gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital Open in urlscan Pro
35.203.21.171 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital/
Submission: On May 31 via automatic, source certstream-suspicious (May 31st 2021, 1:04:29 pm UTC)

Summary HTTP 43 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 12 domains to perform 43 HTTP transactions. The main IP is 35.203.21.171, located in Montreal, Canada and belongs to GOOGLE, US. The main domain is gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital.
TLS certificate: Issued by Kubernetes Ingress Controller Fake Ce... on May 31st 2021. Valid for: a year.

This is the only time gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	35.203.21.171 35.203.21.171	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3035::ac43:cb3a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80e::2010	15169 (GOOGLE) (GOOGLE)
1	143.204.98.73 143.204.98.73	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:829::2010	15169 (GOOGLE) (GOOGLE)
1	70.35.197.40 70.35.197.40	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
2	2600:9000:218... 2600:9000:218c:0:8:f216:eb80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	143.204.98.55 143.204.98.55	16509 (AMAZON-02) (AMAZON-02)
9	74.208.21.154 74.208.21.154	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
43	15

4 35.203.21.171 (Montreal, Canada)

ASN15169 (GOOGLE, US)

gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:cb3a (United States)

ASN13335 (CLOUDFLARENET, US)

www.npttech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-73.fra50.r.cloudfront.net

fem.prod.postmedia.digital	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.35.197.40 (United States)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: cldsrv94.wehaaserver.com

shopping.kenoraminerandnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:218c:0:8:f216:eb80:93a1 (United States)

ASN16509 (AMAZON-02, US)

d395dw5zk780j2.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-55.fra50.r.cloudfront.net

cdn.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 74.208.21.154 (United States)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)

static.wehaacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	wehaacdn.com static.wehaacdn.com	232 KB
9	googleapis.com fonts.googleapis.com storage.googleapis.com	245 KB
6	gstatic.com fonts.gstatic.com	76 KB
5	postmedia.digital gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital fem.prod.postmedia.digital	127 KB
2	doubleclick.net securepubads.g.doubleclick.net	129 KB
2	cloudfront.net d395dw5zk780j2.cloudfront.net	13 KB
1	google-analytics.com www.google-analytics.com	19 KB
1	adsafeprotected.com cdn.adsafeprotected.com	7 KB
1	kenoraminerandnews.com shopping.kenoraminerandnews.com	5 KB
1	npttech.com www.npttech.com	3 KB
0	canada.com Failed driving.wpdstg1.canada.com Failed
0	pddataservices.com Failed sp.images.pddataservices.com Failed
43	12

	Domain	Requested by
9	static.wehaacdn.com	shopping.kenoraminerandnews.com
6	fonts.gstatic.com	fonts.googleapis.com
6	storage.googleapis.com	gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital
4	gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital	gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital storage.googleapis.com
3	fonts.googleapis.com	gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital shopping.kenoraminerandnews.com
2	securepubads.g.doubleclick.net	fem.prod.postmedia.digital securepubads.g.doubleclick.net
2	d395dw5zk780j2.cloudfront.net	fem.prod.postmedia.digital d395dw5zk780j2.cloudfront.net
1	www.google-analytics.com	shopping.kenoraminerandnews.com
1	cdn.adsafeprotected.com	fem.prod.postmedia.digital
1	shopping.kenoraminerandnews.com	storage.googleapis.com
1	fem.prod.postmedia.digital	gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital
1	www.npttech.com	gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital
0	driving.wpdstg1.canada.com Failed	gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital
0	sp.images.pddataservices.com Failed	gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital
43	14

This site contains links to these domains. Also see Links.

Domain
postpandemic.nationalpost.com
shopping.kenoraminerandnews.com
driving.wpdstg1.canada.com
www.healthing.ca
nationalpost.com
www.facebook.com
www.twitter.com
www.postmediasolutions.com
adregistry.postmedia.com
pages.postmedia.com
www.postmedia.com

Subject Issuer	Validity	Valid
Kubernetes Ingress Controller Fake Certificate Kubernetes Ingress Controller Fake Certificate	`2021-05-31` - `2022-05-31`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-05` - `2021-08-05`	a year	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
fem.prod.postmedia.digital Amazon	`2020-12-08` - `2022-01-06`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
shopping.kenoraminerandnews.com R3	`2021-04-09` - `2021-07-08`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.adsafeprotected.com Amazon	`2020-08-19` - `2021-09-18`	a year	crt.sh
static.wehaacdn.com R3	`2021-04-11` - `2021-07-10`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital/
Frame ID: 594611D850233935F639B6BFB43E3663
Requests: 25 HTTP requests in this frame

Frame: https://shopping.kenoraminerandnews.com/places/widget/widget:1/type:300x250_Standard
Frame ID: EA9B3263A2333A23536DC814DBEB8EEA
Requests: 16 HTTP requests in this frame

Frame: https://d395dw5zk780j2.cloudfront.net/v31.1/xd.html
Frame ID: 301C65A71B3C96ECFD60E0B6B357E1DF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

43
Requests

77 %
HTTPS

50 %
IPv6

12
Domains

14
Subdomains

15
IPs

3
Countries

856 kB
Transfer

1698 kB
Size

1
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: http://postpandemic.nationalpost.com/
Title: PostPandemic

Search URL Search Domain Scan URL

URL: https://shopping.kenoraminerandnews.com/
Title: Kenora

Search URL Search Domain Scan URL

URL: http://driving.wpdstg1.canada.com/auto-news/news/next-gen-audi-q5-teased-ahead-of-paris-motor-show-debut
Title: Next-gen Audi Q5 teased ahead of Paris Motor Show debut open in new tab Audi will be taking the wraps off its newest Q5 crossover next week.

