYEc/
Frame ID: 13BE094552F2EA49B9282C35EEF468AF
Requests: 9 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 53581FBC106A0CCD2C168142D38B5F3E
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: E2743737C3578363B39068E38453AB35
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: FFCBB257C10CEBE0C99959C2A5F61A6D
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 06C607EF76B02A8E7A89874DBE7327ED
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 5EC93C71EF8050ACB5077C36D3C3FFB4
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Frame ID: 39A95BF4526110339658C032B61BD2AA
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 6FA82DA850D7C3E3D037BD26B1AE48CD
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnationalpost.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: EB851440287D2481647A6AE1E7CC44A3
Requests: 10 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C992D949-5501-4FF8-B1AD-8796DB83C422&gdpr=0&gdpr_consent=
Frame ID: 7DDAF5750BF22E4A6AEE4F50DEA710E9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:6657637d-86da-4f00-bdec-a8bacd79d99c&gdpr=0&gdpr_consent=
Frame ID: DC9FE919486BCA88E891049BF1C649DE
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=709968164926756602
Frame ID: 869FF53129024FACB2D9E7313C06C9ED
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: BC5D7ADA8368FEDD825DCDD46D798F62
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=C992D949-5501-4FF8-B1AD-8796DB83C422&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 259C5CD322EF4700190D1D5AEC478986
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1299203778257616234&gdpr=0&gdpr_consent=
Frame ID: 120AE9CF6D0E481F46A67C197985BD28
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Lawsuit threat over claim PR exec carried Nazi flag at Freedom Convoy | National PostNational PostUserFinancial Post

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
  • \bangular.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

375
Requests

93 %
HTTPS

38 %
IPv6

72
Domains

135
Subdomains

111
IPs

12
Countries

4241 kB
Transfer

13514 kB
Size

102
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://c.amazon-adsystem.com/aax2/apstag.js HTTP 301
  • https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
Request Chain 114
  • https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=ddba2bdb-24b7-492c-a276-0a8705169dc8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=ddba2bdb-24b7-492c-a276-0a8705169dc8&google_tc= HTTP 302
  • https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEGtCufSBkp1V3goJHjKDRrM&error=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=ddba2bdb-24b7-492c-a276-0a8705169dc8&google_cver=1
Request Chain 156
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=nationalpost.com&sn=ChromeSyncframe&so=0&topUrl=nationalpost.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=WPzMNnx3cDRLUXVuUFk3eEg4TmpnWHBKQ2IveUE4WllSVTZ6L2p2R3VzU1BXM1JQV3diOHZINm1SK05KL3ZaWDZaZDlrVmZpZVU4STNsSHZMTUtRK0Y2S0gxQzlUTm1MZCtLMHBlVlh2UTd0L1FXbnM4TVpIOGNOMVJWMGluZWJwS080SnFRVkJ1S3R2S28rckdzSjEvaXY3M09kdU9SNTlDa3o1NzJYOXQ2NW5QSGRBaVN6N1RlTHUzTWtETzRNUVhBN1NzMUVnbGF3dmwwZkQ0a0NmMXc0Q1pVWXBtS0dKN2RVbkZ0VXI4UkFseVpacHJDb3gvNXpodjZrdE5JRWwwc2hxTWVKZkJIWlRrR3MwZk13V2szc2UySEt0YXR6QmhhaVM0c2hEUVgrZjQ1RT18&cppv=2
Request Chain 199
  • https://sb.scorecardresearch.com/c2/10276888/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
Request Chain 229
  • https://eu.sportradarserving.com/content/zT9uV-VvBMsXVbb5ZzIkdcgGLZsQkkmLlRiDTmVX2w5pJwQc9rhGBpcLYDJpiZbJ0XiPrbx9zVZRIytu6uGakNaAX-mi5w-uFUwLE-1B5ZejWL4duat4Hb-jF8Q8dQn358orQbCxSjVTozEcldJba6C9cjLax8ujEz6MZ9DmYgK4PqcyAM8haxz3VAOev1gu97LCbQYo56_AQ8I8P7NiXD4fQtHgqQ8vmUopPYYZrwNm9MDwuL9wEFqn0or_a94Flq0Jie_15CnO07t5Au6RyBkHnDjUtwSLNwcUOXk2CoGK-cSetNwBecomve3SbpwL2XHDMN9kUT0VWTSTJDNajHDopI2NXG58mLW1xB8E_rVQemApWbkJwzi6UliINL13n7sf0gTpcjxiVlZhxMjvcbz5qH1dgz-_CW4d51rlkbbCkONyq7PeauTAiabjiir-jNjJqcilWjcNIxy5tIKaFFUrvADJfSZ2UxABaocCjCL8cxrY4GKx0WYdbahCI3U1w9xGTSWxtdkG-rtuqpW5WWuDoPoXzAmT8qwa4lhgqqar8F42FDY5u45nqNNtCs5P49GJ5is7B2YE2Vx0XA2aqQPr0oH2scwKoQqHwwL5XdN_VvlgUuuxVJ6vTywwp5PpDsR12g3wC-CdYHjbn1tjxLOqAxXE8Yf4421cMfQYS62PIC54sZAqLKKfza6t0-ysUbtsQPNx8MhCn-dWkJxivCjgWc9uqDCPB_yMADChxkyJsFijLL0JB90yKomsBAtG13Cz-ha80xftxhE2G7M3WnbdFJO5Z3Dm5GPgaYw-DeaGhW3cqwnfWZwUSYW_JWS-Asp8ME5z2FpjKUKxhWdHOkxMUhZDflKlt5kP0nhiAAIR-JXj7ONIT84nuAg-g661raxi-1yG-Y0fxSox-NZiPJaoGORKk9t7DzjfcF0_RXNDvvPONylcA-pFwXQIena3I1oiIZqSoa5513hfy6vXVWIqOhLCZzFewR5tl-ACOKGm72XZP3SEhV3KqpakoJI-LWpv6Pg9q-M56WLu0QJZtiwMpAbSG0vKSB36qaEg19MtwGDBOVZjXsHgnwjKqGJC0n67J8OAZosSucTQSOhjiclVFEHXSfPMgACFlz9QYAJvC5cMdmlV_-maAYJGayPXY_ccYEc/ HTTP 302
  • https://eu.sportradarserving.com/ul_cb/content/zT9uV-VvBMsXVbb5ZzIkdcgGLZsQkkmLlRiDTmVX2w5pJwQc9rhGBpcLYDJpiZbJ0XiPrbx9zVZRIytu6uGakNaAX-mi5w-uFUwLE-1B5ZejWL4duat4Hb-jF8Q8dQn358orQbCxSjVTozEcldJba6C9cjLax8ujEz6MZ9DmYgK4PqcyAM8haxz3VAOev1gu97LCbQYo56_AQ8I8P7NiXD4fQtHgqQ8vmUopPYYZrwNm9MDwuL9wEFqn0or_a94Flq0Jie_15CnO07t5Au6RyBkHnDjUtwSLNwcUOXk2CoGK-cSetNwBecomve3SbpwL2XHDMN9kUT0VWTSTJDNajHDopI2NXG58mLW1xB8E_rVQemApWbkJwzi6UliINL13n7sf0gTpcjxiVlZhxMjvcbz5qH1dgz-_CW4d51rlkbbCkONyq7PeauTAiabjiir-jNjJqcilWjcNIxy5tIKaFFUrvADJfSZ2UxABaocCjCL8cxrY4GKx0WYdbahCI3U1w9xGTSWxtdkG-rtuqpW5WWuDoPoXzAmT8qwa4lhgqqar8F42FDY5u45nqNNtCs5P49GJ5is7B2YE2Vx0XA2aqQPr0oH2scwKoQqHwwL5XdN_VvlgUuuxVJ6vTywwp5PpDsR12g3wC-CdYHjbn1tjxLOqAxXE8Yf4421cMfQYS62PIC54sZAqLKKfza6t0-ysUbtsQPNx8MhCn-dWkJxivCjgWc9uqDCPB_yMADChxkyJsFijLL0JB90yKomsBAtG13Cz-ha80xftxhE2G7M3WnbdFJO5Z3Dm5GPgaYw-DeaGhW3cqwnfWZwUSYW_JWS-Asp8ME5z2FpjKUKxhWdHOkxMUhZDflKlt5kP0nhiAAIR-JXj7ONIT84nuAg-g661raxi-1yG-Y0fxSox-NZiPJaoGORKk9t7DzjfcF0_RXNDvvPONylcA-pFwXQIena3I1oiIZqSoa5513hfy6vXVWIqOhLCZzFewR5tl-ACOKGm72XZP3SEhV3KqpakoJI-LWpv6Pg9q-M56WLu0QJZtiwMpAbSG0vKSB36qaEg19MtwGDBOVZjXsHgnwjKqGJC0n67J8OAZosSucTQSOhjiclVFEHXSfPMgACFlz9QYAJvC5cMdmlV_-maAYJGayPXY_ccYEc/
Request Chain 260
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=329d115f-8c05-42e8-b5d0-25da6749202a HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&pixel=&advId=24830&advUuid=6d0c3141-b31b-4410-af02-ba0aae53464d
Request Chain 319
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnationalpost.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnationalpost.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 322
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 323
  • https://c1.adform.net/serving/cookie/match?party=14&cid=C992D949-5501-4FF8-B1AD-8796DB83C422&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C992D949-5501-4FF8-B1AD-8796DB83C422&gdpr=0&gdpr_consent=
Request Chain 324
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:6657637d-86da-4f00-bdec-a8bacd79d99c&gdpr=0&gdpr_consent=
Request Chain 325
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=709968164926756602
Request Chain 326
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 327
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=C992D949-5501-4FF8-B1AD-8796DB83C422&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=C992D949-5501-4FF8-B1AD-8796DB83C422&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 328
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1299203778257616234&gdpr=0&gdpr_consent=
Request Chain 329
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=yZLZSVUBT_ixrYeW24PEIg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 330
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=cbfc637d-86da-4600-83f7-4405511fbfb2
Request Chain 331
  • https://pixel.onaudience.com/?partner=214&mapped=C992D949-5501-4FF8-B1AD-8796DB83C422&gdpr=0&gdpr_consent= HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=b6e192c29eaef4a63e6b879726f190c7&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 332
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Qzk5MkQ5NDktNTUwMS00RkY4LUIxQUQtODc5NkRCODNDNDIy&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 333
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEG2o6vnjYY7h-7UtCycmhNQ&google_cver=1
Request Chain 335
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6890405839476078693
Request Chain 337
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y32G2pwI6UGxrZa504vFxgAABK8AAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y32G2pwI6UGxrZa504vFxgAABK8AAAIB&dcc=t
Request Chain 338
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y32G2pwI6UGxrZa504vFxgAABK8AAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENKl3T1-CcaZskjC9X4XqtY&google_cver=1
Request Chain 340
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y32G2pwI6UGxrZa504vFxgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELrdG7SinM2iLQTBajjII0Q&google_cver=1
Request Chain 341
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=1299203778257616234
Request Chain 342
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y32G2pwI6UGxrZa504vFxgAABK8AAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y32G2pwI6UGxrZa504vFxgAABK8AAAIB&gdpr_consent=&us_privacy=&gdpr=&verify=true HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y32G2pwI6UGxrZa504vFxgAABK8AAAIB
Request Chain 343
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1669257306
Request Chain 346
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjU4MmQzM2Y5YWNjNGRmZTViMzBjOTJkMWUwN2ZiNjc1MDg1ZTY5ZA
Request Chain 347
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAT199TV-1M-EXFI
Request Chain 348
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=5ayomrc8RSW1t7_m67Jfxw&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=5ayomrc8RSW1t7_m67Jfxw
Request Chain 349
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/MumryFJk-Ns5tdFEFPIOrcn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1430947222910505367
Request Chain 350
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHyLIdtldfdhYsHlEYRWnJw&google_cver=1
Request Chain 352
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFUMTk5VFYtMU0tRVhGSQ==
Request Chain 353
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=9EP5-jNXT-6ND5UV92Vvqg&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=9EP5-jNXT-6ND5UV92Vvqg

375 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
nationalpost.com/news/politics/ 		559 KB
99 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.249.109 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
109.249.111.34.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
0b5c7da4ade777e51477cbdf7cdac580fcdcc93c2fc59b7f8b9d4cb2d56b305e
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-dynamic' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
max-age=300
content-encoding
gzip
content-security-policy
default-src * 'unsafe-eval' 'unsafe-dynamic' 'unsafe-inline' data: blob:
content-type
text/html; charset=utf-8
date
Wed, 23 Nov 2022 02:34:59 GMT
expires
Wed, 23 Nov 2022 02:38:42 GMT
permissions-policy
autoplay=(*), camera=(*), display-capture=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), microphone=(*), payment=(*)
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.14.2
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-pmd-backend
pmd-nginx-proxy-66d74588bd-6jgq7
x-pmd-cache
HIT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8e64f656ab17cca541c2cedc0711657661cc96758750fff8400884c6239bc34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:34:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27210
x-xss-protection
0
server
sffe
etag
"1400 / 881 of 1000 / last-modified: 1669158359"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 23 Nov 2022 02:34:59 GMT
184635-225789216445563.js
js-sec.indexww.com/ht/p/ 		180 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/184635-225789216445563.js
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c74ef042bfcf702752741a8c0fd1e1f8c691dc3b270a2c2f1739365596dc71c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:34:59 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 23 Nov 2022 02:15:25 GMT
server
cloudflare
age
947
etag
W/"9048aa-2d156-5ee19dc8c20f1"
vary
Accept-Encoding
content-type
text/javascript
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
cf-ray
76e6824bfdef5bf9-FRA
expires
Wed, 23 Nov 2022 06:34:59 GMT
publishertag.js
static.criteo.net/js/ld/ 		121 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
87f31cded62015a1d11cce6be7a32b77405de2fb36f4b8a7c2c5a4ccabd6a403
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:34:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-1e444"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 24 Nov 2022 02:34:59 GMT
aax.js
c.aaxads.com/ 		403 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.aaxads.com/aax.js?pub=AAX24X4M7&hst=nationalpost.com&ver=1.2
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.241.117 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-117.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
28e81187e7f33fa1c5c6d6920ca6d9d1c8d5ac72359e2b6f6487524727021472
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
date
Wed, 23 Nov 2022 02:34:59 GMT
server
Apache
vary
Accept-Encoding
x-mnet-h
E
content-type
text/javascript; charset=utf-8
cache-control
max-age=1800
expires
Wed, 23 Nov 2022 03:04:59 GMT
apstag.js
d3div1mtym39ic.cloudfront.net/aax2/
Redirect Chain
  • https://c.amazon-adsystem.com/aax2/apstag.js
  • https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
178 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Protocol
H2
Server
2600:9000:20eb:2400:11:1ed0:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bd8b521307332fcb0a59ff2cbfe324322d6f4108b24363b6c8d26a0ec8be50da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 01:45:06 GMT
content-encoding
gzip
via
1.1 0f538ee832e1105649039b38ce89e882.cloudfront.net (CloudFront)
last-modified
Wed, 09 Nov 2022 20:51:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
2994
x-amz-server-side-encryption
AES256
etag
W/"e675a6dfe90787fca79a6c96fd29c2d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
P3ASHWWV-emvfeZT9y938Kf24r9odOebiU65Lexx3W7x8ldw3GZlvw==

Redirect headers

date
Tue, 22 Nov 2022 22:41:17 GMT
via
1.1 6fd3ab2be93b19c970fb371964d46d94.cloudfront.net (CloudFront), 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA60-P1, FRA2-C1
age
14022
x-cache
Hit from cloudfront
content-type
text/html
location
https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
content-length
167
x-amz-cf-id
C6kfkqXlg7_zVFTvtooEQV1K5Ovw_MLdQ3HNvRWmZ8WyZMLLkvCsMg==
14648.js
micro.rubiconproject.com/prebid/dynamic/ 		2 MB
222 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://micro.rubiconproject.com/prebid/dynamic/14648.js
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.141.156 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-141-156.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
73857a40014bac992be90433c05d4ee4b041992e898a3132d65d3cd8a872ca8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:34:59 GMT
content-encoding
gzip
last-modified
Tue, 22 Nov 2022 14:41:02 GMT
server
Apache
vary
Accept-Encoding
edge-cache-tag
prod-prebid-14648_postmedia_pbjs.js
content-type
text/javascript
access-control-expose-headers
x-trp-pba
cache-control
public, must-revalidate, max-age=14400
content-length
226162
x-trp-pba
{"ruleId":"1","rulePos":0,"ruleName":"Catch All Rule","wrapperName":"14648_postmedia_pbjs","isPrimary":true,"randomProb":11,"account":14648,"device":"desktop","country":"DE","host":"nationalpost.com","isMobile":false,"isTablet":false,"reqHost":"micro.rubiconproject.com","referrer":["https://nationalpost.com/"],"xForwardedFor":"","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36","query":"","ranAt":"2022-11-23T02:34:59.833Z","runId":"1669170899833-8683","wrapperPath":"/prebid/14648_postmedia_pbjs.js","redirectUrl":"/prebid/get-wrapper/Catch%20All%20Rule/14648_postmedia_pbjs.js"}
expires
Wed, 23 Nov 2022 15:14:00 GMT
iasPET.1.js
cdn.adsafeprotected.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-96.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 18 Nov 2022 02:06:29 GMT
Content-Encoding
gzip
Via
1.1 2f194b62c8c43859cbf5af8e53a8d2a6.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Jun 2021 17:38:57 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA2-C2
Age
433711
ETag
W/"51636de3ce868a2172f9e6996c2934e0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=604800
Connection
keep-alive
X-Amz-Cf-Id
3RT_c8Qb8hlvCEuQKTtNQGo7A16pyBasj6iXJbDpI8EZsJa47ZT-Zw==
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Sans:700%7CPT+Serif:400,700%7CRoboto:400,700&display=swap
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f6188add36e8cf36585300840eade35fea02cbcd9a512cce7db22fe89f8e14eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 23 Nov 2022 02:34:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 23 Nov 2022 02:34:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 23 Nov 2022 02:34:59 GMT
advertising.js
www.npttech.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.npttech.com/advertising.js
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5476 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:35:00 GMT
x-amz-version-id
AqISHxpKTQvORh8RqBdMoHK.Vq6tURDV
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
1HG3Y11AHE62FRG9
age
826
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
UUrHmTH3oEDiwlnSw8MvEQ8MQWBRLG/XBFkTBTuj3XaakI4I8/uDVMMF/MpZ4kWglYDm064RMos=
last-modified
Tue, 18 Oct 2022 13:20:01 GMT
server
cloudflare
etag
W/"df0e1827cd8f289a645f38d8fecaf6e0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pX3TbBSHhXC9ozJXtR829Qaj4qEZ4x%2BS6r4r0648j%2BOuVSnBOXIaP04ly0K3rzIiuc0PAZ2f9N4GuLhuknQvs%2BVrP0yqzPng8HN8CEMtuxn6HEe49sN%2BQEZHx3zXq5gUGwlsQv46BF4m7MzISto%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=28800
cf-ray
76e6824d0c9d6927-FRA
LoginRadiusV2.js
auth.lrcontent.com/v2/js/ 		199 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.lrcontent.com/v2/js/LoginRadiusV2.js
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:49e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68a335c0d87dce935fee1811892070e78c514828d50bfe2ae21fde739ec1002c
Security Headers
Name Value
Strict-Transport-Security max-age= 63072000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:34:59 GMT
strict-transport-security
max-age= 63072000; includeSubdomains; preload
via
1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
gzip
age
588
x-amz-cf-pop
FRA60-P3
cf-polished
origSize=1238069
x-cache
Hit from cloudfront
cf-bgj
minify
last-modified
Mon, 13 Dec 2021 05:19:58 GMT
server
cloudflare
etag
W/"ae3463c4a59ae100b160ed4dd5dbf4b8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
76e6824c59c490d4-FRA
x-amz-cf-id
68rcZU6MZjgzq_ebLyLuBecz-uqB2TYPcVu_JE4dDoVfzWPuqE06kg==
bootstrap.js
cdn.browsiprod.com/bootstrap/ 		44 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.browsiprod.com/bootstrap/bootstrap.js
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-15.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
af651c15930052605f7a3f0870a40f685f67935b59422a18edab5dfd125d13b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
8tTeJCaTstb2Vzod7tGZDEtSClruK4Q5
content-encoding
br
via
1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
date
Wed, 23 Nov 2022 02:01:42 GMT
last-modified
Tue, 08 Nov 2022 09:01:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
1998
etag
W/"a9cf5f921308a0244868496bfc0a0572"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public,max-age=3600
x-amz-cf-id
-PWyVj0WypcmlARsVtHq0eMZY_4PHDpS3Az7oopu7ccPBg5vNTMwLA==
spm.v1.min.js
ak.sail-horizon.com/spm/ 		124 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-24.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a8236998816487aa6623e3626d7cd50f395e3deee0732c33b150bec3cb81f9a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:32:53 GMT
content-encoding
gzip
via
1.1 6c9a2d99a25484f38efa27d58a726b2c.cloudfront.net (CloudFront)
last-modified
Thu, 15 Sep 2022 23:20:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
127
etag
W/"97dd801dd26ae0172c7875245d92f506"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=600; must-revalidate
x-amz-cf-id
85LBxZZL-XTYKewIj7Uv1JptW806V8gM77HgQeUqaERsO3OvQNK_cQ==
fem.js
fem.gprod.postmedia.digital/v70.0/ 		293 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v70.0/fem.js
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
10c767119d21a27a12d9d6c7456733e34d1b9b43c5ed70c04c8f9fca87527c57

Request headers

Referer
https://nationalpost.com/
Origin
https://nationalpost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 18:54:40 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1667858027
age
632419
x-guploader-uploadid
ADPycdtJqfcS22PNsdySnf3RVoUZ1q9pxDTlCd_fbO2_0XGkIt3hKc9bvEJkWmCcSnQV7oA4w0a0_a3H1g9o1nwHKy52Mw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
86380
last-modified
Mon, 07 Nov 2022 21:55:05 GMT
server
UploadServer
etag
W/"bdb1508f590898b5ad750694fdf72890"
vary
Accept-Encoding
x-goog-generation
1667858105142819
x-goog-hash
crc32c=RpfvQQ==, md5=vbFQj1kImLWtdQaU/fcokA==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
299809
accept-ranges
none
content-type
application/javascript
icon-close-black.svg
dcs-static.gprod.postmedia.digital/12.3.4/websites/images/common-icon/ 		378 B
639 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/12.3.4/websites/images/common-icon/icon-close-black.svg
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
15b54a90686829d59ef0c2bc6a9e2e82b6a11536be56acf2b4ff414b081c891d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 18:20:14 GMT
x-goog-meta-goog-reserved-file-mtime
1669051903
age
116086
x-guploader-uploadid
ADPycdvR7VVOkFaajjJjYs7oj-4rD1-h_IUrP-uykfPJrap_imjdSbStVt8-ovQqKwpBnE10Z7-w2NoK2PVENTVf19YjHhkzn1rO
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
378
last-modified
Mon, 21 Nov 2022 18:13:18 GMT
server
UploadServer
etag
"6b517647b75beac7cede4e634ea51094"
x-goog-generation
1669054398105093
x-goog-hash
crc32c=wbQwCg==, md5=a1F2R7db6sfO3k5jTqUQlA==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
378
accept-ranges
bytes
icon-circle-email.svg
dcs-static.gprod.postmedia.digital/12.3.4/websites/images/share-icons/ 		976 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/12.3.4/websites/images/share-icons/icon-circle-email.svg
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
2a647bbfb5c6723ca10f9833ae08d3381b0061f982959571e56a55d7768cb7a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 18:20:22 GMT
x-goog-meta-goog-reserved-file-mtime
1669051903
age
116078
x-guploader-uploadid
ADPycdtmnfCURfCfjl94uE8_kNeFjkZMO6_01L8C8cfIEUHhpcpOSYbczpgi0Gf0igvWJfWEGSdzYCEtrqYJztrgmA51RA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
976
last-modified
Mon, 21 Nov 2022 18:13:24 GMT
server
UploadServer
etag
"bef02ad8b1f137bbb303cefe8614b69f"
x-goog-generation
1669054404126452
x-goog-hash
crc32c=ZVCajw==, md5=vvAq2LHxN7uzA87+hhS2nw==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
976
accept-ranges
bytes
icon-soc-fb.svg
dcs-static.gprod.postmedia.digital/12.3.4/websites/images/share-icons/ 		775 B
1010 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/12.3.4/websites/images/share-icons/icon-soc-fb.svg
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
40e562e806ce113ae7879d0dd76db82797b5c274794751c260381f2c8b283641

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 18:20:20 GMT
x-goog-meta-goog-reserved-file-mtime
1669051903
age
116080
x-guploader-uploadid
ADPycdtdDXTDJ6XHP8Yz95lotKpqi4kBwi4TKoo4IJL8xzOYmbowDgx65rKfI1TJm5yiF-xMcRCptETl-C1MVhvyJQ_Qkg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
775
last-modified
Mon, 21 Nov 2022 18:13:24 GMT
server
UploadServer
etag
"993353c51244defcc16154eac23ff88d"
x-goog-generation
1669054404178080
x-goog-hash
crc32c=Z/aKUg==, md5=mTNTxRJE3vzBYVTqwj/4jQ==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
775
accept-ranges
bytes
icon-soc-tw.svg
dcs-static.gprod.postmedia.digital/12.3.4/websites/images/share-icons/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/12.3.4/websites/images/share-icons/icon-soc-tw.svg
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
975a64dc9bbc5e1884ba8ca2e76d9b2791d16d5c9f3619bf30477cd21a8636d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 18:23:00 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1669051903
age
115920
x-guploader-uploadid
ADPycdvOZX2-AE28aX6ZxSWsDIirKEevXtDpjn2_vud_jbqNj5qVxV0KXHMPR6m9Vna27QRcFmcjhK9hAK7hXy5va0q9w65nhhEt
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
806
last-modified
Mon, 21 Nov 2022 18:13:24 GMT
server
UploadServer
etag
W/"df82c342c1176b84253c53e6e10eed05"
vary
Accept-Encoding
x-goog-generation
1669054404292200
x-goog-hash
crc32c=cbPk0w==, md5=34LDQsEXa4QlPFPm4Q7tBQ==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
1698
accept-ranges
none
icon-soc-rdit.svg
dcs-static.gprod.postmedia.digital/12.3.4/websites/images/share-icons/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/12.3.4/websites/images/share-icons/icon-soc-rdit.svg
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
1fb82c9bb456f6d5336430ebb3d5b1e596ceb303ee99690f0c9187aa13a0cd43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 18:23:00 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1669051903
age
115920
x-guploader-uploadid
ADPycdujDGats6pHtd4V_IaQmyDn_ZfZ9k9w7t69Opt39jD8X9oxfdpnXxIGMe9MrfsYU9EMoFwyCooAPIBgcT1naUQh-gehYix0
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
803
last-modified
Mon, 21 Nov 2022 18:13:24 GMT
server
UploadServer
etag
W/"0304b8d3870cc1f4f888574a14022da4"
vary
Accept-Encoding
x-goog-generation
1669054404244312
x-goog-hash
crc32c=GJubKw==, md5=AwS404cMwfT4iFdKFAItpA==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
2135
accept-ranges
none
icon-soc-pin.svg
dcs-static.gprod.postmedia.digital/12.3.4/websites/images/share-icons/ 		2 KB
1004 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/12.3.4/websites/images/share-icons/icon-soc-pin.svg
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
73ce21104cbd5c5d38a7f58633f41f6aaf3cf9bb58d2166935871115df10086f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 18:23:00 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1669051903
age
115920
x-guploader-uploadid
ADPycduEJw7fHvEGscq7BO4-NPoxrV_KKnnTMaNVGiMPkbtNrta6P-8-6PZusfaTC5oMV3GAUC9edMPbrXL1QIGRmMTyPSCWus12
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
753
last-modified
Mon, 21 Nov 2022 18:13:24 GMT
server
UploadServer
etag
W/"7dbe30e1f3c16e83b217e86f8fe87986"
vary
Accept-Encoding
x-goog-generation
1669054404247191
x-goog-hash
crc32c=CmGx6w==, md5=fb4w4fPBboOyF+hvj+h5hg==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
1904
accept-ranges
none
icon-soc-li.svg
dcs-static.gprod.postmedia.digital/12.3.4/websites/images/share-icons/ 		739 B
977 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/12.3.4/websites/images/share-icons/icon-soc-li.svg
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
73f5cb8f7a137847e41aeb849588174535651b6e140d8b13575f46fff0c496a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 18:20:17 GMT
x-goog-meta-goog-reserved-file-mtime
1669051903
age
116083
x-guploader-uploadid
ADPycdtiFXtqFei8_ioRr3SUWZJh3QQ0Vz3S4i6c_AY4QtWt_qZaLa_h8dcQPzNBPDAsaNN-NcTAvkT37c76iRMS_J85YrprLr7m
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
739
last-modified
Mon, 21 Nov 2022 18:13:24 GMT
server
UploadServer
etag
"071e5c7f2df5f3dc2b856b2576752f1c"
x-goog-generation
1669054404195731
x-goog-hash
crc32c=PfZM8A==, md5=Bx5cfy3189wrhWsldnUvHA==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
739
accept-ranges
bytes
icon-soc-tblr.svg
dcs-static.gprod.postmedia.digital/12.3.4/websites/images/share-icons/ 		479 B
717 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/12.3.4/websites/images/share-icons/icon-soc-tblr.svg
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
bd42ab1e963caae23b78541c50e8b5d8146d0c6b2151fcfcfa938c17c417f68e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 18:20:09 GMT
x-goog-meta-goog-reserved-file-mtime
1669051903
age
116091
x-guploader-uploadid
ADPycdsr79hV1ZSy0XwSqi9Z2AFa2ECWHp63lOjDVR4IUxS17Q5KETcAXud5btrtyjZvZeLzy5wteWamuusBr360GQcWjgcqucT5
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
479
last-modified
Mon, 21 Nov 2022 18:13:24 GMT
server
UploadServer
etag
"1ace9edc1bbac746d584a7270d791ff9"
x-goog-generation
1669054404261763
x-goog-hash
crc32c=08+Lmg==, md5=Gs6e3Bu6x0bVhKcnDXkf+Q==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
479
accept-ranges
bytes
icon-circle-share.svg
dcs-static.gprod.postmedia.digital/12.3.4/websites/images/share-icons/ 		561 B
805 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/12.3.4/websites/images/share-icons/icon-circle-share.svg
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
4bef0d2ce9ddd3dcd15889345ea8e4ae1eb38c2bcf50bcd76daed2dc63f0a424

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 18:21:07 GMT
x-goog-meta-goog-reserved-file-mtime
1669051903
age
116033
x-guploader-uploadid
ADPycdvC04bwu23uuktF9KgawbtWuJbmqutCv8cnlWw-JZrE-NQo1NU4vAsZJ91k7pD3P5RWIe-ae4um0RNJ2FCZsoBP7A
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
561
last-modified
Mon, 21 Nov 2022 18:13:24 GMT
server
UploadServer
etag
"cbc289873c015f5baae7e9e8d4876ea9"
x-goog-generation
1669054404167410
x-goog-hash
crc32c=9Je3tg==, md5=y8KJhzwBX1uq5+no1IduqQ==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
561
accept-ranges
bytes
Freedom-Convoy-flag.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2022/11/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2022/11/Freedom-Convoy-flag.jpg?quality=90&strip=all&w=564&h=423&type=webp
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
a69f4f697a3ed6ec6af0f51857dd9bfdec4a85e3a4c81d40208e649429130b8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Tue, 22 Nov 2022 05:43:32 GMT
via
1.1 google
server
nginx/1.19.10
age
75088
etag
"09aca03e22d5138f84686ba1985d300384c1d888"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-6564f6b646-lhxhf
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66274
icon-soc-ig-mono-rev.svg
dcs-static.gprod.postmedia.digital/12.3.4/websites/images/share-icons/ 		1 KB
834 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/12.3.4/websites/images/share-icons/icon-soc-ig-mono-rev.svg
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
71f27f30bcea1929b2e4fb409abe0baf4029759e1deb3ee316e21016463dff61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 18:28:17 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1669051903
age
115603
x-guploader-uploadid
ADPycdvExC4Y_NQrFDA8DBV-oBR6bszV2EJ_PfjBTHrdNKDUABHjXHVbogxrf6QMMieUzwGeg5mxlrxCG-TeFyaCjVndWg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
597
last-modified
Mon, 21 Nov 2022 18:13:24 GMT
server
UploadServer
etag
W/"b9c985784130791835a08cc12884a71e"
vary
Accept-Encoding
x-goog-generation
1669054404196126
x-goog-hash
crc32c=FM0Iow==, md5=ucmFeEEweRg1oIzBKISnHg==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
1353
accept-ranges
none
icon-soc-fb-mono-rev.svg
dcs-static.gprod.postmedia.digital/12.3.4/websites/images/share-icons/ 		335 B
579 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/12.3.4/websites/images/share-icons/icon-soc-fb-mono-rev.svg
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b969062e9d8f77e55dfc37bb35728e3401c636595aaf97e4e68ce300bfa2b293

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 18:27:42 GMT
x-goog-meta-goog-reserved-file-mtime
1669051903
age
115638
x-guploader-uploadid
ADPycds8jIka1razhcoJIKVWG1yXCOGJQJDpmGsOZ-xadRgYRitQdcbpToUS-UY8Jre_hcRZWy1JZ2AJTW0Tze4GKsxD_Q
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
335
last-modified
Mon, 21 Nov 2022 18:13:24 GMT
server
UploadServer
etag
"12b149c777edf566e286ab1d5090c085"
x-goog-generation
1669054404192484
x-goog-hash
crc32c=c3M8/A==, md5=ErFJx3ft9WbihqsdUJDAhQ==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
335
accept-ranges
bytes
icon-soc-yt-mono-rev.svg
dcs-static.gprod.postmedia.digital/12.3.4/websites/images/share-icons/ 		473 B
718 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/12.3.4/websites/images/share-icons/icon-soc-yt-mono-rev.svg
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8693aa2d6442bba7224236e021765c95fe40f7cfc6b6c9afd8c717c665f8a365

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 18:24:02 GMT
x-goog-meta-goog-reserved-file-mtime
1669051903
age
115858
x-guploader-uploadid
ADPycdsJk7evRJZAYY1KVEx25po9NC1uEUxadOxcWmsY6_Qn4rBJ_zBpc50g2WqgfGw4D0MRsrmi8jzYwoY_QbI6kMuztA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
473
last-modified
Mon, 21 Nov 2022 18:13:24 GMT
server
UploadServer
etag
"3fabf226ea91f1c5450a49fad2d66448"
x-goog-generation
1669054404315077
x-goog-hash
crc32c=rjmEhA==, md5=P6vyJuqR8cVFCkn60tZkSA==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
473
accept-ranges
bytes
icon-soc-tw-mono-rev.svg
dcs-static.gprod.postmedia.digital/12.3.4/websites/images/share-icons/ 		898 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/12.3.4/websites/images/share-icons/icon-soc-tw-mono-rev.svg
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ca7bce9264a3918442d3e653b968361223ede24753232c713ead830aa5446722

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 18:28:17 GMT
x-goog-meta-goog-reserved-file-mtime
1669051903
age
115603
x-guploader-uploadid
ADPycdtKhFvNdg5mX1AqEGu9yX0_SNMIL6Eqp5itzqACMYyJm46JzXpgfhp6BFXekY161n1JWKB1r-d1rELxVGod_-JYjA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
898
last-modified
Mon, 21 Nov 2022 18:13:24 GMT
server
UploadServer
etag
"2a492f7362f1cb5f70d4561bc1e89353"
x-goog-generation
1669054404285704
x-goog-hash
crc32c=GNX3Cw==, md5=Kkkvc2Lxy19w1FYbweiTUw==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
898
accept-ranges
bytes
shared.17e5cf33f051.js
dcs-static.gprod.postmedia.digital/12.3.4/CACHE/js/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/12.3.4/CACHE/js/shared.17e5cf33f051.js
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
efc54be64d2e3e9a128f6bd186d1e137e102eed3501010e4c34713eef7e17c9e

Request headers

Referer
https://nationalpost.com/
Origin
https://nationalpost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 18:18:34 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1669051901
age
116185
x-guploader-uploadid
ADPycdtDSAOSjXi05gFfDp4lERtQ5Qs5gYbBSr448oxhLn02haaEYgaWkh5z3yM7YXvaiAvQ6_JCVedONF0aLzUmpuQgqFhOLjl7
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9352
last-modified
Mon, 21 Nov 2022 18:13:11 GMT
server
UploadServer
etag
W/"35ed0b06b9b1e24da57995934894c13e"
vary
Accept-Encoding
x-goog-generation
1669054391481857
x-goog-hash
crc32c=aeFZHg==, md5=Ne0LBrmx4k2leZWTSJTBPg==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
24133
accept-ranges
none
content-type
application/javascript
main.4e6731ae60ab.js
dcs-static.gprod.postmedia.digital/12.3.4/CACHE/js/ 		107 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/12.3.4/CACHE/js/main.4e6731ae60ab.js
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
4e6731ae60abbb8d75dca4ca8d79e9a02d3b3d1efa3adb2985bda2b287390b7d

Request headers

Referer
https://nationalpost.com/
Origin
https://nationalpost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 18:18:34 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1669051901
age
116185
x-guploader-uploadid
ADPycdvWQ7wwE0gTt1LRsxDN24zKxHS3gF4b5dV8hSWeuUSEsgiSvBR8OMhy7BB4a_6-B2m5rq0QOtdR-flWgdHjQpxVVMnYA1VL
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34072
last-modified
Mon, 21 Nov 2022 18:13:11 GMT
server
UploadServer
etag
W/"ded0edcf546bc9e0620094394dc7e5e1"
vary
Accept-Encoding
x-goog-generation
1669054391282874
x-goog-hash
crc32c=B7Jt2g==, md5=3tDtz1RryeBiAJQ5Tcfl4Q==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
109293
accept-ranges
none
content-type
application/javascript
supply
events.browsiprod.com/events/ 		0
102 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/supply?p=KyGnrwnwKkhnkfzA@cW!
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.209.185.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-209-185-64.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://nationalpost.com
date
Wed, 23 Nov 2022 02:35:00 GMT
access-control-allow-credentials
true
v5
yield-manager.browsiprod.com/supply/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://yield-manager.browsiprod.com/supply/v5?sk=nationalpost&url=https%3A%2F%2Fnationalpost.com%2Fnews%2Fpolitics%2Fclaims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat&bid=KyGnrwnwKkhnkfzA%40cW!&at=Lawsuit%20threat%20over%20claim%20PR%20exec%20carried%20Nazi%20flag%20at%20Freedom%20Convoy%20%7C%20National%20Post&sw=1600&sh=1200
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.108.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-108-27.eu-west-1.compute.amazonaws.com
Software
akka-http/10.2.1 /
Resource Hash
6291e8af97cd3e70405368acfa59fdecb2ae8aefd231f6146ad0e47ca9f65902

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
https://nationalpost.com
date
Wed, 23 Nov 2022 02:35:00 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
akka-http/10.2.1
content-type
application/json
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:700%7CPT+Serif:400,700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nationalpost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 13:14:53 GMT
x-content-type-options
nosniff
age
393607
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Nov 2023 13:14:53 GMT
jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:700%7CPT+Serif:400,700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nationalpost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 13:14:53 GMT
x-content-type-options
nosniff
age
393607
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47048
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:55:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Nov 2023 13:14:53 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:700%7CPT+Serif:400,700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nationalpost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 05:09:29 GMT
x-content-type-options
nosniff
age
422731
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Nov 2023 05:09:29 GMT
carousel-previous.svg
dcs-static.gprod.postmedia.digital/12.3.4/websites/images/common-icon/ 		1 KB
792 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/12.3.4/websites/images/common-icon/carousel-previous.svg
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e5bab9427ec1d36c811e3ca40b2a1014b330dea0fc48b787041c572e1fdc4f28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 18:23:00 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1669051903
age
115920
x-guploader-uploadid
ADPycdtEyaT1jP69Dlv4iT6FzigyEDCRQpcI6WdP5RGGqo98ELrUfITu6boPVZDQeae1WvCl-nNDy2yhuZsrh_1UeE800FAtMRmA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
519
last-modified
Mon, 21 Nov 2022 18:13:17 GMT
server
UploadServer
etag
W/"23fbd7cd311279a2b6eb68d8f6059047"
vary
Accept-Encoding
x-goog-generation
1669054397918978
x-goog-hash
crc32c=RxdKhw==, md5=I/vXzTESeaK262jY9gWQRw==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
1204
accept-ranges
none
carousel-next.svg
dcs-static.gprod.postmedia.digital/12.3.4/websites/images/common-icon/ 		1 KB
762 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/12.3.4/websites/images/common-icon/carousel-next.svg
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b510ee91066f77f938f78422378a73f44818d0ee661c0ccb5ad398cc7dd6b080