Search URL Search Domain Scan URL

URL: https://www.healthing.ca/wellness/skin-health/hydrate-your-skin-by-adding-these-5-things-to-your-diet
Title: Hydrate your skin by adding these 5 things to your diet open in new tab The largest organ in the human body is impacted by diet and lifestyle choices.

Search URL Search Domain Scan URL

URL: https://www.healthing.ca/wellness/mental-health/what-is-this-terrible-feeling-anxiety-101
Title: What is this terrible feeling? Anxiety 101 open in new tab What is anxiety? And how does it differ from hard-to-avoid moments of stress?

Search URL Search Domain Scan URL

URL: https://nationalpost.com/news/canada/toronto-health-group-abruptly-cancels-project-that-would-see-some-young-people-get-covid-vaccine-now
Title: Toronto health group abruptly cancels project that would see some young people get COVID vaccine now open in new tab The changes seem to underline the political sensitivities around Canada's painfully slow vaccine rollout, where the hint of queue jumping is quickly snuffed out

Search URL Search Domain Scan URL

URL: https://nationalpost.com/news/canada/astrazeneca-covid-shots-could-test-canadians-vaccine-hesitancy-there-is-no-way-they-can-downplay-that-risk
Title: AstraZeneca COVID shots could test Canadians' vaccine hesitancy: 'There is no way they can downplay that risk' open in new tab 'The more transparent they are about communicating what is known about possible risks the more that could undermine trust in vaccination'

Search URL Search Domain Scan URL

URL: https://www.healthing.ca/wellness/tim-hortons-enters-hall-of-shame-for-chemical-use
Title: Tim Hortons enters 'Hall of Shame' for chemical use open in new tab An annual report card handed out 12 failing grades to brands it says are not carrying their weight toward a safer future

Search URL Search Domain Scan URL

URL: https://nationalpost.com/news/opioid-overdose-deaths-occur-less-often-in-areas-with-more-cannabis-retail-storefronts-study-shows
Title: Opioid overdose deaths occur less often in areas with more cannabis retail storefronts, study shows open in new tab This follows a Canadian study that found legalizing cannabis led to a 'marked decline' in the volume of opioids prescribed across Canada

Search URL Search Domain Scan URL

URL: http://nationalpost.com/news/an-eight-year-old-won-a-raffle-at-a-local-hockey-tournament-his-prize-200-worth-of-cannabis-edibles
Title: An eight-year-old won a raffle at a local hockey tournament. His prize? $200 worth of cannabis edibles open in new tab The boy was upset when he couldn't eat the chocolate in his prize basket. 'No son, there are bad drugs in that chocolate.' How do you tell a kid that?

Search URL Search Domain Scan URL

URL: http://nationalpost.com/news/politics/cannabis-taxes-not-bringing-the-cash-government-expected
Title: Cannabis taxes not bringing the cash government expected open in new tab This year the government expected it would bring in $100 million from cannabis revenues, but now estimates it will see only $66 million

Search URL Search Domain Scan URL

URL: http://nationalpost.com/cannabis/smoking-a-small-amount-of-pot-may-boost-sperm-and-testosterone-surprised-researchers-find
Title: Smoking a small amount of pot may boost sperm and testosterone, surprised researchers find open in new tab Previous studies have linked heavy pot use with a slump in sperm production. The men in the new study, however, were smoking, on average, two joints a week

Search URL Search Domain Scan URL

URL: http://nationalpost.com/cannabis/silver-pot-marijuana-use-is-growing-among-seniors-is-that-good-or-bad
Title: Silver pot: Marijuana use is growing among seniors. Is that good or bad? open in new tab Here's what is known, and not, about the benefits and risks of using marijuana in later life

Search URL Search Domain Scan URL

URL: https://www.facebook.com/pages/Kenora-Daily-Miner-News/161581670570862
Title:

Search URL Search Domain Scan URL

URL: http://www.twitter.com/Kenora_Daily
Title:

Search URL Search Domain Scan URL

URL: https://www.postmediasolutions.com/contact-us/
Title: Advertise With Us

Search URL Search Domain Scan URL

URL: https://adregistry.postmedia.com/
Title: Digital Ad Registry

Search URL Search Domain Scan URL

URL: https://pages.postmedia.com/privacy-statement/
Title: Privacy - Updated

Search URL Search Domain Scan URL

URL: https://pages.postmedia.com/termsofservice/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.postmedia.com/brands
Title:

Search URL Search Domain Scan URL

URL: https://pages.postmedia.com/cookie-policy/
Title: cookies here

Search URL Search Domain Scan URL

URL: https://pages.postmedia.com/privacy-statement
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

43 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital/ 343 KB
44 KB 20894ms
20536ms Document
text/html 35.203.21.171
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.203.21.171 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

382c326e72c25a13214d100a633ab4bd2499d493fdd4ee84564f096ce8020676

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 31 May 2021 13:04:11 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding user-agent
expires: Mon, 31 May 2021 13:09:09 GMT
cache-control: max-age=300
x-frame-options: SAMEORIGIN
x-pmd-backend: cheetah-nginx
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains

GET
H3-29 200 css
fonts.googleapis.com/ 7 KB
744 B 24ms
22ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap

Requested by

Host: gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital
URL: https://gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

79e0e7925a1f110e5fa997747ebd8a570eb2a93aa1e40272b3d9e8b71536380c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 31 May 2021 11:50:55 GMT
server: ESF
date: Mon, 31 May 2021 13:04:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 31 May 2021 13:04:12 GMT

GET
H2 200 advertising.js Show response
www.npttech.com/ 7 KB
3 KB 14ms
13ms Script
application/javascript 2606:4700:3035::ac43:cb3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.npttech.com/advertising.js
Requested by: Host: gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital
URL: https://gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:cb3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b

Request headers

Referer: https://gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 31 May 2021 13:04:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3598
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: MY9S0PJDNWKA0N4N
x-amz-id-2: u+L7370psI8SIxAmhNpCXyD7oSJ5Mvj4UhFctRtjgqEQW9IRVxx/Z0CAHkLIPiAPTAks5+rBcUw=
last-modified: Wed, 19 Jun 2019 08:25:01 GMT
server: cloudflare
etag: W/"3d6f80c860866175f58a84bbbc9217c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=El8ogOoinaeQtXMiv%2BKwwYqPS7tVxwaZD47MA3Q%2FYL2OF0JRKQP1Ll5WzVxB%2F4tDIKiZp7oXyxPS2TY5l85wvNxZBkB7ivZBdpBtZbF0%2FgeMXBCS0yC3YPTYWqlIVWXtdp0oXvTeBFs5"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: hXQWgdpwSBM26VgKOeTSlm.4VT89.h9w
cache-control: max-age=28800
cf-request-id: 0a641f650e00004d840a2b9000000001
cf-ray: 6580681b4bb64d84-FRA

GET
H2 200 postmedia-image-fallback.png
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/6.5.5/websites/images/ 14 KB
15 KB 10ms
7ms Image
image/png 2a00:1450:4001:80e::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/6.5.5/websites/images/postmedia-image-fallback.png?quality=90&strip=all&w=400
Requested by: Host: gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital
URL: https://gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b3e96011b3bb2c8e0c3055738beae1ddfa271b782f408fffb25896e791216d49

Request headers

Referer: https://gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 31 May 2021 13:01:49 GMT
age: 143
x-guploader-uploadid: ABg5-UxRpswuOMQSHBkETGXqvLdrJZqOK3ZOH9nPG45PGpcwuFPkIkvMGWr12yrhVJEmfLNyy4zK6UA02R4JTlN0zwQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14753
last-modified: Tue, 18 May 2021 18:56:37 GMT
server: UploadServer
etag: "4839cbf4f4b2332b1cc8ea8fea8f8ce9"
x-goog-hash: crc32c=9eJZBQ==, md5=SDnL9PSyMyscyOqP6o+M6Q==
x-goog-generation: 1621364197519542
access-control-allow-origin: *
cache-control: max-age=31536000
x-goog-stored-content-length: 14753
accept-ranges: bytes
content-type: image/png
expires: Tue, 31 May 2022 13:01:49 GMT

GET
H2 200 fem.js Show response
fem.prod.postmedia.digital/v31.1/ 281 KB
82 KB 472ms
410ms Script
application/javascript 143.204.98.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fem.prod.postmedia.digital/v31.1/fem.js
Requested by: Host: gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital
URL: https://gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-73.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 458971eb383ef1542252842ba1dfd06dd86fa7d29b51895882ef0452dbcabfea

Request headers

Origin: https://gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital
Referer: https://gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 31 May 2021 13:04:13 GMT
content-encoding: gzip
last-modified: Tue, 30 Mar 2021 19:31:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: W/"093b12893c0645a1ce5ebda26c0e424d"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31536000
x-cache: Miss from cloudfront
x-amz-cf-id: CUmXgsuWQuAqhAuYBMxt7w7Qp6KWTxMAq93yeKWHNDZ3xqwKhPLW_Q==
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)

GET
H2 404 icon-external-link-black.svg
gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital/6.5.5/websites/images/common-icon/ 548 B
548 B 107ms
104ms Image
text/html 35.203.21.171
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital/6.5.5/websites/images/common-icon/icon-external-link-black.svg