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 18:23:00 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1669051903
age
115920
x-guploader-uploadid
ADPycdu1JdLgvBKu84qdapiSESISXueGleb1_yaLpjxN2xA33e83U23M7DDmGJFT820hAnlVbuD2e2pPClcKbAlU6NIAuUjQpgyD
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
520
last-modified
Mon, 21 Nov 2022 18:13:17 GMT
server
UploadServer
etag
W/"735fdba5ead6fce3777e91bf3fee8dd6"
vary
Accept-Encoding
x-goog-generation
1669054397899453
x-goog-hash
crc32c=8FG2nQ==, md5=c1/bperW/ON3fpG/P+6N1g==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
1204
accept-ranges
none
EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v17/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptserif/v17/EJRVQgYoZZY2vCFuvAFWzr8.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:700%7CPT+Serif:400,700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d355afb9705c3f8651f6a1f813b4670b758d59a17783830f534e7a8839c5b666
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nationalpost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:02:10 GMT
x-content-type-options
nosniff
age
369170
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32900
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 15:44:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Nov 2023 20:02:10 GMT
EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
fonts.gstatic.com/s/ptserif/v17/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptserif/v17/EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:700%7CPT+Serif:400,700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f9694a5641741d04e1c98eb1011059826aa5feb34e47d2b2f95bdb47cb0c2f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nationalpost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:45:24 GMT
x-content-type-options
nosniff
age
582576
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29492
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:29:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Nov 2023 08:45:24 GMT
NP_HeadlineNews.svg
dcs-static.gprod.postmedia.digital/12.3.4/websites/images/newsletters/ 		15 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/12.3.4/websites/images/newsletters/NP_HeadlineNews.svg
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
972e3f1f6fcaf89d68e9b9b42c05ce6740d4abf4a095bb27d119917ba844a19c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 18:24:06 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1669051902
age
115854
x-guploader-uploadid
ADPycds5cGT58cLqdSe_g-7Y4A9nREGnbE41AZXTeJrgspYZhe0Ba84NNQ70MtgRn4xILxjYfdlkif1VlGY9aC50wOWc4Q
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3369
last-modified
Mon, 21 Nov 2022 18:13:22 GMT
server
UploadServer
etag
W/"1a0ef92a43ce80a792be6cc7f6886e66"
vary
Accept-Encoding
x-goog-generation
1669054402972366
x-goog-hash
crc32c=Oixf/w==, md5=Gg75KkPOgKeSvmzH9ohuZg==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
15367
accept-ranges
none
David-Vigneault-CSIS.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2022/11/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2022/11/David-Vigneault-CSIS.jpg?h=96&strip=all&quality=80
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
c476a4877ecf3718d1675dcefde1eb518ad9f2bf8d6e2f13dd3429bb43fec5f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Tue, 22 Nov 2022 16:46:39 GMT
via
1.1 google
server
nginx/1.19.10
age
35301
etag
"902f2775f6a64391eeee3236a56bab16382b4fa2"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-6564f6b646-fhj8t
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2160
Bill-Blair-Emergencies-Act.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2022/11/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2022/11/Bill-Blair-Emergencies-Act.jpg?h=96&strip=all&quality=80
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
0222114d9b0939c6adce341db90bd879e47e150b2fb7d6a54fed67a8e9afc4bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Tue, 22 Nov 2022 13:26:54 GMT
via
1.1 google
server
nginx/1.19.10
age
47286
etag
"facdb0522292da23820e84d9b55e9b0def477385"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-6564f6b646-lhxhf
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2330
xd.html
fem.gprod.postmedia.digital/v70.0/ Frame 2102 		165 B
194 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v70.0/xd.html
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v70.0/fem.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
d65b5a7d118fdda5ee0f369a002160de6c1c7d8d1fa9fa71f2fb7947f952e001

Request headers

Referer
https://nationalpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
632420
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=31622400
content-length
165
content-type
text/html
date
Tue, 15 Nov 2022 18:54:40 GMT
etag
"2a180c3775254a845a2af39f1b833465"
last-modified
Mon, 07 Nov 2022 21:55:07 GMT
server
UploadServer
x-cache-hit
hit
x-goog-generation
1667858107078371
x-goog-hash
crc32c=N51myA== md5=KhgMN3UlSoRaKvOfG4M0ZQ==
x-goog-meta-goog-reserved-file-mtime
1667858027
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
165
x-guploader-uploadid
ADPycdszf-kXG-kDE_Z4JzcDhcQdD4Or99RRFhnADqazAsTLhm8zYVaXqOicQTw4OSm87jKTcAyVf1WORbWvznpyYESnjAtkU6zh
23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/ 		364 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v70.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df852cf89d7087041de72e50d14b850464f30679bea7b596853ff598d40517cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:35:00 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
23dc09d6-b664-425a-a76e-0eed6a6cc102
age
1861
x-guploader-uploadid
ADPycdvl9CgaNFdm_zXus83hVt0HUd20iyYOUoc0zycFBDpmzzPo4pQicvcc0NEm2O1EZBVQOAmLzwKBxIBVjePKkOVCB3EipT9M
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
last-modified
Tue, 22 Nov 2022 16:50:32 GMT
server
cloudflare
etag
W/"6f076ee279c4d29ba4d8fbfdcd9dfa70"
vary
Accept-Encoding
x-goog-generation
1669135832263943
content-type
application/javascript
x-goog-hash
crc32c=IUd4cA==, md5=bwdu4nnE0puk2Pv9zZ36cA==
cache-control
public, max-age=900
x-goog-stored-content-length
111591
cf-ray
76e6824e5faf9134-FRA
expires
Wed, 23 Nov 2022 02:50:00 GMT
pubads_impl_2022111501.js
securepubads.g.doubleclick.net/gpt/ 		381 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 21:41:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17626
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132177
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 09:35:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 22 Nov 2023 21:41:14 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		268 B
137 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=nationalpost.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a1d77b41d457c84fa6203df7050174f7860e5a1e81ca0c6a13cacf80935ac90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:35:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
0
expires
Wed, 23 Nov 2022 02:35:00 GMT
rid
match.adsrvr.org/track/ 		63 B
390 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=184635
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-225789216445563.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
e804f5d4fbffcf9b844c9d967992c377186aa20411a35217031c69f14aade8be

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 23 Nov 2022 02:35:00 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nationalpost.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Fri, 23 Dec 2022 02:35:00 GMT
identity
api.rlcdn.com/api/ 		44 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-225789216445563.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 23 Nov 2022 02:35:00 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://nationalpost.com
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
44
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pxusr.gif
c.aaxads.com/ 		43 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.aaxads.com/pxusr.gif
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.241.117 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-117.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

unused62
8096267
date
Wed, 23 Nov 2022 02:35:00 GMT
strict-transport-security
max-age=604800
last-modified
Mon, 26 Feb 2018 13:29:58 GMT
server
Apache
content-type
image/gif
cache-control
max-age=267052
accept-ranges
bytes
content-length
43
expires
Sat, 26 Nov 2022 04:45:52 GMT
pxext.gif
www.aaxdetect.com/ 		43 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.aaxdetect.com/pxext.gif
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.239.15 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-239-15.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:35:00 GMT
Last-Modified
Mon, 26 Feb 2018 13:29:58 GMT
Server
Apache
Content-Type
image/gif
Cache-Control
max-age=906216
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Sat, 03 Dec 2022 14:18:36 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		248 B
606 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3528&u=https%3A%2F%2Fnationalpost.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-78.fra2.r.cloudfront.net
Software
Server /
Resource Hash
7beb96ef759b267b4159270a64ca009646a2e9a725882896b3dd431198b92058

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 23:34:29 GMT
via
1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
age
10830
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://nationalpost.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
248
x-amz-cf-id
YEV0dQkXVQHEGYdbhxjZ3wEJxmVgENh5krY0g5wrOsm8nT6z-njLnw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-78.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
vkCJAv2LVCiDvkjoOZrS5s9fefeFFUOq
content-encoding
gzip
via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
date
Tue, 22 Nov 2022 03:07:20 GMT
x-amz-cf-pop
FRA2-C1
age
84461
x-cache
Hit from cloudfront
last-modified
Fri, 18 Nov 2022 03:05:15 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
lMdhSMwaRxu-R9w6Rq0y7qEEP5ZoUHQU4Wwhu2c5XNgDfCY0AMI77w==
14648-pbjs-floors.json
ads.rubiconproject.com/floors/ 		6 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/floors/14648-pbjs-floors.json
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.141.156 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-141-156.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6bacad723ba601f78007f2395c8934bd116338c0161c5c34256d0fd89b465b55

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 23 Nov 2022 02:35:00 GMT
content-encoding
gzip
last-modified
Wed, 23 Nov 2022 01:41:02 GMT
server
Apache
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1500
access-control-allow-credentials
true
accept-ranges
bytes
content-length
1127
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221123
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13acdd18ee7ee38f70cc26fdfbd0ed717930bb46114e582b918b2279e2dd5b29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 23 Nov 2022 02:35:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
41641
x-jsd-version
1.0.1532
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230021-FRA, cache-yyz4569-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"66f-BPQDDQUBNM6X+1Np+aFfcCYHbN4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=df4DwtWKlcgGxCKauFKYThmDOQaJBanlrsVMNyYHZr0ZNU45r0KwDbd6JE2KkxCcs9ttl1tsyQOUkHYrq2oC9CyktsVSBteFt%2Fg%2BUDKvp8wkRxyfCzkQpT53bqu4D6%2BhtTh8KreX5eIcQIdo9rs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
76e6824f7cdbbc01-FRA
44fadb2e016752bbc2bd0.js
dcs-static.gprod.postmedia.digital/12.3.4/websites/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/12.3.4/websites/js/44fadb2e016752bbc2bd0.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/12.3.4/CACHE/js/shared.17e5cf33f051.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8512a94c30dc7fda4931ae11fc195ee3f2cbad5dff1dc2567cf3725c33093b2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 18:18:34 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1669051904
age
116186
x-guploader-uploadid
ADPycdv0g5YrktopJR4hJO_JuXNAKWcovaafcazNhl4nyaCsu8lL8Pc-VjkHE7RPJO2-WS5Qq60JbGHZfT6Nw5YHcHMyuw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2893
last-modified
Mon, 21 Nov 2022 18:13:28 GMT
server
UploadServer
etag
W/"17eaf306b1554c518adf25a681d7b0f2"
vary
Accept-Encoding
x-goog-generation
1669054408492987
x-goog-hash
crc32c=WGhHWA==, md5=F+rzBrFVTFGK3yWmgdew8g==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
7123
accept-ranges
none
a2ab544ae6c48636370816.js
dcs-static.gprod.postmedia.digital/12.3.4/websites/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/12.3.4/websites/js/a2ab544ae6c48636370816.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/12.3.4/CACHE/js/shared.17e5cf33f051.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
d47f317138ec8083450b63c742957db8398eb19bae70913819b81dda472b6283

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 18:18:34 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1669051903
age
116186
x-guploader-uploadid
ADPycdvCPZGK8TeCM9gCbi_etlyyktU0IWDzju0TTxe20YcH7ulStIeGGc9KollWCZCDozi9p-WXWxI_QNKw3voqVpU_tw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3724
last-modified
Mon, 21 Nov 2022 18:13:31 GMT
server
UploadServer
etag
W/"865d805f405db9b3e24e2e196b221c77"
vary
Accept-Encoding
x-goog-generation
1669054411076071
x-goog-hash
crc32c=ghE54w==, md5=hl2AX0BdubPiTi4ZayIcdw==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
10244
accept-ranges
none
7448bbfb433e588899f11.js
dcs-static.gprod.postmedia.digital/12.3.4/websites/js/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/12.3.4/websites/js/7448bbfb433e588899f11.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/12.3.4/CACHE/js/shared.17e5cf33f051.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
32df43a530d768d4483680f784fd97eb35f86cdc3086ea546f186254e99dac6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 18:18:34 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1669051903
age
116186
x-guploader-uploadid
ADPycdvOpRuNI24DLlEqgVm3OpbT1G6vXo0T-EEi0sESr2qBUNWb4HahViEEkBH59bZsIXb-mXsC7r21HTvUrLdqvSFQ0A
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4592
last-modified
Mon, 21 Nov 2022 18:13:29 GMT
server
UploadServer
etag
W/"844dce4c9dfa4a31e3114455b1956875"
vary
Accept-Encoding
x-goog-generation
1669054409873494
x-goog-hash
crc32c=qnB/Gw==, md5=hE3OTJ36SjHjEURVsZVodQ==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
16335
accept-ranges
none
3925d2ee8908d985b3272.js
dcs-static.gprod.postmedia.digital/12.3.4/websites/js/ 		51 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/12.3.4/websites/js/3925d2ee8908d985b3272.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/12.3.4/CACHE/js/shared.17e5cf33f051.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
dae6f542fa2ee873b80e056bcd4c807f9d0a4fb86da790e74debb09c8a04cb93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 18:18:34 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1669051903
age
116186
x-guploader-uploadid
ADPycduwrIe8gVp1aCeQoFJjoj8iuEkK2KrSqJ9_kGkjnZutPUa8Gw5cgc-7qF2gNfy5Yml32l5EZ79x2kiad-AQdzZ3Lw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12751
last-modified
Mon, 21 Nov 2022 18:13:28 GMT
server
UploadServer
etag
W/"e6cf941211a6e40dfe1756d9dccad449"
vary
Accept-Encoding
x-goog-generation
1669054408314753
x-goog-hash
crc32c=Jcv5fA==, md5=5s+UEhGm5A3+F1bZ3MrUSQ==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
52614
accept-ranges
none
5f54a515a11c045d21db9.js
dcs-static.gprod.postmedia.digital/12.3.4/websites/js/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/12.3.4/websites/js/5f54a515a11c045d21db9.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/12.3.4/CACHE/js/shared.17e5cf33f051.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
0b5bcd5e455fe140dfa582f1f66284a5af4f1de829a3341cca1720cc6b02d8ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 18:18:34 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1669051903
age
116186
x-guploader-uploadid
ADPycdvPOttJsvrHYiq_69_CFmKJ0rE_H6AlhkEmGJOgigzVNVUCl_US0vBXbrM5eFZaB5vuUa7i2h-bO7STvQD8f8xuiQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3269
last-modified
Mon, 21 Nov 2022 18:13:29 GMT
server
UploadServer
etag
W/"573821eee93af18fd784db707425fab0"
vary
Accept-Encoding
x-goog-generation
1669054409264833
x-goog-hash
crc32c=Pbs9ng==, md5=Vzgh7uk68Y/XhNtwdCX6sA==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
11948
accept-ranges
none
c2a48fed442a0877888932.js
dcs-static.gprod.postmedia.digital/12.3.4/websites/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/12.3.4/websites/js/c2a48fed442a0877888932.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/12.3.4/CACHE/js/shared.17e5cf33f051.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
6e3717c11e421a2267e1ab728461aeed493cbfdfe18e0448895effd0ec2454c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 18:18:34 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1669051904
age
116186
x-guploader-uploadid
ADPycdunlGN7YaSkmj82Q8xZ51Ni8ZAW0UYvX7YiMcpq4f74KIYhKZmF84IirMVuDg6EMTizU_Hn3Igxmn9MetdBAugvYw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1547
last-modified
Mon, 21 Nov 2022 18:13:31 GMT
server
UploadServer
etag
W/"dc3bc4a484961daf4f3c08f808b24994"
vary
Accept-Encoding
x-goog-generation
1669054411774206
x-goog-hash
crc32c=7fNu8A==, md5=3DvEpISWHa9PPAj4CLJJlA==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
4731
accept-ranges
none
7985ba9615a7ef4b1d517.js
dcs-static.gprod.postmedia.digital/12.3.4/websites/js/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/12.3.4/websites/js/7985ba9615a7ef4b1d517.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/12.3.4/CACHE/js/shared.17e5cf33f051.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
2c89c224b96ef462fbc42aeb98f0219b495c7ae22c35585af1672de908892870

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 18:18:34 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1669051903
age
116186
x-guploader-uploadid
ADPycdtui7e-Stqk7tGFkQmi4kZxqpaeWphleXbLkTFi1f-5ckCVBWYZylAhcJIq-_hMezenOZr4H0L7NXf7wNRJbR6zlw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6195
last-modified
Mon, 21 Nov 2022 18:13:30 GMT
server
UploadServer
etag
W/"12222c52777643e97c31f5a218d6283e"
vary
Accept-Encoding
x-goog-generation
1669054410118640
x-goog-hash
crc32c=rXpUjQ==, md5=EiIsUnd2Q+l8MfWiGNYoPg==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
21144
accept-ranges
none
81a2bd78985124295c4617.js
dcs-static.gprod.postmedia.digital/12.3.4/websites/js/ 		53 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/12.3.4/websites/js/81a2bd78985124295c4617.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/12.3.4/CACHE/js/shared.17e5cf33f051.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
98b2a956555a9b0377be1903c5f884feca9aaf9c9469d3a6ee79db7d608cdadd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 18:18:34 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1669051903
age
116186
x-guploader-uploadid
ADPycdtCEhdWX4K04f243JAspgXkMDj7JlnfhLnBT052fWkYfyAlNslMC1gNpCi4apXoZcYv3hqCkd2gHAZbvoL7xtFXwQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14457
last-modified
Mon, 21 Nov 2022 18:13:30 GMT
server
UploadServer
etag
W/"4ec11deb1f61e428a6aefb63df6ab77e"
vary
Accept-Encoding
x-goog-generation
1669054410222679
x-goog-hash
crc32c=y2OACA==, md5=TsEd6x9h5Cimrvtj32q3fg==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
54762
accept-ranges
none
10260ee352c6254ed9425.js
dcs-static.gprod.postmedia.digital/12.3.4/websites/js/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/12.3.4/websites/js/10260ee352c6254ed9425.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/12.3.4/CACHE/js/shared.17e5cf33f051.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
85180a4a0ed637ac7bd223d8de38a7ac4858bb04ade91d06dd54a85191112843

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 18:18:34 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1669051904
age
116186
x-guploader-uploadid
ADPycdvmq8EnDKVsFadRntD081Fxj2mBsjg2Az7a9NID9hch5PqrF_zoG7zTOE1RY9gAsxr5ytzKrdPPOYMUXga7QOivBQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7149
last-modified
Mon, 21 Nov 2022 18:13:25 GMT
server
UploadServer
etag
W/"2ba46bc2d7d7f9d5318fd13302bbd0d6"
vary
Accept-Encoding
x-goog-generation
1669054405489826
x-goog-hash
crc32c=Dqx3Wg==, md5=K6RrwtfX+dUxj9EzArvQ1g==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
22196
accept-ranges
none
630b966834c6cfc064fe6.js
dcs-static.gprod.postmedia.digital/12.3.4/websites/js/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/12.3.4/websites/js/630b966834c6cfc064fe6.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/12.3.4/CACHE/js/shared.17e5cf33f051.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
dc37d5357099d1475d55c28ddcdc1c218ca37890be4a4b33e8e9413114c5ae0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 18:18:34 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1669051904
age
116186
x-guploader-uploadid
ADPycdsq7hhQLCwWabRWGxZY7OJvnNcAxVh5WLUI-gvrQm0eUKk-vO_nIYz3_qtzqsBzBB_0CAyA0ZZRCeiNh_4nuFXVWQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4992
last-modified
Mon, 21 Nov 2022 18:13:29 GMT
server
UploadServer
etag
W/"590d4e6307cc8c08c0f4e14c66747e81"
vary
Accept-Encoding
x-goog-generation
1669054409471039
x-goog-hash
crc32c=4EF2nA==, md5=WQ1OYwfMjAjA9OFMZnR+gQ==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
14919
accept-ranges
none
2492a8a9cc03230157398.js
dcs-static.gprod.postmedia.digital/12.3.4/websites/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/12.3.4/websites/js/2492a8a9cc03230157398.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/12.3.4/CACHE/js/shared.17e5cf33f051.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
90e125c512e72bee59bf8c3e6fd8233830709d4bb22c5791aa626ef2653a2127

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 18:18:34 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1669051903
age
116186
x-guploader-uploadid
ADPycds5oJ0ta1IZLBYwLTqXaKZUIxFCh2oix6MBWuh_-XTWCW_DgqmDWNqNwVgh8JZVGWs1OU2ppaOvPUqNVFHknwtnhg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4195
last-modified
Mon, 21 Nov 2022 18:13:27 GMT
server
UploadServer
etag
W/"d4b80c4db8188442ea6036dd3eabdec5"
vary
Accept-Encoding
x-goog-generation
1669054407662360
x-goog-hash
crc32c=h/lTYA==, md5=1LgMTbgYhELqYDbdPqvexQ==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
14321
accept-ranges
none
e16e1c5be88692aaebea21.js
dcs-static.gprod.postmedia.digital/12.3.4/websites/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/12.3.4/websites/js/e16e1c5be88692aaebea21.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/12.3.4/CACHE/js/shared.17e5cf33f051.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
79ac0a4f29873d7d66aa02765ae1c687af9685330ebe55210ab474058277668a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 18:18:34 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1669051904
age
116186
x-guploader-uploadid
ADPycdsOyBBP4z_r_0aSte-2wYcXYqDGML25r-yLnFV26RP30d8VXTcdOOHS1sCbn0kKP_k8s6NOSgAPpiz-qHgOzoTSdQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3365
last-modified
Mon, 21 Nov 2022 18:13:32 GMT
server
UploadServer
etag
W/"2fa88f3d7c6fdf8423f9399f0e81c53d"
vary
Accept-Encoding
x-goog-generation
1669054412323158
x-goog-hash
crc32c=cnSO3A==, md5=L6iPPXxv34Qj+TmfDoHFPQ==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
10370
accept-ranges
none
d412871c10f5d892e9de10.js
dcs-static.gprod.postmedia.digital/12.3.4/websites/js/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/12.3.4/websites/js/d412871c10f5d892e9de10.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/12.3.4/CACHE/js/shared.17e5cf33f051.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
87b4e285eb6fa94ab52e88615b1f3bfee11d64422722ad08a6569eb7f7c78e33

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 18:18:34 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1669051904
age
116186
x-guploader-uploadid
ADPycduaZDYZkzCOWeyxT98BabwOeDzYfpL7aSKbN9w6UZJ1zPq-7Fs9IMAwStPi_8CUR3geSW-zIuwzjS6F_XBxu3hh4A
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6642
last-modified
Mon, 21 Nov 2022 18:13:32 GMT
server
UploadServer
etag
W/"d3e7ac5f29d2ee044046970a754f5ba9"
vary
Accept-Encoding
x-goog-generation
1669054412205389
x-goog-hash
crc32c=dz52kQ==, md5=0+esXynS7gRARpcKdU9bqQ==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
22241
accept-ranges
none
63dd8b15cddfa217569419.js
dcs-static.gprod.postmedia.digital/12.3.4/websites/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/12.3.4/websites/js/63dd8b15cddfa217569419.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/12.3.4/CACHE/js/shared.17e5cf33f051.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e8fc7f1624adcfdcb70b286ee9e5c09fb3befa7258352d75f9544b55d89b8c37

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 18:18:34 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1669051903
age
116186
x-guploader-uploadid
ADPycduMFLkaXGSWrxCnLAUDzvozvNcWdDOJIn7eiW79qUKnK-czuI4XRsA-NyPFXCUbKKVyCmRvj24WEAXvwhJSfJdXRQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1442
last-modified
Mon, 21 Nov 2022 18:13:29 GMT
server
UploadServer
etag
W/"e48024026b430134fbb21128014eaaee"
vary
Accept-Encoding
x-goog-generation
1669054409507874
x-goog-hash
crc32c=t34CUA==, md5=5IAkAmtDATT7shEoAU6q7g==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
4096
accept-ranges
none
xd.js
fem.gprod.postmedia.digital/v70.0/ Frame 2102 		51 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v70.0/xd.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v70.0/xd.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3dfd9c49c8533f08e84f1132f5a06d6f0932beb7ff5ccc4e9c2a0844c029d51d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fem.gprod.postmedia.digital/v70.0/xd.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 18:54:42 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1667858027
age
632418
x-guploader-uploadid
ADPycds_livXerGMRX0290tSFeqTXqnuCRUca-QGstWT7WjVg26gYNU45BNG-yVu4GaucuUBps2PfnlubMfjlojcM60bpMXb8A8M
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17092
last-modified
Mon, 07 Nov 2022 21:55:07 GMT
server
UploadServer
etag
W/"9bb4cdc789a0161d3a030b6aadbce896"
vary
Accept-Encoding
x-goog-generation
1667858107254876
x-goog-hash
crc32c=gC+bLw==, md5=m7TNx4mgFh06Awtqrbzolg==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
51818
accept-ranges
none
supply
events.browsiprod.com/events/ 		0
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/supply?p=8ae96aac-b610-4679-9916-716be763d0e5
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.209.185.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-209-185-64.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://nationalpost.com
date
Wed, 23 Nov 2022 02:35:00 GMT
access-control-allow-credentials
true
PreEngine_desktop_2022-11-16T10:28:56.798.js
cdn.browsiprod.com/static_js/postmedia/nationalpost/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.browsiprod.com/static_js/postmedia/nationalpost/PreEngine_desktop_2022-11-16T10:28:56.798.js
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-15.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2ede1ad361ced25f2fba65bc5e629fc5a9b9ac056d5ca228d8fdd74fd83a2027

Request headers

Referer
https://nationalpost.com/
Origin
https://nationalpost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 14:56:56 GMT
x-amz-version-id
oVW9fPZ0qoMO2hXFLhJMcsqJAayR_BSd
content-encoding
br
via
1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
560285
x-cache
Hit from cloudfront
last-modified
Wed, 16 Nov 2022 10:28:58 GMT
server
AmazonS3
etag
W/"8fc5383148cbf87a427120fc48113db7"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
RoDIP5Xa-XktDNjAgyr8uf02iRe1Gy1BgKiRK-9LMT7AtcsflVRIiw==
Brendan-Miller.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2022/11/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2022/11/Brendan-Miller.jpg?quality=90&strip=all&w=344&type=webp
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
38ec6ea4cf8ea202a33bfe14e4dba198e18e36301e4bc9b655d6593e88f1b4b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Tue, 22 Nov 2022 18:32:44 GMT
via
1.1 google
server
nginx/1.19.10
age
28936
etag
"e0c5a537dfaeea1fbd367ef3ace103dfcb82b199"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-6564f6b646-jft9z
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23286
Danielle-Smith.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2022/11/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2022/11/Danielle-Smith.jpg?quality=90&strip=all&w=344&type=webp
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
03cd1bbd4f89cb2ec64f269e45e2661dd2756873de983ebcae7f0dff66673a66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Wed, 23 Nov 2022 01:31:58 GMT
via
1.1 google
server
nginx/1.19.10
age
3782
etag
"39d3e57042b610fe59ed015e1d02acefd3d649c0"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-6564f6b646-lltx2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17614
Marco-Mendicino-inquiry-2.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2022/11/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2022/11/Marco-Mendicino-inquiry-2.jpg?quality=90&strip=all&w=344&type=webp
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
3075d6c482879c146716a84df012b770f3e3663ec788106ea1738212f8d72f5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Tue, 22 Nov 2022 20:53:09 GMT
via
1.1 google
server
nginx/1.19.10
age
20511
etag
"a1a3c99b99e31dcd7ce0024296f1e47786c0fb6a"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-6564f6b646-qcsx2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16724
Dominic-Leblanc-inquiry.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2022/11/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2022/11/Dominic-Leblanc-inquiry.jpg?quality=90&strip=all&w=344&type=webp
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
becbeb4a846e0935310b8629843d3cd0d19c0d3a21345623292e69a4a2af8477

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Wed, 23 Nov 2022 00:43:58 GMT
via
1.1 google
server
nginx/1.19.10
age
6662
etag
"0214c2c70aa6579c9d0272fed4d3536b47c7e88a"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-6564f6b646-blmb6
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9154
movies-bruce-lee.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2022/11/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2022/11/movies-bruce-lee.jpg?quality=90&strip=all&w=344&type=webp
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
4711b0df4a06468c4a0ad1c5ed9f38ea0d02e9f32e4b8f7d10bc379c3f8fb1f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Tue, 22 Nov 2022 20:23:39 GMT
via
1.1 google
server
nginx/1.19.10
age
22281
etag
"8dccae4b5078523e2ee98a98e01c13b81a343088"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-6564f6b646-fhj8t
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24896
log
l3.aaxads.com/ 		35 B
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l3.aaxads.com/log?___stu13p=aveoaamactga5dnnuee25ti2rm86bcrodqacb&lwbsh=AAX&wHos=219&dgw=desktop&flg=AAX24X4M7&fw=FRANKFURT&ff=DE&xjg=4&dss=0&skw=1200&slg=8PR6YK195&gq=nationalpost.com&vhuyqdph=ssp-serving-867c697c9f-r7kpj&vyu=111607_487_112211_459_ssp&vf=HE&yhuvlrq=4&yk=1200&yz=1600&yvlg=&ylg=00001669170900206036481827847104&vvsDeExfnhw=CONTROL&oz=1&gdss=green&lwbshlg=6&vg=1&dgeg=0&qsd=0&jgsu_hqi=1&fvha=0&jgivwu=Y-N&jgsu=1&fvvwu=&wfi_fps=&wfi_vwdwxv=&wfi_sus=&vxf=0&wfi_dsl=0&xvs_hqi=1&xvs_vwdwxv=0&xvs_ogi=&xvs_vwulqj=&xifd=-1&frssd_vwdwxv=&frssd_dssolhg=&lg_ghwdlov=&dewh=SSP_CLIENT_control&deg=2&fdeg=0&gdeg=2&ghqg=218&fhqg=17&hqg=188&gvwduw=18&fvwduw=17&vwduw=17&uhtxuo=https%3A%2F%2Fnationalpost.com%2Fnews%2Fpolitics%2Fclaims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat&nzui=
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.241.117 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-117.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 23 Nov 2022 02:35:00 GMT
cache-control
max-age=0, no-cache, no-store
expires
Wed, 23 Nov 2022 02:35:00 GMT
content-length
35
content-type
image/gif
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.210.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-210-112.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0767c070293f17944c5246f47d8c610131ee16556a032dc3b5820bdac5ec725f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:35:00 GMT
content-encoding
gzip
last-modified
Thu, 13 Oct 2022 18:14:48 GMT
server
Apache
etag
"d4ed-5eaee7c12df48-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17131
expires
Wed, 23 Nov 2022 02:50:00 GMT
pxid
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/v2.0/ 		46 B
394 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/v2.0/pxid?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.9.241.35.bc.googleusercontent.com
Software
Permutive /
Resource Hash
de807097f09b8e5528c5a5d57c5c0a455aef97d03bda17f6ac3afa06c8e00a38

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 23 Nov 2022 02:35:00 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://nationalpost.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66
getuidj
ib.adnxs.com/ 		11 B
704 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
content-type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 02:35:00 GMT
AN-X-Request-Uuid
6a47cbc6-b677-4d0f-a280-7d62287d80ab
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://nationalpost.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
11
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
23dc09d6-b664-425a-a76e-0eed6a6cc102-models.bin
cdn.permutive.com/models/v2/ 		37 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/models/v2/23dc09d6-b664-425a-a76e-0eed6a6cc102-models.bin
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.149.54 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a290ce84c969aaa9421fbaf805a17bbbecb4583d4de85f339c4e3f5c1a966bbf

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 23 Nov 2022 02:35:00 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-oid
23dc09d6-b664-425a-a76e-0eed6a6cc102
age
1168
x-guploader-uploadid
ADPycduIGo8cmFxosUuvBYDaBxDc2chS-08hSr6XMMfJFK6zV6GRZn0DH0cLBrfZl03Oh9iL6tkO5SzVH4ga1OvJBN5S7w
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
25508
last-modified
Tue, 22 Nov 2022 14:12:45 GMT
server
cloudflare
etag
"74c7f6436afcf82348be3fd0086e32b9"
vary
Accept-Encoding
x-goog-generation
1669126365791144
content-type
application/x-binary
access-control-allow-origin
*
x-goog-hash
crc32c=xWjhQg==, md5=dMf2Q2r8+CNIvj/QCG4yuQ==
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=900, no-transform
x-goog-stored-content-length
25508
accept-ranges
bytes
cf-ray
76e682502ce4697b-FRA
expires
Wed, 23 Nov 2022 02:15:32 GMT
geoip
api.permutive.com/v2.0/ 		191 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
f3b8b0ffb62153fce532bd01e49623a39f770f344caf695ca3b8c856e1a93a17

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 23 Nov 2022 02:35:00 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://nationalpost.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138
watson
api.permutive.com/v2.0/ 		2 B
87 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/watson?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 23 Nov 2022 02:35:00 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://nationalpost.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://nationalpost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://nationalpost.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 23 Nov 2022 02:35:00 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://nationalpost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://nationalpost.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 23 Nov 2022 02:35:00 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://nationalpost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://nationalpost.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 23 Nov 2022 02:35:00 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://nationalpost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://nationalpost.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 23 Nov 2022 02:35:00 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://nationalpost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://nationalpost.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 23 Nov 2022 02:35:00 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://nationalpost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://nationalpost.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 23 Nov 2022 02:35:00 GMT
server
ATS/9.1.10.25
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		64 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=3528&u=https%3A%2F%2Fnationalpost.com%2Fnews%2Fpolitics%2Fclaims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat&pid=Kdb4xszc6oqkz&cb=0&ws=1600x1200&v=22.1107.1609&t=2000&slots=%5B%7B%22sd%22%3A%22ad-1%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-2%22%2C%22s%22%3A%5B%226x6%22%2C%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-3%22%2C%22s%22%3A%5B%227x7%22%2C%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-4%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-5%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-acceptable%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-2%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-1%22%2C%22s%22%3A%5B%225x5%22%5D%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-188.fra2.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:35:00 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C2
x-amz-rid
3MPXQ8Z5QA1G5MHD1ZBN
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://nationalpost.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
0t0uE-M9DD_ZmFmnH_wkObLQBgjQQa6CJHqzzjdRqkwvK9G1NnH1Mg==
translator
hbopenbid.pubmatic.com/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nationalpost.com
date
Wed, 23 Nov 2022 02:35:00 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
571 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=901840&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22806630e039d2d5%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fnationalpost.com%2Fnews%2Fpolitics%2Fclaims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A6%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A6%2C%22ren%22%3Afalse%2C%22version%22%3A%227.22.1%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fnationalpost.com%2Fnews%2Fpolitics%2Fclaims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat%22%2C%22tmax%22%3A2000%2C%22syncsPerBidder%22%3A3%2C%22pbadslot%22%3A%22%2F3081%2Fnpo.com%2Fnews%2Fpolitics%2Fstory%23ad-acceptable%22%2C%22adunitcode%22%3A%22ad-acceptable%22%2C%22divId%22%3A%22ad-acceptable%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%229ce2c4010bfb0d%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22901840%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22901840%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22901840%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22901840%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F3081%2Fnpo.com%2Fnews%2Fpolitics%2Fstory%22%2C%22gpid%22%3A%22%2F3081%2Fnpo.com%2Fnews%2Fpolitics%2Fstory%23ad-1%22%2C%22tid%22%3A%2213755d70-b7bd-427a-9cce-84e857dcb519%22%7D%7D%2C%7B%22id%22%3A%2216c56d74829f81a%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22901840%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22901840%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22901840%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22901840%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F3081%2Fnpo.com%2Fnews%2Fpolitics%2Fstory%22%2C%22gpid%22%3A%22%2F3081%2Fnpo.com%2Fnews%2Fpolitics%2Fstory%23ad-2%22%2C%22tid%22%3A%22bde238d3-bc49-40ea-878d-2a605785e91d%22%7D%7D%2C%7B%22id%22%3A%2223519684b9f9827%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22901840%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22901840%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22901840%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22901840%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F3081%2Fnpo.com%2Fnews%2Fpolitics%2Fstory%22%2C%22gpid%22%3A%22%2F3081%2Fnpo.com%2Fnews%2Fpolitics%2Fstory%23ad-3%22%2C%22tid%22%3A%226aa6dca8-065f-4c27-b259-2f2062382113%22%7D%7D%2C%7B%22id%22%3A%2230e682e68f47ccc%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22901840%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22901840%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22901840%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22901840%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F3081%2Fnpo.com%2Fnews%2Fpolitics%2Fstory%22%2C%22gpid%22%3A%22%2F3081%2Fnpo.com%2Fnews%2Fpolitics%2Fstory%23ad-4%22%2C%22tid%22%3A%2226029b5a-c4c3-4bf3-b547-b372e090fb1a%22%7D%7D%2C%7B%22id%22%3A%2237d600abf3f85c1%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22901840%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22901840%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22901840%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22901840%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F3081%2Fnpo.com%2Fnews%2Fpolitics%2Fstory%22%2C%22gpid%22%3A%22%2F3081%2Fnpo.com%2Fnews%2Fpolitics%2Fstory%23ad-5%22%2C%22tid%22%3A%22f980e3a3-f1ec-45e5-993b-fb62f43edfcf%22%7D%7D%2C%7B%22id%22%3A%224475e05f789264%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22901840%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22901840%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22901840%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22901840%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22901840%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22901840%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22901840%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F3081%2Fnpo.com%2Fnews%2Fpolitics%2Fstory%22%2C%22gpid%22%3A%22%2F3081%2Fnpo.com%2Fnews%2Fpolitics%2Fstory%23ad-acceptable%22%2C%22tid%22%3A%22287a79f8-8eca-4147-ac10-d3593b6de93e%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%22d5bc0f98-51a0-4529-a0f5-4735bd5e5f0a%22%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22762d746a-3845-4448-8263-51682ca40e44%22%7D%5D%7D%5D%7D%7D
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22bfd42de452a7004d855d6fc4b6260f78322894ef2e8b8a485a85f7bb1a8716

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:35:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2FOTP7nXYLvOA2faNTjXerNSCabsmApAnMYyYwmaf3TkqcBWmMKLTMt1bX8PZ%2FgYIiW9cWrqo3v6066zriCfBNNSB%2FsPxV2fENGwBjA9F%2BctBgURnO6YIqPv%2B%2FM9PBMZS29sr9x%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://nationalpost.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
76e682511d15bbdf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
bidRequest
c2shb.pubgw.yahoo.com/ 		6 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
420582e0f42fce145ba7f070b9f4962239dd48f3d7b4468247f16779fa54f919

Request headers

Referer
https://nationalpost.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 23 Nov 2022 02:35:00 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nationalpost.com
access-control-allow-credentials
true
content-length
6396
bidRequest
c2shb.pubgw.yahoo.com/ 		6 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
5eb6b7cb1378f6d9f3ea379e7a9dc4310ac6aa5bb03c05e3c65120078489120f

Request headers

Referer
https://nationalpost.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 23 Nov 2022 02:35:00 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nationalpost.com
access-control-allow-credentials
true
content-length
6422
bidRequest
c2shb.pubgw.yahoo.com/ 		6 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
2149a2593b6004af8541d3c401aab1d3ac19808aa9f8359b815ef13968a2f727

Request headers

Referer
https://nationalpost.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 23 Nov 2022 02:35:00 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nationalpost.com
access-control-allow-credentials
true
content-length
6436
bidRequest
c2shb.pubgw.yahoo.com/ 		6 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
dc4119813dbb1b7895810b71402d9f51739f2db8336c13da078716f81c3d001f

Request headers

Referer
https://nationalpost.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 23 Nov 2022 02:35:00 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nationalpost.com
access-control-allow-credentials
true
content-length
6402
bidRequest
c2shb.pubgw.yahoo.com/ 		6 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
b7a2123c6f0f8dbe3ec0e15c9eb8f92d464f0843605ec6f22c6d1d67df16a9b9

Request headers

Referer
https://nationalpost.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 23 Nov 2022 02:35:00 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nationalpost.com
access-control-allow-credentials
true
content-length
6446
bidRequest
c2shb.pubgw.yahoo.com/ 		6 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
710096c3bab124731978001f439222ddc194c0930c30c9db77f18a09eff5b080

Request headers

Referer
https://nationalpost.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 23 Nov 2022 02:35:00 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nationalpost.com
access-control-allow-credentials
true
content-length
6505
arj
postmedia-d.openx.net/w/1.0/ 		73 B
378 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://postmedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fnationalpost.com%2Fnews%2Fpolitics%2Fclaims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=13755d70-b7bd-427a-9cce-84e857dcb519%2Cbde238d3-bc49-40ea-878d-2a605785e91d%2C6aa6dca8-065f-4c27-b259-2f2062382113%2C26029b5a-c4c3-4bf3-b547-b372e090fb1a%2Cf980e3a3-f1ec-45e5-993b-fb62f43edfcf%2C287a79f8-8eca-4147-ac10-d3593b6de93e&nocache=1669170900598&pubcid=762d746a-3845-4448-8263-51682ca40e44&aus=970x90%2C970x250%2C728x90%2C300x250%7C970x90%2C970x250%2C728x90%2C300x250%7C970x90%2C970x250%2C728x90%2C300x250%7C970x90%2C970x250%2C728x90%2C300x250%7C970x90%2C970x250%2C728x90%2C300x250%7C970x250%2C970x90%2C728x90%2C300x600%2C300x250%2C320x50%2C300x50&divids=ad-1%2Cad-2%2Cad-3%2Cad-4%2Cad-5%2Cad-acceptable&aucs=%252F3081%252Fnpo.com%252Fnews%252Fpolitics%252Fstory%2523ad-1%2C%252F3081%252Fnpo.com%252Fnews%252Fpolitics%252Fstory%2523ad-2%2C%252F3081%252Fnpo.com%252Fnews%252Fpolitics%252Fstory%2523ad-3%2C%252F3081%252Fnpo.com%252Fnews%252Fpolitics%252Fstory%2523ad-4%2C%252F3081%252Fnpo.com%252Fnews%252Fpolitics%252Fstory%2523ad-5%2C%252F3081%252Fnpo.com%252Fnews%252Fpolitics%252Fstory%2523ad-acceptable&auid=558243249%2C558243249%2C558243249%2C558243249%2C558243249%2C558243249
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
c355de515ff8252edb9102e401a69d7510481c1d44be238c44887ed5a7c556be