Requested by

Host: gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital
URL: https://gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.203.21.171 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /6.5.5/websites/images/common-icon/icon-external-link-black.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital
referer: https://gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 31 May 2021 13:04:12 GMT
content-encoding: gzip
vary: Accept-Encoding
x-pmd-backend: cheetah-nginx
strict-transport-security: max-age=15724800; includeSubDomains
content-type: text/html; charset=utf-8

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 10ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 15:35:29 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
age: 336523
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
expires: Fri, 27 May 2022 15:35:29 GMT

GET
H3-29 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 15 KB
15 KB 10ms
7ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 23:35:13 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:08:37 GMT
server: sffe
age: 566939
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15640
x-xss-protection: 0
expires: Tue, 24 May 2022 23:35:13 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 01:43:32 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
age: 386440
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
expires: Fri, 27 May 2022 01:43:32 GMT

GET
H3-29 200 icon-soc-fb.svg
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/6.5.5/websites/images/share-icons/ 775 B
803 B 17ms
15ms Image
image/svg+xml 2a00:1450:4001:829::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/6.5.5/websites/images/share-icons/icon-soc-fb.svg
Requested by: Host: gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital
URL: https://gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 40e562e806ce113ae7879d0dd76db82797b5c274794751c260381f2c8b283641

Request headers

Referer: https://gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 31 May 2021 13:02:26 GMT
age: 106
x-guploader-uploadid: ABg5-UyjK2Q8zN6MoqnruPdJH2V00SR-pFd6cUgPcgrSpOAQ6K0WivK23jwDgRAXG_50ntIqEJgkZcdw2zBi8muVQDM
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 775
last-modified: Tue, 18 May 2021 18:59:28 GMT
server: UploadServer
etag: "993353c51244defcc16154eac23ff88d"
x-goog-hash: crc32c=Z/aKUg==, md5=mTNTxRJE3vzBYVTqwj/4jQ==
x-goog-generation: 1621364368426693
access-control-allow-origin: *
cache-control: max-age=31536000
x-goog-stored-content-length: 775
accept-ranges: bytes
content-type: image/svg+xml
expires: Tue, 31 May 2022 13:02:26 GMT

GET
H3-29 200 icon-soc-tw.svg
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/6.5.5/websites/images/share-icons/ 2 KB
2 KB 18ms
16ms Image
image/svg+xml 2a00:1450:4001:829::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/6.5.5/websites/images/share-icons/icon-soc-tw.svg
Requested by: Host: gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital
URL: https://gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 975a64dc9bbc5e1884ba8ca2e76d9b2791d16d5c9f3619bf30477cd21a8636d2

Request headers

Referer: https://gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 31 May 2021 13:02:26 GMT
age: 106
x-guploader-uploadid: ABg5-Uz5I5X6-wcJs1QN_mzUxQW17Axb3Gsb4AXLKKEB1gL0arH6K43Nw_AQc2--XU06B-sNd04iGWTejtWCKgNiOvI
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1698
last-modified: Tue, 18 May 2021 18:59:29 GMT
server: UploadServer
etag: "df82c342c1176b84253c53e6e10eed05"
x-goog-hash: crc32c=cbPk0w==, md5=34LDQsEXa4QlPFPm4Q7tBQ==
x-goog-generation: 1621364369475667
access-control-allow-origin: *
cache-control: max-age=31536000
x-goog-stored-content-length: 1698
accept-ranges: bytes
content-type: image/svg+xml
expires: Tue, 31 May 2022 13:02:26 GMT

GET
H3-29 200 logo-postmedia.svg
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/6.5.5/websites/images/ 2 KB
2 KB 17ms
15ms Image
image/svg+xml 2a00:1450:4001:829::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/6.5.5/websites/images/logo-postmedia.svg
Requested by: Host: gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital
URL: https://gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 5fdf5757206da468353cbfe267bc6648d1c9bf49096cc6650e013f1414c0348f

Request headers

Referer: https://gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 31 May 2021 13:02:26 GMT
age: 106
x-guploader-uploadid: ABg5-UyqpVIDzZc2t_llcq_UFtDALjfNMFgtBK5UFqACNse5AG4xaHF02GDlkc4CI32o0CY5ZNRQ7ebbhjIyVm_KgEM
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2251
last-modified: Tue, 18 May 2021 18:56:35 GMT
server: UploadServer
etag: "5528d37793c7e59928ecd37534c2364a"
x-goog-hash: crc32c=zqWBVw==, md5=VSjTd5PH5Zko7NN1NMI2Sg==
x-goog-generation: 1621364195718145
access-control-allow-origin: *
cache-control: max-age=31536000
x-goog-stored-content-length: 2251
accept-ranges: bytes
content-type: image/svg+xml
expires: Tue, 31 May 2022 13:02:26 GMT

GET
H3-29 200 output.a9f0a2b87945.js Show response
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/6.5.5/CACHE/js/ 204 KB
204 KB 18ms
16ms Script
application/javascript 2a00:1450:4001:829::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/6.5.5/CACHE/js/output.a9f0a2b87945.js
Requested by: Host: gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital
URL: https://gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a9f0a2b87945bec57d3bb21e9428badf9ea00457b9da28e511465ab632fbfa1a

Request headers

Origin: https://gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital
Referer: https://gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 31 May 2021 13:01:49 GMT
age: 143
x-guploader-uploadid: ABg5-UxtdlAf3Ub12-BY7fUM5KcL-h7UxSkIOibJWgyEMjcbyUGGof_gAuM0voSyZokJcAy5OzydBqRPX2GM2OXBy3w1BCig-A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 208773
last-modified: Tue, 18 May 2021 19:06:52 GMT
server: UploadServer
etag: "e0ac0649ce7acb8335de2ff27438cf34"
x-goog-hash: crc32c=Qo4z+g==, md5=4KwGSc56y4M13i/ydDjPNA==
x-goog-generation: 1621364812589458
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: max-age=31536000
x-goog-stored-content-length: 208773
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 31 May 2022 13:01:49 GMT

GET
H2 404 icon-external-link-footer-grey.svg
gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital/6.5.5/websites/images/common-icon/ 548 B
548 B 157ms
157ms Image
text/html 35.203.21.171
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital/6.5.5/websites/images/common-icon/icon-external-link-footer-grey.svg

Requested by

Host: gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital
URL: https://gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.203.21.171 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /6.5.5/websites/images/common-icon/icon-external-link-footer-grey.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital
referer: https://gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 31 May 2021 13:04:12 GMT
content-encoding: gzip
vary: Accept-Encoding
x-pmd-backend: cheetah-nginx
strict-transport-security: max-age=15724800; includeSubDomains
content-type: text/html; charset=utf-8

GET 2017-9-19-19-40-24
sp.images.pddataservices.com/sp6images/ntnp/14750052/ 0
0

GET 2017-9-19-12-42-27
sp.images.pddataservices.com/sp6images/ntnp/14743969/ 0
0

GET 2017-9-18-16-33-16
sp.images.pddataservices.com/sp6images/ntnp/14741577/ 0
0

GET 2017-9-19-9-0-39
sp.images.pddataservices.com/sp6images/ntnp/14743749/ 0
0

GET 2017-9-19-16-16-8
sp.images.pddataservices.com/sp6images/ntnp/14745576/ 0
0

GET img_4502.jpg
driving.wpdstg1.canada.com/wp-content/uploads/sites/7/2016/09/ 0
0

GET
H/1.1 200
OK Cookie set type:300x250_Standard Show response
shopping.kenoraminerandnews.com/places/widget/widget:1/ Frame EA9B 25 KB
5 KB 633ms
222ms Document
text/html 70.35.197.40
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://shopping.kenoraminerandnews.com/places/widget/widget:1/type:300x250_Standard
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/6.5.5/CACHE/js/output.a9f0a2b87945.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.35.197.40 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: cldsrv94.wehaaserver.com
Software: Apache / PHP/5.3.3 PleskLin
Resource Hash: 0e4dcc6a44d62b8c06afe54662c7c579c2c217a9fed2c5808cdfedc3e79782b6

Request headers

Host: shopping.kenoraminerandnews.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital/

Response headers

Date: Mon, 31 May 2021 13:04:12 GMT
Server: Apache
X-Powered-By: PHP/5.3.3 PleskLin
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 public
Pragma: no-cache
Set-Cookie: PHPSESSID=ck905shrgqbmsd9gr44mmqb1o7; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4809
Connection: close
Content-Type: text/html

GET
H2 200 / Show response
gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital/api-root/weather/current_conditions/ON/Kenora/ 775 B
626 B 204ms
203ms Fetch
text/html 35.203.21.171
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital/api-root/weather/current_conditions/ON/Kenora/?format=html

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/6.5.5/CACHE/js/output.a9f0a2b87945.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.203.21.171 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

8cbca429752a2923c419b294fc1fc39e0e7b69aeaff54ebfcc2b2d0faad5cbc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

:path: /api-root/weather/current_conditions/ON/Kenora/?format=html
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital
referer: https://gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 31 May 2021 13:04:12 GMT
content-encoding: gzip
vary: Accept-Encoding Accept, Cookie, Origin
x-frame-options: SAMEORIGIN
x-pmd-backend: cheetah-nginx
allow: GET
content-type: text/html; charset=utf-8
cache-control: max-age=60
strict-transport-security: max-age=15724800; includeSubDomains
expires: Mon, 31 May 2021 13:05:12 GMT

GET
H3-29 200 hp_w_ih_l.svg
storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/6.5.5/weather/images/ 20 KB
20 KB 485ms
485ms Image
image/svg+xml 2a00:1450:4001:829::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/6.5.5/weather/images/hp_w_ih_l.svg
Requested by: Host: gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital
URL: https://gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c7ca9347aed3fce4ce043db9e0acc0e97b7768dcac94b3eb77c9b334934e59b1