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:35:00 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://nationalpost.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/ 		24 B
648 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.22.1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.14.3 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software
/
Resource Hash
23c83cf762d5b70c1fae55801659bd1c795cf505927715afe510fe047be59bc4

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 23 Nov 2022 02:35:01 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://nationalpost.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2sea1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
fastlane.json
fastlane.rubiconproject.com/a/api/ 		15 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14648&site_id=359816&zone_id=2596590&size_id=15&alt_size_ids=2%2C55%2C57%3B2%2C55%2C57%3B2%2C55%2C57%3B2%2C55%2C57%3B2%2C55%2C57%3B2%2C10%2C43%2C44%2C55%2C57&eid_pubcid.org=762d746a-3845-4448-8263-51682ca40e44%5E1&rf=https%3A%2F%2Fnationalpost.com%2Fnews%2Fpolitics%2Fclaims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat&tg_i.aupname=%2F3081%2Fnpo.com%2Fnews&tg_i.pbadslot=%2F3081%2Fnpo.com%2Fnews%2Fpolitics%2Fstory%23ad-1%3B%2F3081%2Fnpo.com%2Fnews%2Fpolitics%2Fstory%23ad-2%3B%2F3081%2Fnpo.com%2Fnews%2Fpolitics%2Fstory%23ad-3%3B%2F3081%2Fnpo.com%2Fnews%2Fpolitics%2Fstory%23ad-4%3B%2F3081%2Fnpo.com%2Fnews%2Fpolitics%2Fstory%23ad-5%3B%2F3081%2Fnpo.com%2Fnews%2Fpolitics%2Fstory%23ad-acceptable&tk_flint=dmpbjs_v7.22.1&x_source.tid=13755d70-b7bd-427a-9cce-84e857dcb519%3Bbde238d3-bc49-40ea-878d-2a605785e91d%3B6aa6dca8-065f-4c27-b259-2f2062382113%3B26029b5a-c4c3-4bf3-b547-b372e090fb1a%3Bf980e3a3-f1ec-45e5-993b-fb62f43edfcf%3B287a79f8-8eca-4147-ac10-d3593b6de93e&l_pb_bid_id=7349d2132b2e177%3B74354bf8a76cafa%3B758e0f6a785b763%3B760f67996846ac6%3B77a2378446be6fc%3B781fd631650cf59&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F3081%2Fnpo.com%2Fnews%2Fpolitics%2Fstory%23ad-1%3B%2F3081%2Fnpo.com%2Fnews%2Fpolitics%2Fstory%23ad-2%3B%2F3081%2Fnpo.com%2Fnews%2Fpolitics%2Fstory%23ad-3%3B%2F3081%2Fnpo.com%2Fnews%2Fpolitics%2Fstory%23ad-4%3B%2F3081%2Fnpo.com%2Fnews%2Fpolitics%2Fstory%23ad-5%3B%2F3081%2Fnpo.com%2Fnews%2Fpolitics%2Fstory%23ad-acceptable&slots=6&rand=0.9434250486931757
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1ef83ef315370d078295e0368eb53ed424e99ba35682a4a7ec7e0187ad4593a7

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:35:00 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nationalpost.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ 		786 B
567 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=132&profileId=185&av=34&wv=7.22.1&cb=2060418770
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
0cecd7fe86c4ade6f298694d388f54231f850d3414da52783c1c916ddb156737
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 23 Nov 2022 02:35:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nationalpost.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
296
prebid
ib.adnxs.com/ut/v3/ 		19 B
712 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 02:35:00 GMT
AN-X-Request-Uuid
177605a9-b824-4a9c-a47d-706bd05f48e0
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://nationalpost.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
0dc96a9b-0b86-4123-b018-7b7decd32a77
https://nationalpost.com/ 		111 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://nationalpost.com/0dc96a9b-0b86-4123-b018-7b7decd32a77
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e95f0249de37bf2d539bbafe9a136c5f5c782b544e8d8de83e9db005d3f3e2e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Length
113899
8134a922-75dd-4b7d-88a8-e5f4efb437a1
https://nationalpost.com/ 		20 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://nationalpost.com/8134a922-75dd-4b7d-88a8-e5f4efb437a1
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
40ea2b15e22c0f56ae52151aa02446b289e7f9f2d4d1392f905b037f46e5c967

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Length
20393
comscore.js
storage.googleapis.com/pmd-dev-northamerica-northeast1-asset-analytics-pub/js/ 		168 KB
168 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/pmd-dev-northamerica-northeast1-asset-analytics-pub/js/comscore.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/12.3.4/websites/js/81a2bd78985124295c4617.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
276b5244682738d09b1f2ea556faf7d6d967c844fa95c762c121a0957ebe4503

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 01:56:36 GMT
age
2304
x-guploader-uploadid
ADPycdtYk4fy2rKhe2g3anRakSkzjilqj-Lt78zHFETuJhAafB_sM8JAJMRvvarrv8iRA18KDl8oyMVEOsVOfwiNBfQ-ww
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
171739
last-modified
Tue, 13 Sep 2022 19:04:43 GMT
server
UploadServer
etag
"702fb2c84c6e8b364a6130cb860c7987"
x-goog-generation
1663095883714722
x-goog-hash
crc32c=aQkgGQ==, md5=cC+yyExuizZKYTDLhgx5hw==
content-type
text/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
171739
accept-ranges
bytes
expires
Wed, 23 Nov 2022 02:56:36 GMT
identify
api.permutive.com/v2.0/ 		50 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
908823748920d0fa1bf10ec65eea394f85e30cd5b59c957361cbf28b01085fd6

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 23 Nov 2022 02:35:00 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://nationalpost.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
middy-desktop-4.9.24.js
cdn.browsiprod.com/sd/apps/middy/ 		334 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.9.24.js
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-15.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ce41c7e0b8ca5d050d3e9c504d0e03d16ae1690fcb7d9b1789d47620518eca5d

Request headers

Referer
https://nationalpost.com/
Origin
https://nationalpost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 14:56:58 GMT
x-amz-version-id
Hx0.d0uGI2CmQoVmD55mqthvK5hSUElG
content-encoding
br
via
1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
560283
x-cache
Hit from cloudfront
last-modified
Sun, 06 Nov 2022 09:23:54 GMT
server
AmazonS3
etag
W/"c4015347ecfb7b5dd67823ab9a9022be"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
k1aNtsIEVvK2rhU9rE0JLLiM9aamP6QIsA97bgJm7h1JwGbFtPx6-w==
simple
api.sail-personalize.com/v1/personalize/ 		288 B
497 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Requested by
Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash
c7d8e68d4f8d1a8633ce94f2fc7a7b3da99b26c400bb0a3225546d9a742846f3

Request headers

x-lib-version
v1.0.1
accept-language
de-DE,de;q=0.9
authorization
Bearer b9d3df2fccd108b5eff3c44f573b2cd6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
content-type
application/json
accept
application/json
Referer
https://nationalpost.com/
x-referring-url
https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:35:01 GMT
content-encoding
gzip
allowedorigins
*
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
allowedmethods
GET,OPTIONS
cache-control
no-store
access-control-allow-credentials
true
allowedheaders
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length
196
expires
-1
simple
api.sail-personalize.com/v1/personalize/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-lib-version,x-referring-url
Access-Control-Request-Method
GET
Origin
https://nationalpost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
access-control-allow-methods
OPTIONS,GET,POST,PUT,DELETE
access-control-allow-origin
https://nationalpost.com
access-control-max-age
1800
allow
HEAD,GET,OPTIONS
content-length
18
content-type
text/plain
date
Wed, 23 Nov 2022 02:35:00 GMT
events
bidder.criteo.com/csm/ 		0
217 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 23 Nov 2022 02:35:00 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://nationalpost.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
supply
events.browsiprod.com/events/ 		0
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/supply?p=8ae96aac-b610-4679-9916-716be763d0e5
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.9.24.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.209.185.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-209-185-64.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://nationalpost.com
date
Wed, 23 Nov 2022 02:35:00 GMT
access-control-allow-credentials
true
abd.js
cdn.browsiprod.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.browsiprod.com/abd.js
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.9.24.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-15.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
481d713552f587d3bc0e3683557f8541ea69543e4d7abb7e4299c646ab10fd03

Request headers

Referer
https://nationalpost.com/
Origin
https://nationalpost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
rKwk7MJeT07HcAaaVBBDA7s6dDzRWDJ1
content-encoding
br
via
1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
date
Tue, 22 Nov 2022 08:12:58 GMT
x-amz-cf-pop
FRA2-C1
age
67353
x-cache
Hit from cloudfront
last-modified
Sun, 08 Jul 2018 12:47:26 GMT
server
AmazonS3
etag
W/"bc70a2c30105ea2f98d83f5ad623fc39"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
ZNZ4XIDRwdF1hjfH-Bm3XhGqADqcyH-5hZFMGJokVXPLXA_FbjgEqw==
supply
events.browsiprod.com/events/ 		0
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/supply?p=8ae96aac-b610-4679-9916-716be763d0e5
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.9.24.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.209.185.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-209-185-64.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://nationalpost.com
date
Wed, 23 Nov 2022 02:35:00 GMT
access-control-allow-credentials
true
segment
api.permutive.com/adv/v2/ 		30 B
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/adv/v2/segment?new-session=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
b445bad8e6fcb75a280aab0d13732970ddcb3e855e14f5281ec4200b871ac7ef

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Wed, 23 Nov 2022 02:35:00 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30
content-type
application/json
sync
googlesync.permutive.com/v2.0/px/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=ddba2bdb-24b7-492c-a276-0a8705169dc8
  • https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=ddba2bdb-24b7-492c-a276-0a8705169dc8&google_tc=
  • https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEGtCufSBkp1V3goJHjKDRrM&error=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=ddba2bdb-24b7-492c-a276-0a8705169dc8&google_cver=1
35 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEGtCufSBkp1V3goJHjKDRrM&error=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=ddba2bdb-24b7-492c-a276-0a8705169dc8&google_cver=1
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Protocol
H2
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:35:00 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
vary
Origin
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:35:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEGtCufSBkp1V3goJHjKDRrM&error=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=ddba2bdb-24b7-492c-a276-0a8705169dc8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
404
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
aacxs.php
c.aaxads.com/ Frame 72BE 		22 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c.aaxads.com/aacxs.php?flg=AAX24X4M7&fv=1&fy=37&ke=1&suylg=195%2C55%2C3012%2C222%2C274%2C214%2C292%2C159%2C141%2C203%2C271%2C241%2C368%2C272%2C175%2C282%2C229%2C251%2C295%2C310%2C356%2C97%2C51%2C265%2C267%2C108%2C172%2C3007%2C369%2C209&yvVbqf=1&uhiXuo=&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Requested by
Host: c.aaxads.com
URL: https://c.aaxads.com/aax.js?pub=AAX24X4M7&hst=nationalpost.com&ver=1.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.241.117 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-117.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
def163ff7af1c8a821a51f83d56c5c7e68e50a803d21bb94eda7910a71300089
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://nationalpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8777
content-type
text/html; charset=UTF-8
date
Wed, 23 Nov 2022 02:35:01 GMT
expires
Fri, 25 Nov 2022 02:35:01 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=604800
vary
Accept-Encoding
x-mnet-hl2
E
syncframe
gum.criteo.com/ Frame FE36 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=nationalpost.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://nationalpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 02:35:00 GMT
server
Kestrel
server-processing-duration-in-ticks
635759
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
appInfo
config.lrcontent.com/ciam/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://config.lrcontent.com/ciam/appInfo?apikey=1a9a7ccf-c3f1-4ec9-a65f-2c3e8d9510a5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
https://nationalpost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-headers
x-requested-with
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://nationalpost.com
allow
GET, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
76e682547a53924a-FRA
date
Wed, 23 Nov 2022 02:35:01 GMT
server
cloudflare
vary
Origin
cdb
bidder.criteo.com/ 		854 B
577 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=132&profileId=154&cb=34205805348
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
a959f07a7348a96bdf785a55ec711d84e9de603e009ef8ff32ebdb4c2717ab19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 23 Nov 2022 02:35:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nationalpost.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
307
v1
btlr.sharethrough.com/t6oivhQt/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/t6oivhQt/v1?placement_key=D2abA1Rp6kBk6UGfedAGLUhB&bidId=_wwdGcJia&instant_play_capable=true&hbSource=indexExchange&hbVersion=2.3.0&cbust=1669170901122&secure=true
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-225789216445563.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.23.102 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-23-102.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://nationalpost.com
date
Wed, 23 Nov 2022 02:35:01 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/t6oivhQt/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/t6oivhQt/v1?placement_key=kjwlRSRwxS3hUFeSYiL6jI98&bidId=_1vmXb6E2&instant_play_capable=true&hbSource=indexExchange&hbVersion=2.3.0&cbust=1669170901123&secure=true
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-225789216445563.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.23.102 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-23-102.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://nationalpost.com
date
Wed, 23 Nov 2022 02:35:01 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/t6oivhQt/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/t6oivhQt/v1?placement_key=lCJdf8N4ge08RF6J5oWoGwQ0&bidId=_W3iF339J&instant_play_capable=true&hbSource=indexExchange&hbVersion=2.3.0&cbust=1669170901123&secure=true
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-225789216445563.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.23.102 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-23-102.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://nationalpost.com
date
Wed, 23 Nov 2022 02:35:01 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/t6oivhQt/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/t6oivhQt/v1?placement_key=jlV02mmpkG0erdChoVVJKbxT&bidId=_qEumCrx6&instant_play_capable=true&hbSource=indexExchange&hbVersion=2.3.0&cbust=1669170901123&secure=true
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-225789216445563.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.23.102 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-23-102.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://nationalpost.com
date
Wed, 23 Nov 2022 02:35:01 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/t6oivhQt/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/t6oivhQt/v1?placement_key=vGpkkT7H3vBra0Z1fhaoh8m8&bidId=_ViKqjhu6&instant_play_capable=true&hbSource=indexExchange&hbVersion=2.3.0&cbust=1669170901123&secure=true
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-225789216445563.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.23.102 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-23-102.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://nationalpost.com
date
Wed, 23 Nov 2022 02:35:01 GMT
access-control-allow-credentials
true
vary
Origin
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c702f9d0100&pos=8a9699ea0174749851ce9c7fbecb002b&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-225789216445563.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
59618352a36885b4554bb1e09420d7979b68f4dfe7040bf672a6c620cdaa5391

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 23 Nov 2022 02:35:01 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nationalpost.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c702f9d0100&pos=8a9699ea0174749851ce9c7fc213002d&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-225789216445563.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
66c9b3d88f25024b2b0de376106b94b252d65f8506b6c27d81da9ea3b09a4df4

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 23 Nov 2022 02:35:01 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nationalpost.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c702f9d0100&pos=8a9699ea0174749851ce9c7fc06c002c&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-225789216445563.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
1067dbcc1e15682ddbac3990fba322394b444a02f9ca47751dfc552f19998516

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 23 Nov 2022 02:35:01 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nationalpost.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c702f9d0100&pos=8a9699ea0174749851ce9c7fc3bb002e&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-225789216445563.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
dcd958ead4fb272624aebb636348c089fb73295c3ae98c906b61f297217efa0b

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 23 Nov 2022 02:35:01 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nationalpost.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c702f9d0100&pos=8a9699ea0174749851ce9c7fb9b40028&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-225789216445563.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
c1f535408f6a66e0463e1a9945bbfe1f8799aae46f08d90e76b92b768f0bd536

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 23 Nov 2022 02:35:01 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nationalpost.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c702f9d0100&pos=8a9699ea0174749851ce9c7fbb910029&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-225789216445563.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
299c389920423ffa9d16874c214faddc481edfa007304df7c99f68da0df2a062

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 23 Nov 2022 02:35:01 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nationalpost.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c702f9d0100&pos=8a9699ea0174749851ce9c7fbd2a002a&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-225789216445563.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
3287814ca76274abc014031e548108accb9529713f36f9c99f9ca083ac6d1d0b

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 23 Nov 2022 02:35:01 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nationalpost.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c702f9d0100&pos=8a9690030174749856249c7fb833017f&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-225789216445563.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
01cbda7c0cc7dc2ada72b63517986851aca2f5d8c4b5d264a89d1bd0ec71a6c7

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 23 Nov 2022 02:35:01 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nationalpost.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c702f9d0100&pos=8a9690030174749856249c7fb696017e&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-225789216445563.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
ee5d74c0385d05ed4a46093fe8f108ae85fe5015b87c491b757d89d292b6b5db

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 23 Nov 2022 02:35:01 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nationalpost.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c702f9d0100&pos=8a9690030174749856249c7fb4fd017d&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-225789216445563.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
a327feab640275b561b2c9b64c675ccc635f1360487d50a70e6002fcc9c6ec1a

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 23 Nov 2022 02:35:01 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nationalpost.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c702f9d0100&pos=8a9690030174749856249c7fb356017c&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-225789216445563.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
00b16c8ca85bd490370f9c7e4194878e1ca6b38b88723306c58d1a91f2cf4832

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 23 Nov 2022 02:35:01 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nationalpost.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c702f9d0100&pos=8a9690030174749856249c7fb1bc017b&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-225789216445563.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
968f436fe7e9ec800665ea00b3ba03a6c56e008081492c46718ac1954ca461e3

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 23 Nov 2022 02:35:01 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nationalpost.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c702f9d0100&pos=8a9690030174749856249c7fa6b10175&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-225789216445563.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
16b054796030af55929e5df5eb99f1ef463a435298c565f3fd6295a5447dd443

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 23 Nov 2022 02:35:01 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nationalpost.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c702f9d0100&pos=8a9690030174749856249c7fa8600176&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-225789216445563.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
f2ad960f78dad361af14cb4cee2e3dbff7afc1b9a067d1cd3d9af57cefe34e38

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 23 Nov 2022 02:35:01 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nationalpost.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c702f9d0100&pos=8a9690030174749856249c7fa9eb0177&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-225789216445563.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
ad188ea0316fd32265b5e0e7290178f168b15aae8069482ef9e1b315968858cc

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 23 Nov 2022 02:35:01 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nationalpost.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c702f9d0100&pos=8a9690030174749856249c7fa5160174&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-225789216445563.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
1b312c8acba998f091559ba5589483a97a98a47a7539a1e63c8783bc3c8ac76f

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 23 Nov 2022 02:35:01 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nationalpost.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c702f9d0100&pos=8a9690030174749856249c7f69fb0149&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-225789216445563.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
c3b49f1c2ba6542d8c8ff0d9496de8b8e81572e82272fc40cceafa47c7f2821a

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 23 Nov 2022 02:35:01 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nationalpost.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c702f9d0100&pos=8a9690030174749856249c7f6b14014a&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-225789216445563.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
49b2366d707ee5e36431952ffaaffecdceb57c52756a9b2e062222a16629599a

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 23 Nov 2022 02:35:01 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nationalpost.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c702f9d0100&pos=8a9690030174749856249c7f6cab014b&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-225789216445563.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
31f94a88ae03703e97e78b4e3287bf3b81da76cdec81be2cac631fedaffbd7a7

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 23 Nov 2022 02:35:01 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nationalpost.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c702f9d0100&pos=8a9690030174749856249c7f6dec014c&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-225789216445563.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
794ed69fccc7bcea5fec2f423cf3b141de40362fdc63abf5687a48cf2683f4b6

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 23 Nov 2022 02:35:01 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nationalpost.com
access-control-allow-credentials
true
content-length
62
jpt
secure.adnxs.com/ 		0
685 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/jpt?id=19512312&size=300x250&callback=headertag.DistrictMHtb.adResponseCallback&callback_uid=bu4TgiaS&psa=0&promo_sizes=728x90%2C970x250%2C970x90&referrer=https%3A%2F%2Fnationalpost.com%2Fnews%2Fpolitics%2Fclaims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-225789216445563.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 02:35:01 GMT
AN-X-Request-Uuid
bf9066c9-2eb5-44be-8a58-f359d9782f34
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://nationalpost.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
jpt
secure.adnxs.com/ 		0
685 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/jpt?id=19512314&size=300x250&callback=headertag.DistrictMHtb.adResponseCallback&callback_uid=8Do43JgY&psa=0&promo_sizes=728x90%2C970x250%2C970x90&referrer=https%3A%2F%2Fnationalpost.com%2Fnews%2Fpolitics%2Fclaims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-225789216445563.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 02:35:01 GMT
AN-X-Request-Uuid
152a2bcc-f820-4957-b930-2e187bcfbd0e
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://nationalpost.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
jpt
secure.adnxs.com/ 		0
685 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/jpt?id=11579362&size=300x250&callback=headertag.DistrictMHtb.adResponseCallback&callback_uid=D8nxwTPO&psa=0&promo_sizes=728x90%2C970x250%2C970x90&referrer=https%3A%2F%2Fnationalpost.com%2Fnews%2Fpolitics%2Fclaims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-225789216445563.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 02:35:01 GMT
AN-X-Request-Uuid
1a76e90c-e736-4092-880c-728d223520da
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://nationalpost.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
jpt
secure.adnxs.com/ 		0
685 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/jpt?id=19008834&size=300x250&callback=headertag.DistrictMHtb.adResponseCallback&callback_uid=uiWFo9Y5&psa=0&promo_sizes=728x90%2C970x250%2C970x90&referrer=https%3A%2F%2Fnationalpost.com%2Fnews%2Fpolitics%2Fclaims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-225789216445563.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 02:35:01 GMT
AN-X-Request-Uuid
171cd27b-61a4-4014-8805-984485bf900c
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://nationalpost.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
jpt
secure.adnxs.com/ 		0
685 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/jpt?id=11579320&size=300x250&callback=headertag.DistrictMHtb.adResponseCallback&callback_uid=0uBD79me&psa=0&promo_sizes=728x90%2C970x250%2C970x90&referrer=https%3A%2F%2Fnationalpost.com%2Fnews%2Fpolitics%2Fclaims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-225789216445563.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 02:35:01 GMT
AN-X-Request-Uuid
742e18a1-b432-4886-b4ba-49d89e4cd5ed
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://nationalpost.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
postmedia-d.openx.net/w/1.0/ 		131 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://postmedia-d.openx.net/w/1.0/arj?auid=541132944%2C541132940%2C541132937%2C541132930%2C541132925&aus=300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90&ju=https%3A%2F%2Fnationalpost.com%2Fnews%2Fpolitics%2Fclaims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat&jr=&ch=UTF-8&tz=0&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._v1PRBzrI&cache=1669170901129
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-225789216445563.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
deb95300723cf2d65b8ac43312488d3cbd6530c7407c2770fa42e1ea7bb6909d

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:35:01 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://nationalpost.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136
expires
Mon, 26 Jul 1997 05:00:00 GMT
cygnus
htlb.casalemedia.com/ 		30 B
531 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=191262
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-225789216445563.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd163b2c91fe2fe7a6206f6224385aae23716f670e29b0f0bb4641d9af33ee03

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:35:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wk76ok22fWqrnf1O6pHqc1xeCr6DWXrlXXO1XEQL5KjXUlnVodU6MfuKSYLsRvrm1ebcBHaNrt2m%2FbbIYj2ZnjupIS%2Fu8AOqrar6nWJsvLfsyoir%2FnhkBrCToQjSwYdhF78TCbF5"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://nationalpost.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
76e682544faf9bec-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30
expires
0
bid
ap.lijit.com/rtb/ 		64 B
740 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?callback=window.headertag.SovrnHtb.adResponseCallback&br=%7B%22id%22%3A%22_2Scqg4fB%22%2C%22site%22%3A%7B%22domain%22%3A%22nationalpost.com%22%2C%22page%22%3A%22%2Fnews%2Fpolitics%2Fclaims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat%22%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22Tyg9Mcg8%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%22tagid%22%3A%22739699%22%7D%2C%7B%22id%22%3A%22HOUxnctH%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%22tagid%22%3A%22739700%22%7D%2C%7B%22id%22%3A%22i4MwY1Zm%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%7D%2C%22tagid%22%3A%22739701%22%7D%2C%7B%22id%22%3A%22WGoCbhh2%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%22tagid%22%3A%22739702%22%7D%2C%7B%22id%22%3A%22ZIOarRfZ%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%22tagid%22%3A%22739695%22%7D%2C%7B%22id%22%3A%22NRXGEacy%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%22tagid%22%3A%22739696%22%7D%2C%7B%22id%22%3A%22L46gMdE3%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%7D%2C%22tagid%22%3A%22739697%22%7D%2C%7B%22id%22%3A%22GEM6oUPI%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%22tagid%22%3A%22739698%22%7D%2C%7B%22id%22%3A%22hOnemWPN%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%22tagid%22%3A%22739691%22%7D%2C%7B%22id%22%3A%225gT4rlD9%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%22tagid%22%3A%22739692%22%7D%2C%7B%22id%22%3A%220TOL8cSh%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%7D%2C%22tagid%22%3A%22739693%22%7D%2C%7B%22id%22%3A%229rkjzwGa%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%22tagid%22%3A%22739694%22%7D%2C%7B%22id%22%3A%22SGs4s01i%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%22tagid%22%3A%22739683%22%7D%2C%7B%22id%22%3A%22PCKzYTTv%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%22tagid%22%3A%22739684%22%7D%2C%7B%22id%22%3A%226rakumyV%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%7D%2C%22tagid%22%3A%22739685%22%7D%2C%7B%22id%22%3A%22ghj1krAc%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%22tagid%22%3A%22739686%22%7D%2C%7B%22id%22%3A%22vMzU648L%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%22tagid%22%3A%22739639%22%7D%2C%7B%22id%22%3A%22iHYCka6u%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%22tagid%22%3A%22739640%22%7D%2C%7B%22id%22%3A%226v7Yxg62%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%7D%2C%22tagid%22%3A%22739641%22%7D%2C%7B%22id%22%3A%221VTMYfOs%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%22tagid%22%3A%22739642%22%7D%5D%7D
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-225789216445563.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.14.3 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software
/
Resource Hash
634edbe8c68f1942d9372f38d2d0268c3263a2d027bc173c33698aa3bf105c62

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:35:01 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/x-javascript
Access-Control-Allow-Origin
https://nationalpost.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2sea1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
84
prebid
ib.adnxs.com/ut/v3/ 		19 B
712 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-225789216445563.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 02:35:01 GMT
AN-X-Request-Uuid
81e44ccc-a069-4522-8f0c-7c245603957d
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://nationalpost.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
appInfo
config.lrcontent.com/ciam/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://config.lrcontent.com/ciam/appInfo?apikey=1a9a7ccf-c3f1-4ec9-a65f-2c3e8d9510a5
Requested by
Host: auth.lrcontent.com
URL: https://auth.lrcontent.com/v2/js/LoginRadiusV2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbe74c62945bca0d7d29f9784c7462326fb4f8100313f320468c67a947a267ad

Request headers

Referer
https://nationalpost.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:35:01 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json
access-control-allow-origin
https://nationalpost.com
cache-control
max-age=86400
cf-ray
76e68254dad6924a-FRA
9c9baa9c277a560b6ea0.js
fem.gprod.postmedia.digital/v70.0/chunks/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v70.0/chunks/9c9baa9c277a560b6ea0.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v70.0/fem.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
0c92a8a981ca46cfb88a56dd166b36bac275d9ae9ab5e3af1a2421b3603bc2a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 18:54:41 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1667858027
age
632420
x-guploader-uploadid
ADPycduQk8wSSILi-qhRtEjlXmupztT5PvmIlZdi3L2uXntOtmZ4WjwSs6JcUUymXmJ3ZKxgmXF73qCrNsu6-KNVx7QzXjMgx-_E
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1094
last-modified
Mon, 07 Nov 2022 21:55:04 GMT
server
UploadServer
etag
W/"8c26f3d8cc739eccd29c6c8cb09cc85b"
vary
Accept-Encoding
x-goog-generation
1667858104109720
x-goog-hash
crc32c=Rg/Ibw==, md5=jCbz2MxznszSnGyMsJzIWw==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
3199
accept-ranges
none
pub
pixel.adsafeprotected.com/services/ 		999 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=928934&slot=%7Bid:ad-1,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/npo.com/news/politics/story,t:display%7D&slot=%7Bid:ad-2,ss:%5B6.6,1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/npo.com/news/politics/story,t:display%7D&slot=%7Bid:ad-3,ss:%5B7.7,1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/npo.com/news/politics/story,t:display%7D&slot=%7Bid:ad-4,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/npo.com/news/politics/story,t:display%7D&slot=%7Bid:ad-5,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/npo.com/news/politics/story,t:display%7D&slot=%7Bid:ad-acceptable,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/npo.com/news/politics/story,t:display%7D&slot=%7Bid:ad-native-2,ss:%5B5.5%5D,p:/3081/npo.com/news/politics/story,t:display%7D&slot=%7Bid:ad-native-1,ss:%5B5.5%5D,p:/3081/npo.com/news/politics/story,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=de592897-3f6a-22c5-b808-6b01b2cfae82&url=https%253A%252F%252Fnationalpost.com%252Fnews%252Fpolitics%252Fclaims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.188.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-188-115.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a19e15ac896f18bce3cc89b21bf4adcb96fd16d0856e5022d8e39971b733d294

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:35:01 GMT
server
nginx
x-server-name
app03.ie.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://nationalpost.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
sid
mug.criteo.com/ Frame FE36
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=nationalpost.com&sn=ChromeSyncframe&so=0&topUrl=nationalpost.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=WPzMNnx3cDRLUXVuUFk3eEg4TmpnWHBKQ2IveUE4WllSVTZ6L2p2R3VzU1BXM1JQV3diOHZINm1SK05KL3ZaWDZaZDlrVmZpZVU4STNsSHZMTUtRK0Y2S0gxQzlUTm1MZCtLMHBlVlh2UTd0L1FXbnM4TVpIOGNOMVJWMG...
457 B
673 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=WPzMNnx3cDRLUXVuUFk3eEg4TmpnWHBKQ2IveUE4WllSVTZ6L2p2R3VzU1BXM1JQV3diOHZINm1SK05KL3ZaWDZaZDlrVmZpZVU4STNsSHZMTUtRK0Y2S0gxQzlUTm1MZCtLMHBlVlh2UTd0L1FXbnM4TVpIOGNOMVJWMGluZWJwS080SnFRVkJ1S3R2S28rckdzSjEvaXY3M09kdU9SNTlDa3o1NzJYOXQ2NW5QSGRBaVN6N1RlTHUzTWtETzRNUVhBN1NzMUVnbGF3dmwwZkQ0a0NmMXc0Q1pVWXBtS0dKN2RVbkZ0VXI4UkFseVpacHJDb3gvNXpodjZrdE5JRWwwc2hxTWVKZkJIWlRrR3MwZk13V2szc2UySEt0YXR6QmhhaVM0c2hEUVgrZjQ1RT18&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
99a861cfadfd368663aba3a226d3102366b7e7ee25ce5eafa05757950fe98546
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:35:00 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2208401
expires
0

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:35:00 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=WPzMNnx3cDRLUXVuUFk3eEg4TmpnWHBKQ2IveUE4WllSVTZ6L2p2R3VzU1BXM1JQV3diOHZINm1SK05KL3ZaWDZaZDlrVmZpZVU4STNsSHZMTUtRK0Y2S0gxQzlUTm1MZCtLMHBlVlh2UTd0L1FXbnM4TVpIOGNOMVJWMGluZWJwS080SnFRVkJ1S3R2S28rckdzSjEvaXY3M09kdU9SNTlDa3o1NzJYOXQ2NW5QSGRBaVN6N1RlTHUzTWtETzRNUVhBN1NzMUVnbGF3dmwwZkQ0a0NmMXc0Q1pVWXBtS0dKN2RVbkZ0VXI4UkFseVpacHJDb3gvNXpodjZrdE5JRWwwc2hxTWVKZkJIWlRrR3MwZk13V2szc2UySEt0YXR6QmhhaVM0c2hEUVgrZjQ1RT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
294933
content-length
0
expires
0
login
postmedia.hub.loginradius.com/ssologin/ 		38 B
550 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v70.0/fem.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.159.85.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-85-30.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
content-type
application/json

Response headers

Date
Wed, 23 Nov 2022 02:35:01 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Server
nginx
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,OPTIONS, POST, GET, PUT, OPTIONS, DELETE
Content-Type
application/json
Access-Control-Allow-Origin
https://nationalpost.com
X-LoginRadius-Server
Primary - IDX - AWS
Access-Control-Allow-Credentials
true
X-Server
ms_idx_primary
Connection
keep-alive
Content-Length
38
login
postmedia.hub.loginradius.com/ssologin/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.159.85.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-85-30.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://nationalpost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,OPTIONS POST, GET, PUT, OPTIONS, DELETE
Access-Control-Allow-Origin
https://nationalpost.com
Connection
keep-alive
Date
Wed, 23 Nov 2022 02:35:01 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-LoginRadius-Server
Primary - IDX - AWS
X-Server
ms_idx_primary
events
bidder.criteo.com/csm/ 		0
217 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 23 Nov 2022 02:35:01 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://nationalpost.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
log
c21lg-d.media.net/ Frame 72BE 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?___stu13p=5idgihgb3r73nr56xnl0ch00yxnzunr&gho=1&yvlg=3121725018280808000V10&ruljlq=1&iow=0&syjlg[]=028AAX&syjlg[]=041AAX&syjlg[]=054AAX&syjlg[]=345AAX&syjlg[]=076AAX&syjlg[]=080AAX&syjlg[]=097AAX&syjlg[]=109AAX
Requested by
Host: c.aaxads.com
URL: https://c.aaxads.com/aacxs.php?flg=AAX24X4M7&fv=1&fy=37&ke=1&suylg=195%2C55%2C3012%2C222%2C274%2C214%2C292%2C159%2C141%2C203%2C271%2C241%2C368%2C272%2C175%2C282%2C229%2C251%2C295%2C310%2C356%2C97%2C51%2C265%2C267%2C108%2C172%2C3007%2C369%2C209&yvVbqf=1&uhiXuo=&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.aaxads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 02:35:01 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Wed, 23 Nov 2022 02:35:01 GMT
supply
events.browsiprod.com/events/ 		0
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/supply?p=8ae96aac-b610-4679-9916-716be763d0e5
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.9.24.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.209.185.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-209-185-64.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://nationalpost.com
date
Wed, 23 Nov 2022 02:35:01 GMT
access-control-allow-credentials
true
events
api.permutive.com/v2.0/batch/ 		101 B
129 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
b7787917156dd6021101ecaa08463870587a963d6968695c97b47c8013a3e011

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 23 Nov 2022 02:35:01 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://nationalpost.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=nationalpost.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:35:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=nationalpost.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:35:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
headerstats
as-sec.casalemedia.com/ 		0
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=191262&u=https%3A%2F%2Fnationalpost.com%2Fnews%2Fpolitics%2Fclaims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-225789216445563.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:35:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r5ml4C%2BsZ637zpZkYYllesVamAChNGOnOibP40gBdKHA%2BxT5agfgc0Pmp%2FFCi3IghtUxehbmeP1RytYnsUwgPQfMJTNMn2XXh5ueqeKh%2B5VwabgF0mrwhywtmOCQr4CEcE%2BWKoQHipE%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://nationalpost.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
76e68255e8fa9042-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		110 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1964286895719631&correlator=67020972165801&eid=44777629&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=3081%2Cnpo.com%2Cnews%2Cpolitics%2Cstory&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C6x6%7C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C7x7%7C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C5x5&ifi=1&adks=1596188534%2C3613382000%2C3104984798%2C1596188523%2C1596188522%2C2207261205%2C2207261202&sfv=1-0-40&prev_scp=loc%3D1%26browsiId%3Dnationalpost_a%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.53%26hb_adid%3D52bd8b7c32bfd5c%26hb_bidder%3Dyahoossp%26id%3D6de80bba-6ad7-11ed-b75c-0a6fa201f3de%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%7Cloc%3D2%26browsiId%3Dnationalpost_a%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.52%26hb_adid%3D53f5e7fe98789e6%26hb_bidder%3Dyahoossp%26id%3D6de80bbb-6ad7-11ed-b75c-0a6fa201f3de%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%7Cloc%3D3%26browsiId%3Dnationalpost_a%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.37%26hb_adid%3D54243194d8ba64f%26hb_bidder%3Dyahoossp%26id%3D6de80bbc-6ad7-11ed-b75c-0a6fa201f3de%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%7Cloc%3D4%26browsiId%3Dnationalpost_a%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.53%26hb_adid%3D5530f3e5c24bcec%26hb_bidder%3Dyahoossp%26id%3D6de80bbd-6ad7-11ed-b75c-0a6fa201f3de%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%2C80%7Cloc%3D5%26browsiId%3Dnationalpost_a%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.53%26hb_adid%3D5681ea4f2a5068b%26hb_bidder%3Dyahoossp%26id%3D6de80bbe-6ad7-11ed-b75c-0a6fa201f3de%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%7Cloc%3D2%26amznbid%3D2%26amznp%3D2%26id%3D6de80bc0-6ad7-11ed-b75c-0a6fa201f3de%7Cloc%3D1%26amznbid%3D2%26amznp%3D2%26id%3D6de80bc1-6ad7-11ed-b75c-0a6fa201f3de&eri=1&cust_params=permutive%3D96400%252C105537%252C105538%252C105541%252C110592%252C111761%252C111793%252Crts%26puid%3Dddba2bdb-24b7-492c-a276-0a8705169dc8%26ptime%3D1669170900469%26prmtvvid%3D0bc94d45-b9eb-4497-9157-c2a25bdf122c%26prmtvwid%3D23dc09d6-b664-425a-a76e-0eed6a6cc102%26aid%3D837ae9c0-a0dd-4ecf-a1c5-0855567f1829%252C79933619%26author%3DChristopher%2520Nardi%26no_pol%3Dtrue%26page%3Dstory%26pr%3Dnp%26sensitive%3Dy%26sct%3Dprovoking_murder_injury%252Ccrime%252Cpolitics_canada%26negative%3Dy%26nkb%3DLandRover%252CCIBC%252CHyundai%252CGM%252CJLR%252CQuestTradeNegative%252CBLM%252CSamsung%252CEVAUTO%252CBoeing%252COntarioSecuritiesCommission%252CAutoTruck%26asrc%3Dnp%26ck%3Dnews%26sck%3Dpolitics%26prmtvsdk%3Dweb%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3DIAS_461_KW&sc=1&cookie_enabled=1&abxe=1&dt=1669170901381&lmt=1669170901&dlt=1669170899672&idt=787&adxs=200%2C797%2C797%2C200%2C200%2C798%2C798&adys=277%2C1712%2C3225%2C4013%2C4713%2C5947%2C7010&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C2%7C3%7C4%7C5%7C6&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fnationalpost.com%2Fnews%2Fpolitics%2Fclaims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat&frm=20&vis=1&psz=1600x250%7C1600x250%7C1600x250%7C1600x250%7C1600x250%7C530x5%7C530x5&msz=1600x-1%7C1600x-1%7C1600x-1%7C1600x-1%7C1600x-1%7C530x5%7C530x5&fws=4%2C4%2C4%2C4%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C564&ga_vid=1168543589.1669170901&ga_sid=1669170901&ga_hid=359120527&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bc3ad6960eac106c05cbf6df21afdeee105bd94547d163445d5e50452862cb0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:35:01 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15038
x-xss-protection
0
google-lineitem-id
6123534194,6122674462,6123521969,6123534194,6123534194,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138406115165,138406246893,138406246674,138406246671,138406246677,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nationalpost.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a13e6398aaa56f6413d25b8167ca834e998c43ec22d222032b1510187922194
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:35:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11312
x-xss-protection
0
container.html
dae8944e092e9c150a4f1ffb556c3c63.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FF8A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dae8944e092e9c150a4f1ffb556c3c63.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nationalpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 02:35:01 GMT
expires
Thu, 23 Nov 2023 02:35:01 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
load
experience.tinypass.com/xbuilder/experience/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://experience.tinypass.com/xbuilder/experience/load?aid=SE0WzqlbUG
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v70.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
574ee49322b85bbad4ad7717b04996355985fa03bb32fa98f3a6e15866a794ad
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
date
Wed, 23 Nov 2022 02:35:01 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 23 Nov 2022 02:00:03 GMT
server
cloudflare
age
2098
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=1800
cf-ray
76e6825639529244-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
euq4dovsbw
expires
Wed, 23 Nov 2022 03:05:01 GMT
vf-v2.js
cdn.viafoura.net/ 		769 KB
181 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/vf-v2.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v70.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:9e00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2679910f25f645293705721962873d5da4320e892a1f2c7fa1544736037c1502

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
vZylbYR23jhjkwrCB9m9R3yrf5PsEmJP
content-encoding
br
via
1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
date
Wed, 23 Nov 2022 02:33:42 GMT
x-amz-cf-pop
FRA2-C1
age
79
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 22 Nov 2022 13:23:28 GMT
server
AmazonS3
etag
W/"5f62bd16b71be4ebf45018a8bc157466"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
x-amz-cf-id
eQyqutuqbrdAMwQj0cRam1X5FdvrtmFotKL6V6siC7jrlrM9XGpKmQ==
69166457c7a80195ed90.js
fem.gprod.postmedia.digital/v70.0/chunks/ 		958 B
995 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v70.0/chunks/69166457c7a80195ed90.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v70.0/fem.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
d97d5eff3c3117327805ef6fc3c8617a0b3742b9d7b871d2453110be5ccac818