Request headers

Referer: https://gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 31 May 2021 13:04:12 GMT
x-guploader-uploadid: ABg5-UyGG-2IadJ-mQHGbM3FH7tGwWxCJ75VeVgUn534C6iXAl9kOvKJH7tSb7Kz-h7QXrPk5ldQE55cTiQpA2_k3mM
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20534
last-modified: Tue, 18 May 2021 19:05:39 GMT
server: UploadServer
etag: "5cefa5a8b0ed7648df3518cf382775bd"
x-goog-hash: crc32c=oZeQLg==, md5=XO+lqLDtdkjfNRjPOCd1vQ==
x-goog-generation: 1621364739174129
access-control-allow-origin: *
cache-control: max-age=31536000
x-goog-stored-content-length: 20534
accept-ranges: bytes
content-type: image/svg+xml
expires: Tue, 31 May 2022 13:04:12 GMT

GET
H2 200 xd.html Show response
d395dw5zk780j2.cloudfront.net/v31.1/ Frame 301C 167 B
506 B 26ms
24ms Document
text/html 2600:9000:218c:0:8:f216:eb80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d395dw5zk780j2.cloudfront.net/v31.1/xd.html
Requested by: Host: fem.prod.postmedia.digital
URL: https://fem.prod.postmedia.digital/v31.1/fem.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218c:0:8:f216:eb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4e7d5232efb974a7abd66d15c59d5ab7f2e6d214a9a05fb1d0c347d34affc49e

Request headers

:method: GET
:authority: d395dw5zk780j2.cloudfront.net
:scheme: https
:path: /v31.1/xd.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital/

Response headers

content-type: text/html
content-length: 167
date: Mon, 31 May 2021 13:01:40 GMT
last-modified: Tue, 30 Mar 2021 19:31:54 GMT
etag: "369b706857f91b6f05e241cc91cf7e05"
cache-control: max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 3f1a5dbb6451309426050e13abf469c6.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P1
x-amz-cf-id: KoACqjaEiAIeUGoa1tGj0H_vHC9j65V43BXqKYWTloUBfT5T_Czuog==
age: 154

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 62 KB
21 KB 34ms
34ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: fem.prod.postmedia.digital
URL: https://fem.prod.postmedia.digital/v31.1/fem.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

6ab25936d3def84e0255280375e9791dea2e0d479c27dfaa4efb4aaa3a69f7b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 31 May 2021 13:04:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "888 / 770 of 1000 / last-modified: 1622153345"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21426
x-xss-protection: 0
expires: Mon, 31 May 2021 13:04:13 GMT

GET
H/1.1 200
OK iasPET.1.js Show response
cdn.adsafeprotected.com/ 22 KB
7 KB 72ms
23ms Script
application/javascript 143.204.98.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adsafeprotected.com/iasPET.1.js
Requested by: Host: fem.prod.postmedia.digital
URL: https://fem.prod.postmedia.digital/v31.1/fem.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-55.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 54138d578ed166d5381db70b3dd14a16830233553b6e4213402bae2fdb0564b4

Request headers

Referer: https://gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 24 May 2021 22:35:20 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 08 Jul 2020 20:34:30 GMT
Server: AmazonS3
Age: 570534
ETag: W/"a8663f72a1dbe614b19f167a59af368d"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
Cache-Control: max-age=604800
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: VQcNB8S3aQwlKsIF4KOBFfhrTLp0HjQnYv18qm9GDrfJqXO1acUqgg==

GET
H3-29 200 css
fonts.googleapis.com/ Frame EA9B 6 KB
684 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,300,700

Requested by

Host: shopping.kenoraminerandnews.com
URL: https://shopping.kenoraminerandnews.com/places/widget/widget:1/type:300x250_Standard

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b0a38a8511b93101deac9194e4f22d0a7f5fc94bd90763e93889d08f56977ac2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://shopping.kenoraminerandnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 31 May 2021 11:37:42 GMT
server: ESF
date: Mon, 31 May 2021 13:04:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 31 May 2021 13:04:13 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame EA9B 3 KB
496 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:400,300,700

Requested by

Host: shopping.kenoraminerandnews.com
URL: https://shopping.kenoraminerandnews.com/places/widget/widget:1/type:300x250_Standard

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

75f4068175052cba45b4f55abfcb5492a94c1f7087ecba0f56601d85d0dd44e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://shopping.kenoraminerandnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 31 May 2021 12:43:24 GMT
server: ESF
date: Mon, 31 May 2021 13:04:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 31 May 2021 13:04:13 GMT

GET
H/1.1 200
OK 2673.jpg
static.wehaacdn.com/shopping-kenoraminerandnews-com/imgs/media-images/270/2673/images/ Frame EA9B 15 KB
16 KB 667ms
377ms Image
image/jpeg 74.208.21.154
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.wehaacdn.com/shopping-kenoraminerandnews-com/imgs/media-images/270/2673/images/2673.jpg

Requested by

Host: shopping.kenoraminerandnews.com
URL: https://shopping.kenoraminerandnews.com/places/widget/widget:1/type:300x250_Standard

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.208.21.154 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

051daa366796c3316c8a69d7a88b1be338ef41b4f37a06b1f7f72f632ae40c86

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://shopping.kenoraminerandnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 31 May 2021 13:04:13 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 27 May 2021 12:42:17 GMT
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Content-Disposition: inline; filename="2673.jpg"
Connection: keep-alive
Expires: Thu, 27 May 2021 19:54:17 GMT

GET
H/1.1 200
OK 2672.jpg
static.wehaacdn.com/shopping-kenoraminerandnews-com/imgs/media-images/270/2672/images/ Frame EA9B 21 KB
22 KB 552ms
262ms Image
image/jpeg 74.208.21.154
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.wehaacdn.com/shopping-kenoraminerandnews-com/imgs/media-images/270/2672/images/2672.jpg

Requested by

Host: shopping.kenoraminerandnews.com
URL: https://shopping.kenoraminerandnews.com/places/widget/widget:1/type:300x250_Standard

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.208.21.154 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

54623e8c8ff4f1c4e612843e64e1c036cea1d80ef067ac19d2bdd95326ff3498

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://shopping.kenoraminerandnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 31 May 2021 13:04:13 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 27 May 2021 12:42:16 GMT
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Content-Disposition: inline; filename="2672.jpg"
Connection: keep-alive
Expires: Thu, 27 May 2021 19:54:16 GMT

GET
H/1.1 200
OK 2679.jpg
static.wehaacdn.com/shopping-kenoraminerandnews-com/imgs/media-images/270/2679/images/ Frame EA9B 12 KB
13 KB 1668ms
1378ms Image
image/jpeg 74.208.21.154
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.wehaacdn.com/shopping-kenoraminerandnews-com/imgs/media-images/270/2679/images/2679.jpg

Requested by

Host: shopping.kenoraminerandnews.com
URL: https://shopping.kenoraminerandnews.com/places/widget/widget:1/type:300x250_Standard

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.208.21.154 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

c8d3fe5115e80640b50f1a980ec29137fa5d5d553932c722a7cdcda3fd089b91

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://shopping.kenoraminerandnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 31 May 2021 13:04:13 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 27 May 2021 12:42:17 GMT
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Content-Disposition: inline; filename="2679.jpg"
Connection: keep-alive
Expires: Thu, 27 May 2021 19:54:17 GMT

GET
H/1.1 200
OK 2678.jpg
static.wehaacdn.com/shopping-kenoraminerandnews-com/imgs/media-images/270/2678/images/ Frame EA9B 47 KB
47 KB 550ms
260ms Image
image/jpeg 74.208.21.154
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.wehaacdn.com/shopping-kenoraminerandnews-com/imgs/media-images/270/2678/images/2678.jpg

Requested by

Host: shopping.kenoraminerandnews.com
URL: https://shopping.kenoraminerandnews.com/places/widget/widget:1/type:300x250_Standard

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.208.21.154 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

a77e27429736cd9e53a3da43e4e0c0a167f28eca8255cde75dbc6dc98effa95f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://shopping.kenoraminerandnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 31 May 2021 13:04:13 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 27 May 2021 12:56:31 GMT
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Content-Disposition: inline; filename="2678.jpg"
Connection: keep-alive
Expires: Thu, 27 May 2021 20:08:31 GMT

GET
H/1.1 200
OK 2675.jpg
static.wehaacdn.com/shopping-kenoraminerandnews-com/imgs/media-images/270/2675/images/ Frame EA9B 24 KB
25 KB 670ms
380ms Image
image/jpeg 74.208.21.154
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.wehaacdn.com/shopping-kenoraminerandnews-com/imgs/media-images/270/2675/images/2675.jpg

Requested by

Host: shopping.kenoraminerandnews.com
URL: https://shopping.kenoraminerandnews.com/places/widget/widget:1/type:300x250_Standard

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.208.21.154 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

ad0cb1f850d2f21834f878eeaa5e9812a18144be5a62db4d095d61810985d471

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://shopping.kenoraminerandnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 31 May 2021 13:04:13 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 27 May 2021 12:46:45 GMT
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Content-Disposition: inline; filename="2675.jpg"
Connection: keep-alive
Expires: Thu, 27 May 2021 19:58:45 GMT

GET
H/1.1 200
OK 2677.jpg
static.wehaacdn.com/shopping-kenoraminerandnews-com/imgs/media-images/270/2677/images/ Frame EA9B 32 KB
32 KB 554ms
263ms Image
image/jpeg 74.208.21.154
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.wehaacdn.com/shopping-kenoraminerandnews-com/imgs/media-images/270/2677/images/2677.jpg

Requested by

Host: shopping.kenoraminerandnews.com
URL: https://shopping.kenoraminerandnews.com/places/widget/widget:1/type:300x250_Standard