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 18:54:47 GMT
x-goog-meta-goog-reserved-file-mtime
1667858027
age
632414
x-guploader-uploadid
ADPycdt-K5YWwBlTug0-ANI6Gk5hi5W-a9KEqRMYzIN0pkxrj2klusEMq2ahxR47s3AWKgkydBQl-jCKk-y0zOq9WAVHww
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
958
last-modified
Mon, 07 Nov 2022 21:55:04 GMT
server
UploadServer
etag
"1ffbbbb6aa7aa5edbfe38df054c2e5a9"
x-goog-generation
1667858104389071
x-goog-hash
crc32c=i6oncQ==, md5=H/u7tqp6pe2/443wVMLlqQ==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
958
accept-ranges
bytes
gtm.js
www.googletagmanager.com/ 		325 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v70.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dc70b0f609693b6c21472723281af1fe07e7529737498f4f755b4a8b8b67cf56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:35:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
86717
x-xss-protection
0
last-modified
Wed, 23 Nov 2022 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 23 Nov 2022 02:35:01 GMT
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v70.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-39.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 13:45:33 GMT
content-encoding
gzip
via
1.1 03d509e8374e9f42668961b5e0201348.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
46168
x-amz-server-side-encryption
AES256
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
-qkjHcHPs-hdLF2DuVmJ-60lbHIex7CfCicWVsbc_FUImHpXN510fg==
mparticle.js
jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/ 		226 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v70.0/fem.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
caeac94467d54c6ec3f0463d3eeb4a8c4ee018a534a317ec92ebeeb3ab639bcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-served-by
cache-iad-kcgs7200117-IAD, cache-hhn4035-HHN
date
Wed, 23 Nov 2022 02:35:01 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
server
Kestrel
age
233
x-timer
S1669170902.508695,VS0,VE2
x-origin-name
fastlyshield--shield_ssl_cache_iad_kcgs7200117_IAD
x-cache
HIT, HIT
content-type
application/javascript
vary
Accept, Accept-Encoding
cache-control
public, max-age=3600
accept-ranges
bytes
content-length
55723
x-cache-hits
8, 1
gtm.js
www.googletagmanager.com/ 		132 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v70.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
33fcd4c1ce6a5409b5ea2617a276401bf97ed01e5278131fd4f84d12a5d6d1ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:35:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42440
x-xss-protection
0
last-modified
Wed, 23 Nov 2022 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 23 Nov 2022 02:35:01 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:35:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 23 Nov 2022 02:35:01 GMT
tinypass.min.js
cdn.tinypass.com/api/ 		335 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tinypass.com/api/tinypass.min.js?version=2
Requested by
Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=SE0WzqlbUG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb309e7670e8767ca03b2d968804b165bb809d8ece901789dc43b8da80df56c7
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:35:01 GMT
x-amz-version-id
lTV1C_9LbM_39xEWm47eIR3QU1gGL0Ph
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=86400; includeSubDomains
x-amz-request-id
VW1AMW7CFFJJ3BJC
age
13362
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
U2THrkgA4/7c9VgiVcN9mUYYv1SO6Nnr0z9PX6bL+h5PCbrstkQQBbHU2G/gQEdkhtrFIzkxv0Y=
last-modified
Mon, 21 Nov 2022 09:01:21 GMT
server
cloudflare
etag
W/"ea5182cb7fa824e3b996e137c3756977"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
76e6825679969244-FRA
expires
Wed, 23 Nov 2022 06:35:01 GMT
v2
api.viafoura.co/v2/nationalpost.com/bootstrap/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/nationalpost.com/bootstrap/v2
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4864:1a08:46f1:fe35:b27f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1a23f074cc0627e1959725be52e313c51236421bc303716e76ae146fe1c1265d

Request headers

Accept
application/json, text/plain, */*
Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

x-instance-id
i-0b861ec8f355faca4
pragma
no-cache
date
Wed, 23 Nov 2022 02:35:02 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://nationalpost.com
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Wed, 23 Nov 2022 02:35:02 GMT
v2
api.viafoura.co/v2/nationalpost.com/bootstrap/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/nationalpost.com/bootstrap/v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4864:1a08:46f1:fe35:b27f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nationalpost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
access-control-allow-origin
https://nationalpost.com
access-control-max-age
1728000
cache-control
max-age=0
date
Wed, 23 Nov 2022 02:35:01 GMT
expires
Wed, 23 Nov 2022 02:35:01 GMT
server
nginx/1.18.0 (Ubuntu)
identify
identity.mparticle.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-mp-key
Access-Control-Request-Method
POST
Origin
https://nationalpost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type,x-mp-key
access-control-allow-methods
POST
access-control-allow-origin
*
age
3220
date
Wed, 23 Nov 2022 02:35:01 GMT
server
Kestrel
strict-transport-security
max-age=900
via
1.1 varnish
x-cache
HIT
x-cache-hits
815
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by
cache-hhn4041-HHN
x-timer
S1669170902.716719,VS0,VE0
gtm.js
www.googletagmanager.com/ 		138 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TR7GVNJ&l=dl_mparticle
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1e91fcb8a575e4c98ebf85d0844fa0246b0ece30f1276d4642274c1ff2d919b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:35:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48103
x-xss-protection
0
last-modified
Wed, 23 Nov 2022 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 23 Nov 2022 02:35:01 GMT
gtm.js
www.googletagmanager.com/ 		146 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MW2G74V&l=mp_data_layer
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
675ac366f8c89e9dcbf3da892e5ba281fdd7aa2e1a870a58bfc72d820cbbced7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:35:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48896
x-xss-protection
0
last-modified
Wed, 23 Nov 2022 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 23 Nov 2022 02:35:01 GMT
identify
identity.mparticle.com/v1/ 		175 B
270 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
6657603a21b2ce214e3344879e08f1d753f95e12ee47a7c92229e2649041dead
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

x-mp-key
us1-99b65fde89a1a145894d2d51d283cc83
Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

x-served-by
cache-hhn4041-HHN
date
Wed, 23 Nov 2022 02:35:01 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=900
server
Kestrel
x-timer
S1669170902.736112,VS0,VE137
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-cache
MISS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-cache-hits
0
execute
c2.piano.io/xbuilder/experience/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2.piano.io/xbuilder/experience/execute?aid=SE0WzqlbUG
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js?version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c3d626e20fc27f17cb03da2ce9457c49fb89bd8374c2b6d5a58fed10f6fde4f
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 23 Nov 2022 02:35:01 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
50gg3jppjp
pragma
no-cache
server
cloudflare
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://nationalpost.com
access-control-expose-headers
Composer-Request-Control-Policy
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
76e68257fdf7913c-FRA
ribn.min.js
assets.ribn.com/production/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.ribn.com/production/ribn.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:6600:7:75d4:e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d22c2b457592d1f744afe93fdca6657e1985e47f0fade89674ae45ebce1d6428

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 07:36:41 GMT
content-encoding
gzip
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
last-modified
Wed, 28 Oct 2020 14:49:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
68300
etag
W/"6b213f30955b664fd78dc9e388b17e54"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
g6y9j7JHmgrPp19g3hGwXmTBrQdHzbO4_lfSyrbCPqNsEzx-Ymrmow==
ribn-postmedia.min.js
assets.ribn.com/v2/production/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.ribn.com/v2/production/ribn-postmedia.min.js
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:6600:7:75d4:e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c81cab8c63d469329c0e0724770c6c8622f0d5d1fb8b6f919b6d7dddfadba190

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 23:54:15 GMT
content-encoding
gzip
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
last-modified
Wed, 01 Sep 2021 18:06:03 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
11048
etag
W/"baaa6497dd2dea88d8fdb6d6cca08cf2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
m9j3eRfTiqg0Zjj93REeiPy67Ul78TnLoxPg__FW_2XwAMkyY6NhAg==
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6CC2 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nationalpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
5499
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 01:03:22 GMT
expires
Thu, 23 Nov 2023 01:03:22 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame D131 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
eee6273785ee3926f9fca9acaef77862aee9eb42997f824f9af6bc6a947b6232
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-cA0Jnj9zYvErvlp28lYebg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nationalpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-cA0Jnj9zYvErvlp28lYebg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 02:35:01 GMT
expires
Wed, 23 Nov 2022 02:35:01 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
gtm.js
www.googletagmanager.com/ 		136 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NFGNKKG&l=gtm_data_layer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6d4e0401198bc9a3ce52f9f12c08202f1e45124db0e62179381c5b3a07091c26
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:35:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48554
x-xss-protection
0
last-modified
Wed, 23 Nov 2022 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 23 Nov 2022 02:35:01 GMT
gtm.js
www.googletagmanager.com/ 		273 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
07ddffd172b3fe769ed39d1f2c7ab038fcc002689c64b7d29f7a4d4135ffd0db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:35:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83008
x-xss-protection
0
last-modified
Wed, 23 Nov 2022 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 23 Nov 2022 02:35:01 GMT
js
www.googletagmanager.com/gtag/ 		214 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-7GC5VRWDF9&l=mp_data_layer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MW2G74V&l=mp_data_layer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6d8a523e7e6422735ed29e25bf849c27f5edd392e235e3bd20c91f0e58dd0ab7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:35:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76576
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 23 Nov 2022 02:35:01 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 23 Nov 2022 01:15:54 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
4747
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Wed, 23 Nov 2022 03:15:54 GMT
marfeel-sdk.js
sdk.mrf.io/statics/ 		89 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
09a26b89551ccec454bb363bc39dec984d280374cecbc6733e2082d1ec05df7b

Request headers

Referer
https://nationalpost.com/
Origin
https://nationalpost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:35:01 GMT
content-encoding
br
x-b3-traceid
b9896a1453994d7ea20a944f2314b48d
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront, HIT
mrf-cache-status
H
x-b3-traceid-primal
ce5a796721a242a785566359106f86b5
content-length
24605
x-served-by
cache-hhn4032-HHN
last-modified
Mon, 21 Nov 2022 15:26:23 GMT
server
AmazonS3
x-timer
S1669170902.880743,VS0,VE13
etag
W/"ab622b14805878e0202b5697ff95324e"
access-control-max-age
3600
access-control-allow-methods
GET
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
Wdo-jZRG7fCoXNmCY98nHdXSi6sONkDLzfMc3xv4bYczEuPWTpZ8-w==
x-cache-hits
1
fbevents.js
connect.facebook.net/en_US/ 		103 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 23 Nov 2022 02:35:01 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27340
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
5YM9LYq1Y7dNvo/l11HkE6InpM8BMGQaFCKkvXljfuOCUlintnfaBmlF2SZg4kfTABx/s6ASm487H665tePM7w==
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
tag.min.js
get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/tag.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-64.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
64a35881569799c7f5dd76cd5fa93f2d9dee811f597a1c8e29fc278419329496

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
92eoqURorJB8KJYGoI0QBxCynPYeOrFQ
content-encoding
gzip
via
1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
date
Tue, 22 Nov 2022 15:50:39 GMT
last-modified
Tue, 08 Nov 2022 21:10:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
38668
etag
W/"3e4ec84b5bf9c91ed6e5c49e344a2525"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
RAK-RJXwSYus-i563Q6stzMSd-AmcJ9iTimdZi3sIVe2m3qNv-nc8A==
js
www.googletagmanager.com/gtag/ 		218 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-72QH41ZTMR&l=gtm_data_layer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b72b2681093770f47556d856b6ec3b8667f44eac7be628e719117921b111451e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:35:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77600
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 23 Nov 2022 02:35:01 GMT
p.js
cdn.parsely.com/keys/nationalpost.com/ 		74 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/nationalpost.com/p.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.85.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-85-39.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
0031ce12148ca1d4bf9dfee65771781e1a59321a63655256fe37bd0bde749c03

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
public
date
Wed, 23 Nov 2022 00:10:49 GMT
content-encoding
gzip
via
1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
last-modified
Thu, 03 Nov 2022 19:58:21 GMT
server
nginx
x-amz-cf-pop
FRA2-C2
age
8795
etag
W/"63641d5d-1281e"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
GpgmFGLAL97gdFRzuuTnUp9AM5yE6Q1pGX1Bjj6Xsij2RqUB4V0kRw==
expires
Thu, 24 Nov 2022 00:08:26 GMT
b
sb.scorecardresearch.com/ 		0
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=10276888&ns__t=1669170901807&ns_c=UTF-8&c8=Lawsuit%20threat%20over%20claim%20PR%20exec%20carried%20Nazi%20flag%20at%20Freedom%20Convoy%20%7C%20National%20Post&c7=https%3A%2F%2Fnationalpost.com%2Fnews%2Fpolitics%2Fclaims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat&c9=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-39.fra2.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:35:01 GMT
via
1.1 03d509e8374e9f42668961b5e0201348.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
aeWTijrzYk5cBxrQ4W2q9iY3Zbfd28qBrWhL1JGIauWv6RZ2lXZ9Fg==
x-cache
Miss from cloudfront
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/10276888/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
358 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol
H2
Server
13.225.78.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-39.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:23:45 GMT
via
1.1 03d509e8374e9f42668961b5e0201348.cloudfront.net (CloudFront)
last-modified
Mon, 01 Mar 2021 20:42:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
677
x-amz-server-side-encryption
AES256
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
0
x-amz-cf-id
wVgGkqmaHteBj3YD4p-LCD3Ygbpifm8kFyw7GGD5kjG9pjl17_oeag==

Redirect headers

location
/internal-c2/default/cs.js
date
Wed, 23 Nov 2022 02:35:01 GMT
via
1.1 03d509e8374e9f42668961b5e0201348.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
content-length
0
x-amz-cf-id
GMtW6u1sWXpRyf2J7E7ennUgENwPjeooEUxKxErIaH3iyUl7ewdUpw==
x-cache
Miss from cloudfront
state
api.permutive.com/v1.0/ 		0
34 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v1.0/state?fetch_unseen=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Wed, 23 Nov 2022 02:35:01 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20
sodar
pagead2.googlesyndication.com/pagead/ Frame D131 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111501&jk=1964286895719631&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
Forwarding
jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/Forwarding
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-hhn4029-HHN
date
Wed, 23 Nov 2022 02:35:02 GMT
via
1.1 varnish
server
Kestrel
x-timer
S1669170902.027624,VS0,VE2
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
x-cache-hits
0
Forwarding
jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 		0
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/Forwarding
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-hhn4029-HHN
date
Wed, 23 Nov 2022 02:35:02 GMT
via
1.1 varnish
server
Kestrel
x-timer
S1669170902.027586,VS0,VE2
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
x-cache-hits
0
loadTemplateContext
buy.tinypass.com/api/v3/anon/template/ 		585 B
774 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=SE0WzqlbUG
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js?version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4b4826932e8e9c0b31dfa7a31b8db52ccbc3ed4971c7b2507916a7fc6c151d3
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 23 Nov 2022 02:35:02 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
Mei4slrcoGE
pragma
no-cache
wn
prod-dash-10-0-82-17
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
server-time
0.004
cache-control
no-cache, no-store, must-revalidate
cf-ray
76e68259f8885b8c-FRA
expires
0
cacheableShow
buy.tinypass.com/checkout/template/ Frame 5789 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/checkout/template/cacheableShow?aid=SE0WzqlbUG&templateId=OTR28KB0LWNT&offerId=fakeOfferId&experienceId=EX5RE37BQNGV&iframeId=offer_45037aba30d439a5a343-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fnationalpost.com
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js?version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
276903ffd153f6069a3d13fbd7d5f78a78050f1f7732899563432ee06463e8b1
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://nationalpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-methods
*
access-control-allow-origin
https://dashboard.piano.io
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=900
cf-cache-status
MISS
cf-ray
76e68259bd929244-FRA
content-encoding
br
content-type
text/html;charset=UTF-8
date
Wed, 23 Nov 2022 02:35:02 GMT
expires
Wed, 23 Nov 2022 02:50:02 GMT
last-modified
Wed, 23 Nov 2022 02:35:02 GMT
p3p
CP="NON DSP COR OUR IND"
pragma
server
cloudflare
server-time
0.001
strict-transport-security
max-age=86400; includeSubDomains
vary
accept-encoding
wn
prod-dash-10-0-82-17
x-forwarded-https
on
x-request-id
Mei4slrlYHu
x-xss-protection
0
M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js
pagead2.googlesyndication.com/bg/ Frame 6CC2 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33724c87393fdef4c5f24d22efb12c7f11884c4990ffd634e31e4f4c4baa42f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 07:39:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68151
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15861
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Nov 2023 07:39:11 GMT
jload
pixel.adsafeprotected.com/ Frame 8C7B 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=928934&campId=1x1&pubId=4946417229&chanId=396465421&placementId=6123534194&pubCreative=138406115165&pubOrder=3089429980&cb=737504996&custom=story&custom2=1&adsafe_par&impId=6de80bba-6ad7-11ed-b75c-0a6fa201f3de
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.188.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-188-115.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
268b266f401a132fd9b292df7d8e75c43aa4d0788e6bcd668297d9a4f0396165

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:35:02 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 56B2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv0ENRVjaOvQUarakoNjz3nKRWndZmzz0fwU2RsLVC5BlW8vBiKWg8Hat-9IUtNi_uyFUSG6WXPBs4Uv530WJFp9_E9OLKR6p3djIrfnbvsQVSwzIBP_Q-DvVaYLA-GXSuQkqCi0j8byOBRL8Qf36whS9FY4SwKarmlOjEGxMXyMV1t4IuMlw_ze8QJWPSlmJi-Mxn-NmQiOBh_zlgGTduObHtMglWWq0BcrDrEPZH2PfzGXNksOi-Y8SQIZQddgQU9hfAFvBFcyv7d8fcAth4I76Cw3WbOHbnJHaO7Vcm4-0P96UMu4Dq17qdgII4yhwnDOLivTn-el3W9mzq90Vg&sai=AMfl-YQu7vqrrqwf9MH2dU_jBynD4Pq2ntrieJIEif-qDFsvA3coCPytco86zY2bvmXnPyc8EIVY8HfgBbKwfbdLebTkz8MoLh3wTo9zUg6FBCRE2Hu8B2zFpj84Nwv4uzHR&sig=Cg0ArKJSzOCvzbpmb0yhEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:35:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
creative.js
ads.rubiconproject.com/prebid/ Frame 56B2 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/prebid/creative.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.141.156 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-141-156.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
620cf5797c896715d86ce6785903f4f9ded5179681d94dd6280ccfe00f8fac45

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:35:02 GMT
content-encoding
gzip
last-modified
Mon, 04 Oct 2021 21:32:58 GMT
server
Apache
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
content-length
8870
expires
Wed, 23 Nov 2022 05:01:29 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 56B2 		154 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:35:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 23 Nov 2022 02:35:02 GMT
collect
region1.analytics.google.com/g/ 		0
347 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-72QH41ZTMR&gtm=2oeb90&_p=359120527&_gaz=1&cid=1168543589.1669170901&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAI&_s=1&sid=1669170902&sct=1&seg=0&dl=https%3A%2F%2Fnationalpost.com%2Fnews%2Fpolitics%2Fclaims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat&dt=Lawsuit%20threat%20over%20claim%20PR%20exec%20carried%20Nazi%20flag%20at%20Freedom%20Convoy%20%7C%20National%20Post&en=ad_impression&_fv=1&_ss=1&_c=1&ep.query_id=CMexmJWiw_sCFWbFuwgdVqUAXQ
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-72QH41ZTMR&l=gtm_data_layer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:35:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nationalpost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
347 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-72QH41ZTMR&cid=1168543589.1669170901&gtm=2oeb90&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-72QH41ZTMR&l=gtm_data_layer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:35:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nationalpost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-72QH41ZTMR&cid=1168543589.1669170901&gtm=2oeb90&aip=1&z=1740928426
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:35:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=359120527&t=pageview&_s=1&dl=https%3A%2F%2Fnationalpost.com%2Fnews%2Fpolitics%2Fclaims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat&ul=en-us&de=UTF-8&dt=Lawsuit%20threat%20over%20claim%20PR%20exec%20carried%20Nazi%20flag%20at%20Freedom%20Convoy%20%7C%20National%20Post&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACAABBAAAACAEK~&jid=1999031506&gjid=2022662637&cid=1168543589.1669170901&tid=UA-213173459-3&_gid=2002788358.1669170902&_r=1&gtm=2wgb90P3Q4QHW&cd2=2022-11-23T02%3A35%3A01.802%2B00%3A00&cd7=anonymous&cd17=0&cd23=National%20Post&cd24=Cheetah&cd25=12.3.4&cd26=v70.0&cd27=0&cd28=GTM-P3Q4QHW&cd29=42&cd31=story&cd50=true&cd51=Firm%20says%20claim%20executive%20carried%20Nazi%20flag%20at%20Freedom%20Convoy%20is%20%E2%80%98absurd%2C%E2%80%99%20threatens%20lawsuit&cd52=politics&cd53=canada%2Cnews&cd56=emergencies-act%2C%20emergencies-act-inquiry%2C%20freedom-convoy%2C%20poec%2C%20public-order-emergency-commission&cd57=609&cd58=3166&cd59=Christopher%20Nardi&cd60=1669072883&cd62=837ae9c0-a0dd-4ecf-a1c5-0855567f1829&cd64=false&cd65=true&cd68=Law%20Enforcement&cd69=Emergencies%20Act%2C0.8628%7Callegation%2C0.7229%7Csymbol%20mr.%20Miller%2C0.694%7Cprivilege%2C0.6867%7Cclients%2C0.6681&cd70=People%2Cperson%2CBrendan%20Miller%2C0.9594%7CLaws%2Ccommunication%2CEmergencies%20Act%2C0.9465%7CPeople%2Ccomputer%20scientist%2CBrian%20Fox%2C0.9068%7CCountries%2Clocation%2CCanada%2C0.8844%7CPolitical%20group%2Cgroup%2CPublic%20Order%20Emergency%20Commission%2C0.8694&cd89=Newsroom%20daily&cd1=1168543589.1669170901&z=850924215
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:35:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nationalpost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=359120527&t=pageview&_s=1&dl=https%3A%2F%2Fnationalpost.com%2Fnews%2Fpolitics%2Fclaims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat&ul=en-us&de=UTF-8&dt=Lawsuit%20threat%20over%20claim%20PR%20exec%20carried%20Nazi%20flag%20at%20Freedom%20Convoy%20%7C%20National%20Post&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACAABBAAAACAEK~&jid=498108218&gjid=1541456377&cid=1168543589.1669170901&tid=UA-138335866-2&_gid=2002788358.1669170902&_r=1&gtm=2wgb90P3Q4QHW&z=710187154
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:35:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nationalpost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
1685973801652415
connect.facebook.net/signals/config/ 		295 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1685973801652415?v=2.9.89&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
dce3e9e595179c8a26f8814054c9dec8428af1994c4ecea8f7f8db8cce614063
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 23 Nov 2022 02:35:02 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
RU+wagAaHwag9VcKyoFLrv1uY0NC6L/sGgN7b6+XPN9+vdQW3HZXw6YTCWkNAbST8gTpRA4jaqgbJxabzkqIiA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
identify
identity.mparticle.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-mp-key
Access-Control-Request-Method
POST
Origin
https://nationalpost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type,x-mp-key
access-control-allow-methods
POST
access-control-allow-origin
*
age
3221
date
Wed, 23 Nov 2022 02:35:02 GMT
server
Kestrel
strict-transport-security
max-age=900
via
1.1 varnish
x-cache
HIT
x-cache-hits
816
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by
cache-hhn4041-HHN
x-timer
S1669170902.145280,VS0,VE0
identify
identity.mparticle.com/v1/ 		175 B
230 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
c140110c48335423fe4b787184f964a40aae5ba4d680d356dfb4e7aad013ef94
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

x-mp-key
us1-99b65fde89a1a145894d2d51d283cc83
Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

x-served-by
cache-hhn4041-HHN
date
Wed, 23 Nov 2022 02:35:02 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=900
server
Kestrel
x-timer
S1669170902.165006,VS0,VE202
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-cache
MISS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-cache-hits
0
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=359120527&t=pageview&_s=1&dl=https%3A%2F%2Fnationalpost.com%2Fnews%2Fpolitics%2Fclaims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat&ul=en-us&de=UTF-8&dt=Lawsuit%20threat%20over%20claim%20PR%20exec%20carried%20Nazi%20flag%20at%20Freedom%20Convoy%20%7C%20National%20Post&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDACEABBAAAACAEK~&jid=1531345041&gjid=862583229&cid=1168543589.1669170901&tid=UA-238413164-9&_gid=2002788358.1669170902&_r=1&gtm=2wgb90TR7GVNJ&cd2=https%3A%2F%2Fnationalpost.com%2Fnews%2Fpolitics%2Fclaims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat&cd3=false&cd4=Chrome&cd5=en-US&cd6=desktop&cd7=np&cd9=v70.0&cd10=story&cd11=Cheetah&cd12=12.3.4&cd14=HTML&cd15=Christopher%20Nardi&cd17=emergencies-act%2C%20emergencies-act-inquiry%2C%20freedom-convoy%2C%20poec%2C%20public-order-emergency-commission&cd21=3166&cd22=politics&cd23=true&cd24=Law%20Enforcement&cd25=People%2Cperson%2CBrendan%20Miller%2C0.9594%7CLaws%2Ccommunication%2CEmergencies%20Act%2C0.9465%7CPeople%2Ccomputer%20scientist%2CBrian%20Fox%2C0.9068%7CCountries%2Clocation%2CCanada%2C0.8844%7CPolitical%20group%2Cgroup%2CPublic%20Order%20Emergency%20Commission%2C0.8694&cd26=Emergencies%20Act%2C0.8628%7Callegation%2C0.7229%7Csymbol%20mr.%20Miller%2C0.694%7Cprivilege%2C0.6867%7Cclients%2C0.6681&cd27=true&cd28=Newsroom%20daily&cd29=1669072883&cd33=false&cd34=609&cd1=National%20Post&cd8=nationalpost.com&cd13=anonymous&cd16=837ae9c0-a0dd-4ecf-a1c5-0855567f1829&cd49=837ae9c0-a0dd-4ecf-a1c5-0855567f1829&cd80=780F40BD-C58E-4D60-A7E9-99FDF74C4DA1&cd81=4693332792293508508&cd82=GTM-TR7GVNJ&cd83=4&z=255375885
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:35:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nationalpost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TR7GVNJ&l=dl_mparticle
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 23 Nov 2022 01:15:54 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
4748
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Wed, 23 Nov 2022 03:15:54 GMT
Forwarding
jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/Forwarding
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-hhn4029-HHN
date
Wed, 23 Nov 2022 02:35:02 GMT
via
1.1 varnish
server
Kestrel
x-timer
S1669170902.161396,VS0,VE2
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
x-cache-hits
0
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=359120527&t=pageview&_s=1&dl=https%3A%2F%2Fnationalpost.com%2Fnews%2Fpolitics%2Fclaims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat&ul=en-us&de=UTF-8&dt=Lawsuit%20threat%20over%20claim%20PR%20exec%20carried%20Nazi%20flag%20at%20Freedom%20Convoy%20%7C%20National%20Post&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDACEABBAAAACAEK~&jid=1498553813&gjid=1585385239&cid=1168543589.1669170901&tid=UA-138335866-30&_gid=2002788358.1669170902&_r=1&gtm=2wgb90MW2G74V&cd2=https%3A%2F%2Fnationalpost.com%2Fnews%2Fpolitics%2Fclaims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat&cd3=false&cd4=Chrome&cd5=en-US&cd6=desktop&cd7=np&cd9=v70.0&cd10=story&cd11=Cheetah&cd12=12.3.4&cd14=HTML&cd15=Christopher%20Nardi&cd17=emergencies-act%2C%20emergencies-act-inquiry%2C%20freedom-convoy%2C%20poec%2C%20public-order-emergency-commission&cd22=3166&cd23=politics&cd24=true&cd25=Law%20Enforcement&cd26=People%2Cperson%2CBrendan%20Miller%2C0.9594%7CLaws%2Ccommunication%2CEmergencies%20Act%2C0.9465%7CPeople%2Ccomputer%20scientist%2CBrian%20Fox%2C0.9068%7CCountries%2Clocation%2CCanada%2C0.8844%7CPolitical%20group%2Cgroup%2CPublic%20Order%20Emergency%20Commission%2C0.8694&cd27=Emergencies%20Act%2C0.8628%7Callegation%2C0.7229%7Csymbol%20mr.%20Miller%2C0.694%7Cprivilege%2C0.6867%7Cclients%2C0.6681&cd28=true&cd29=Newsroom%20daily&cd30=1669072883&cd34=false&cd35=609&cd50=837ae9c0-a0dd-4ecf-a1c5-0855567f1829&cd1=National%20Post&cd8=nationalpost.com&cd13=anonymous&cd16=837ae9c0-a0dd-4ecf-a1c5-0855567f1829&cd83=4693332792293508508&cd84=780F40BD-C58E-4D60-A7E9-99FDF74C4DA1&z=1617747143
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:35:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nationalpost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-7GC5VRWDF9&gtm=2oeb90&_p=359120527&cid=1168543589.1669170901&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1669170902&sct=1&seg=0&dl=https%3A%2F%2Fnationalpost.com%2Fnews%2Fpolitics%2Fclaims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat&dt=Lawsuit%20threat%20over%20claim%20PR%20exec%20carried%20Nazi%20flag%20at%20Freedom%20Convoy%20%7C%20National%20Post
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7GC5VRWDF9&l=mp_data_layer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:35:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nationalpost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Forwarding
jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/Forwarding
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-hhn4029-HHN
date
Wed, 23 Nov 2022 02:35:02 GMT
via
1.1 varnish
server
Kestrel
x-timer
S1669170902.189156,VS0,VE2
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
x-cache-hits
0
/
onetag-geo.s-onetag.com/ 		555 B
967 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-93.fra2.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 00:56:25 GMT
via
1.1 753f415578c1ca010e51a83aef192330.cloudfront.net (CloudFront), 1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2, FRA2-C2
age
5917
x-amzn-requestid
f473acc6-f002-4524-b9eb-c2d7bbe49b43
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
cB5k-ERbCYcFwhQ=
content-length
555
x-amz-cf-id
6BTviMclvlSggE9sfO9tovXbBsVMLdvPECy-UMbDYskAofjSiycglg==
beacon.min.js
signal-beacon.s-onetag.com/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signal-beacon.s-onetag.com/beacon.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-94.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
93975ae1d8cef7cb7a8c05ef392abe1b4d080b570b19cab279a208afe7d36cf9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
SQDb2i9Q5YZSPn9JZMj9axyuCi9GAOZD
content-encoding
gzip
via
1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
date
Tue, 22 Nov 2022 06:55:19 GMT
last-modified
Wed, 10 Aug 2022 09:56:11 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
70784
x-amz-server-side-encryption
AES256
etag
W/"588a5c88fba4ca02dace48040384e257"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
vt8cl7gsCCJn1oLbp7EJLr8MncRAQ5dss-RNtIcVPoJkjC-6ucJ2rg==
%2Fnews%2Fpolitics%2Fclaims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
signal-segments.s-onetag.com/desktop/nationalpost.com/ 		133 B
443 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://signal-segments.s-onetag.com/desktop/nationalpost.com/%2Fnews%2Fpolitics%2Fclaims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-70.fra2.r.cloudfront.net
Software
/
Resource Hash
96fe67363808d2c012a0ee4c0ade5a66fc8b7d9ad4ae49279c7deeb49f57e216

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 01:07:04 GMT
via
1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
5278
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400, public
content-length
133
apigw-requestid
cB7I4jKsCYcEa6A=
x-amz-cf-id
vdInh9WbL2AK8XMTIIKMw5wbdATi79kVWQqg-7YOgDSObTVFM4M1wg==
nationalpost.com
signal-segments.s-onetag.com/desktop/ 		13 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://signal-segments.s-onetag.com/desktop/nationalpost.com
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-70.fra2.r.cloudfront.net
Software
/
Resource Hash
5df1968ebac8b266911e324e223aedd4dfc3ecf76a270b25b937d285a1dce3aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 08:20:12 GMT
content-encoding
gzip
via
1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
65690
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400, public
x-amz-cf-id
fn11UIxMzRFJt8SzJhw1wC_0r1_ImHhIe02arCo64GG1CHTy6zhyyQ==
apigw-requestid
b_npehTfCYcEPNg=
/
eu.sportradarserving.com/ul_cb/content/zT9uV-VvBMsXVbb5ZzIkdcgGLZsQkkmLlRiDTmVX2w5pJwQc9rhGBpcLYDJpiZbJ0XiPrbx9zVZRIytu6uGakNaAX-mi5w-uFUwLE-1B5ZejWL4duat4Hb-jF8Q8dQn358orQbCxSjVTozEcldJba6C9cjLax8... Frame 13BE
Redirect Chain
  • https://eu.sportradarserving.com/content/zT9uV-VvBMsXVbb5ZzIkdcgGLZsQkkmLlRiDTmVX2w5pJwQc9rhGBpcLYDJpiZbJ0XiPrbx9zVZRIytu6uGakNaAX-mi5w-uFUwLE-1B5ZejWL4duat4Hb-jF8Q8dQn358orQbCxSjVTozEcldJba6C9cjLa...
  • https://eu.sportradarserving.com/ul_cb/content/zT9uV-VvBMsXVbb5ZzIkdcgGLZsQkkmLlRiDTmVX2w5pJwQc9rhGBpcLYDJpiZbJ0XiPrbx9zVZRIytu6uGakNaAX-mi5w-uFUwLE-1B5ZejWL4duat4Hb-jF8Q8dQn358orQbCxSjVTozEcldJba6...
9 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eu.sportradarserving.com/ul_cb/content/zT9uV-VvBMsXVbb5ZzIkdcgGLZsQkkmLlRiDTmVX2w5pJwQc9rhGBpcLYDJpiZbJ0XiPrbx9zVZRIytu6uGakNaAX-mi5w-uFUwLE-1B5ZejWL4duat4Hb-jF8Q8dQn358orQbCxSjVTozEcldJba6C9cjLax8ujEz6MZ9DmYgK4PqcyAM8haxz3VAOev1gu97LCbQYo56_AQ8I8P7NiXD4fQtHgqQ8vmUopPYYZrwNm9MDwuL9wEFqn0or_a94Flq0Jie_15CnO07t5Au6RyBkHnDjUtwSLNwcUOXk2CoGK-cSetNwBecomve3SbpwL2XHDMN9kUT0VWTSTJDNajHDopI2NXG58mLW1xB8E_rVQemApWbkJwzi6UliINL13n7sf0gTpcjxiVlZhxMjvcbz5qH1dgz-_CW4d51rlkbbCkONyq7PeauTAiabjiir-jNjJqcilWjcNIxy5tIKaFFUrvADJfSZ2UxABaocCjCL8cxrY4GKx0WYdbahCI3U1w9xGTSWxtdkG-rtuqpW5WWuDoPoXzAmT8qwa4lhgqqar8F42FDY5u45nqNNtCs5P49GJ5is7B2YE2Vx0XA2aqQPr0oH2scwKoQqHwwL5XdN_VvlgUuuxVJ6vTywwp5PpDsR12g3wC-CdYHjbn1tjxLOqAxXE8Yf4421cMfQYS62PIC54sZAqLKKfza6t0-ysUbtsQPNx8MhCn-dWkJxivCjgWc9uqDCPB_yMADChxkyJsFijLL0JB90yKomsBAtG13Cz-ha80xftxhE2G7M3WnbdFJO5Z3Dm5GPgaYw-DeaGhW3cqwnfWZwUSYW_JWS-Asp8ME5z2FpjKUKxhWdHOkxMUhZDflKlt5kP0nhiAAIR-JXj7ONIT84nuAg-g661raxi-1yG-Y0fxSox-NZiPJaoGORKk9t7DzjfcF0_RXNDvvPONylcA-pFwXQIena3I1oiIZqSoa5513hfy6vXVWIqOhLCZzFewR5tl-ACOKGm72XZP3SEhV3KqpakoJI-LWpv6Pg9q-M56WLu0QJZtiwMpAbSG0vKSB36qaEg19MtwGDBOVZjXsHgnwjKqGJC0n67J8OAZosSucTQSOhjiclVFEHXSfPMgACFlz9QYAJvC5cMdmlV_-maAYJGayPXY_ccYEc/
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.82.80 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-82-80.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
81ba3856a5c67aa538db7e50c2f7639169a9592ab5fda672f57ba96742449c7d

Request headers

Referer
https://nationalpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Length
3331
Content-Type
text/html; charset=UTF-8
Date
Wed, 23 Nov 2022 02:35:02 GMT

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Wed, 23 Nov 2022 02:35:02 GMT
Location
https://eu.sportradarserving.com/ul_cb/content/zT9uV-VvBMsXVbb5ZzIkdcgGLZsQkkmLlRiDTmVX2w5pJwQc9rhGBpcLYDJpiZbJ0XiPrbx9zVZRIytu6uGakNaAX-mi5w-uFUwLE-1B5ZejWL4duat4Hb-jF8Q8dQn358orQbCxSjVTozEcldJba6C9cjLax8ujEz6MZ9DmYgK4PqcyAM8haxz3VAOev1gu97LCbQYo56_AQ8I8P7NiXD4fQtHgqQ8vmUopPYYZrwNm9MDwuL9wEFqn0or_a94Flq0Jie_15CnO07t5Au6RyBkHnDjUtwSLNwcUOXk2CoGK-cSetNwBecomve3SbpwL2XHDMN9kUT0VWTSTJDNajHDopI2NXG58mLW1xB8E_rVQemApWbkJwzi6UliINL13n7sf0gTpcjxiVlZhxMjvcbz5qH1dgz-_CW4d51rlkbbCkONyq7PeauTAiabjiir-jNjJqcilWjcNIxy5tIKaFFUrvADJfSZ2UxABaocCjCL8cxrY4GKx0WYdbahCI3U1w9xGTSWxtdkG-rtuqpW5WWuDoPoXzAmT8qwa4lhgqqar8F42FDY5u45nqNNtCs5P49GJ5is7B2YE2Vx0XA2aqQPr0oH2scwKoQqHwwL5XdN_VvlgUuuxVJ6vTywwp5PpDsR12g3wC-CdYHjbn1tjxLOqAxXE8Yf4421cMfQYS62PIC54sZAqLKKfza6t0-ysUbtsQPNx8MhCn-dWkJxivCjgWc9uqDCPB_yMADChxkyJsFijLL0JB90yKomsBAtG13Cz-ha80xftxhE2G7M3WnbdFJO5Z3Dm5GPgaYw-DeaGhW3cqwnfWZwUSYW_JWS-Asp8ME5z2FpjKUKxhWdHOkxMUhZDflKlt5kP0nhiAAIR-JXj7ONIT84nuAg-g661raxi-1yG-Y0fxSox-NZiPJaoGORKk9t7DzjfcF0_RXNDvvPONylcA-pFwXQIena3I1oiIZqSoa5513hfy6vXVWIqOhLCZzFewR5tl-ACOKGm72XZP3SEhV3KqpakoJI-LWpv6Pg9q-M56WLu0QJZtiwMpAbSG0vKSB36qaEg19MtwGDBOVZjXsHgnwjKqGJC0n67J8OAZosSucTQSOhjiclVFEHXSfPMgACFlz9QYAJvC5cMdmlV_-maAYJGayPXY_ccYEc/
talon-1.0.40.js
cdn.js7k.com/ix/ Frame 56B2 		69 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.js7k.com/ix/talon-1.0.40.js
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
b3a1231790be53aa5210678e207c61bc8376c752f0c5a33df9e3eae23cc3b0a3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 01:57:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000
x-amz-request-id
EJ5XZEDCJ6NCP45J
age
2259
x-amz-server-side-encryption
AES256
content-length
16540
x-amz-id-2
7oNY0gkms1NcRay7cDISBlPiAE0IJ/VqqxOWlzhRHwz/nsphrC1XZh+iPNSoEkAkbX6XFfFf+Yw=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 12 Apr 2022 16:08:42 GMT
server
ATS
etag
"adf514fab5c3f95007c73e6c3c901bfe-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=14400
accept-ranges
bytes
adEvent.do
prod-m-node-3113.ssp.advertising.com/admax/ Frame 56B2 		43 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-m-node-3113.ssp.advertising.com/admax/adEvent.do?tidi=770935246&dcn=8a9690a0018383eb4ccffba036020240&posi=1725677&grp=%3F%3F%3F&nl=1669170900872&rts=1669170900761&pix=1&et=1&a=8fd41dfd-8423-434a-8390-1b8bffe0450f&m=aXAtMTAtMjItOTgtMjc.&p=MC4wMDA0NjU0&b=MTMyODM7NDA5O21lZGlhLnNuYWlhZmZpbGlhdGlvbi5jb207Ozs7YTRkZDA4NGY4M2Y4NGE1YTgwYjBkZWI5ODY1ZGQ1NWQ7Mjk4NjI3OTM7MTY2OTE2NzA1MTs7MC4wMDAzOTU1OTs7MDs7NDA5XzQ1NzQ0OzNkYjQ3Yjk4ODVmZDAwYmEwZjIxYmZjNzQ5OWE0N2UxYTRjYjViYTI7MTsx&xdi=Pz8_fEdvb2dsZXxOVCAxMC4wfDE3fERlc2t0b3A.&xoi=MHxERVU.&hb=true&type=6&af=5&dety=2
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.78.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-78-142.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:35:02 GMT
last-modified
Thu, 17 Nov 2022 22:27:38 GMT
server
nginx
accept-ranges
bytes
content-length
43
content-type
image/gif
/
ghent-aws-fr.bidswitch.net/imp/0.4654/BSWhttps_A_B_Beu.sportradarserving.com_Bnotify_BzT9uV-VvBMsXVbb5ZzIkdcgGLZsQkkmLlRiDTmVX2w5pJwQc9rhGBpcLYDJpiZbJ0XiPrbx9zVZRIytu6uGakNaAX-mi5w-uFUwLE-1B5ZejWL4... Frame 56B2 		43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ghent-aws-fr.bidswitch.net/imp/0.4654/BSWhttps_A_B_Beu.sportradarserving.com_Bnotify_BzT9uV-VvBMsXVbb5ZzIkdcgGLZsQkkmLlRiDTmVX2w5pJwQc9rhGBpcLYDJpiZbJ0XiPrbx9zVZRIytu6uGakNaAX-mi5w-uFUwLE-1B5ZejWL4duat4Hb-jF8Q8dQn358orQbCxSjVTozEcldJba6C9cjLax8ujEz6MZ9DmYgK4PqcyAM8haxz3VAOev1gu97LCbQYo56__AQ8I8P7NiXD4fQtHgqQ8vmUopPYYZrwNm9MDwuL9wEFqn0or__a94Flq0Jie__15CnO07t5Au6RyBkHnDjUtwSLNwcUOXk2CoGK-cSetNwBecomve3SbpwL2XHDMN9kUT0VWTSTJDNajHDopI2NXG58mLW1xB8E__rVQemApWbkJwzi6UliINL13n7sf0gTpcjxiVlZhxMjvcbz5qH1dgz-__CW4d51rlkbbCkONyq7PeauTAiabjiir-jNjJqcilWjcNIxy5tIKaFFUrvADJfSZ2UxABaocCjCL8cxrY4GKx0WYdbahCI3U1w9xGTSWxtdkG-rtuqpW5WWuDoPoXzAmT8qwa4lhgqqar8F42FDY5u45nqNNtCs5P49GJ5is7B2YE2Vx0XA2aqQPr0oH2scwKoQqHwwL5XdN__VvlgUuuxVJ6vTywwp5PpDsR12g3wC-CdYHjbn1tjxLOqAxXE8Yf4421cMfQYS62PIC54sZAqLKKfza6t0-ysUbtsQPNx8MhCn-dWkJxivCjgWc9uqDCPB__yMADChxkyJsFijLL0JB90yKomsBAtG13Cz-ha80xftxhE2G7M3WnbdFJO5Z3Dm5GPgaYw-DeaGhW3cqwnfWZwUSYW__JWS-Asp8ME5z2FpjKUKxhWdHOkxMUhZDflKlt5kP0nhiAAIR-JXj7ONIT84nuAg-g661raxi-1yG-Y0fxSox-NZiPJaoGORKk9t7DzjfcF0__RXNDvvPONylcA-pFwXQIena3I1oiIZqSoa5513hfy6vXVWIqOhLCZzFewR5tl-ACOKGm72XZP3SEhV3KqpakoJI-LWpv6Pg9q-M56WLu0QJZtiwMpAbSG0vKSB36qaEg19MtwGDBOVZjXsHgnwjKqGJC0n67J8OAZosSucTQSOhjiclVFEHXSfPMgACFlz9QYAJvC5cMdmlV__-maAYJGayPXY__ccYEc_B_I_WAUCTION__PRICE_X_B/7f3O5b4ViYUJZQxscg_AZ3EB82420NeWRc2yibMfwYItUFohbwNvSBqn0hCYYOADCXa9NErD6y5IANZpGI2GEav3Vq2AOoZYlLprI7J2gSEcEOBaEwTT3IZ1HlJaGtsN5LJ-DGobbcZvmmVx0__eE4k3RrTllY0Ea6x3oPoxV-SfiYxLEPnL54dK3jsk0ukQOfdD2nmRzyozbsaqvkG2BFdy5XoRZjWOi6pM_6XtiYL4Dk_jaE1fEdmQYTAk59ioO86ACtQUKPlNGqtUupvuRitNIBtTkW5G9ykRFsuckQhIfH1dmovuGMT70shJZLYeOwsoHxn61MMPe-JJ1Opts3VoaxZ1jZlahT_jCBJgku4oOXWtq6Jf2ck5rECpHkP25fgNq5bGzg6OsN71wBKWZi3Guf1wTClK8G96QRa6pBXyG5sb7Utz8Nc3Po1tDHW0gK_mNzgfkP7X2iCCCjMk_i6IHl4JCxxvNeESqn8KWY0ORnpLVMyZ0wW6D9pc1bptsiVhGseOYdA45a9jG0r2VhhBD3DDsw2AvZ_bdjautXjGZz7if6n-kdoUHka4dJXrxFFd11MHLUj4nM63UG26Wru53eB0v54OBLeQ5-46fKjr1BDsgKoYxbq-uNuXNNIC64Kfbe60ija7m0H3gz1G5QBPFZqQKdr8a-hRE8HrQ5gXXJL6h79gN1-I7J0FqSMmeuYmqWap-EJB-4UZTfOTdkkj0qr8BM_jjOvIYx2akUaZxKq90TCqvL6ffJ6al0l9hbRQABSVAaZFY0a56Y2fIfQXG3yIYEH3LdfZTxA_LBDQKjVL_Qbj2Sm0UjIJErt4CLnI9X8DkodAUqLYRwai2YZz6JT9WHLf0LUN9FVfZIqXp4b7ZATIcfo5586M5ie_Pt3WKhd9FkbbrpM1MJssd6qwTMdH18hroU98GzYbq57atLk5-_b1DqUdJIKJgy6YPs_LR3Tsk865KQbFedrgD6YG5VEGpDECLasLrsmjCm4LWqC2lNhYyQy-qQp-aEU0zMR5MVE_B72nQIOzYAnF9F7btE2UF0MVtGhBnV0HM5GCK312u0YZjYU-pIV91wLo9cWbpjxNOQ/
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-69-109.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:35:02 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
p1.parsely.com/plogger/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1669170902217&plid=09422cf7-ecef-4a7b-9c86-8322a49b8104&idsite=nationalpost.com&url=https%3A%2F%2Fnationalpost.com%2Fnews%2Fpolitics%2Fclaims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22login_status%22%3A%22anonymous%22%7D&sid=1&surl=https%3A%2F%2Fnationalpost.com%2Fnews%2Fpolitics%2Fclaims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat&sref=&sts=1669170902205&slts=0&title=Lawsuit+threat+over+claim+PR+exec+carried+Nazi+flag+at+Freedom+Convoy+%7C+National+Post&date=Wed+Nov+23+2022+02%3A35%3A02+GMT%2B0000+(GMT)&action=pageview&pvid=c56aeecd-44e0-47e5-81da-ef85df619acb&u=pid%3Ddfa12bbc-1a0a-4b32-87c7-2e55e17c26ca
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.99.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-99-225.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:35:02 GMT
Cache-Control
no-cache
Last-Modified
Wednesday, 23-Nov-2022 02:35:02 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
identify
api.permutive.com/v2.0/ 		50 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
908823748920d0fa1bf10ec65eea394f85e30cd5b59c957361cbf28b01085fd6

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 23 Nov 2022 02:35:02 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://nationalpost.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame 5789 		27 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=SE0WzqlbUG&templateId=OTR28KB0LWNT&offerId=fakeOfferId&experienceId=EX5RE37BQNGV&iframeId=offer_45037aba30d439a5a343-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fnationalpost.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d82b3b69ed27853344397a159429cced7fa5019fa56412c0a3d627471ef709ef
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=SE0WzqlbUG&templateId=OTR28KB0LWNT&offerId=fakeOfferId&experienceId=EX5RE37BQNGV&iframeId=offer_45037aba30d439a5a343-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fnationalpost.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:35:02 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
6172
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 14 Nov 2022 02:55:48 GMT
wn
prod-dash-10-0-136-35
server
cloudflare
etag
W/"27358-1668394548000"
vary
accept-encoding
content-type
text/css
server-time
0.001
cache-control
public, max-age=7200
cf-ray
76e6825b3b4d6951-FRA
expires
Wed, 23 Nov 2022 04:35:02 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ Frame 5789 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=SE0WzqlbUG&templateId=OTR28KB0LWNT&offerId=fakeOfferId&experienceId=EX5RE37BQNGV&iframeId=offer_45037aba30d439a5a343-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fnationalpost.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:35:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2162141
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30360
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-17b8b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HtmLmd5Ue%2BENAj6N4Ucn4JH%2BqtBMcwsmOxH9lOJAJq4CU2LXAK542SjQv7LxhLfDkg%2BPNraUid7xSnAigK642HO5FWk0p5IH4A7Mcf15MmPdGkgj3m8f4fEE2Jljkw9%2BllQZg%2FvHQ7TU7RTOJQhyChrV"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
76e6825b7fa56963-FRA
expires
Mon, 13 Nov 2023 02:35:02 GMT
jquery-migrate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/ Frame 5789 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=SE0WzqlbUG&templateId=OTR28KB0LWNT&offerId=fakeOfferId&experienceId=EX5RE37BQNGV&iframeId=offer_45037aba30d439a5a343-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fnationalpost.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:35:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
623863
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3550
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-2748"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cT4%2FqEu%2B4YIsAcj0s%2F59xusl0nnh7zHLXqoeY%2FjoEeX8hi6tdSWD5NaYfRKdW59LTUIrcUUgJzzzsf6iUFyPS0cy62S4PvZOYgC85%2ByQj38dRLlcIBVo7BMinPKYMqjGU8lUaQpieDUfvNgotFHu0DRF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
76e6825b7fa66963-FRA
expires
Mon, 13 Nov 2023 02:35:02 GMT
angular.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 5789 		104 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=SE0WzqlbUG&templateId=OTR28KB0LWNT&offerId=fakeOfferId&experienceId=EX5RE37BQNGV&iframeId=offer_45037aba30d439a5a343-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fnationalpost.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:35:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
6735021
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35086
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-1a191"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kg5LlbaHpewkDSbHtYRlzCyJiIJDY5fJOBHXIoj9HIgaBx8hHvOqF%2FM%2Fk3RUFlWlVuIEFispwhBW1e5y9sYaQ6pGfvUqK8%2BSPVDTVOJMhxwIG9lHx4%2BxV97Lkd1BNgqq5XHsgO1OoUgODFxc2IdriFNn"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
76e6825b7fa76963-FRA
expires
Mon, 13 Nov 2023 02:35:02 GMT
angular-animate.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 5789 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-animate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=SE0WzqlbUG&templateId=OTR28KB0LWNT&offerId=fakeOfferId&experienceId=EX5RE37BQNGV&iframeId=offer_45037aba30d439a5a343-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fnationalpost.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:35:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
763034
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3978
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-2bd5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fh9Jf%2FeF8Fc2Mt7x2pBGMcpCNwrMAP6hD%2FMr2coieh76YdjxncOY2%2FocSnJ7%2FHDDilx7T%2FdG12X0W%2F9bQqsiXVPasC1VN4d0tS%2BLbzim01VV%2BkOJ9wEblkvP8iPGfcUhow3qL3kNRk5BnR6spDkdBpbP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
76e6825b7fa86963-FRA
expires
Mon, 13 Nov 2023 02:35:02 GMT
angular-cookies.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 5789 		825 B
751 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-cookies.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=SE0WzqlbUG&templateId=OTR28KB0LWNT&offerId=fakeOfferId&experienceId=EX5RE37BQNGV&iframeId=offer_45037aba30d439a5a343-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fnationalpost.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:35:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1742910
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
434
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-339"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c2WLBivK3DCQKHhmKvdtt7U3J7Q6Op%2Fl2Yy1kYgjDagdc5LheONaxXK3n0pEaZY7joZ464NxwvCS1TMjjKfsueI8MawCL%2FsWqLdPLGJkK37U6H0SeiGI6sjJc%2F%2ByXtEG4M8lTeAPuQo5D75YWtqQ2lvo"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
76e6825b7fa96963-FRA
expires
Mon, 13 Nov 2023 02:35:02 GMT
angular-sanitize.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 5789 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-sanitize.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=SE0WzqlbUG&templateId=OTR28KB0LWNT&offerId=fakeOfferId&experienceId=EX5RE37BQNGV&iframeId=offer_45037aba30d439a5a343-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fnationalpost.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:35:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5555136
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2171
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-11cf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UNljQJs00gaHViTSah9JqziXIODX2BX7eIRXvAfpUSm%2BO%2FAG%2BiDeZrquZdnt%2B%2FYOURB8F1sR4e6XwbcSCzhXxLIKwFy14EauHpWtOmh8OjrwwihaHkmzQQpNo9V3jY7r%2BIszqU6PuwVF3MLVQNy2NiKK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
76e6825b7faa6963-FRA
expires
Mon, 13 Nov 2023 02:35:02 GMT
tmhDynamicLocale.min.js
cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/ Frame 5789 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/tmhDynamicLocale.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=SE0WzqlbUG&templateId=OTR28KB0LWNT&offerId=fakeOfferId&experienceId=EX5RE37BQNGV&iframeId=offer_45037aba30d439a5a343-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fnationalpost.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:35:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
625682
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
953
last-modified
Mon, 04 May 2020 16:04:43 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d1b-ad6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YXNv4Wj7MzYZ6Vt5I8Wdu7nhfuzcpx9NGTntHgZM%2F1gni7peeGEJnEmfwkwhOQ%2BGF3fgbIagdMH06L7LcV65plE9DX55NMygsBG4ugRp04RVXpZmAHTa43ncHXaA3yR%2FDiGz2pVyKahTYhjfeAqQsxDP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
76e6825b7fab6963-FRA
expires
Mon, 13 Nov 2023 02:35:02 GMT
angular-ui-utils.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/ Frame 5789 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/angular-ui-utils.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=SE0WzqlbUG&templateId=OTR28KB0LWNT&offerId=fakeOfferId&experienceId=EX5RE37BQNGV&iframeId=offer_45037aba30d439a5a343-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fnationalpost.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:35:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
19639
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7490
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-5b33"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w5w6TjIV8gs6RkSt1NCU%2BGGYPrDtwvwYhEcmMf9LTl65SyfapCHqpm93Op1x7I9yJ6dgv%2BucZxHIrmuhMdaglzpaRT4WVZXCOy3%2BE63NBIMDbT2RUJRrO5c8HXoPwJlUcYiV7zF1eLyRMjaZyn4yYbvc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
76e6825b7fac6963-FRA
expires
Mon, 13 Nov 2023 02:35:02 GMT
angular-ui-ieshiv.js
cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/ Frame 5789 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/angular-ui-ieshiv.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=SE0WzqlbUG&templateId=OTR28KB0LWNT&offerId=fakeOfferId&experienceId=EX5RE37BQNGV&iframeId=offer_45037aba30d439a5a343-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fnationalpost.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:35:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
987861
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
910
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-93c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=udJodF9gHkUln8W%2FBJJwyBm%2BlUZIvzgq2hCjvz%2FoHu%2FdwVQbFSv5arKlta%2FLeKmKfSks6x7hHKILJ05D5lpupCsy2qHl3iuZtVXGcVIx1jvsMnb7ESkFlTOFoiPujRjFPWJy513ySOzbJwJ4rjnaIQLu"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
76e6825b8fc06963-FRA
expires
Mon, 13 Nov 2023 02:35:02 GMT
angular-ui-router.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/ Frame 5789 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/angular-ui-router.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=SE0WzqlbUG&templateId=OTR28KB0LWNT&offerId=fakeOfferId&experienceId=EX5RE37BQNGV&iframeId=offer_45037aba30d439a5a343-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fnationalpost.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:35:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1068324
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6934
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-4f8f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r1mLJ0gWxsr9iOMLh%2F4P8gMonjZy7e6EYxZHp%2F%2FB7YITKOeWW%2FeYIcSe%2FrDdsnNKryRQ3liE4BqJ00Uc4MDCM75S8Xyo%2B345C3gdLgZallXSpQdklpPmnp0qaQh3h%2BRpM24953vbl9Z71Bz%2FWX%2FPiyH7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
76e6825b8fc26963-FRA
expires
Mon, 13 Nov 2023 02:35:02 GMT
H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA
buy.tinypass.com/_sam/ Frame 5789 		115 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=15.52.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=SE0WzqlbUG&templateId=OTR28KB0LWNT&offerId=fakeOfferId&experienceId=EX5RE37BQNGV&iframeId=offer_45037aba30d439a5a343-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fnationalpost.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eeb8775ea54e6502cdc973bb7f78ad92db2a68d12be719c99789e01b0938f09c
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=SE0WzqlbUG&templateId=OTR28KB0LWNT&offerId=fakeOfferId&experienceId=EX5RE37BQNGV&iframeId=offer_45037aba30d439a5a343-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fnationalpost.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:35:02 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
2559
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 21 Nov 2022 14:35:12 GMT
wn
prod-dash-10-0-116-163
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
server-time
0.000
cache-control
public, max-age=602241
x-optimized-by
_sam
cf-ray
76e6825b3b4e6951-FRA
expires
Wed, 30 Nov 2022 01:52:23 GMT
css
fonts.googleapis.com/ Frame 5789 		8 KB
712 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=SE0WzqlbUG&templateId=OTR28KB0LWNT&offerId=fakeOfferId&experienceId=EX5RE37BQNGV&iframeId=offer_45037aba30d439a5a343-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fnationalpost.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dda36ab0dda2b7ba616e824e0dd455eb222bf9fee24984c74e19df9fa962758e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 23 Nov 2022 02:35:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 23 Nov 2022 01:09:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 23 Nov 2022 02:35:02 GMT
ingest.php
events.newsroom.bi/ 		50 B
1010 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
142.132.142.222 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy03-new.cl03.k8s.mrf.io
Software
istio-envoy /
Resource Hash
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 23 Nov 2022 02:35:02 GMT
content-encoding
gzip
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://nationalpost.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
66
2ab9e41f637117411f01.js
sdk.mrf.io/statics/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.mrf.io/statics/2ab9e41f637117411f01.js
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9dc58b9d5dce9d8376aad3a8e76e00a6bd0cae6ce73eb761ebcffaca48b3b553

Request headers

Referer
https://nationalpost.com/
Origin
https://nationalpost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:35:02 GMT
content-encoding
gzip
x-b3-traceid
99dfd262c57d455a92155bed078a1a55
x-amz-cf-pop
FRA6-C1
x-cache
RefreshHit from cloudfront, HIT
mrf-cache-status
H
x-b3-traceid-primal
4346d10109394f368e4d42a6b8e4a40c
content-length
5331
x-served-by
cache-hhn4032-HHN
last-modified
Wed, 09 Nov 2022 10:59:08 GMT
server
AmazonS3
x-timer
S1669170902.264865,VS0,VE1
etag
W/"f6213a58ec85f8a87858e0aea4b6c729"
access-control-max-age
3600
access-control-allow-methods
GET
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
OiJa7rWq5KV6-ezt9IsLVK5e2NYsmL7q8BcfqvMjS_qPgMf8Lcb5Hg==
x-cache-hits
1
active
flowcards.mrf.io/json/ 		16 B
375 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://flowcards.mrf.io/json/active?site_id=1528&page_technology=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
78b558bd2357fbe7ad52804fb3af1b8664b23db096b1deb22d215dde25b152bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:35:02 GMT
content-encoding
gzip
x-b3-traceid
931ac57d04884b2f8310b6873419bb4c
x-cache
MISS
mrf-cache-status
M
x-envoy-upstream-service-time
1
x-b3-traceid-primal
931ac57d04884b2f8310b6873419bb4c
content-length
42
x-served-by
cache-hhn4030-HHN
server
istio-envoy
x-timer
S1669170902.323426,VS0,VE8
vary
origin
x-req-backend
F_origin_1_croupier
access-control-allow-origin
*
content-type
application/json; charset=utf-8
cache-control
max-age=300
accept-ranges
bytes
x-cache-hits
0
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-213173459-3&cid=1168543589.1669170901&jid=1999031506&gjid=2022662637&_gid=2002788358.1669170902&_u=YCDACAAABAAAACAEK~&z=2106312675
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 23 Nov 2022 02:35:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nationalpost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
audiences
api.permutive.com/audience-matching/v1/id/ddba2bdb-24b7-492c-a276-0a8705169dc8/ 		12 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/audience-matching/v1/id/ddba2bdb-24b7-492c-a276-0a8705169dc8/audiences?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
/
Resource Hash
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 23 Nov 2022 02:35:02 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12
content-type
application/json
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-238413164-9&cid=1168543589.1669170901&jid=1531345041&gjid=862583229&_gid=2002788358.1669170902&_u=aCDACEABBAAAACAEK~&z=1061547438
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 23 Nov 2022 02:35:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nationalpost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.19.8.366.js
static.adsafeprotected.com/ Frame 8C7B 		196 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.366.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=928934&campId=1x1&pubId=4946417229&chanId=396465421&placementId=6123534194&pubCreative=138406115165&pubOrder=3089429980&cb=737504996&custom=story&custom2=1&adsafe_par&impId=6de80bba-6ad7-11ed-b75c-0a6fa201f3de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:2200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eb6cb0bc1769b5545101b7c78affadfff0dfcd0157d2a2b3c71eb4b129942699

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 21:37:52 GMT
x-amz-version-id
DTz7DAGx5H1oATkuvwxjIs9w8gvuFjKB
content-encoding
gzip
via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
104230
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 21 Nov 2022 19:50:49 GMT
server
AmazonS3
etag
W/"ca4194ffbaa3712186a83d16b497895d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
fjqsrjW_b6LbJUkeMd74ESToczrLFeaX-ZA2wTXAt4K3Coh1QjaR7g==
truncated
/ Frame 56B2 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a85c85f786f1e09224230282392c42fa1d2ce72a7a5f9871dfcdca589d731d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/png
thirdpartycookie
api.viafoura.co/v2/nationalpost.com/ 		45 B
649 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/nationalpost.com/thirdpartycookie?section=
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4864:1a08:46f1:fe35:b27f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356

Request headers

Accept
application/json, text/plain, */*
Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-instance-id
i-08a7d8a7d447611e2
pragma
no-cache
date
Wed, 23 Nov 2022 02:35:02 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://nationalpost.com
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Wed, 23 Nov 2022 02:35:02 GMT
970x250_funny_livestream_b200kb.jpg
creatives.sportradarserving.com/5b263d4f-2294-43aa-a26e-55862d50fec0/ Frame 13BE 		140 KB
140 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creatives.sportradarserving.com/5b263d4f-2294-43aa-a26e-55862d50fec0/970x250_funny_livestream_b200kb.jpg
Requested by
Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/zT9uV-VvBMsXVbb5ZzIkdcgGLZsQkkmLlRiDTmVX2w5pJwQc9rhGBpcLYDJpiZbJ0XiPrbx9zVZRIytu6uGakNaAX-mi5w-uFUwLE-1B5ZejWL4duat4Hb-jF8Q8dQn358orQbCxSjVTozEcldJba6C9cjLax8ujEz6MZ9DmYgK4PqcyAM8haxz3VAOev1gu97LCbQYo56_AQ8I8P7NiXD4fQtHgqQ8vmUopPYYZrwNm9MDwuL9wEFqn0or_a94Flq0Jie_15CnO07t5Au6RyBkHnDjUtwSLNwcUOXk2CoGK-cSetNwBecomve3SbpwL2XHDMN9kUT0VWTSTJDNajHDopI2NXG58mLW1xB8E_rVQemApWbkJwzi6UliINL13n7sf0gTpcjxiVlZhxMjvcbz5qH1dgz-_CW4d51rlkbbCkONyq7PeauTAiabjiir-jNjJqcilWjcNIxy5tIKaFFUrvADJfSZ2UxABaocCjCL8cxrY4GKx0WYdbahCI3U1w9xGTSWxtdkG-rtuqpW5WWuDoPoXzAmT8qwa4lhgqqar8F42FDY5u45nqNNtCs5P49GJ5is7B2YE2Vx0XA2aqQPr0oH2scwKoQqHwwL5XdN_VvlgUuuxVJ6vTywwp5PpDsR12g3wC-CdYHjbn1tjxLOqAxXE8Yf4421cMfQYS62PIC54sZAqLKKfza6t0-ysUbtsQPNx8MhCn-dWkJxivCjgWc9uqDCPB_yMADChxkyJsFijLL0JB90yKomsBAtG13Cz-ha80xftxhE2G7M3WnbdFJO5Z3Dm5GPgaYw-DeaGhW3cqwnfWZwUSYW_JWS-Asp8ME5z2FpjKUKxhWdHOkxMUhZDflKlt5kP0nhiAAIR-JXj7ONIT84nuAg-g661raxi-1yG-Y0fxSox-NZiPJaoGORKk9t7DzjfcF0_RXNDvvPONylcA-pFwXQIena3I1oiIZqSoa5513hfy6vXVWIqOhLCZzFewR5tl-ACOKGm72XZP3SEhV3KqpakoJI-LWpv6Pg9q-M56WLu0QJZtiwMpAbSG0vKSB36qaEg19MtwGDBOVZjXsHgnwjKqGJC0n67J8OAZosSucTQSOhjiclVFEHXSfPMgACFlz9QYAJvC5cMdmlV_-maAYJGayPXY_ccYEc/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:14::1724:a24f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c21e48e575b573987a39dc1b29f4af5e201935b6879b00b7d7d14e6e9e76d378

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:35:02 GMT
last-modified
Fri, 08 Jul 2022 19:31:50 GMT
server
AkamaiNetStorage
etag
"e1abbd7a2e8b2b093e95d4506d37412c:1657308710.968537"
content-type
image/jpeg
cache-control
max-age=600
accept-ranges
bytes
content-length
143091
expires
Wed, 23 Nov 2022 02:45:02 GMT
usersyncs
tags.feedad.com/1/ Frame 13BE 		42 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.feedad.com/1/usersyncs?b=8461718b-151b-486e-8ea2-a9b349f07f98&u=329d115f-8c05-42e8-b5d0-25da6749202a
Requested by
Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/zT9uV-VvBMsXVbb5ZzIkdcgGLZsQkkmLlRiDTmVX2w5pJwQc9rhGBpcLYDJpiZbJ0XiPrbx9zVZRIytu6uGakNaAX-mi5w-uFUwLE-1B5ZejWL4duat4Hb-jF8Q8dQn358orQbCxSjVTozEcldJba6C9cjLax8ujEz6MZ9DmYgK4PqcyAM8haxz3VAOev1gu97LCbQYo56_AQ8I8P7NiXD4fQtHgqQ8vmUopPYYZrwNm9MDwuL9wEFqn0or_a94Flq0Jie_15CnO07t5Au6RyBkHnDjUtwSLNwcUOXk2CoGK-cSetNwBecomve3SbpwL2XHDMN9kUT0VWTSTJDNajHDopI2NXG58mLW1xB8E_rVQemApWbkJwzi6UliINL13n7sf0gTpcjxiVlZhxMjvcbz5qH1dgz-_CW4d51rlkbbCkONyq7PeauTAiabjiir-jNjJqcilWjcNIxy5tIKaFFUrvADJfSZ2UxABaocCjCL8cxrY4GKx0WYdbahCI3U1w9xGTSWxtdkG-rtuqpW5WWuDoPoXzAmT8qwa4lhgqqar8F42FDY5u45nqNNtCs5P49GJ5is7B2YE2Vx0XA2aqQPr0oH2scwKoQqHwwL5XdN_VvlgUuuxVJ6vTywwp5PpDsR12g3wC-CdYHjbn1tjxLOqAxXE8Yf4421cMfQYS62PIC54sZAqLKKfza6t0-ysUbtsQPNx8MhCn-dWkJxivCjgWc9uqDCPB_yMADChxkyJsFijLL0JB90yKomsBAtG13Cz-ha80xftxhE2G7M3WnbdFJO5Z3Dm5GPgaYw-DeaGhW3cqwnfWZwUSYW_JWS-Asp8ME5z2FpjKUKxhWdHOkxMUhZDflKlt5kP0nhiAAIR-JXj7ONIT84nuAg-g661raxi-1yG-Y0fxSox-NZiPJaoGORKk9t7DzjfcF0_RXNDvvPONylcA-pFwXQIena3I1oiIZqSoa5513hfy6vXVWIqOhLCZzFewR5tl-ACOKGm72XZP3SEhV3KqpakoJI-LWpv6Pg9q-M56WLu0QJZtiwMpAbSG0vKSB36qaEg19MtwGDBOVZjXsHgnwjKqGJC0n67J8OAZosSucTQSOhjiclVFEHXSfPMgACFlz9QYAJvC5cMdmlV_-maAYJGayPXY_ccYEc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2015.1e100.net
Software
Google Frontend /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif
x-cloud-trace-context
7f67f2e6962d32a73c6cdbddc9c0d29d
date
Wed, 23 Nov 2022 02:35:02 GMT
cache-control
private
server
Google Frontend
content-length
42
expires
Wed, 23 Nov 2022 02:35:02 GMT
usersyncs
api.feedad.com/1.1/web/ Frame 13BE 		42 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.feedad.com/1.1/web/usersyncs?b=8461718b-151b-486e-8ea2-a9b349f07f98&u=329d115f-8c05-42e8-b5d0-25da6749202a
Requested by
Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/zT9uV-VvBMsXVbb5ZzIkdcgGLZsQkkmLlRiDTmVX2w5pJwQc9rhGBpcLYDJpiZbJ0XiPrbx9zVZRIytu6uGakNaAX-mi5w-uFUwLE-1B5ZejWL4duat4Hb-jF8Q8dQn358orQbCxSjVTozEcldJba6C9cjLax8ujEz6MZ9DmYgK4PqcyAM8haxz3VAOev1gu97LCbQYo56_AQ8I8P7NiXD4fQtHgqQ8vmUopPYYZrwNm9MDwuL9wEFqn0or_a94Flq0Jie_15CnO07t5Au6RyBkHnDjUtwSLNwcUOXk2CoGK-cSetNwBecomve3SbpwL2XHDMN9kUT0VWTSTJDNajHDopI2NXG58mLW1xB8E_rVQemApWbkJwzi6UliINL13n7sf0gTpcjxiVlZhxMjvcbz5qH1dgz-_CW4d51rlkbbCkONyq7PeauTAiabjiir-jNjJqcilWjcNIxy5tIKaFFUrvADJfSZ2UxABaocCjCL8cxrY4GKx0WYdbahCI3U1w9xGTSWxtdkG-rtuqpW5WWuDoPoXzAmT8qwa4lhgqqar8F42FDY5u45nqNNtCs5P49GJ5is7B2YE2Vx0XA2aqQPr0oH2scwKoQqHwwL5XdN_VvlgUuuxVJ6vTywwp5PpDsR12g3wC-CdYHjbn1tjxLOqAxXE8Yf4421cMfQYS62PIC54sZAqLKKfza6t0-ysUbtsQPNx8MhCn-dWkJxivCjgWc9uqDCPB_yMADChxkyJsFijLL0JB90yKomsBAtG13Cz-ha80xftxhE2G7M3WnbdFJO5Z3Dm5GPgaYw-DeaGhW3cqwnfWZwUSYW_JWS-Asp8ME5z2FpjKUKxhWdHOkxMUhZDflKlt5kP0nhiAAIR-JXj7ONIT84nuAg-g661raxi-1yG-Y0fxSox-NZiPJaoGORKk9t7DzjfcF0_RXNDvvPONylcA-pFwXQIena3I1oiIZqSoa5513hfy6vXVWIqOhLCZzFewR5tl-ACOKGm72XZP3SEhV3KqpakoJI-LWpv6Pg9q-M56WLu0QJZtiwMpAbSG0vKSB36qaEg19MtwGDBOVZjXsHgnwjKqGJC0n67J8OAZosSucTQSOhjiclVFEHXSfPMgACFlz9QYAJvC5cMdmlV_-maAYJGayPXY_ccYEc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.36.21 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2415.1e100.net
Software
Google Frontend /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif
x-cloud-trace-context
5003f85687f79ab8a832a8fd9e89f43e
date
Wed, 23 Nov 2022 02:35:02 GMT
cache-control
private
server
Google Frontend
content-length
42
expires
Wed, 23 Nov 2022 02:35:02 GMT
liveCS.php
live.primis.tech/live/ Frame 13BE
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=329d115f-8c05-42e8-b5d0-25da6749202a
  • https://live.primis.tech/live/liveCS.php?source=external&pixel=&advId=24830&advUuid=6d0c3141-b31b-4410-af02-ba0aae53464d
0
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&pixel=&advId=24830&advUuid=6d0c3141-b31b-4410-af02-ba0aae53464d
Requested by
Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/zT9uV-VvBMsXVbb5ZzIkdcgGLZsQkkmLlRiDTmVX2w5pJwQc9rhGBpcLYDJpiZbJ0XiPrbx9zVZRIytu6uGakNaAX-mi5w-uFUwLE-1B5ZejWL4duat4Hb-jF8Q8dQn358orQbCxSjVTozEcldJba6C9cjLax8ujEz6MZ9DmYgK4PqcyAM8haxz3VAOev1gu97LCbQYo56_AQ8I8P7NiXD4fQtHgqQ8vmUopPYYZrwNm9MDwuL9wEFqn0or_a94Flq0Jie_15CnO07t5Au6RyBkHnDjUtwSLNwcUOXk2CoGK-cSetNwBecomve3SbpwL2XHDMN9kUT0VWTSTJDNajHDopI2NXG58mLW1xB8E_rVQemApWbkJwzi6UliINL13n7sf0gTpcjxiVlZhxMjvcbz5qH1dgz-_CW4d51rlkbbCkONyq7PeauTAiabjiir-jNjJqcilWjcNIxy5tIKaFFUrvADJfSZ2UxABaocCjCL8cxrY4GKx0WYdbahCI3U1w9xGTSWxtdkG-rtuqpW5WWuDoPoXzAmT8qwa4lhgqqar8F42FDY5u45nqNNtCs5P49GJ5is7B2YE2Vx0XA2aqQPr0oH2scwKoQqHwwL5XdN_VvlgUuuxVJ6vTywwp5PpDsR12g3wC-CdYHjbn1tjxLOqAxXE8Yf4421cMfQYS62PIC54sZAqLKKfza6t0-ysUbtsQPNx8MhCn-dWkJxivCjgWc9uqDCPB_yMADChxkyJsFijLL0JB90yKomsBAtG13Cz-ha80xftxhE2G7M3WnbdFJO5Z3Dm5GPgaYw-DeaGhW3cqwnfWZwUSYW_JWS-Asp8ME5z2FpjKUKxhWdHOkxMUhZDflKlt5kP0nhiAAIR-JXj7ONIT84nuAg-g661raxi-1yG-Y0fxSox-NZiPJaoGORKk9t7DzjfcF0_RXNDvvPONylcA-pFwXQIena3I1oiIZqSoa5513hfy6vXVWIqOhLCZzFewR5tl-ACOKGm72XZP3SEhV3KqpakoJI-LWpv6Pg9q-M56WLu0QJZtiwMpAbSG0vKSB36qaEg19MtwGDBOVZjXsHgnwjKqGJC0n67J8OAZosSucTQSOhjiclVFEHXSfPMgACFlz9QYAJvC5cMdmlV_-maAYJGayPXY_ccYEc/
Protocol
H2
Server
2600:9000:20eb:2a00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:35:02 GMT
content-encoding
gzip
via
1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA2-C1
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
LRNuIXLka4IeP66XEMQOEgzj5Wr0MRDWsHCVipJdiKiYyna-8hIOPw==

Redirect headers

location
//live.primis.tech/live/liveCS.php?source=external&pixel=&advId=24830&advUuid=6d0c3141-b31b-4410-af02-ba0aae53464d
date
Wed, 23 Nov 2022 02:35:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
xuid
eb2.3lift.com/ Frame 13BE 		37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7963&xuid=329d115f-8c05-42e8-b5d0-25da6749202a&dongle=3oy7
Requested by
Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/zT9uV-VvBMsXVbb5ZzIkdcgGLZsQkkmLlRiDTmVX2w5pJwQc9rhGBpcLYDJpiZbJ0XiPrbx9zVZRIytu6uGakNaAX-mi5w-uFUwLE-1B5ZejWL4duat4Hb-jF8Q8dQn358orQbCxSjVTozEcldJba6C9cjLax8ujEz6MZ9DmYgK4PqcyAM8haxz3VAOev1gu97LCbQYo56_AQ8I8P7NiXD4fQtHgqQ8vmUopPYYZrwNm9MDwuL9wEFqn0or_a94Flq0Jie_15CnO07t5Au6RyBkHnDjUtwSLNwcUOXk2CoGK-cSetNwBecomve3SbpwL2XHDMN9kUT0VWTSTJDNajHDopI2NXG58mLW1xB8E_rVQemApWbkJwzi6UliINL13n7sf0gTpcjxiVlZhxMjvcbz5qH1dgz-_CW4d51rlkbbCkONyq7PeauTAiabjiir-jNjJqcilWjcNIxy5tIKaFFUrvADJfSZ2UxABaocCjCL8cxrY4GKx0WYdbahCI3U1w9xGTSWxtdkG-rtuqpW5WWuDoPoXzAmT8qwa4lhgqqar8F42FDY5u45nqNNtCs5P49GJ5is7B2YE2Vx0XA2aqQPr0oH2scwKoQqHwwL5XdN_VvlgUuuxVJ6vTywwp5PpDsR12g3wC-CdYHjbn1tjxLOqAxXE8Yf4421cMfQYS62PIC54sZAqLKKfza6t0-ysUbtsQPNx8MhCn-dWkJxivCjgWc9uqDCPB_yMADChxkyJsFijLL0JB90yKomsBAtG13Cz-ha80xftxhE2G7M3WnbdFJO5Z3Dm5GPgaYw-DeaGhW3cqwnfWZwUSYW_JWS-Asp8ME5z2FpjKUKxhWdHOkxMUhZDflKlt5kP0nhiAAIR-JXj7ONIT84nuAg-g661raxi-1yG-Y0fxSox-NZiPJaoGORKk9t7DzjfcF0_RXNDvvPONylcA-pFwXQIena3I1oiIZqSoa5513hfy6vXVWIqOhLCZzFewR5tl-ACOKGm72XZP3SEhV3KqpakoJI-LWpv6Pg9q-M56WLu0QJZtiwMpAbSG0vKSB36qaEg19MtwGDBOVZjXsHgnwjKqGJC0n67J8OAZosSucTQSOhjiclVFEHXSfPMgACFlz9QYAJvC5cMdmlV_-maAYJGayPXY_ccYEc/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:35:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
youronlinechoices_icon.png
eu.sportradarserving.com/ Frame 13BE 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu.sportradarserving.com/youronlinechoices_icon.png
Requested by
Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/zT9uV-VvBMsXVbb5ZzIkdcgGLZsQkkmLlRiDTmVX2w5pJwQc9rhGBpcLYDJpiZbJ0XiPrbx9zVZRIytu6uGakNaAX-mi5w-uFUwLE-1B5ZejWL4duat4Hb-jF8Q8dQn358orQbCxSjVTozEcldJba6C9cjLax8ujEz6MZ9DmYgK4PqcyAM8haxz3VAOev1gu97LCbQYo56_AQ8I8P7NiXD4fQtHgqQ8vmUopPYYZrwNm9MDwuL9wEFqn0or_a94Flq0Jie_15CnO07t5Au6RyBkHnDjUtwSLNwcUOXk2CoGK-cSetNwBecomve3SbpwL2XHDMN9kUT0VWTSTJDNajHDopI2NXG58mLW1xB8E_rVQemApWbkJwzi6UliINL13n7sf0gTpcjxiVlZhxMjvcbz5qH1dgz-_CW4d51rlkbbCkONyq7PeauTAiabjiir-jNjJqcilWjcNIxy5tIKaFFUrvADJfSZ2UxABaocCjCL8cxrY4GKx0WYdbahCI3U1w9xGTSWxtdkG-rtuqpW5WWuDoPoXzAmT8qwa4lhgqqar8F42FDY5u45nqNNtCs5P49GJ5is7B2YE2Vx0XA2aqQPr0oH2scwKoQqHwwL5XdN_VvlgUuuxVJ6vTywwp5PpDsR12g3wC-CdYHjbn1tjxLOqAxXE8Yf4421cMfQYS62PIC54sZAqLKKfza6t0-ysUbtsQPNx8MhCn-dWkJxivCjgWc9uqDCPB_yMADChxkyJsFijLL0JB90yKomsBAtG13Cz-ha80xftxhE2G7M3WnbdFJO5Z3Dm5GPgaYw-DeaGhW3cqwnfWZwUSYW_JWS-Asp8ME5z2FpjKUKxhWdHOkxMUhZDflKlt5kP0nhiAAIR-JXj7ONIT84nuAg-g661raxi-1yG-Y0fxSox-NZiPJaoGORKk9t7DzjfcF0_RXNDvvPONylcA-pFwXQIena3I1oiIZqSoa5513hfy6vXVWIqOhLCZzFewR5tl-ACOKGm72XZP3SEhV3KqpakoJI-LWpv6Pg9q-M56WLu0QJZtiwMpAbSG0vKSB36qaEg19MtwGDBOVZjXsHgnwjKqGJC0n67J8OAZosSucTQSOhjiclVFEHXSfPMgACFlz9QYAJvC5cMdmlV_-maAYJGayPXY_ccYEc/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.82.80 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-82-80.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
30c065c5189582302f1fc91edd7f8c99956f6f8bd6c4b242081f41ab1c772b08

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/ul_cb/content/zT9uV-VvBMsXVbb5ZzIkdcgGLZsQkkmLlRiDTmVX2w5pJwQc9rhGBpcLYDJpiZbJ0XiPrbx9zVZRIytu6uGakNaAX-mi5w-uFUwLE-1B5ZejWL4duat4Hb-jF8Q8dQn358orQbCxSjVTozEcldJba6C9cjLax8ujEz6MZ9DmYgK4PqcyAM8haxz3VAOev1gu97LCbQYo56_AQ8I8P7NiXD4fQtHgqQ8vmUopPYYZrwNm9MDwuL9wEFqn0or_a94Flq0Jie_15CnO07t5Au6RyBkHnDjUtwSLNwcUOXk2CoGK-cSetNwBecomve3SbpwL2XHDMN9kUT0VWTSTJDNajHDopI2NXG58mLW1xB8E_rVQemApWbkJwzi6UliINL13n7sf0gTpcjxiVlZhxMjvcbz5qH1dgz-_CW4d51rlkbbCkONyq7PeauTAiabjiir-jNjJqcilWjcNIxy5tIKaFFUrvADJfSZ2UxABaocCjCL8cxrY4GKx0WYdbahCI3U1w9xGTSWxtdkG-rtuqpW5WWuDoPoXzAmT8qwa4lhgqqar8F42FDY5u45nqNNtCs5P49GJ5is7B2YE2Vx0XA2aqQPr0oH2scwKoQqHwwL5XdN_VvlgUuuxVJ6vTywwp5PpDsR12g3wC-CdYHjbn1tjxLOqAxXE8Yf4421cMfQYS62PIC54sZAqLKKfza6t0-ysUbtsQPNx8MhCn-dWkJxivCjgWc9uqDCPB_yMADChxkyJsFijLL0JB90yKomsBAtG13Cz-ha80xftxhE2G7M3WnbdFJO5Z3Dm5GPgaYw-DeaGhW3cqwnfWZwUSYW_JWS-Asp8ME5z2FpjKUKxhWdHOkxMUhZDflKlt5kP0nhiAAIR-JXj7ONIT84nuAg-g661raxi-1yG-Y0fxSox-NZiPJaoGORKk9t7DzjfcF0_RXNDvvPONylcA-pFwXQIena3I1oiIZqSoa5513hfy6vXVWIqOhLCZzFewR5tl-ACOKGm72XZP3SEhV3KqpakoJI-LWpv6Pg9q-M56WLu0QJZtiwMpAbSG0vKSB36qaEg19MtwGDBOVZjXsHgnwjKqGJC0n67J8OAZosSucTQSOhjiclVFEHXSfPMgACFlz9QYAJvC5cMdmlV_-maAYJGayPXY_ccYEc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:35:02 GMT
Cache-Control
max-age=86400
Last-Modified
Thu, 17 Nov 2022 09:19:28 GMT
Connection
keep-alive
ETag
16686767681319
Content-Length
1319
Content-Type
image/png
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-213173459-3&cid=1168543589.1669170901&jid=1999031506&_u=YCDACAAABAAAACAEK~&z=2016889593
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:35:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-213173459-3&cid=1168543589.1669170901&jid=1999031506&_u=YCDACAAABAAAACAEK~&z=2016889593
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:35:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-238413164-9&cid=1168543589.1669170901&jid=1531345041&_u=aCDACEABBAAAACAEK~&z=214352386
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:35:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-238413164-9&cid=1168543589.1669170901&jid=1531345041&_u=aCDACEABBAAAACAEK~&z=214352386
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:35:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 56B2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuC4iOfTuHzWgTdwyvbm5AjEhpEBFEnFSLto8eCiAkvU0kj6SiRuyn5q5XHcLGLQHFGOx-ti7oZ7iZmZy1tLTX-vtH7VZhy13tnPNq_LNgiPqSsrM9HK_GVowujA7c9y2fLWBkpX8exJ9innAukj9s0c3FPgecE3n7J8G7y_RHTRYqPH62ARM6GdagASz7nWQl8b1AWeiM2xFa-r51_gcPI4AAWa7jVc_18r1-E15xOHU81FfmeHbbX_eoY0H5Qr7O8x8Xbn2nebWXzabiIvliUIPGFOi7m2_FUfmQ_VEJ7QL68pURBGxmgKWn26E1jWpsFn1UW2Ip8NgYkZ1yQl2xvcQ&sai=AMfl-YQZ4-nLs7TwlGk2GoutiPVZrmbjhQFsOKlZ-dwQIrayXZEa71MWG_xqO837FrTableOLmacZjhNWEGOk6I7z3byasJ_HHz_j93JJmS2VZ-LVq1s0IfHgr_-IOePVmBl&sig=Cg0ArKJSzBnUX9P4ztIqEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:35:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 23 Nov 2022 02:35:02 GMT
zT9uV-VvBMsXVbb5ZzIkdcgGLZsQkkmLlRiDTmVX2w5pJwQc9rhGBpcLYDJpiZbJ0XiPrbx9zVZRIytu6uGakNaAX-mi5w-uFUwLE-1B5ZejWL4duat4Hb-jF8Q8dQn358orQbCxSjVTozEcldJba6C9cjLax8ujEz6MZ9DmYgK4PqcyAM8haxz3VAOev1gu97LCb...
eu.sportradarserving.com/mimp/ Frame 13BE 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu.sportradarserving.com/mimp/zT9uV-VvBMsXVbb5ZzIkdcgGLZsQkkmLlRiDTmVX2w5pJwQc9rhGBpcLYDJpiZbJ0XiPrbx9zVZRIytu6uGakNaAX-mi5w-uFUwLE-1B5ZejWL4duat4Hb-jF8Q8dQn358orQbCxSjVTozEcldJba6C9cjLax8ujEz6MZ9DmYgK4PqcyAM8haxz3VAOev1gu97LCbQYo56_AQ8I8P7NiXD4fQtHgqQ8vmUopPYYZrwNm9MDwuL9wEFqn0or_a94Flq0Jie_15CnO07t5Au6RyBkHnDjUtwSLNwcUOXk2CoGK-cSetNwBecomve3SbpwL2XHDMN9kUT0VWTSTJDNajHDopI2NXG58mLW1xB8E_rVQemApWbkJwzi6UliINL13n7sf0gTpcjxiVlZhxMjvcbz5qH1dgz-_CW4d51rlkbbCkONyq7PeauTAiabjiir-jNjJqcilWjcNIxy5tIKaFFUrvADJfSZ2UxABaocCjCL8cxrY4GKx0WYdbahCI3U1w9xGTSWxtdkG-rtuqpW5WWuDoPoXzAmT8qwa4lhgqqar8F42FDY5u45nqNNtCs5P49GJ5is7B2YE2Vx0XA2aqQPr0oH2scwKoQqHwwL5XdN_VvlgUuuxVJ6vTywwp5PpDsR12g3wC-CdYHjbn1tjxLOqAxXE8Yf4421cMfQYS62PIC54sZAqLKKfza6t0-ysUbtsQPNx8MhCn-dWkJxivCjgWc9uqDCPB_yMADChxkyJsFijLL0JB90yKomsBAtG13Cz-ha80xftxhE2G7M3WnbdFJO5Z3Dm5GPgaYw-DeaGhW3cqwnfWZwUSYW_JWS-Asp8ME5z2FpjKUKxhWdHOkxMUhZDflKlt5kP0nhiAAIR-JXj7ONIT84nuAg-g661raxi-1yG-Y0fxSox-NZiPJaoGORKk9t7DzjfcF0_RXNDvvPONylcA-pFwXQIena3I1oiIZqSoa5513hfy6vXVWIqOhLCZzFewR5tl-ACOKGm72XZP3SEhV3KqpakoJI-LWpv6Pg9q-M56WLu0QJZtiwMpAbSG0vKSB36qaEg19MtwGDBOVZjXsHgnwjKqGJC0n67J8OAZosSucTQSOhjiclVFEHXSfPMgACFlz9QYAJvC5cMdmlV_-maAYJGayPXY_ccYEc
Requested by
Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/zT9uV-VvBMsXVbb5ZzIkdcgGLZsQkkmLlRiDTmVX2w5pJwQc9rhGBpcLYDJpiZbJ0XiPrbx9zVZRIytu6uGakNaAX-mi5w-uFUwLE-1B5ZejWL4duat4Hb-jF8Q8dQn358orQbCxSjVTozEcldJba6C9cjLax8ujEz6MZ9DmYgK4PqcyAM8haxz3VAOev1gu97LCbQYo56_AQ8I8P7NiXD4fQtHgqQ8vmUopPYYZrwNm9MDwuL9wEFqn0or_a94Flq0Jie_15CnO07t5Au6RyBkHnDjUtwSLNwcUOXk2CoGK-cSetNwBecomve3SbpwL2XHDMN9kUT0VWTSTJDNajHDopI2NXG58mLW1xB8E_rVQemApWbkJwzi6UliINL13n7sf0gTpcjxiVlZhxMjvcbz5qH1dgz-_CW4d51rlkbbCkONyq7PeauTAiabjiir-jNjJqcilWjcNIxy5tIKaFFUrvADJfSZ2UxABaocCjCL8cxrY4GKx0WYdbahCI3U1w9xGTSWxtdkG-rtuqpW5WWuDoPoXzAmT8qwa4lhgqqar8F42FDY5u45nqNNtCs5P49GJ5is7B2YE2Vx0XA2aqQPr0oH2scwKoQqHwwL5XdN_VvlgUuuxVJ6vTywwp5PpDsR12g3wC-CdYHjbn1tjxLOqAxXE8Yf4421cMfQYS62PIC54sZAqLKKfza6t0-ysUbtsQPNx8MhCn-dWkJxivCjgWc9uqDCPB_yMADChxkyJsFijLL0JB90yKomsBAtG13Cz-ha80xftxhE2G7M3WnbdFJO5Z3Dm5GPgaYw-DeaGhW3cqwnfWZwUSYW_JWS-Asp8ME5z2FpjKUKxhWdHOkxMUhZDflKlt5kP0nhiAAIR-JXj7ONIT84nuAg-g661raxi-1yG-Y0fxSox-NZiPJaoGORKk9t7DzjfcF0_RXNDvvPONylcA-pFwXQIena3I1oiIZqSoa5513hfy6vXVWIqOhLCZzFewR5tl-ACOKGm72XZP3SEhV3KqpakoJI-LWpv6Pg9q-M56WLu0QJZtiwMpAbSG0vKSB36qaEg19MtwGDBOVZjXsHgnwjKqGJC0n67J8OAZosSucTQSOhjiclVFEHXSfPMgACFlz9QYAJvC5cMdmlV_-maAYJGayPXY_ccYEc/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.82.80 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-82-80.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/ul_cb/content/zT9uV-VvBMsXVbb5ZzIkdcgGLZsQkkmLlRiDTmVX2w5pJwQc9rhGBpcLYDJpiZbJ0XiPrbx9zVZRIytu6uGakNaAX-mi5w-uFUwLE-1B5ZejWL4duat4Hb-jF8Q8dQn358orQbCxSjVTozEcldJba6C9cjLax8ujEz6MZ9DmYgK4PqcyAM8haxz3VAOev1gu97LCbQYo56_AQ8I8P7NiXD4fQtHgqQ8vmUopPYYZrwNm9MDwuL9wEFqn0or_a94Flq0Jie_15CnO07t5Au6RyBkHnDjUtwSLNwcUOXk2CoGK-cSetNwBecomve3SbpwL2XHDMN9kUT0VWTSTJDNajHDopI2NXG58mLW1xB8E_rVQemApWbkJwzi6UliINL13n7sf0gTpcjxiVlZhxMjvcbz5qH1dgz-_CW4d51rlkbbCkONyq7PeauTAiabjiir-jNjJqcilWjcNIxy5tIKaFFUrvADJfSZ2UxABaocCjCL8cxrY4GKx0WYdbahCI3U1w9xGTSWxtdkG-rtuqpW5WWuDoPoXzAmT8qwa4lhgqqar8F42FDY5u45nqNNtCs5P49GJ5is7B2YE2Vx0XA2aqQPr0oH2scwKoQqHwwL5XdN_VvlgUuuxVJ6vTywwp5PpDsR12g3wC-CdYHjbn1tjxLOqAxXE8Yf4421cMfQYS62PIC54sZAqLKKfza6t0-ysUbtsQPNx8MhCn-dWkJxivCjgWc9uqDCPB_yMADChxkyJsFijLL0JB90yKomsBAtG13Cz-ha80xftxhE2G7M3WnbdFJO5Z3Dm5GPgaYw-DeaGhW3cqwnfWZwUSYW_JWS-Asp8ME5z2FpjKUKxhWdHOkxMUhZDflKlt5kP0nhiAAIR-JXj7ONIT84nuAg-g661raxi-1yG-Y0fxSox-NZiPJaoGORKk9t7DzjfcF0_RXNDvvPONylcA-pFwXQIena3I1oiIZqSoa5513hfy6vXVWIqOhLCZzFewR5tl-ACOKGm72XZP3SEhV3KqpakoJI-LWpv6Pg9q-M56WLu0QJZtiwMpAbSG0vKSB36qaEg19MtwGDBOVZjXsHgnwjKqGJC0n67J8OAZosSucTQSOhjiclVFEHXSfPMgACFlz9QYAJvC5cMdmlV_-maAYJGayPXY_ccYEc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:35:02 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
events
jssdks.mparticle.com/v3/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 		41 B
154 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v3/JS/us1-99b65fde89a1a145894d2d51d283cc83/events
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
702c56123ac6828d1f206256a7b37761a235c95dade8968c4210e72ae9990553

Request headers

Accept
text/plain;charset=UTF-8
Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-hhn4029-HHN
date
Wed, 23 Nov 2022 02:35:02 GMT
content-encoding
gzip
via
1.1 varnish
server
Kestrel
x-timer
S1669170902.420589,VS0,VE2
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-cache-hits
0
fail-icon.png
buy.tinypass.com/widget/dist/template/css/img/ Frame 5789 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buy.tinypass.com/widget/dist/template/css/img/fail-icon.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:35:02 GMT
strict-transport-security
max-age=86400; includeSubDomains
cf-cache-status
HIT
age
6172
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2177
last-modified
Mon, 21 Nov 2022 14:35:12 GMT
wn
prod-dash-10-0-125-144
server
cloudflare
etag
W/"2177-1669041312000"
vary
Accept-Encoding
content-type
image/png
server-time
0.000
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
76e6825c8d106951-FRA
expires
Wed, 23 Nov 2022 04:35:02 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ Frame 5789 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://buy.tinypass.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 16:15:31 GMT
x-content-type-options
nosniff
age
296371
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 Nov 2023 16:15:31 GMT
intl-messageformat.08ed488acce68af5427e.js
cdn.viafoura.net/chunks/vendors~languages/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vendors~languages/intl-messageformat.08ed488acce68af5427e.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:20eb:9e00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b3c5ed5fd477a4a8faf9f047c18714c3220ef3d420a5ff283cc5d88e1590dfda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 13:23:43 GMT
x-amz-version-id
12Jg_lVe4ObnGcpLc_iCe1AGSGsFPoYH
content-encoding
br
via
1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
age
47480
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 22 Nov 2022 13:23:14 GMT
server
AmazonS3
etag
W/"1b94bcc4f08423a7f6093908cbf33ad7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
aAP-0asfaKiKPWcft8vkQQN_OExHtq_BUjyDSm0HMlvx2ueF-BF4Ew==
intl-messageformat.f699e602dfe83ef24fdf.js
cdn.viafoura.net/chunks/languages/ 		135 B
521 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/intl-messageformat.f699e602dfe83ef24fdf.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:20eb:9e00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c6495519c43cfcc35288071e3a44562329d08c3e9d4436638fc8c21ae166675b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 13:23:43 GMT
x-amz-version-id
B7A2JKwSQDvPKIgfU_oc6JDwoxeholNh
via
1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
age
47480
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
135
last-modified
Tue, 22 Nov 2022 13:23:06 GMT
server
AmazonS3
etag
"8cf6203079b3b340aefefb88dc916fba"
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
TqRbI--EU1czHZeOiAT_KHCJLnsBXhDdOuMLoxyIIoDaEep0XezWqw==
en-us-base-json.e6591103383cc0edc5dc.js
cdn.viafoura.net/chunks/languages/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/en-us-base-json.e6591103383cc0edc5dc.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:20eb:9e00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5608b0639585c425a4e3377ac9f9d987eea1c26d9cb12c1a1d7f46b4f5fdecb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 13:23:43 GMT
x-amz-version-id
CaAfSg.LH8gxK58mxWbRkLnNLgwSPgqz
content-encoding
br
via
1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
age
47480
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 22 Nov 2022 13:23:01 GMT
server
AmazonS3
etag
W/"18748a1c1f7924636a9aced117719e6f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
gNvZEDNOMvl09qqRJP-412T_0bsS8xxmyGOBShr6sfCBtrw4H2DV4g==
demand
events.browsiprod.com/events/ 		0
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/demand?p=8ae96aac-b610-4679-9916-716be763d0e5
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.9.24.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.209.185.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-209-185-64.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://nationalpost.com
date
Wed, 23 Nov 2022 02:35:02 GMT
access-control-allow-credentials
true
events
api.permutive.com/v2.0/batch/ 		201 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e563e2052551606116dfce42cdb662cafa9832ce311313f0329f01893f85b2c9

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 23 Nov 2022 02:35:02 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://nationalpost.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1685973801652415&ev=PageView&dl=https%3A%2F%2Fnationalpost.com%2Fnews%2Fpolitics%2Fclaims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat&rl=&if=false&ts=1669170902618&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22514537319740368%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22CAD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22503487844400487%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22CAD%22%7D%7D%7D&par[2]=%7B%22extractorID%22%3A%221042784969583558%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22CAD%22%7D%7D%7D&par[3]=%7B%22extractorID%22%3A%22858678751523779%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[4]=%7B%22extractorID%22%3A%221127243281129742%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[5]=%7B%22extractorID%22%3A%22497819211464386%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1669170902616.751008823&it=1669170902136&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 23 Nov 2022 02:35:02 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 6CC2 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?_pNL4g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:35:02 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 5358 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:2200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 01:04:21 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
696642
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
gyYL0P3tzD6mOny2MfbQT5BxZtqvMrR1UyjoE48kqo-ZjEV7AqXa2g==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=928934&campId=1x1&pubId=4946417229&chanId=396465421&placementId=6123534194&pubCreative=138406115165&pubOrder=3089429980&cb=737504996&custom=story&custom2=1&adsafe_par&impId=6de80bba-6ad7-11ed-b75c-0a6fa201f3de&adsafe_url=https%3A%2F%2Fnationalpost.com%2Fnews%2Fpolitics%2Fclaims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fnationalpost.com%2F&adsafe_type=f&adsafe_jsinfo=,id:6ff7f996-699c-81ba-3d3d-c47b5179afa9,c:uKOnn1,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-5dc864c74-tg55p,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:315.152.970.250,am:i,cc:315.152.970.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:331,mot:0,app:0,maw:0,fm:tnYr03w+11%7C12%7C13%7C14%7C151%7C16%7C17%7C181%7C19*.928934%7C191%7C192,idMap:19*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:350,oid:6e69709e-6ad7-11ed-92f8-22ff2bd8b4ac,v:19.8.366,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.188.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-188-115.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:35:02 GMT
server
nginx
x-server-name
app13.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=6ff7f996-699c-81ba-3d3d-c47b5179afa9&tv=%7Bc:uKOnn3,pingTime:-8,time:351,type:l,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:351,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:349,wc:0.0.1600.1200,ac:315.152.970.250,am:i,cc:315.152.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B17~0%5D,as:%5B17~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tnYr03w+11%7C12%7C13%7C14%7C151%7C16%7C17%7C181%7C19*.928934%7C191%7C192,idMap:19*,rmeas:1,rend:0,renddet:na,siq:350%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:8bc3:3390:8885:975 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:35:03 GMT
server
nginx
x-server-name
dt11.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
vf-css.a6ecf554f3902a9351e4.js
cdn.viafoura.net/chunks/ 		324 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vf-css.a6ecf554f3902a9351e4.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:20eb:9e00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a21cf24188244a6587b50e7d15e9941c48b2b966749e6c35d678950035c9f387

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 13:23:42 GMT
x-amz-version-id
7vP0fb4r4TCREvhSfddXqsCEcd2JMWXy
content-encoding
br
via
1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
age
47481
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 22 Nov 2022 13:23:18 GMT
server
AmazonS3
etag
W/"1b064dc75c05dca1f9efba191636ac2f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
5LV4Fwu8M0GGk-jR9tJafyQWubZRpAt91MabSwtUTEKacx1ejfH_WQ==
LoginRadiusV2.js
auth.lrcontent.com/v2/ 		199 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.lrcontent.com/v2/LoginRadiusV2.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:49e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68a335c0d87dce935fee1811892070e78c514828d50bfe2ae21fde739ec1002c
Security Headers
Name Value
Strict-Transport-Security max-age= 63072000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:35:02 GMT
strict-transport-security
max-age= 63072000; includeSubdomains; preload
via
1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
gzip
age
5953
x-amz-cf-pop
FRA60-P3
cf-polished
origSize=1238069
x-cache
Hit from cloudfront
cf-bgj
minify
last-modified
Mon, 13 Dec 2021 05:19:58 GMT
server
cloudflare
etag
W/"ae3463c4a59ae100b160ed4dd5dbf4b8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
76e6825dfb8490d4-FRA
x-amz-cf-id
WLNB0aChZxW-vlSqDelLGwASYMUVeKwtZ0toNXEPaRQaRBxXR321yg==
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=6ff7f996-699c-81ba-3d3d-c47b5179afa9&tv=%7Bc:uKOno1,pingTime:-2,time:411,type:a,im:%7Bsf:0,pci:%7Btdr:66%7D,pom:1,prf:%7BbeA:295,beZ:297,mfA:627,cmA:628,inA:628,inZ:632,prA:633,prZ:638,si:646,poA:647,poZ:662,cmZ:662,mfZ:662,loA:670,loZ:673,ltA:706,ltZ:706,mdA:297,mdZ:411%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.254,dom:body%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:349%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:411,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:349,wc:0.0.1600.1200,ac:315.152.970.250,am:i,cc:315.152.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B77~0%5D,as:%5B77~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tnYr03w+11%7C12%7C13%7C14%7C151%7C16%7C17%7C181%7C19*.928934%7C191%7C192,idMap:19*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:350,slid:%5Bgoogle_ads_iframe_/3081/npo.com/news/politics/story_0,google_ads_iframe_/3081/npo.com/news/politics/story_0__container__,ad-1,ad__inner-1,main-content%5D,sinceFw:59,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:8bc3:3390:8885:975 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:35:03 GMT
server
nginx
x-server-name
dt18.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
en-us-trending_articles-json.3edaaf216b1394950906.js
cdn.viafoura.net/chunks/languages/ 		1 KB
914 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/en-us-trending_articles-json.3edaaf216b1394950906.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:20eb:9e00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
863c0b7acfd970062d7312ae71773e05173c4ed7e5193cc9563f364ad19f17e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 13:23:43 GMT
x-amz-version-id
qeWovN1PsuLgfKEHbO4HnkXDrZMR1riq
content-encoding
br
via
1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
age
47480
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 22 Nov 2022 13:23:03 GMT
server
AmazonS3
etag
W/"773a547ca63e2d4963d59601ccdc6822"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
WTPLWi5dY-BW0_jTwTd-aLYS72MUA8uXDDAFsXmObm6zDj_FOIwYvw==
en-us-conversations-json.51bbe1f615ccf09b07d5.js
cdn.viafoura.net/chunks/languages/ 		14 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/en-us-conversations-json.51bbe1f615ccf09b07d5.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:20eb:9e00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4548bedf5561972c22e7f3b87e1f8746f23ee860000a82d327f20ebfdee63759

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 13:23:42 GMT
x-amz-version-id
ZlakdTn5vSfyHdLMsz.5toBf3Ro94uk2
content-encoding
br
via
1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
age
47481
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 22 Nov 2022 13:23:11 GMT
server
AmazonS3
etag
W/"4ae1e7e8e8f73b397c15cc8ed041b38f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
teiBHHojQhfU2N0ZUpL6WWoqV3h7mCr0UzwvUrdg3EHiQP5rjW5KDQ==
0.b1baf7dc66dcc720e7c6.css
cdn.viafoura.net/ 		87 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/0.b1baf7dc66dcc720e7c6.css
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:20eb:9e00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a7ba05bf1c9a7887b4032d876a6a4a12dcc739f3210b6a13ddeea309cf9bdf2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 13:23:42 GMT
x-amz-version-id
5z227mWW3PK_ykjag8cxMKWPlPYgsbCB
content-encoding
br
via
1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
age
47481
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 22 Nov 2022 13:23:26 GMT
server
AmazonS3
etag
W/"8abeb1b7b4e7c5fe45b7b22107f6b9a6"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
TysyORXShI5BQuj7lp-0zzSiNFiElc9XQnST9wiT29ZHldcOfEW9iw==
da.6fc95703675ace0c4cbc.js
cdn.viafoura.net/chunks/ 		136 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/da.6fc95703675ace0c4cbc.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:20eb:9e00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
195f2e15f5b0a3f19e102778164dbdd9b10ef005d9dc54f5951fe70afb1b3f32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 13:23:42 GMT
x-amz-version-id
k2edMdIaaz87ZfRYLGutElNCoqR6U038
content-encoding
br
via
1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
age
47481
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 22 Nov 2022 13:23:23 GMT
server
AmazonS3
etag
W/"d361802cc4d58cbf9da8a23f40b79c9a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
NylmyTcI6mls4IRPhpG35Wp2EKsjpkdqh9s8E6jyG5_gdyGfNtna0Q==
167.dec51542ab77839fe7d4.css
cdn.viafoura.net/ 		1 KB
814 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/167.dec51542ab77839fe7d4.css
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:20eb:9e00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
78016dcf3cc0dbc404bf2d29452efa67815d24fc050d9d1203570623a8fb62e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 13:23:42 GMT
x-amz-version-id
56szbBC6LDq.mJupA1F8TTF7r0Jsxks6
content-encoding
br
via
1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
age
47481
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 22 Nov 2022 13:23:27 GMT
server
AmazonS3
etag
W/"50bce8b8e9c95dfbb4e41f65c9883f1d"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
Bpmf5SIpmrqqyC5y7Xsp5ZFeAt4Ulk6y-wVLhBIp58BkkdrcxVHoLw==
tray-trigger.2fca14b85bbb4a0e7a8f.js
cdn.viafoura.net/chunks/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/tray-trigger.2fca14b85bbb4a0e7a8f.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:20eb:9e00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0b3eaef8c0f3128fc6400031f37fbd0922f7422651b0ce1ef189e99a1a4724f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 13:23:42 GMT
x-amz-version-id
cr7p144mB6R5ue4WR6cri_AVvpnVdvQY
content-encoding
br
via
1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
age
47481
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 22 Nov 2022 13:23:18 GMT
server
AmazonS3
etag
W/"756e1366397fce10c0d213981efeda9a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
_yTyjrLrNsE0RfrRI0pM8wHm7RQVQ_Xu8zuP-8fv9eGnwddkt-HaTA==
roboto-regular.woff2
cdn.viafoura.net/front/assets/fonts/roboto/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/front/assets/fonts/roboto/roboto-regular.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:20eb:9e00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
659a8dee04b272c247129ff6513d23c16f4f9c183b5d64e7347815af8861a2a4

Request headers

Referer
https://nationalpost.com/
Origin
https://nationalpost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 13:23:43 GMT
x-amz-version-id
agv1.DiuywVdOwrN9dZKThSZsHWi0VwW
via
1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
age
47480
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
50240
last-modified
Thu, 01 Sep 2022 19:35:45 GMT
server
AmazonS3
etag
"184a2a669cf798f8d80bcfba041c3ecf"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
x-amz-cf-id
ObEgRITKZIiMK2N212TfiBrf9uLgMuq5d1jCy5CXYks2fHifJfF91w==
roboto-700.woff2
cdn.viafoura.net/front/assets/fonts/roboto/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/front/assets/fonts/roboto/roboto-700.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:20eb:9e00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
be54ac8b9843afcd92dea7b3e72306efec71ba3b6365f679f179c7ca4a0aea9f

Request headers

Referer
https://nationalpost.com/
Origin
https://nationalpost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 13:23:42 GMT
x-amz-version-id
vi34hbLPTGmXJs0GAXKY98ORsVkdBPIs
via
1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
age
47481
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
50196
last-modified
Thu, 01 Sep 2022 19:35:44 GMT
server
AmazonS3
etag
"bc4866b032d34d1ab1fe7d30fe7d2af2"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
x-amz-cf-id
OdntUKAmM6Wyx9WG_GwJfCsHdnsuskUnfYSE8QG-R_Om1y7_dDJu4Q==
ingest
i.viafoura.co/v3/nationalpost.com/ 		67 B
393 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://i.viafoura.co/v3/nationalpost.com/ingest
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.146.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-146-55.compute-1.amazonaws.com
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://nationalpost.com
date
Wed, 23 Nov 2022 02:35:03 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/png
content-length
67
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=6ff7f996-699c-81ba-3d3d-c47b5179afa9&tv=%7Bc:uKOnpw,pingTime:0,time:504,type:pf,env:%7Bar:self.0%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:349%7D,%7Bpiv:100,vs:i,r:,t:504%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:504,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:349,wc:0.0.1600.1200,ac:315.152.970.250,am:i,cc:315.152.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B170~0%5D,as:%5B170~970.250%5D%7D%7D,%7Bsl:i,t:504,wc:0.0.1600.1200,ac:315.152.970.250,am:i,cc:315.152.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B0~100%5D,as:%5B0~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:jload,dtt:0,fm:tnYr03w+11%7C12%7C13%7C14%7C151%7C16%7C17%7C181%7C19*.928934%7C191%7C192,idMap:19*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:350,sis:430%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:8bc3:3390:8885:975 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:35:03 GMT
server
nginx
x-server-name
dt19.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
svod-module-js.134d14cd72d5d9935f06.js
cdn.viafoura.net/chunks/vuex_store/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vuex_store/svod-module-js.134d14cd72d5d9935f06.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:20eb:9e00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
552026abf1372e748f12a796cd7f3d4036ccb046a12ab8577ee85b16e88dfea9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 13:23:43 GMT
x-amz-version-id
7AefNGpcmOrjpIzczivn.GZbsBwusIp4
content-encoding
br
via
1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
age
47480
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 22 Nov 2022 13:23:12 GMT
server
AmazonS3
etag
W/"68a80baad1f6e634374ed97000dfdbe5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
I4ne-ae86lrow5h9b3lotYRLcojnLJ5VBI94cs2NZkJHSEuTXPPjNA==
content-module-js.d42cd03265494ceee246.js
cdn.viafoura.net/chunks/vuex_store/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vuex_store/content-module-js.d42cd03265494ceee246.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:20eb:9e00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
47cceb1c11ae42733c07acf171bf17e939c8dd1d6e37d476b2f9ea398a1cca2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 13:23:42 GMT
x-amz-version-id
jsBh8AYyz3vBHLEmzwNqEMPpJr80IznB
content-encoding
br
via
1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
age
47481
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 22 Nov 2022 13:23:13 GMT
server
AmazonS3
etag
W/"1f9de39516f97d2e5c140994c2c6616b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
VkKvw43PfdiZN79Xtb5v3ggr2PwuOILu-LX3GavPvUwQR0XWY5nCTQ==
appInfo
config.lrcontent.com/ciam/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://config.lrcontent.com/ciam/appInfo?apikey=1a9a7ccf-c3f1-4ec9-a65f-2c3e8d9510a5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
https://nationalpost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-headers
x-requested-with
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://nationalpost.com
allow
GET, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
76e6825ecedf924a-FRA
date
Wed, 23 Nov 2022 02:35:02 GMT
server
cloudflare
vary
Origin
appInfo
config.lrcontent.com/ciam/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://config.lrcontent.com/ciam/appInfo?apikey=1a9a7ccf-c3f1-4ec9-a65f-2c3e8d9510a5
Requested by
Host: auth.lrcontent.com
URL: https://auth.lrcontent.com/v2/LoginRadiusV2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbe74c62945bca0d7d29f9784c7462326fb4f8100313f320468c67a947a267ad

Request headers

Referer
https://nationalpost.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:35:02 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json
access-control-allow-origin
https://nationalpost.com
cache-control
max-age=86400
cf-ray
76e6825f1f2c924a-FRA
all
notifications.viafoura.co/v5/notifications/00000000-0000-4000-8000-05d38950df07/ 		36 B
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://notifications.viafoura.co/v5/notifications/00000000-0000-4000-8000-05d38950df07/all
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.251.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-251-205.compute-1.amazonaws.com
Software
/
Resource Hash
b6dc85459fbb9d03f478d91eae99e6627e04c8f805b08e4b97423ffbc3870d9d

Request headers

Accept
application/json, text/plain, */*
Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
https://nationalpost.com
date
Wed, 23 Nov 2022 02:35:03 GMT
content-encoding
gzip
access-control-allow-credentials
true
content-length
59
content-type
application/json; charset=utf-8
login
postmedia.hub.loginradius.com/ssologin/ 		38 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Requested by
Host: auth.lrcontent.com
URL: https://auth.lrcontent.com/v2/LoginRadiusV2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.159.85.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-85-30.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://nationalpost.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:35:03 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Server
nginx
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,OPTIONS, POST, GET, PUT, OPTIONS, DELETE
Content-Type
application/json
Access-Control-Allow-Origin
https://nationalpost.com
X-LoginRadius-Server
Primary - IDX - AWS
Access-Control-Allow-Credentials
true
X-Server
ms_idx_primary
Connection
keep-alive
Content-Length
38
login
postmedia.hub.loginradius.com/ssologin/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.159.85.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-85-30.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
https://nationalpost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
x-requested-with
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,OPTIONS POST, GET, PUT, OPTIONS, DELETE
Access-Control-Allow-Origin
https://nationalpost.com
Connection
keep-alive
Date
Wed, 23 Nov 2022 02:35:02 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-LoginRadius-Server
Primary - IDX - AWS
X-Server
ms_idx_primary
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=6ff7f996-699c-81ba-3d3d-c47b5179afa9&tv=%7Bc:uKOnsS,pingTime:-10,time:712,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA3LjAuNTMwNC4xMTAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1669170903017%7C%7C412706e896eee5b80b2bcca6788f2609%7C%7Cf8b8963e850cee297829880103706300%7C%7C509c5ea01f50660ed68aff67058291ae%7C%7C374d77a20da20b2798e1c4539dfe2b6c%7C%7Cb5f21dae2207ca3912008544c090ba72%7C%7Ce26b8938fd15332425399a7ea48cd894%7C%7C0c51e103af9600a365e513f60609c11a%7C%7C1663701684%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:8bc3:3390:8885:975 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:35:03 GMT
server
nginx
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
/
www.facebook.com/tr/ Frame E274 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://nationalpost.com
Referer
https://nationalpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://nationalpost.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 02:35:03 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022111501&jk=1964286895719631&bg=!8vGl8bXNAAbvMpMzzzI7ACkAdvg8WulLTNg1DkAXw40U1eHR1Q40LiWuwwGjH2lsnTIC3kRk5d5O3QIAAAHOUgAAAANoAQcKANrVGIsqweo5tSggVwbxKHoIF2zmh-htiFH2FpYrF6-77Wx8ZAXayXhEuHPuNJHmGZfo6najCsK_mfES-FcBRTdVXajruYyLM1xXDlmdQY0ccE2Vh05auyUdCLMiaXcSgja2suEvfKvicJsP67aV5tR5H5sIvqYd0lm4ACcmHaZP5zwRuy_r4I6m0aKrf2rTFDfGHtYvTlpdMk5W1iel_g8RFmP-WlzIZA2W6seai7JMsi05WU2VBjU4QoXFc8uIDO84i3vUgj5b7fIvPTQ0iaElvre7ooKoruGkPpkClMRXM_3JnGaRX8n6r3roFSH_aom3u1VjRyLSrkM2rSHLflPUdJsQTAzq-xYP9Z1Pu3vdBXdzLddrdTiiK7r-e3rwiy0XOJ1QuM-tlaewPPREvO15yfIjmo47tyjJ5doaJ-cEMecxXYT12Dg5nhBPbV18mXquumWXWLqzvdJdoGHJaXp0VjmrF6PX_syCVc85fcaZ-sOnfTkKe2CCbbaO4CviLioiH7SK0XdJzdP5Nj6jELdm-TjHVl0oZbZycinZZMeM88IbYcAm7MVOhc0AZwF94CBfuPFmf79DA8nXAAHXVuMjshLUX4pF9Rh1TgW1jBUpiRqrzKYsApLY70bBPp--K-PjqhPyHycRgmhPAoM1mTUT7Epl2LKENmRIrCTJlBTy7uiyHntlsEW8aHwzzkPOzVAXwODJelve4rPMZA5hZIzq_ZNwl0zH4sp3pswk110gYWsG4N1eGCeqE7EPAJ_nO-1eYQv2wDX5lt9CebITByWU9F6QBeUnhzgWv7ajtLm7zg3meBUE_w48JaPhhcUz-oOAqp5CutJRUHT02_lj3oKdcSqtksGcTcHE6EpsymtCbXtLhq_bUruQH_eA420g1fFt3tEXuIsWcJ3Eou2VroC8qglKguxcPz4Y0uA0u7LJqmbw80hWwKtuFdBRtbW56WIBR0o4KkP4wQeBWLkmICLOy98-3c37vWja4rweZymrufZNFQaHfeMqEibAtnC0K2L89zbSrUCI7RyhTp1tsNhufZmtlq7qQSKk405paiYV6mIJznVKNhRVNB4Lx4qevG09VBCRF1y1N0YkYWaQhfWmse6NEHAgjuVbDqQ-h_K-nSxBQV1M7oDy_jWJ9X_ZY29903e7d7J9VktI5dMHqW38PA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 56B2 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst5mBJEL3Nn_8T3Gyg8xLTgBnkbqQKMrIH5gLA9CoI9nf6R_VMxGnaWYuyekDqMF2bIe-Fg2a_OjXUdVGTewTC3LQqZnBryMzp6AgCRGT1rGcHquawJ&sig=Cg0ArKJSzBXmKOiVH3jfEAE&id=lidar2&mcvt=1000&p=152,315,406,1285&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20221110&bin=7&avms=nio&bs=1600,1200&mc=0.98&vu=1&app=0&itpl=19&adk=1596188534&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669170902004&rpt=388&isd=0&lsd=0&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:35:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
demand
events.browsiprod.com/events/ 		0
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/demand?p=8ae96aac-b610-4679-9916-716be763d0e5
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.9.24.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.209.185.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-209-185-64.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://nationalpost.com
date
Wed, 23 Nov 2022 02:35:03 GMT
access-control-allow-credentials
true
zT9uV-VvBMsXVbb5ZzIkdcgGLZsQkkmLlRiDTmVX2w5pJwQc9rhGBpcLYDJpiZbJ0XiPrbx9zVZRIytu6uGakNaAX-mi5w-uFUwLE-1B5ZejWL4duat4Hb-jF8Q8dQn358orQbCxSjVTozEcldJba6C9cjLax8ujEz6MZ9DmYgK4PqcyAM8haxz3VAOev1gu97LCb...
eu.sportradarserving.com/vimp/ Frame 13BE 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu.sportradarserving.com/vimp/zT9uV-VvBMsXVbb5ZzIkdcgGLZsQkkmLlRiDTmVX2w5pJwQc9rhGBpcLYDJpiZbJ0XiPrbx9zVZRIytu6uGakNaAX-mi5w-uFUwLE-1B5ZejWL4duat4Hb-jF8Q8dQn358orQbCxSjVTozEcldJba6C9cjLax8ujEz6MZ9DmYgK4PqcyAM8haxz3VAOev1gu97LCbQYo56_AQ8I8P7NiXD4fQtHgqQ8vmUopPYYZrwNm9MDwuL9wEFqn0or_a94Flq0Jie_15CnO07t5Au6RyBkHnDjUtwSLNwcUOXk2CoGK-cSetNwBecomve3SbpwL2XHDMN9kUT0VWTSTJDNajHDopI2NXG58mLW1xB8E_rVQemApWbkJwzi6UliINL13n7sf0gTpcjxiVlZhxMjvcbz5qH1dgz-_CW4d51rlkbbCkONyq7PeauTAiabjiir-jNjJqcilWjcNIxy5tIKaFFUrvADJfSZ2UxABaocCjCL8cxrY4GKx0WYdbahCI3U1w9xGTSWxtdkG-rtuqpW5WWuDoPoXzAmT8qwa4lhgqqar8F42FDY5u45nqNNtCs5P49GJ5is7B2YE2Vx0XA2aqQPr0oH2scwKoQqHwwL5XdN_VvlgUuuxVJ6vTywwp5PpDsR12g3wC-CdYHjbn1tjxLOqAxXE8Yf4421cMfQYS62PIC54sZAqLKKfza6t0-ysUbtsQPNx8MhCn-dWkJxivCjgWc9uqDCPB_yMADChxkyJsFijLL0JB90yKomsBAtG13Cz-ha80xftxhE2G7M3WnbdFJO5Z3Dm5GPgaYw-DeaGhW3cqwnfWZwUSYW_JWS-Asp8ME5z2FpjKUKxhWdHOkxMUhZDflKlt5kP0nhiAAIR-JXj7ONIT84nuAg-g661raxi-1yG-Y0fxSox-NZiPJaoGORKk9t7DzjfcF0_RXNDvvPONylcA-pFwXQIena3I1oiIZqSoa5513hfy6vXVWIqOhLCZzFewR5tl-ACOKGm72XZP3SEhV3KqpakoJI-LWpv6Pg9q-M56WLu0QJZtiwMpAbSG0vKSB36qaEg19MtwGDBOVZjXsHgnwjKqGJC0n67J8OAZosSucTQSOhjiclVFEHXSfPMgACFlz9QYAJvC5cMdmlV_-maAYJGayPXY_ccYEc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.82.80 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-82-80.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/ul_cb/content/zT9uV-VvBMsXVbb5ZzIkdcgGLZsQkkmLlRiDTmVX2w5pJwQc9rhGBpcLYDJpiZbJ0XiPrbx9zVZRIytu6uGakNaAX-mi5w-uFUwLE-1B5ZejWL4duat4Hb-jF8Q8dQn358orQbCxSjVTozEcldJba6C9cjLax8ujEz6MZ9DmYgK4PqcyAM8haxz3VAOev1gu97LCbQYo56_AQ8I8P7NiXD4fQtHgqQ8vmUopPYYZrwNm9MDwuL9wEFqn0or_a94Flq0Jie_15CnO07t5Au6RyBkHnDjUtwSLNwcUOXk2CoGK-cSetNwBecomve3SbpwL2XHDMN9kUT0VWTSTJDNajHDopI2NXG58mLW1xB8E_rVQemApWbkJwzi6UliINL13n7sf0gTpcjxiVlZhxMjvcbz5qH1dgz-_CW4d51rlkbbCkONyq7PeauTAiabjiir-jNjJqcilWjcNIxy5tIKaFFUrvADJfSZ2UxABaocCjCL8cxrY4GKx0WYdbahCI3U1w9xGTSWxtdkG-rtuqpW5WWuDoPoXzAmT8qwa4lhgqqar8F42FDY5u45nqNNtCs5P49GJ5is7B2YE2Vx0XA2aqQPr0oH2scwKoQqHwwL5XdN_VvlgUuuxVJ6vTywwp5PpDsR12g3wC-CdYHjbn1tjxLOqAxXE8Yf4421cMfQYS62PIC54sZAqLKKfza6t0-ysUbtsQPNx8MhCn-dWkJxivCjgWc9uqDCPB_yMADChxkyJsFijLL0JB90yKomsBAtG13Cz-ha80xftxhE2G7M3WnbdFJO5Z3Dm5GPgaYw-DeaGhW3cqwnfWZwUSYW_JWS-Asp8ME5z2FpjKUKxhWdHOkxMUhZDflKlt5kP0nhiAAIR-JXj7ONIT84nuAg-g661raxi-1yG-Y0fxSox-NZiPJaoGORKk9t7DzjfcF0_RXNDvvPONylcA-pFwXQIena3I1oiIZqSoa5513hfy6vXVWIqOhLCZzFewR5tl-ACOKGm72XZP3SEhV3KqpakoJI-LWpv6Pg9q-M56WLu0QJZtiwMpAbSG0vKSB36qaEg19MtwGDBOVZjXsHgnwjKqGJC0n67J8OAZosSucTQSOhjiclVFEHXSfPMgACFlz9QYAJvC5cMdmlV_-maAYJGayPXY_ccYEc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:35:03 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
events
api.permutive.com/v2.0/batch/ 		101 B
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
af649bd606bf3676e42404f3bfff09ff60a18880f306fd2e0af575b8ce799eba

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 23 Nov 2022 02:35:03 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://nationalpost.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
109
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=6ff7f996-699c-81ba-3d3d-c47b5179afa9&tv=%7Bc:uKOnGL,pingTime:1,time:1573,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:349%7D,%7Bpiv:100,vs:i,r:,t:504%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1069,o:504,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:349,wc:0.0.1600.1200,ac:315.152.970.250,am:i,cc:315.152.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B170~0%5D,as:%5B170~970.250%5D%7D%7D,%7Bsl:i,t:504,wc:0.0.1600.1200,ac:315.152.970.250,am:i,cc:315.152.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1069~100%5D,as:%5B1069~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:jload,dtt:407,fm:tnYr03w+11%7C12%7C13%7C14%7C151%7C16%7C17%7C181%7C19*.928934%7C191%7C192,idMap:19*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:350,sis:430%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:8bc3:3390:8885:975 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:35:03 GMT
server
nginx
x-server-name
dt19.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=6ff7f996-699c-81ba-3d3d-c47b5179afa9&tv=%7Bc:uKOnGL,pingTime:1,time:1573,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:349%7D,%7Bpiv:100,vs:i,r:,t:504%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1069,o:504,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:349,wc:0.0.1600.1200,ac:315.152.970.250,am:i,cc:315.152.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B170~0%5D,as:%5B170~970.250%5D%7D%7D,%7Bsl:i,t:504,wc:0.0.1600.1200,ac:315.152.970.250,am:i,cc:315.152.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1069~100%5D,as:%5B1069~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:jload,dtt:407,fm:tnYr03w+11%7C12%7C13%7C14%7C151%7C16%7C17%7C181%7C19*.928934%7C191%7C192,idMap:19*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:350,sis:430,metricId:publ1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:8bc3:3390:8885:975 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:35:03 GMT
server
nginx
x-server-name
dt20.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=6ff7f996-699c-81ba-3d3d-c47b5179afa9&tv=%7Bc:uKOnGL,pingTime:1,time:1573,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:349%7D,%7Bpiv:100,vs:i,r:,t:504%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1069,o:504,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:349,wc:0.0.1600.1200,ac:315.152.970.250,am:i,cc:315.152.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B170~0%5D,as:%5B170~970.250%5D%7D%7D,%7Bsl:i,t:504,wc:0.0.1600.1200,ac:315.152.970.250,am:i,cc:315.152.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1070~100%5D,as:%5B1070~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:jload,dtt:407,fm:tnYr03w+11%7C12%7C13%7C14%7C151%7C16%7C17%7C181%7C19*.928934%7C191%7C192,idMap:19*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:350,sis:430,metricId:grpm1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:8bc3:3390:8885:975 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:35:03 GMT
server
nginx
x-server-name
dt21.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
p
sb.scorecardresearch.com/ 		43 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=19&c2=10276888&ns_ap_an=unknown&ns_ap_pn=js&ns_ap_pv=5&c12=_&name=foreground&ns_ap_ec=1&ns_ap_ev=start&ns_ap_device=Win32&ns_ap_id=1669170905789&ns_ap_csf=1&ns_ap_bi=unknown&ns_ap_pfm=webbrowser&ns_ap_pfv=Chrome%20107.0.5304.110&ns_ap_ver=unknown&ns_ap_sv=7.7.0%2B211006&ns_ap_bv=7.7.0%2B211006&ns_ap_smv=6.4&ns_type=view&ns_ap_gs=1669170900787&ns_ts=1669170900786&ns_ap_cfg=1110101-110-3C-7D0-A-1F-1E-1E-12C-A&ns_ap_env=0-0-2&ns_ap_ut=60000&ns_ap_ar=unknown&ns_ap_cs=1&ns_ap_fg=1&ns_ap_dft=0&ns_ap_dbt=0&ns_ap_dit=0&ns_ap_as=1&ns_ap_das=0&ns_ap_usage=0&ns_radio=unknown&ns_ap_install=1669170900787&ns_ap_ft=0&ns_ap_bt=0&ns_ap_it=0&ns_ap_res=1600x1200&ns_ap_sd=1600x1200&ns_ap_po=0x0&ns_ap_lang=en-US&ns_ap_jb=unknown&ns_c=UTF-8&c7=https%3A%2F%2Fnationalpost.com%2Fnews%2Fpolitics%2Fclaims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat&c8=Lawsuit%20threat%20over%20claim%20PR%20exec%20carried%20Nazi%20flag%20at%20Freedom%20Convoy%20%7C%20National%20Post&c9=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-39.fra2.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:35:05 GMT
via
1.1 03d509e8374e9f42668961b5e0201348.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
content-length
43
x-amz-cf-id
QvXnYJdI5Lk3mWIyr5jxieOcB_pfO03_4wnSZOTYT-MBWH28w6ELow==
x-cache
Miss from cloudfront
content-type
image/gif
envelope
lexicon.33across.com/v1/ 		49 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a0000344KfnAAE&gdpr=0
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 23 Nov 2022 02:35:06 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://nationalpost.com
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
expires
Sat, 26 Jul 1997 05:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame FFCB 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://nationalpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 23 Nov 2022 02:35:06 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 06C6 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://nationalpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 23 Nov 2022 02:35:06 GMT
ETag
"623de86a-cf34"
Expires
Thu, 24 Nov 2022 02:35:08 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 5EC9 		0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nationalpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Wed, 23 Nov 2022 02:35:06 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 39A9 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://nationalpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=42247
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 23 Nov 2022 02:35:06 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 23 Nov 2022 14:19:13 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
unused62
8096267
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 6FA8 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://nationalpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1167
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
76e682735e565bf9-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 23 Nov 2022 02:35:06 GMT
expires
Wed, 23 Nov 2022 06:35:06 GMT
last-modified
Mon, 25 Jul 2022 19:18:30 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame EB85
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnationalpost.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnationalpost.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnationalpost.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af94d061649a7e29c4af284b36dcf1208d51fb461f5da864c24b95da725cefa4

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
76e682745f779957-FRA
content-encoding
br
content-type
text/html
date
Wed, 23 Nov 2022 02:35:06 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2BAULeJbyVAE15w%2FthhCsxFFedc2aBupCD0CZWvu1ccA4KWyFkLeaMcNrB07nHL5CjlwG1mKOGyzTj3bVMrMAjxZdJsNXnsXm60SjttVJO5mDTLXFXuHYSFXCvjoQWrSRz0%2BsAwRChg24Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
76e6827409498fee-FRA
content-length
0
date
Wed, 23 Nov 2022 02:35:06 GMT
expires
0
location
/usermatch?d=https%3A%2F%2Fnationalpost.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wVqVuq3RWqrVfVQJqE9ygUG3XC6ODf7VvVlKf9HWK0cOj5i47%2FhXIztVOavoHiF%2BxabtoyF6%2F%2B4hZOkp9Hzv6fnQBMpncz0hz7k2b7vMw8DyHkVh1%2Bm14EjgqVh2bhk0oZh13hwZ3LOrqw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame FFCB 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
72d15234d6dde5fbdb7b89852408b3223101eff94b68d8d8eae1616290d2418f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:35:06 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Nov 2022 20:06:56 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=63122
Connection
keep-alive
Content-Length
10066
Expires
Wed, 23 Nov 2022 20:07:08 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 39A9 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=2017917&p=160305&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
bd3cdbc28c782433dc1a550eca7c69a1759cf5329d1d93e357b478aa0ac6a293

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 23 Nov 2022 02:35:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
bounce
ib.adnxs.com/ Frame 06C6
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
817 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 02:35:06 GMT
AN-X-Request-Uuid
9307b5f2-c45d-4c18-81e6-151638b43812
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 02:35:06 GMT
AN-X-Request-Uuid
590045c8-f0da-4a58-8bcd-c87a41dc1e77
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
match
c1.adform.net/serving/cookie/ Frame 7DDA
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=C992D949-5501-4FF8-B1AD-8796DB83C422&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C992D949-5501-4FF8-B1AD-8796DB83C422&gdpr=0&gdpr_consent=
35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C992D949-5501-4FF8-B1AD-8796DB83C422&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Wed, 23 Nov 2022 02:35:05 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Wed, 23 Nov 2022 02:35:05 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C992D949-5501-4FF8-B1AD-8796DB83C422&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame DC9F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:6657637d-86da-4f00-bdec-a8bacd79d99c&gdpr=0&gdpr_consent=
42 B
406 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:6657637d-86da-4f00-bdec-a8bacd79d99c&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 23 Nov 2022 02:35:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Wed, 23 Nov 2022 02:35:06 GMT
Expires
Wed, 23 Nov 2022 02:35:05 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 169 32252b7 master cdg-pixel-x15 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:6657637d-86da-4f00-bdec-a8bacd79d99c&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 869F
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=709968164926756602
42 B
273 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=709968164926756602
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 23 Nov 2022 02:35:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=709968164926756602
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame BC5D
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 23 Nov 2022 02:35:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 02:35:05 GMT
expires
Wed, 23 Nov 2022 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1667214
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 259C
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=C992D949-5501-4FF8-B1AD-8796DB83C422&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=C992D949-5501-4FF8-B1AD-8796DB83C422&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=C992D949-5501-4FF8-B1AD-8796DB83C422&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.226.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 23 Nov 2022 02:35:06 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
R7FTC2NAT6S70H5STMJX

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Wed, 23 Nov 2022 02:35:06 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=C992D949-5501-4FF8-B1AD-8796DB83C422&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
NK44SM24ZAPSR5TMQX8A
Pug
simage2.pubmatic.com/AdServer/ Frame 120A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1299203778257616234&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1299203778257616234&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 23 Nov 2022 02:35:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
b9c6f830-98a8-4d75-8980-e72e52668ebe
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Wed, 23 Nov 2022 02:35:06 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1299203778257616234&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 39A9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=yZLZSVUBT_ixrYeW24PEIg%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

unused62
8096267
date
Wed, 23 Nov 2022 02:35:06 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=UTF-8
cache-control
max-age=42247
accept-ranges
bytes
content-length
5549
expires
Wed, 23 Nov 2022 14:19:13 GMT

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:35:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 39A9
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=cbfc637d-86da-4600-83f7-4405511fbfb2
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=cbfc637d-86da-4600-83f7-4405511fbfb2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:35:05 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Wed, 23 Nov 2022 02:35:06 GMT
Server
MT3 169 32252b7 master cdg-pixel-x29 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=cbfc637d-86da-4600-83f7-4405511fbfb2
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 23 Nov 2022 02:35:05 GMT
generic
match.adsrvr.org/track/cmf/ Frame 39A9
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=C992D949-5501-4FF8-B1AD-8796DB83C422&gdpr=0&gdpr_consent=
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=b6e192c29eaef4a63e6b879726f190c7&gdpr=0
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 23 Nov 2022 02:35:06 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame 39A9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Qzk5MkQ5NDktNTUwMS00RkY4LUIxQUQtODc5NkRCODNDNDIy&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 23 Nov 2022 02:35:05 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:35:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 39A9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEG2o6vnjYY7h-7UtCycmhNQ&google_cver=1
42 B
526 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEG2o6vnjYY7h-7UtCycmhNQ&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 23 Nov 2022 02:35:05 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:35:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEG2o6vnjYY7h-7UtCycmhNQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 39A9 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.62.91.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:35:06 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 22 Nov 2022 02:35:06 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 39A9
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6890405839476078693
42 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6890405839476078693
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 23 Nov 2022 02:35:05 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:35:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6890405839476078693
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 39A9 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 23 Nov 2022 02:35:06 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame EB85
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y32G2pwI6UGxrZa504vFxgAABK8AAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y32G2pwI6UGxrZa504vFxgAABK8AAAIB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y32G2pwI6UGxrZa504vFxgAABK8AAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnationalpost.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 02:35:06 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
G7W12RMGEAMEXHD945YQ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 02:35:06 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
NWEJGFXC3TPQ7AY9TQFP
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y32G2pwI6UGxrZa504vFxgAABK8AAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame EB85
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y32G2pwI6UGxrZa504vFxgAABK8AAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENKl3T1-CcaZskjC9X4XqtY&google_cver=1
43 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENKl3T1-CcaZskjC9X4XqtY&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnationalpost.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.33.19 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:35:06 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZXmn5d7SFS%2B5oAv31fWKhNbaxRwzBApnbGBcwQMdmOIEwN7NszPmVUmx%2BGkY0aI90%2BQQPfF0j%2B2F95SFAuDM%2BEUnB5fvAqPfD4U7cqpj6uXRlUo5YMjNhGNZN9IcICw40VYRXR43A1BCKA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
76e68274eff49957-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:35:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENKl3T1-CcaZskjC9X4XqtY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame EB85 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnationalpost.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 23 Nov 2022 02:35:06 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame EB85
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y32G2pwI6UGxrZa504vFxgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELrdG7SinM2iLQTBajjII0Q&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELrdG7SinM2iLQTBajjII0Q&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnationalpost.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 02:35:06 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:35:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELrdG7SinM2iLQTBajjII0Q&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum.casalemedia.com/ Frame EB85
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=1299203778257616234
43 B
873 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=1299203778257616234
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnationalpost.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
104.18.33.19 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:35:06 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dbd5Ez%2BLs3XJxrSRFViL9oGVmRb%2B576T8fkOkhZMadzU0G1rfP3OsJiVj5R0PvB9P45DaKqaNnBAU7Ln6EMb7Yg8Ql3%2B7I15%2FLsAG6eSJrQrEQpLqaLrQ7o8Hl%2BmHGB35vVCPKl4"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
76e682755f3dbb73-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 02:35:06 GMT
AN-X-Request-Uuid
29829712-2075-411d-b516-1e753edb7565
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=1299203778257616234
Connection
keep-alive
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Y32G2pwI6UGxrZa504vFxgAABK8AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame EB85
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y32G2pwI6UGxrZa504vFxgAABK8AAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y32G2pwI6UGxrZa504vFxgAABK8AAAIB&gdpr_consent=&us_privacy=&gdpr=&verify=true
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y32G2pwI6UGxrZa504vFxgAABK8AAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y32G2pwI6UGxrZa504vFxgAABK8AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnationalpost.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
2a05:d018:d29:3605:2eda:8ed6:2a73:2027 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:35:06 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y32G2pwI6UGxrZa504vFxgAABK8AAAIB
date
Wed, 23 Nov 2022 02:35:06 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum.casalemedia.com/ Frame EB85
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1669257306
43 B
868 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1669257306
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnationalpost.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.33.19 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:35:06 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rRz4NDo1wxdrONgh4iDCHbrt7APAtO9xuSQftq0izMddIecsXCyW8NpDqS17Ph7J6dRxNAjUZj3DGzMwcggvaXRxnUuxGMxR%2Fm98ZpVF4xb6Pg9LDNyz3C%2BCgavyCixUEdLRTVCD"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
76e682765d239a3b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1669257306
pragma
no-cache
date
Wed, 23 Nov 2022 02:35:06 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
bridge
cm.adgrx.com/ Frame EB85 		43 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnationalpost.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.170 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
ams-mon-1.sys.adgear.com
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:35:06 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-2
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame EB85 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y32G2pwI6UGxrZa504vFxgAA%261199
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnationalpost.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:35:06 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
14685
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
76e682751fca5c8c-FRA
content-length
43
expires
Thu, 24 Nov 2022 02:35:06 GMT
pixel
cm.g.doubleclick.net/ Frame FFCB
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjU4MmQzM2Y5YWNjNGRmZTViMzBjOTJkMWUwN2ZiNjc1MDg1ZTY5ZA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjU4MmQzM2Y5YWNjNGRmZTViMzBjOTJkMWUwN2ZiNjc1MDg1ZTY5ZA
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:35:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjU4MmQzM2Y5YWNjNGRmZTViMzBjOTJkMWUwN2ZiNjc1MDg1ZTY5ZA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame FFCB
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAT199TV-1M-EXFI
0
705 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAT199TV-1M-EXFI
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:35:05 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 6553A482B9304A078475EB66578C126B Ref B: FRAEDGE1115 Ref C: 2022-11-23T02:35:06Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXuGiL0o3BVPzbelUXAMw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAT199TV-1M-EXFI
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame FFCB
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=5ayomrc8RSW1t7_m67Jfxw&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=5ayomrc8RSW1t7_m67Jfxw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=5ayomrc8RSW1t7_m67Jfxw
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 02:35:06 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4YGHWZ0TJ54MH6Y2X8DV
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=5ayomrc8RSW1t7_m67Jfxw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame FFCB
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/MumryFJk-Ns5tdFEFPIOrcn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1430947222910505367
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1430947222910505367
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Wed, 23 Nov 2022 02:35:06 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1430947222910505367
content-length
0
tap.php
pixel.rubiconproject.com/ Frame FFCB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHyLIdtldfdhYsHlEYRWnJw&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHyLIdtldfdhYsHlEYRWnJw&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:35:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHyLIdtldfdhYsHlEYRWnJw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame FFCB 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 23 Nov 2022 02:35:06 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame FFCB
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFUMTk5VFYtMU0tRVhGSQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFUMTk5VFYtMU0tRVhGSQ==
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:35:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFUMTk5VFYtMU0tRVhGSQ==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame FFCB
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=9EP5-jNXT-6ND5UV92Vvqg&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=9EP5-jNXT-6ND5UV92Vvqg
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=9EP5-jNXT-6ND5UV92Vvqg
Protocol
HTTP/1.1
Server
67.220.226.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 02:35:06 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Y0SX99Z5V2HTVTKMHYE7
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=9EP5-jNXT-6ND5UV92Vvqg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-72QH41ZTMR&gtm=2oeb90&_p=359120527&cid=1168543589.1669170901&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=2&dl=https%3A%2F%2Fnationalpost.com%2Fnews%2Fpolitics%2Fclaims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat&sid=1669170902&sct=1&seg=1&dt=Lawsuit%20threat%20over%20claim%20PR%20exec%20carried%20Nazi%20flag%20at%20Freedom%20Convoy%20%7C%20National%20Post&en=page_view&ep.debug_mode=false&ep.gtm_version=42&ep.gtm_container_id=GTM-P3Q4QHW&ep.ad_blocker_enabled=false&ep.user_status=anonymous&ep.project_type=Newsroom%20daily&ep.page_type=story&ep.platform=Cheetah&ep.platform_version=12.3.4&ep.fem_version=v70.0&ep.brand=National%20Post&ep.timestamp=2022-11-23T02%3A35%3A02.084%2B00%3A00&ep.ga_client_id=1168543589.1669170901&ep.article_authors=Christopher%20Nardi&ep.publish_timestamp=1669072883&ep.article_title=Firm%20says%20claim%20executive%20carried%20Nazi%20flag%20at%20Freedom%20Convoy%20is%20%E2%80%98absurd%2C%E2%80%99%20threatens%20lawsuit&ep.originating_property=true&ep.nlp_category=Law%20Enforcement&ep.nlp_topic=Emergencies%20Act%2C0.8628%7Callegation%2C0.7229%7Csymbol%20mr.%20Miller%2C0.694%7Cprivilege%2C0.6867%7Cclients%2C0.6681&ep.nlp_entity=People%2Cperson%2CBrendan%20Miller%2C0.9594%7CLaws%2Ccommunication%2CEmergencies%20Act%2C0.9465%7CPeople%2Ccomputer%20scientist%2CBrian%20Fox%2C0.9068%7CCountries%2Clocation%2CCanada%2C0.8844%7CPolitical%20group%2Cgroup%2CPublic%20Order%20Emergency%20Commission%2C0.8694&ep.main_category=politics&ep.article_sub_category_1=canada%2Cnews&ep.article_tags=emergencies-act%2C%20emergencies-act-inquiry%2C%20freedom-convoy%2C%20poec%2C%20public-order-emergency-commission&epn.word_count=609&epn.character_count=3166&ep.article_id=837ae9c0-a0dd-4ecf-a1c5-0855567f1829&ep.wire_content=false&ep.metered_content=true&_et=50&up.client_id=1168543589.1669170901
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-72QH41ZTMR&l=gtm_data_layer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:35:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nationalpost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 06C6 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 02:35:07 GMT
AN-X-Request-Uuid
67483579-7656-443d-bd0e-9e349bbcc387
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
events
api.permutive.com/v2.0/batch/ 		101 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
29ae1635bc811e3841eee1b8ea4b2a9cfc55d95d2747c4b61da5d25bb09009bf

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 23 Nov 2022 02:35:07 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://nationalpost.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
4.9e54de582f68c7c62e02.css
cdn.viafoura.net/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/4.9e54de582f68c7c62e02.css
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:20eb:9e00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
70cf10625d5fb5f040d803947fe94ee233e5afeaecd19aaa258398ae2a4bda9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 13:23:42 GMT
x-amz-version-id
Afa1KwsbVT0oqAV_4WSb9QGowABRHPeu
content-encoding
br
via
1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
age
47486
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 22 Nov 2022 13:23:27 GMT
server
AmazonS3
etag
W/"3ea70472e056e0a62887a2a959f71341"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
iH-se-TBHrVYoIPPxGnkhrQsKBBgoUI60sTv_DV39MmBLAInm3MxYw==
default~comments_js~conversation_starter_js~liveblog_js~standalone_ad_js~trending_articles_js.a99a9ebbcdd69b8f757d.js
cdn.viafoura.net/chunks/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/default~comments_js~conversation_starter_js~liveblog_js~standalone_ad_js~trending_articles_js.a99a9ebbcdd69b8f757d.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:20eb:9e00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b9ac7b76593ffb80d34819506dfe1f11ff4ea6d5a6875d45b01904806e9fc7e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 13:23:42 GMT
x-amz-version-id
6yXxE053l_UCPABc2D5bQXris42O2wFd
content-encoding
br
via
1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
age
47486
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 22 Nov 2022 13:23:24 GMT
server
AmazonS3
etag
W/"d26043cb78a30a2b61040209aab67477"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
LFCK-_WHvyrOcT5EPT0QOFyB3R-5Ohi_9J9-NCjf_HlPWxPFK4UtSQ==
168.dfe91e0994f4ad964576.css
cdn.viafoura.net/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/168.dfe91e0994f4ad964576.css
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:20eb:9e00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c0d4c9d4a0917467abcb650f6ed2ae82017b7d3c312dfa4c16f9aec4b7a08694

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 13:23:44 GMT
x-amz-version-id
SPPozmzMxWGNA9xGwoI9NXXFFIhWYXHQ
content-encoding
br
via
1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
age
47484
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 22 Nov 2022 13:23:26 GMT
server
AmazonS3
etag
W/"5f94e6b8f600d19fd592b41f8d2d304c"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
6jjTs4EuYzC6qBNEHmjvNG4ScvuJzY2B4B6Xd5ei5zwsLQobgty5EQ==
trending_articles_js.a7a3fc34f86bb2afb810.js
cdn.viafoura.net/chunks/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/trending_articles_js.a7a3fc34f86bb2afb810.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:20eb:9e00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b8eb46ea5bb449f2c8a4be7398b04f5bce68612abd67f00763b1d520e73616de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 13:23:44 GMT
x-amz-version-id
tA1uaNpOd6Z4tt34PrDyR6n6HBu6aQiu
content-encoding
br
via
1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
age
47484
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 22 Nov 2022 13:23:18 GMT
server
AmazonS3
etag
W/"069887634501069529b03fab068a317f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
rEgZuVcPg5KopXh1vSFUh50bGXfodSCpQXZfzDbrzwb0LhfXz1NGOg==
trending_articles-module-js.641b01abb155a2ed92b7.js
cdn.viafoura.net/chunks/vuex_store/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vuex_store/trending_articles-module-js.641b01abb155a2ed92b7.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:20eb:9e00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3169101c09309a39b36a30393f2421378755005c37b5606827c12e6e458bdad2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 13:23:44 GMT
x-amz-version-id
OaG8RY_T1m4QBCKobMPH8NsQS0q8fHSI
content-encoding
br
via
1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
age
47484
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 22 Nov 2022 13:23:13 GMT
server
AmazonS3
etag
W/"f185e12e5f7587b735d566a9735bd4c0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
14Ox7oMKvtmvXQIEcpnG9PYfyukQL_JHmrMq-M-xfz0PqbxZxc-4_g==
trendingrecommended
livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-05d38950df07/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-05d38950df07/trendingrecommended?limit=6&content_container_window_days=7&content_window_hours=3&sorted_by=total_visible_contents
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.146.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-146-55.compute-1.amazonaws.com
Software
/
Resource Hash
e4a118f5b81047b633f0bf9af5f24829f534001a47f3045745e9e8750808e5a6

Request headers

Accept
application/json
Referer
https://nationalpost.com/
X-UNIQUE-ID
cce70be1-55b0-4c68-855c-a45644ab4608
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json;charset=utf-8

Response headers

access-control-allow-origin
https://nationalpost.com
date
Wed, 23 Nov 2022 02:35:08 GMT
content-encoding
gzip
access-control-allow-credentials
true
content-length
1755
content-type
application/json
trendingrecommended
livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-05d38950df07/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-05d38950df07/trendingrecommended?limit=6&content_container_window_days=7&content_window_hours=3&sorted_by=total_visible_contents
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.12.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-12-14.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-unique-id
Access-Control-Request-Method
GET
Origin
https://nationalpost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,X-REQUEST-SIGNATURE,content-type,X-UNIQUE-ID
access-control-allow-methods
PATCH,GET,DELETE,PUT,POST
access-control-allow-origin
https://nationalpost.com
access-control-max-age
43200
content-length
0
date
Wed, 23 Nov 2022 02:35:08 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=6ff7f996-699c-81ba-3d3d-c47b5179afa9&tv=%7Bc:uKOoJh,pingTime:5,time:5573,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:349%7D,%7Bpiv:100,vs:i,r:,t:504%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5069,o:504,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:349,wc:0.0.1600.1200,ac:315.152.970.250,am:i,cc:315.152.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B170~0%5D,as:%5B170~970.250%5D%7D%7D,%7Bsl:i,t:504,wc:0.0.1600.1200,ac:315.152.970.250,am:i,cc:315.152.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5069~100%5D,as:%5B5069~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:jload,dtt:175,fm:tnYr03w+11%7C12%7C13%7C14%7C151%7C16%7C17%7C181%7C19*.928934%7C191%7C192,idMap:19*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:350,sis:430%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:8bc3:3390:8885:975 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:35:07 GMT
server
nginx
x-server-name
dt24.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
170.bacbaddae828218d5d29.css
cdn.viafoura.net/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/170.bacbaddae828218d5d29.css
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:20eb:9e00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8b41cdb3b4f114ba8f88f818247f653d146adc1e01aac0fbb2f74083ae197bf7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 13:23:44 GMT
x-amz-version-id
UHcrBQzu08Q.fU8QZkuD5aplJNjQvEFb
content-encoding
br
via
1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
age
47485
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 22 Nov 2022 13:23:27 GMT
server
AmazonS3
etag
W/"9cc2d8dcd0c056167dd46f66fb15747b"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
Ef_B66Dlk8M62E_AxZwU-iK-oTH8PDB1jcjFQn3JOi4Kv-KL4zFhQA==
vendors~content_recirculation_js.8f23f07193007c122a4d.js
cdn.viafoura.net/chunks/ 		139 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vendors~content_recirculation_js.8f23f07193007c122a4d.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:20eb:9e00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8c40ea07328efd74e88405036f1352b8e868932da7b7dc6b12f9369232d54a80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 13:23:44 GMT
x-amz-version-id
CbxdTiIsXoVUllYXDrzn8fxDwWjc_liA
content-encoding
br
via
1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
age
47485
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 22 Nov 2022 13:23:17 GMT
server
AmazonS3
etag
W/"1c72a00507e3cb8e5094a0bfa9d1d040"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
T2FF6pfU18jHQ3uUuCV4B4YqxKmFqMPC0qlxEaOJXaT7nLBC3Frc4Q==
35.2b4e60e51fcb7c9c4641.css
cdn.viafoura.net/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/35.2b4e60e51fcb7c9c4641.css
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:20eb:9e00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e0c01782d6198238b558f7ea731b53a280ec638836cf706535d0c3744d0f648f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 13:23:44 GMT
x-amz-version-id
OIL3AbPeX8pH_zbxNNSDRvbzr1q496Nx
content-encoding
br
via
1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
age
47485
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 22 Nov 2022 13:23:27 GMT
server
AmazonS3
etag
W/"2f29ca5b35114b557418fbfa07e4eb62"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
K2XHfnuu8m4qsRMjoYKvuy8eHTCxwmPNWeWa1_sgyoMDGNFWdS_UzA==
content_recirculation_js.b7e9a31b56ff0878441d.js
cdn.viafoura.net/chunks/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/content_recirculation_js.b7e9a31b56ff0878441d.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:20eb:9e00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58ce2b041fac29507b45994d951652eea751adc632750dab02759689a712b4bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 13:23:44 GMT
x-amz-version-id
MfcSUgYAdUXgsytwBx.yRT8tO0XRFTmS
content-encoding
br
via
1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
age
47485
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 22 Nov 2022 13:23:14 GMT
server
AmazonS3
etag
W/"8ab47db0d6075d05825cf12930a62827"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
6HpVmr1OdIiNKkDXQu3CvIaSqo-3cadRQlGyGn1fy8kw2bxTjXtFjg==
SPug
simage4.pubmatic.com/AdServer/ Frame 39A9 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=160305&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:35:07 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Brendan-Miller.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2022/11/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2022/11/Brendan-Miller.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
26dd687b8ac7ece8fce623864d53930db7175273fef1ab9b19f45a62a3b68e0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Tue, 22 Nov 2022 18:39:25 GMT
via
1.1 google
server
nginx/1.19.10
age
28543
etag
"eab907a570eec016647e78c125e25ab788469e65"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-6564f6b646-fhj8t
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58292
Marco-Mendicino-inquiry-2.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2022/11/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2022/11/Marco-Mendicino-inquiry-2.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
5573ce7adde7f70f3e6cf8881e7c10226d940ac275b071706b0ab2aa14af7ee7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Tue, 22 Nov 2022 23:00:05 GMT
via
1.1 google
server
nginx/1.19.10
age
12903
etag
"596b90d75ee8bb992db91a4553aceeb4734c5417"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-6564f6b646-fhj8t
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63098
no0927Poilievre.jpeg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2022/09/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2022/09/no0927Poilievre.jpeg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
69c2d0dd10c07cd6c46e7715110296221af431e342d7cb353a62ddeadd381ec9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Tue, 22 Nov 2022 21:27:34 GMT
via
1.1 google
server
nginx/1.19.10
age
18454
etag
"aaf3424bad872c46d2a06966b0f46b5175439ab4"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-6564f6b646-2sz26
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35848
Danielle-Smith-2-1.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2022/11/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2022/11/Danielle-Smith-2-1.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
ea2fc4d7dffe3cf84f7b776f0ad332896236d4525d6c58195edf3d718b0aee1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Tue, 22 Nov 2022 23:44:16 GMT
via
1.1 google
server
nginx/1.19.10
age
10252
etag
"f1b7fe71c6a56809fae4f027c3350124ce56b2c3"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-6564f6b646-blmb6
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32400
Windsor-protest-1.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2022/10/ 		148 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2022/10/Windsor-protest-1.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
d07891dc14837c7c560f3ff17e018fe35bde6cc813564858ec159bd60ae08dfa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Tue, 22 Nov 2022 11:42:40 GMT
via
1.1 google
server
nginx/1.19.10
age
53548
etag
"289871c31636c1bd55d17acc78cf64b40cba1395"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-6564f6b646-ds9dj
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
151832

Verdicts & Comments Add Verdict or Comment

133 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 function| setNptTechAdblockerCookie object| script object| LRNameSpace object| LoginRadiusDefaults function| LoginRadiusUtility function| LoginRadiusApiFramework function| setLoginRadiusDefaultSchema function| setLoginRadiusModuleFunctions function| LoginRadiusHooksModel function| SetLoginRadiusCommonFunctions function| LoginRadiusControllers function| LoginRadiusV2 function| FormValidator object| hash object| browsitag string| browsi_bootstrap_loaded object| modern_script_elem object| legacy_script_elem object| ytAdTargetingLoadEvent function| script_onload string| locSrc object| ytVideoAdTargetingConfig object| webpackJsonpFrontEndModules object| tp object| FrontEndModules boolean| isBrowsi object| googletag object| aax object| permutive object| apstag object| pbjs object| BlockAdBlock object| blockAdBlock object| ggeac object| google_tag_data object| google_js_reporting_queue object| headertag object| Criteo function| headertag_render function| sovrn_render boolean| apstagLOADED object| pbjsChunk object| _pbjsGlobals object| webpackChunkdjango_content_services object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_132 object| Criteo_132 function| __browsiLoadFunc object| __browsiLoadObject object| __permutive undefined| google_measure_js_timing object| _middyo object| PublisherCommonId object| Sailthru function| t object| adblockDetector object| ns_ object| __iasPET object| diagPixSentCodes object| __iasAdRefreshConfig string| iasScores object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| vf object| vfQ object| dataLayer object| mParticle object| gtm_data_layer object| GoogleGcLKhOms object| COMSCORE function| udm_ object| _comscore object| _vfP boolean| vfLoaded function| setImmediate function| clearImmediate object| viafoura object| mpOneTrustKit object| GoogleTagManagerKit function| OptanonWrapper object| dl_mparticle object| mp_data_layer object| google_tag_manager function| postscribe object| google_tag_manager_external function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| _typeof boolean| pnFullTPVersion number| pnInitPerformance boolean| pnHasPolyfilled object| pn string| __tpVersion object| SWG function| ___tp function| onYouTubeIframeAPIReady object| Ribn string| GoogleAnalyticsObject function| ga function| e object| marfeel function| fbq function| _fbq object| PARSELY function| autotrack function| gtag object| PianoESPConfig object| gaplugins object| gaData function| _ga_originalSendHitTask object| __connect object| webpackChunk_marfeel_marfeel_sdk object| __mrfCompass object| __IntegralASExec object| google_image_requests

102 Cookies

Domain/Path Name / Value
.nationalpost.com/news/politics Name: _vfa
Value: nationalpost%2Ecom.00000000-0000-4000-8000-05d38950df07.cce70be1-55b0-4c68-855c-a45644ab4608.1669170903.1669170903.1669170903.1
.nationalpost.com/news/politics Name: _vfb
Value: nationalpost%2Ecom.00000000-0000-4000-8000-05d38950df07.2..1669170903....
nationalpost.com/ Name: __browsiSessionID
Value: a64ee882-219d-4466-b2ef-e0106454ef63&false&false&DEFAULT&de&desktop-4.9.24&false
nationalpost.com/ Name: __browsiUID
Value: e9d2548a-d734-42d3-a1a4-4534fe31afa7
nationalpost.com/ Name: browsi_AB_test
Value: false
nationalpost.com/ Name: aasd
Value: 1%7C1669170900207
nationalpost.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.nationalpost.com/ Name: pbjs_sharedId
Value: 762d746a-3845-4448-8263-51682ca40e44
nationalpost.com/ Name: __aaxsc
Value: 2
.nationalpost.com/ Name: permutive-id
Value: ddba2bdb-24b7-492c-a276-0a8705169dc8
.23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/ Name: pxid
Value: d397d3dd-560d-4d84-afb5-9fdd6a563a05
nationalpost.com/ Name: sailthru_pageviews
Value: 1
nationalpost.com/ Name: political-ad-opt-out
Value: {"data":false,"exp":604800000,"ts":1669170900708,"mac":-231491505}
nationalpost.com/ Name: __adblocker
Value: false
.rubiconproject.com/ Name: khaos
Value: LAT199TV-1M-EXFI
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qrvplcseKimjrU1ZxogGjlwOA+xFj1I9sd0zdRXVxf6zNKmZ5lPQpZaPyBPRO97vW6bC6BVJxtmVuBxGCOXoSK1cSqm9qu5Ignc6UO785F0Pw==
.doubleclick.net/ Name: IDE
Value: AHWqTUm2AtbVob0Zm5coHQm04O9xBLt3wvv0d0vBf6ErDRVriedDUyi5EraAF-jyH_Q
.criteo.com/ Name: uid
Value: f81036d3-bab7-425e-a4fd-9d5e28f65d68
nationalpost.com/ Name: sailthru_content
Value: 9139739a057126bbf6c42330fe5ac27f
nationalpost.com/ Name: sailthru_visitor
Value: 1495e490-f360-40a6-9214-88057e807451
.aaxads.com/ Name: aax-vsid
Value: 3121725018280808000V10
.nationalpost.com/ Name: cto_bundle
Value: fuGn9V9uY2JmSSUyRkxUVXdoc2ZJNlhJTG1nUlY2ZUZFVG1CTVNNTnglMkYzZTRQTnBrJTJCSkQ3T3BYaDBGMkZVaWx3VXBWVmZFUTdGaXJzU2dyR0h6bHFrUHRXN1NOQ3NFZjBIWnVNZ1VnOGxLRjdxWEprU0J6R3RncnBXUWhwMzRzOTQ5WXhEQVI0cGhDUGlDU0ZQd1l6V20lMkJJT2dOTU85ZjFtaHNFd0lnWWdXR2FNemg4YyUzRA
nationalpost.com/ Name: x-id
Value: {"data":{"adLight":false,"id":"dd1q79qhf3a165tfxc5ofltme5a4v21l","updated":1669170901440},"exp":604800000,"ts":1669170901440,"mac":919732475}
fem.gprod.postmedia.digital/ Name: x-id
Value: {"data":{"adLight":false,"id":"dd1q79qhf3a165tfxc5ofltme5a4v21l","updated":1669170901440},"exp":604800000,"ts":1669170901443,"mac":919732568}
.nationalpost.com/ Name: _pcid
Value: %7B%22browserId%22%3A%22lat19ajzqt5e8d94%22%7D
nationalpost.com/ Name: __pnahc
Value: 0
.nationalpost.com/ Name: _gcl_au
Value: 1.1.1870642956.1669170902
.nationalpost.com/ Name: __gads
Value: ID=2d8d6787a1520d43:T=1669170901:S=ALNI_MbQ_NXw1NY_jLleIVOIKPCxxSpY_A
.nationalpost.com/ Name: __gpi
Value: UID=00000b8621381fe0:T=1669170901:RT=1669170901:S=ALNI_MYQ-M60CDU3BFSbElzN9iDuiJwObQ
.piano.io/ Name: __cf_bm
Value: 3HQH6sby5pGbWGssq0Qh0KtU2x1PUIfqnvtaQCQjR74-1669170901-0-AdJ1s4t6TIeTGo5k/u0SM0H9hnpCfth/vBZOHiZhr/uwZN7CuShuDgUPch7HW3yDQmI/VWtpedH9FbcaU/zw0qs=
.nationalpost.com/ Name: __tbc
Value: %7Bkpex%7DlgfJx6ME2FvZC0GWBiZ6hyOB5okt4i5SkHcceP0W7bJjeGlnmsfCiFVX7ZOHfHjL
.nationalpost.com/ Name: __pat
Value: -18000000
.nationalpost.com/ Name: __pvi
Value: eyJpZCI6InYtMjAyMi0xMS0yMy0wMi0zNS0wMS02ODYtb29iTnVJRk1kUnRJWmtYZi05MTAyYWM4MDY5MTIxNDlhMDNhOTE2Njc0NDQxZjE5NCIsImRvbWFpbiI6Ii5uYXRpb25hbHBvc3QuY29tIiwidGltZSI6MTY2OTE3MDkwMTk3NX0%3D
.nationalpost.com/ Name: _pctx
Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAE0RXQF8g
.nationalpost.com/ Name: xbc
Value: %7Bkpex%7DhguCTlPLddSATW6Erw-fpLTLbIyRICBTlZu_9z2XTfAnX3cTwAh8lIIY7aCAE61Milu1x8X07dT16omR7hvjtb0cWNQs2gJGZB5dGnicw47_59EZ2-qP9RdKST4RO0me
.nationalpost.com/ Name: _ga_72QH41ZTMR
Value: GS1.1.1669170902.1.1.1669170902.60.0.0
.nationalpost.com/ Name: _gid
Value: GA1.2.2002788358.1669170902
.nationalpost.com/ Name: _gat_UA-213173459-3
Value: 1
.nationalpost.com/ Name: _gat_UA-138335866-2
Value: 1
.nationalpost.com/ Name: _gat_UA-238413164-9
Value: 1
.nationalpost.com/ Name: _gat_UA-138335866-30
Value: 1
.nationalpost.com/ Name: _ga_7GC5VRWDF9
Value: GS1.1.1669170902.1.0.1669170902.0.0.0
.nationalpost.com/ Name: _ga
Value: GA1.1.1168543589.1669170901
.nationalpost.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat%22%2C%22sref%22:%22%22%2C%22sts%22:1669170902205%2C%22slts%22:0}
.nationalpost.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=dfa12bbc-1a0a-4b32-87c7-2e55e17c26ca%22%2C%22session_count%22:1%2C%22last_session_ts%22:1669170902205}
.nationalpost.com/ Name: ___nrbic
Value: %7B%22previousVisit%22%3A1669170902%2C%22currentVisitStarted%22%3A1669170902%2C%22sessionId%22%3A%224500bd85-2cbf-40b2-b594-d344357f7fd2%22%2C%22sessionVars%22%3A%5B%5D%2C%22visitedInThisSession%22%3Atrue%2C%22pagesViewed%22%3A1%2C%22landingPage%22%3A%22https%3A//nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat%22%2C%22referrer%22%3A%22%22%7D
.nationalpost.com/ Name: ___nrbi
Value: %7B%22firstVisit%22%3A1669170902%2C%22userId%22%3A%222d2996bf-306c-420e-b7f2-824417285dad%22%2C%22userVars%22%3A%5B%5D%2C%22futurePreviousVisit%22%3A1669170902%2C%22timesVisited%22%3A1%7D
.nationalpost.com/ Name: compass_uid
Value: 2d2996bf-306c-420e-b7f2-824417285dad
.sportradarserving.com/ Name: zuuid
Value: 329d115f-8c05-42e8-b5d0-25da6749202a
.sportradarserving.com/ Name: c
Value: 1669170902
.sportradarserving.com/ Name: zuuid_lu
Value: 1669170902
.viafoura.co/ Name: VfSess
Value: dgak0b2vcvjjcs426dinq38o88
.viafoura.co/ Name: vfThirdpartyCookiesEnabled
Value: true
.bidswitch.net/ Name: tuuid
Value: 6d0c3141-b31b-4410-af02-ba0aae53464d
.bidswitch.net/ Name: c
Value: 1669170902
.bidswitch.net/ Name: tuuid_lu
Value: 1669170902
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1669170902
.sportradarserving.com/ Name: pvc2
Value: zT9uV-VvBMsXVbb5ZzIkdcgGLZsQkkmLlRiDTmVX2w5pJwQc9rhGBpcLYDJpiZbJ0XiPrbx9zVZRIytu6uGakNaAX-mi5w-uFUwLE-1B5ZejWL4duat4Hb-jF8Q8dQn358orQbCxSjVTozEcldJba6C9cjLax8ujEz6MZ9DmYgK4PqcyAM8haxz3VAOev1gu97LCbQYo56_AQ8I8P7NiXD4fQtHgqQ8vmUopPYYZrwNm9MDwuL9wEFqn0or_a94Flq0Jie_15CnO07t5Au6RyBkHnDjUtwSLNwcUOXk2CoGK-cSetNwBecomve3SbpwL2XHDMN9kUT0VWTSTJDNajHDopI2NXG58mLW1xB8E_rVQemApWbkJwzi6UliINL13n7sf0gTpcjxiVlZhxMjvcbz5qH1dgz-_CW4d51rlkbbCkONyq7PeauTAiabjiir-jNjJqcilWjcNIxy5tIKaFFUrvADJfSZ2UxABaocCjCL8cxrY4GKx0WYdbahCI3U1w9xGTSWxtdkG-rtuqpW5WWuDoPoXzAmT8qwa4lhgqqar8F42FDY5u45nqNNtCs5P49GJ5is7B2YE2Vx0XA2aqQPr0oH2scwKoQqHwwL5XdN_VvlgUuuxVJ6vTywwp5PpDsR12g3wC-CdYHjbn1tjxLOqAxXE8Yf4421cMfQYS62PIC54sZAqLKKfza6t0-ysUbtsQPNx8MhCn-dWkJxivCjgWc9uqDCPB_yMADChxkyJsFijLL0JB90yKomsBAtG13Cz-ha80xftxhE2G7M3WnbdFJO5Z3Dm5GPgaYw-DeaGhW3cqwnfWZwUSYW_JWS-Asp8ME5z2FpjKUKxhWdHOkxMUhZDflKlt5kP0nhiAAIR-JXj7ONIT84nuAg-g661raxi-1yG-Y0fxSox-NZiPJaoGORKk9t7DzjfcF0_RXNDvvPONylcA-pFwXQIena3I1oiIZqSoa5513hfy6vXVWIqOhLCZzFewR5tl-ACOKGm72XZP3SEhV3KqpakoJI-LWpv6Pg9q-M56WLu0QJZtiwMpAbSG0vKSB36qaEg19MtwGDBOVZjXsHgnwjKqGJC0n67J8OAZosSucTQSOhjiclVFEHXSfPMgACFlz9QYAJvC5cMdmlV_-maAYJGayPXY_ccYEc,1cWAm1FCvY59wls4WCpDIg,AspnQFcnoAsoiNZsloeexg,AUkeLQPYOG05Iiv8HZUCMA,AspnQFcnoAsoiNZsloeexg,3-HhjQUa11rR4BorZiY2bg,AspnQFcnoAsoiNZsloeexg,GbZ7EA01KmUnftwygDrXFg,AspnQFcnoAsoiNZsloeexg,bwgAfKA1BUrAoM3Oe1Mmnw,AspnQFcnoAsoiNZsloeexg,pLvHl-cudwbwRr3wuc-xAg,AspnQFcnoAsoiNZsloeexg,BCP9EZnG_DrT3OBbUHXVnA,AspnQFcnoAsoiNZsloeexg,o_CNQd8E1ss9UdW5ixna-A,AspnQFcnoAsoiNZsloeexg,4Hnd2-z9xZieLQoL26AtNQ,AspnQFcnoAsoiNZsloeexg,QOdzxl1LqAoXpGboNK7e1g,AspnQFcnoAsoiNZsloeexg
events.newsroom.bi/ Name: 1528_u
Value: 2d2996bf-306c-420e-b7f2-824417285dad
events.newsroom.bi/ Name: 1528_s
Value: 4500bd85-2cbf-40b2-b594-d344357f7fd2
events.newsroom.bi/ Name: 1528_lv
Value: null
events.newsroom.bi/ Name: 1528_ut
Value: 0
.nationalpost.com/ Name: mprtcl-v4_4662F03F
Value: {'gs':{'ie':1|'dt':'us1-99b65fde89a1a145894d2d51d283cc83'|'av':'1.0.0'|'cgid':'eea439d0-ee2e-47dd-9f3d-0c4488208e57'|'das':'be4ff7e5-500e-42e1-bdb3-3dc7ebc872c2'|'csm':'WyI0NjkzMzMyNzkyMjkzNTA4NTA4Il0='|'sid':'780F40BD-C58E-4D60-A7E9-99FDF74C4DA1'|'les':1669170902410|'ssd':1669170901650}|'l':1|'4693332792293508508':{'fst':1669170901931|'ui':'eyIwIjoiZGQxcTc5cWhmM2ExNjV0ZnhjNW9mbHRtZTVhNHYyMWwifQ=='}|'cu':'4693332792293508508'}
.feedad.com/ Name: fa_8461718b-151b-486e-8ea2-a9b349f07f98_u
Value: 329d115f-8c05-42e8-b5d0-25da6749202a
.nationalpost.com/ Name: _fbp
Value: fb.1.1669170902616.751008823
nationalpost.com/ Name: _vfz
Value: nationalpost%2Ecom.00000000-0000-4000-8000-05d38950df07.1669170903.1.medium=direct|source=|sharer_uuid=|terms=
.viafoura.co/ Name: vfDeviceId
Value: c2f1d43c-cbd2-47fe-b604-b97856823e84
.ads.pubmatic.com/ Name: KCCH
Value: YES
.adnxs.com/ Name: uuid2
Value: 1299203778257616234
.casalemedia.com/ Name: CMID
Value: Y32G2pwI6UGxrZa504vFxgAA
.casalemedia.com/ Name: CMPS
Value: 1199
.casalemedia.com/ Name: CMPRO
Value: 1199
.pubmatic.com/ Name: KADUSERCOOKIE
Value: C992D949-5501-4FF8-B1AD-8796DB83C422
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 160305:2
.pubmatic.com/ Name: DPSync3
Value: 1669248000%3A174%7C1670371200%3A201_197_219
.pubmatic.com/ Name: SyncRTB3
Value: 1670371200%3A21_13_161_56_54_251_220_7_3%7C1670457600%3A35
.simpli.fi/ Name: suid
Value: 5DA5A8C5FFF3458F9924E2BF111F4B66
.onaudience.com/ Name: cookie
Value: 2925415e73389251
.onaudience.com/ Name: done_redirects161
Value: 1
.adform.net/ Name: C
Value: 1
.mathtag.com/ Name: uuid
Value: 6657637d-86da-4f00-bdec-a8bacd79d99c
.yahoo.com/ Name: A3
Value: d=AQABBNqGfWMCEF1z0JP5aEzohBmR-8f98coFEgEBAQHYfmOHYwAAAAAA_eMAAA&S=AQAAAryksefRRzY0scrrv_WXPOg
.de17a.com/ Name: guid
Value: 1.709968164926756602
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-1299203778257616234&KRTB&23339-1299203778257616234
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:6657637d-86da-4f00-bdec-a8bacd79d99c&KRTB&16736-uid:6657637d-86da-4f00-bdec-a8bacd79d99c&KRTB&23019-uid:6657637d-86da-4f00-bdec-a8bacd79d99c&KRTB&23208-uid:6657637d-86da-4f00-bdec-a8bacd79d99c
.analytics.yahoo.com/ Name: IDSYNC
Value: 175w~28g2
.adform.net/ Name: uid
Value: 6890405839476078693
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEG2o6vnjYY7h-7UtCycmhNQ&KRTB&16514-CAESEG2o6vnjYY7h-7UtCycmhNQ&KRTB&23025-CAESEG2o6vnjYY7h-7UtCycmhNQ&KRTB&23386-CAESEG2o6vnjYY7h-7UtCycmhNQ
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-6890405839476078693&KRTB&23263-6890405839476078693
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-709968164926756602
.pubmatic.com/ Name: PugT
Value: 1669170904
.pubmatic.com/ Name: SPugT
Value: 1669170905
.onaudience.com/ Name: done_redirects147
Value: 1
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&d19c5d90-0b44-4701-885d-fe62eef900cb"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NjkxNzA5MDY7MjswMjEleseM2RzeCHyAlGiivNC013IaerJUSboa3WDe6cF/Sw==
.linkedin.com/ Name: lidc
Value: "b=VGST09:s=V:r=V:a=V:p=V:g=2435:u=1:x=1:i=1669170906:t=1669257306:v=2:sig=AQHmR47LN8QOB4YFmLyC0Ku0FPdQv7XN"
.casalemedia.com/ Name: CMTS
Value: 3191
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.amazon-adsystem.com/ Name: ad-id
Value: A7VEW_unU0-PpCQ18njJXzI

26 Console Messages

Source Level URL
Text
security error URL: https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://fem.gprod.postmedia.digital/v70.0/fem.js
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
network error URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Message:
Failed to load resource: the server responded with a status of 451 ()
worker error URL: https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
worker error URL: https://nationalpost.com/news/politics/claims-that-pr-executive-carried-nazi-flag-at-freedom-convoy-lead-to-lawsuit-threat
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://c.aaxads.com/aax.js?pub=AAX24X4M7&hst=nationalpost.com&ver=1.2
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://static.criteo.net/js/ld/publishertag.js
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js(Line 9)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://tpc.googlesyndication.com/sodar/sodar2.js(Line 31)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://tpc.googlesyndication.com/sodar/sodar2.js(Line 31)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js(Line 9)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js(Line 9)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://cdn.tinypass.com/api/tinypass.min.js?version=2
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js(Line 9)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js(Line 9)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error (Line 11)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error (Line 19)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://static.adsafeprotected.com/main.19.8.366.js
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://static.adsafeprotected.com/main.19.8.366.js
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://connect.facebook.net/en_US/fbevents.js(Line 23)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://connect.facebook.net/en_US/fbevents.js(Line 23)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js(Line 2)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js(Line 2)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js(Line 2)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js(Line 2)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js(Line 2)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-dynamic' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ads.pubmatic.com
ads.rubiconproject.com
adservice.google.com
adservice.google.de
ak.sail-horizon.com
ap.lijit.com
api.feedad.com
api.permutive.com
api.rlcdn.com
api.sail-personalize.com
api.viafoura.co
as-sec.casalemedia.com
assets.ribn.com
auth.lrcontent.com
bidder.criteo.com
btlr.sharethrough.com
buy.tinypass.com
c.aaxads.com
c.amazon-adsystem.com
c1.adform.net
c2.piano.io
c21lg-d.media.net
c2shb.pubgw.yahoo.com
c2shb.ssp.yahoo.com
casale-match.dotomi.com
cdn.adsafeprotected.com
cdn.browsiprod.com
cdn.indexww.com
cdn.js7k.com
cdn.jsdelivr.net
cdn.parsely.com
cdn.permutive.com
cdn.tinypass.com
cdn.viafoura.net
cdnjs.cloudflare.com
cm.adgrx.com
cm.g.doubleclick.net
config.lrcontent.com
connect.facebook.net
creatives.sportradarserving.com
d3div1mtym39ic.cloudfront.net
d5p.de17a.com
dae8944e092e9c150a4f1ffb556c3c63.safeframe.googlesyndication.com
dcs-static.gprod.postmedia.digital
dis.criteo.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
eu.sportradarserving.com
eus.rubiconproject.com
events.browsiprod.com
events.newsroom.bi
experience.tinypass.com
fastlane.rubiconproject.com
fem.gprod.postmedia.digital
flowcards.mrf.io
fonts.googleapis.com
fonts.gstatic.com
get.s-onetag.com
ghent-aws-fr.bidswitch.net
googlesync.permutive.com
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.viafoura.co
ib.adnxs.com
identity.mparticle.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
js-sec.indexww.com
jssdkcdns.mparticle.com
jssdks.mparticle.com
l3.aaxads.com
lexicon.33across.com
live.primis.tech
livecomments.viafoura.co
loada.exelator.com
match.adsrvr.org
micro.rubiconproject.com
mug.criteo.com
nationalpost.com
notifications.viafoura.co
onetag-geo.s-onetag.com
p1.parsely.com
pagead2.googlesyndication.com
pixel.adsafeprotected.com
pixel.onaudience.com
pixel.rubiconproject.com
postmedia-d.openx.net
postmedia.hub.loginradius.com
pr-bh.ybp.yahoo.com
prod-m-node-3113.ssp.advertising.com
px.ads.linkedin.com
region1.analytics.google.com
region1.google-analytics.com
s.amazon-adsystem.com
sb.scorecardresearch.com
sdk.mrf.io
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
signal-beacon.s-onetag.com
signal-segments.s-onetag.com
simage2.pubmatic.com
simage4.pubmatic.com
smartcdn.gprod.postmedia.digital
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
storage.googleapis.com
sync.mathtag.com
tags.feedad.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
www.aaxdetect.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.npttech.com
x.bidswitch.net
yield-manager.browsiprod.com
104.18.33.19
104.18.36.94
104.19.149.54
13.224.189.15
13.224.189.70
13.224.195.78
13.225.78.24
13.225.78.39
13.225.78.64
13.225.78.93
13.225.78.94
13.225.78.96
13.225.85.39
13.225.87.188
13.248.245.213
142.132.142.222
142.250.186.162
146.59.148.16
151.101.194.207
151.101.66.207
178.250.2.146
178.250.2.151
18.156.0.31
18.156.195.47
18.159.85.30
18.198.69.109
185.29.134.248
185.64.189.110
185.64.189.112
185.64.190.78
185.64.190.80
185.80.39.216
185.89.210.101
198.47.127.20
2001:4860:4802:32::36
213.155.156.185
216.239.32.21
216.239.36.21
23.205.235.133
23.205.239.15
23.205.241.117
23.206.210.112
23.35.228.23
23.35.236.188
23.35.236.201
2600:1901:0:8344::
2600:1f13:800:7782:8bc3:3390:8885:975
2600:1f18:44f0:4864:1a08:46f1:fe35:b27f
2600:9000:20eb:2400:11:1ed0:3900:21
2600:9000:20eb:2a00:1a:5235:f980:93a1
2600:9000:20eb:6600:7:75d4:e40:93a1
2600:9000:20eb:9e00:8:2ae1:d740:93a1
2600:9000:21f3:2200:8:48e:53c0:93a1
2602:803:c003:200::41
2606:4700:10::6816:49e8
2606:4700:10::ac43:835
2606:4700:3030::6815:5476
2606:4700::6810:2a41
2606:4700::6810:5814
2606:4700::6811:190e
2606:4700::6811:b6b1
2606:4700::6812:1af
2620:1ec:21::14
2a00:1288:80:807::1
2a00:1450:4001:801::2002
2a00:1450:4001:80e::2008
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2010
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2002
2a00:1450:4001:830::200e
2a00:1450:4001:831::2001
2a00:1450:4001:831::200a
2a00:1450:400c:c1b::9c
2a02:2638:1::13
2a02:2638:1::3
2a02:2638::24
2a02:26f0:3500:14::1724:a24f
2a02:fa8:8806:16::1400
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:400::645
2a04:4e42:600::645
2a04:4e42::645
2a05:d018:d29:3605:2eda:8ed6:2a73:2027
3.120.69.109
3.120.78.142
3.122.82.80
3.125.23.102
3.210.251.205
3.216.12.14
3.75.15.124
34.107.254.252
34.111.249.109
34.117.54.29
34.120.133.55
34.149.157.221
34.209.185.64
34.91.62.186
35.241.9.51
35.244.159.8
35.71.131.137
37.157.6.233
52.17.188.115
52.17.99.225
52.206.146.55
52.30.108.27
52.46.130.91
63.251.14.3
63.251.232.170
67.220.226.234
69.173.144.138
69.173.144.139
96.16.141.156
99.83.154.140
0031ce12148ca1d4bf9dfee65771781e1a59321a63655256fe37bd0bde749c03
00b16c8ca85bd490370f9c7e4194878e1ca6b38b88723306c58d1a91f2cf4832
01cbda7c0cc7dc2ada72b63517986851aca2f5d8c4b5d264a89d1bd0ec71a6c7
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
0222114d9b0939c6adce341db90bd879e47e150b2fb7d6a54fed67a8e9afc4bb
03cd1bbd4f89cb2ec64f269e45e2661dd2756873de983ebcae7f0dff66673a66
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
0767c070293f17944c5246f47d8c610131ee16556a032dc3b5820bdac5ec725f
07ddffd172b3fe769ed39d1f2c7ab038fcc002689c64b7d29f7a4d4135ffd0db
09a26b89551ccec454bb363bc39dec984d280374cecbc6733e2082d1ec05df7b
0b3eaef8c0f3128fc6400031f37fbd0922f7422651b0ce1ef189e99a1a4724f7
0b5bcd5e455fe140dfa582f1f66284a5af4f1de829a3341cca1720cc6b02d8ad
0b5c7da4ade777e51477cbdf7cdac580fcdcc93c2fc59b7f8b9d4cb2d56b305e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c92a8a981ca46cfb88a56dd166b36bac275d9ae9ab5e3af1a2421b3603bc2a1
0cecd7fe86c4ade6f298694d388f54231f850d3414da52783c1c916ddb156737
1067dbcc1e15682ddbac3990fba322394b444a02f9ca47751dfc552f19998516
10c767119d21a27a12d9d6c7456733e34d1b9b43c5ed70c04c8f9fca87527c57
13acdd18ee7ee38f70cc26fdfbd0ed717930bb46114e582b918b2279e2dd5b29
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
15b54a90686829d59ef0c2bc6a9e2e82b6a11536be56acf2b4ff414b081c891d
16b054796030af55929e5df5eb99f1ef463a435298c565f3fd6295a5447dd443
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
195f2e15f5b0a3f19e102778164dbdd9b10ef005d9dc54f5951fe70afb1b3f32
1a23f074cc0627e1959725be52e313c51236421bc303716e76ae146fe1c1265d
1b312c8acba998f091559ba5589483a97a98a47a7539a1e63c8783bc3c8ac76f
1c3d626e20fc27f17cb03da2ce9457c49fb89bd8374c2b6d5a58fed10f6fde4f
1e91fcb8a575e4c98ebf85d0844fa0246b0ece30f1276d4642274c1ff2d919b6
1ef83ef315370d078295e0368eb53ed424e99ba35682a4a7ec7e0187ad4593a7
1fb82c9bb456f6d5336430ebb3d5b1e596ceb303ee99690f0c9187aa13a0cd43
2149a2593b6004af8541d3c401aab1d3ac19808aa9f8359b815ef13968a2f727
22bfd42de452a7004d855d6fc4b6260f78322894ef2e8b8a485a85f7bb1a8716
23c83cf762d5b70c1fae55801659bd1c795cf505927715afe510fe047be59bc4
2679910f25f645293705721962873d5da4320e892a1f2c7fa1544736037c1502
268b266f401a132fd9b292df7d8e75c43aa4d0788e6bcd668297d9a4f0396165
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
26dd687b8ac7ece8fce623864d53930db7175273fef1ab9b19f45a62a3b68e0f
276903ffd153f6069a3d13fbd7d5f78a78050f1f7732899563432ee06463e8b1
276b5244682738d09b1f2ea556faf7d6d967c844fa95c762c121a0957ebe4503
28e81187e7f33fa1c5c6d6920ca6d9d1c8d5ac72359e2b6f6487524727021472
299c389920423ffa9d16874c214faddc481edfa007304df7c99f68da0df2a062
29ae1635bc811e3841eee1b8ea4b2a9cfc55d95d2747c4b61da5d25bb09009bf
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63
2a647bbfb5c6723ca10f9833ae08d3381b0061f982959571e56a55d7768cb7a5
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78
2c89c224b96ef462fbc42aeb98f0219b495c7ae22c35585af1672de908892870
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ede1ad361ced25f2fba65bc5e629fc5a9b9ac056d5ca228d8fdd74fd83a2027
3075d6c482879c146716a84df012b770f3e3663ec788106ea1738212f8d72f5a
30c065c5189582302f1fc91edd7f8c99956f6f8bd6c4b242081f41ab1c772b08
3169101c09309a39b36a30393f2421378755005c37b5606827c12e6e458bdad2
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
31f94a88ae03703e97e78b4e3287bf3b81da76cdec81be2cac631fedaffbd7a7
3287814ca76274abc014031e548108accb9529713f36f9c99f9ca083ac6d1d0b
32df43a530d768d4483680f784fd97eb35f86cdc3086ea546f186254e99dac6c
33724c87393fdef4c5f24d22efb12c7f11884c4990ffd634e31e4f4c4baa42f7
33fcd4c1ce6a5409b5ea2617a276401bf97ed01e5278131fd4f84d12a5d6d1ee
38ec6ea4cf8ea202a33bfe14e4dba198e18e36301e4bc9b655d6593e88f1b4b7
3a13e6398aaa56f6413d25b8167ca834e998c43ec22d222032b1510187922194
3c74ef042bfcf702752741a8c0fd1e1f8c691dc3b270a2c2f1739365596dc71c
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dfd9c49c8533f08e84f1132f5a06d6f0932beb7ff5ccc4e9c2a0844c029d51d
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40e562e806ce113ae7879d0dd76db82797b5c274794751c260381f2c8b283641
40ea2b15e22c0f56ae52151aa02446b289e7f9f2d4d1392f905b037f46e5c967
420582e0f42fce145ba7f070b9f4962239dd48f3d7b4468247f16779fa54f919
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4548bedf5561972c22e7f3b87e1f8746f23ee860000a82d327f20ebfdee63759
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4711b0df4a06468c4a0ad1c5ed9f38ea0d02e9f32e4b8f7d10bc379c3f8fb1f7
47cceb1c11ae42733c07acf171bf17e939c8dd1d6e37d476b2f9ea398a1cca2b
481d713552f587d3bc0e3683557f8541ea69543e4d7abb7e4299c646ab10fd03
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
49b2366d707ee5e36431952ffaaffecdceb57c52756a9b2e062222a16629599a
4a1d77b41d457c84fa6203df7050174f7860e5a1e81ca0c6a13cacf80935ac90
4bef0d2ce9ddd3dcd15889345ea8e4ae1eb38c2bcf50bcd76daed2dc63f0a424
4e6731ae60abbb8d75dca4ca8d79e9a02d3b3d1efa3adb2985bda2b287390b7d
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
552026abf1372e748f12a796cd7f3d4036ccb046a12ab8577ee85b16e88dfea9
5573ce7adde7f70f3e6cf8881e7c10226d940ac275b071706b0ab2aa14af7ee7
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5608b0639585c425a4e3377ac9f9d987eea1c26d9cb12c1a1d7f46b4f5fdecb7
574ee49322b85bbad4ad7717b04996355985fa03bb32fa98f3a6e15866a794ad
58ce2b041fac29507b45994d951652eea751adc632750dab02759689a712b4bb
59618352a36885b4554bb1e09420d7979b68f4dfe7040bf672a6c620cdaa5391
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1
5df1968ebac8b266911e324e223aedd4dfc3ecf76a270b25b937d285a1dce3aa
5eb6b7cb1378f6d9f3ea379e7a9dc4310ac6aa5bb03c05e3c65120078489120f
61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
620cf5797c896715d86ce6785903f4f9ded5179681d94dd6280ccfe00f8fac45
6291e8af97cd3e70405368acfa59fdecb2ae8aefd231f6146ad0e47ca9f65902
634edbe8c68f1942d9372f38d2d0268c3263a2d027bc173c33698aa3bf105c62
64a35881569799c7f5dd76cd5fa93f2d9dee811f597a1c8e29fc278419329496
659a8dee04b272c247129ff6513d23c16f4f9c183b5d64e7347815af8861a2a4
6657603a21b2ce214e3344879e08f1d753f95e12ee47a7c92229e2649041dead
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66c9b3d88f25024b2b0de376106b94b252d65f8506b6c27d81da9ea3b09a4df4
675ac366f8c89e9dcbf3da892e5ba281fdd7aa2e1a870a58bfc72d820cbbced7
68a335c0d87dce935fee1811892070e78c514828d50bfe2ae21fde739ec1002c
69c2d0dd10c07cd6c46e7715110296221af431e342d7cb353a62ddeadd381ec9
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bacad723ba601f78007f2395c8934bd116338c0161c5c34256d0fd89b465b55
6d4e0401198bc9a3ce52f9f12c08202f1e45124db0e62179381c5b3a07091c26
6d8a523e7e6422735ed29e25bf849c27f5edd392e235e3bd20c91f0e58dd0ab7
6e3717c11e421a2267e1ab728461aeed493cbfdfe18e0448895effd0ec2454c2
702c56123ac6828d1f206256a7b37761a235c95dade8968c4210e72ae9990553
70cf10625d5fb5f040d803947fe94ee233e5afeaecd19aaa258398ae2a4bda9e
710096c3bab124731978001f439222ddc194c0930c30c9db77f18a09eff5b080
71f27f30bcea1929b2e4fb409abe0baf4029759e1deb3ee316e21016463dff61
72d15234d6dde5fbdb7b89852408b3223101eff94b68d8d8eae1616290d2418f
73857a40014bac992be90433c05d4ee4b041992e898a3132d65d3cd8a872ca8f
73ce21104cbd5c5d38a7f58633f41f6aaf3cf9bb58d2166935871115df10086f
73f5cb8f7a137847e41aeb849588174535651b6e140d8b13575f46fff0c496a2
78016dcf3cc0dbc404bf2d29452efa67815d24fc050d9d1203570623a8fb62e0
78b558bd2357fbe7ad52804fb3af1b8664b23db096b1deb22d215dde25b152bf
794ed69fccc7bcea5fec2f423cf3b141de40362fdc63abf5687a48cf2683f4b6
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
79ac0a4f29873d7d66aa02765ae1c687af9685330ebe55210ab474058277668a
7a85c85f786f1e09224230282392c42fa1d2ce72a7a5f9871dfcdca589d731d0
7beb96ef759b267b4159270a64ca009646a2e9a725882896b3dd431198b92058
7f9694a5641741d04e1c98eb1011059826aa5feb34e47d2b2f95bdb47cb0c2f5
81ba3856a5c67aa538db7e50c2f7639169a9592ab5fda672f57ba96742449c7d
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8512a94c30dc7fda4931ae11fc195ee3f2cbad5dff1dc2567cf3725c33093b2d
85180a4a0ed637ac7bd223d8de38a7ac4858bb04ade91d06dd54a85191112843
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
863c0b7acfd970062d7312ae71773e05173c4ed7e5193cc9563f364ad19f17e5
8693aa2d6442bba7224236e021765c95fe40f7cfc6b6c9afd8c717c665f8a365
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
87b4e285eb6fa94ab52e88615b1f3bfee11d64422722ad08a6569eb7f7c78e33
87f31cded62015a1d11cce6be7a32b77405de2fb36f4b8a7c2c5a4ccabd6a403
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde
8b41cdb3b4f114ba8f88f818247f653d146adc1e01aac0fbb2f74083ae197bf7
8c40ea07328efd74e88405036f1352b8e868932da7b7dc6b12f9369232d54a80
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
908823748920d0fa1bf10ec65eea394f85e30cd5b59c957361cbf28b01085fd6
90e125c512e72bee59bf8c3e6fd8233830709d4bb22c5791aa626ef2653a2127
93975ae1d8cef7cb7a8c05ef392abe1b4d080b570b19cab279a208afe7d36cf9
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
968f436fe7e9ec800665ea00b3ba03a6c56e008081492c46718ac1954ca461e3
96fe67363808d2c012a0ee4c0ade5a66fc8b7d9ad4ae49279c7deeb49f57e216
972e3f1f6fcaf89d68e9b9b42c05ce6740d4abf4a095bb27d119917ba844a19c
975a64dc9bbc5e1884ba8ca2e76d9b2791d16d5c9f3619bf30477cd21a8636d2
98b2a956555a9b0377be1903c5f884feca9aaf9c9469d3a6ee79db7d608cdadd
99a861cfadfd368663aba3a226d3102366b7e7ee25ce5eafa05757950fe98546
9dc58b9d5dce9d8376aad3a8e76e00a6bd0cae6ce73eb761ebcffaca48b3b553
a19e15ac896f18bce3cc89b21bf4adcb96fd16d0856e5022d8e39971b733d294
a21cf24188244a6587b50e7d15e9941c48b2b966749e6c35d678950035c9f387
a290ce84c969aaa9421fbaf805a17bbbecb4583d4de85f339c4e3f5c1a966bbf
a327feab640275b561b2c9b64c675ccc635f1360487d50a70e6002fcc9c6ec1a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
a69f4f697a3ed6ec6af0f51857dd9bfdec4a85e3a4c81d40208e649429130b8d
a7ba05bf1c9a7887b4032d876a6a4a12dcc739f3210b6a13ddeea309cf9bdf2d
a8236998816487aa6623e3626d7cd50f395e3deee0732c33b150bec3cb81f9a3
a959f07a7348a96bdf785a55ec711d84e9de603e009ef8ff32ebdb4c2717ab19
ad188ea0316fd32265b5e0e7290178f168b15aae8069482ef9e1b315968858cc
af649bd606bf3676e42404f3bfff09ff60a18880f306fd2e0af575b8ce799eba
af651c15930052605f7a3f0870a40f685f67935b59422a18edab5dfd125d13b7
af94d061649a7e29c4af284b36dcf1208d51fb461f5da864c24b95da725cefa4
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3a1231790be53aa5210678e207c61bc8376c752f0c5a33df9e3eae23cc3b0a3
b3c5ed5fd477a4a8faf9f047c18714c3220ef3d420a5ff283cc5d88e1590dfda
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b445bad8e6fcb75a280aab0d13732970ddcb3e855e14f5281ec4200b871ac7ef
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
b510ee91066f77f938f78422378a73f44818d0ee661c0ccb5ad398cc7dd6b080
b6dc85459fbb9d03f478d91eae99e6627e04c8f805b08e4b97423ffbc3870d9d
b72b2681093770f47556d856b6ec3b8667f44eac7be628e719117921b111451e
b7787917156dd6021101ecaa08463870587a963d6968695c97b47c8013a3e011
b7a2123c6f0f8dbe3ec0e15c9eb8f92d464f0843605ec6f22c6d1d67df16a9b9
b8e64f656ab17cca541c2cedc0711657661cc96758750fff8400884c6239bc34
b8eb46ea5bb449f2c8a4be7398b04f5bce68612abd67f00763b1d520e73616de
b969062e9d8f77e55dfc37bb35728e3401c636595aaf97e4e68ce300bfa2b293
b9ac7b76593ffb80d34819506dfe1f11ff4ea6d5a6875d45b01904806e9fc7e2
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbe74c62945bca0d7d29f9784c7462326fb4f8100313f320468c67a947a267ad
bc3ad6960eac106c05cbf6df21afdeee105bd94547d163445d5e50452862cb0b
bd163b2c91fe2fe7a6206f6224385aae23716f670e29b0f0bb4641d9af33ee03
bd3cdbc28c782433dc1a550eca7c69a1759cf5329d1d93e357b478aa0ac6a293
bd42ab1e963caae23b78541c50e8b5d8146d0c6b2151fcfcfa938c17c417f68e
bd8b521307332fcb0a59ff2cbfe324322d6f4108b24363b6c8d26a0ec8be50da
be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e
be54ac8b9843afcd92dea7b3e72306efec71ba3b6365f679f179c7ca4a0aea9f
becbeb4a846e0935310b8629843d3cd0d19c0d3a21345623292e69a4a2af8477
c0d4c9d4a0917467abcb650f6ed2ae82017b7d3c312dfa4c16f9aec4b7a08694
c140110c48335423fe4b787184f964a40aae5ba4d680d356dfb4e7aad013ef94
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
c1f535408f6a66e0463e1a9945bbfe1f8799aae46f08d90e76b92b768f0bd536
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c21e48e575b573987a39dc1b29f4af5e201935b6879b00b7d7d14e6e9e76d378
c355de515ff8252edb9102e401a69d7510481c1d44be238c44887ed5a7c556be
c3b49f1c2ba6542d8c8ff0d9496de8b8e81572e82272fc40cceafa47c7f2821a
c476a4877ecf3718d1675dcefde1eb518ad9f2bf8d6e2f13dd3429bb43fec5f4
c6495519c43cfcc35288071e3a44562329d08c3e9d4436638fc8c21ae166675b
c7d8e68d4f8d1a8633ce94f2fc7a7b3da99b26c400bb0a3225546d9a742846f3
c81cab8c63d469329c0e0724770c6c8622f0d5d1fb8b6f919b6d7dddfadba190
ca7bce9264a3918442d3e653b968361223ede24753232c713ead830aa5446722
caeac94467d54c6ec3f0463d3eeb4a8c4ee018a534a317ec92ebeeb3ab639bcd
ce41c7e0b8ca5d050d3e9c504d0e03d16ae1690fcb7d9b1789d47620518eca5d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d07891dc14837c7c560f3ff17e018fe35bde6cc813564858ec159bd60ae08dfa
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
d22c2b457592d1f744afe93fdca6657e1985e47f0fade89674ae45ebce1d6428
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
d355afb9705c3f8651f6a1f813b4670b758d59a17783830f534e7a8839c5b666
d47f317138ec8083450b63c742957db8398eb19bae70913819b81dda472b6283
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
d65b5a7d118fdda5ee0f369a002160de6c1c7d8d1fa9fa71f2fb7947f952e001
d82b3b69ed27853344397a159429cced7fa5019fa56412c0a3d627471ef709ef
d97d5eff3c3117327805ef6fc3c8617a0b3742b9d7b871d2453110be5ccac818
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dae6f542fa2ee873b80e056bcd4c807f9d0a4fb86da790e74debb09c8a04cb93
dc37d5357099d1475d55c28ddcdc1c218ca37890be4a4b33e8e9413114c5ae0f
dc4119813dbb1b7895810b71402d9f51739f2db8336c13da078716f81c3d001f
dc70b0f609693b6c21472723281af1fe07e7529737498f4f755b4a8b8b67cf56
dcd958ead4fb272624aebb636348c089fb73295c3ae98c906b61f297217efa0b
dce3e9e595179c8a26f8814054c9dec8428af1994c4ecea8f7f8db8cce614063
dda36ab0dda2b7ba616e824e0dd455eb222bf9fee24984c74e19df9fa962758e
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de807097f09b8e5528c5a5d57c5c0a455aef97d03bda17f6ac3afa06c8e00a38
deb95300723cf2d65b8ac43312488d3cbd6530c7407c2770fa42e1ea7bb6909d
def163ff7af1c8a821a51f83d56c5c7e68e50a803d21bb94eda7910a71300089
df852cf89d7087041de72e50d14b850464f30679bea7b596853ff598d40517cc
e0c01782d6198238b558f7ea731b53a280ec638836cf706535d0c3744d0f648f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a118f5b81047b633f0bf9af5f24829f534001a47f3045745e9e8750808e5a6
e563e2052551606116dfce42cdb662cafa9832ce311313f0329f01893f85b2c9
e5bab9427ec1d36c811e3ca40b2a1014b330dea0fc48b787041c572e1fdc4f28
e804f5d4fbffcf9b844c9d967992c377186aa20411a35217031c69f14aade8be
e8fc7f1624adcfdcb70b286ee9e5c09fb3befa7258352d75f9544b55d89b8c37
e95f0249de37bf2d539bbafe9a136c5f5c782b544e8d8de83e9db005d3f3e2e8
ea2fc4d7dffe3cf84f7b776f0ad332896236d4525d6c58195edf3d718b0aee1e
eb309e7670e8767ca03b2d968804b165bb809d8ece901789dc43b8da80df56c7
eb6cb0bc1769b5545101b7c78affadfff0dfcd0157d2a2b3c71eb4b129942699
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ee5d74c0385d05ed4a46093fe8f108ae85fe5015b87c491b757d89d292b6b5db
eeb8775ea54e6502cdc973bb7f78ad92db2a68d12be719c99789e01b0938f09c
eee6273785ee3926f9fca9acaef77862aee9eb42997f824f9af6bc6a947b6232
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc54be64d2e3e9a128f6bd186d1e137e102eed3501010e4c34713eef7e17c9e
f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b
f2ad960f78dad361af14cb4cee2e3dbff7afc1b9a067d1cd3d9af57cefe34e38
f3b8b0ffb62153fce532bd01e49623a39f770f344caf695ca3b8c856e1a93a17
f4b4826932e8e9c0b31dfa7a31b8db52ccbc3ed4971c7b2507916a7fc6c151d3
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6188add36e8cf36585300840eade35fea02cbcd9a512cce7db22fe89f8e14eb
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9