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.208.21.154 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

42f4b6568f8ebec57d8fd66400f7bb6686af536ee91c31c76341fd02ccb5a356

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://shopping.kenoraminerandnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 31 May 2021 13:04:13 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 27 May 2021 12:42:16 GMT
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Content-Disposition: inline; filename="2677.jpg"
Connection: keep-alive
Expires: Thu, 27 May 2021 19:54:16 GMT

GET
H/1.1 200
OK 2671.jpg
static.wehaacdn.com/shopping-kenoraminerandnews-com/imgs/media-images/270/2671/images/ Frame EA9B 44 KB
45 KB 142ms
142ms Image
image/jpeg 74.208.21.154
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.wehaacdn.com/shopping-kenoraminerandnews-com/imgs/media-images/270/2671/images/2671.jpg

Requested by

Host: shopping.kenoraminerandnews.com
URL: https://shopping.kenoraminerandnews.com/places/widget/widget:1/type:300x250_Standard

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.208.21.154 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

b12e82f05ac96e3f0c09c28057f9a4b02896136c18c3fdde7f6026043dd208ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://shopping.kenoraminerandnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 31 May 2021 13:04:13 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 27 May 2021 12:44:48 GMT
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Content-Disposition: inline; filename="2671.jpg"
Connection: keep-alive
Expires: Thu, 27 May 2021 19:56:48 GMT

GET
H/1.1 200
OK 2674.jpg
static.wehaacdn.com/shopping-kenoraminerandnews-com/imgs/media-images/270/2674/images/ Frame EA9B 4 KB
5 KB 138ms
138ms Image
image/jpeg 74.208.21.154
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.wehaacdn.com/shopping-kenoraminerandnews-com/imgs/media-images/270/2674/images/2674.jpg

Requested by

Host: shopping.kenoraminerandnews.com
URL: https://shopping.kenoraminerandnews.com/places/widget/widget:1/type:300x250_Standard

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.208.21.154 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

9e3993849e77664b305855e49680eac1910e79a82bb18b3535c9f5870f55c599

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://shopping.kenoraminerandnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 31 May 2021 13:04:13 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 27 May 2021 12:42:16 GMT
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Content-Disposition: inline; filename="2674.jpg"
Connection: keep-alive
Expires: Thu, 27 May 2021 19:54:16 GMT

GET
H/1.1 200
OK 2676.jpg
static.wehaacdn.com/shopping-kenoraminerandnews-com/imgs/media-images/270/2676/images/ Frame EA9B 28 KB
29 KB 143ms
143ms Image
image/jpeg 74.208.21.154
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.wehaacdn.com/shopping-kenoraminerandnews-com/imgs/media-images/270/2676/images/2676.jpg

Requested by

Host: shopping.kenoraminerandnews.com
URL: https://shopping.kenoraminerandnews.com/places/widget/widget:1/type:300x250_Standard

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.208.21.154 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

56472daccbb0dcae5cea8ba6aabe51fc1ad99d43fb01aa46d98465a840aec057

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://shopping.kenoraminerandnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 31 May 2021 13:04:13 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 27 May 2021 12:44:48 GMT
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Content-Disposition: inline; filename="2676.jpg"
Connection: keep-alive
Expires: Thu, 27 May 2021 19:56:48 GMT

GET
H2 200 xd.js Show response
d395dw5zk780j2.cloudfront.net/v31.1/ Frame 301C 36 KB
12 KB 30ms
26ms Script
application/javascript 2600:9000:218c:0:8:f216:eb80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d395dw5zk780j2.cloudfront.net/v31.1/xd.js
Requested by: Host: d395dw5zk780j2.cloudfront.net
URL: https://d395dw5zk780j2.cloudfront.net/v31.1/xd.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218c:0:8:f216:eb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a5f82a0345d8a8ca6d39fbcbbfb7062f3b5bc1abf2699a568c16754e0bd7f12a

Request headers

Referer: https://d395dw5zk780j2.cloudfront.net/v31.1/xd.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 31 May 2021 13:01:40 GMT
content-encoding: gzip
last-modified: Tue, 30 Mar 2021 19:31:54 GMT
server: AmazonS3
age: 154
etag: W/"7b399b10705d5db51f9628aab4b05cee"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3f1a5dbb6451309426050e13abf469c6.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: CDG50-P1
x-amz-cf-id: bSfY8sZOHi0thCvOm7xxqxAPPxhoPYwj8c1g5p4ziuKEXCvWyekCLg==

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ Frame EA9B 48 KB
19 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: shopping.kenoraminerandnews.com
URL: https://shopping.kenoraminerandnews.com/places/widget/widget:1/type:300x250_Standard

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://shopping.kenoraminerandnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 2241
date: Mon, 31 May 2021 12:26:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Mon, 31 May 2021 14:26:52 GMT

GET
H3-29 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ Frame EA9B 14 KB
14 KB 8ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://shopping.kenoraminerandnews.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 21:32:20 GMT
x-content-type-options: nosniff
last-modified: Tue, 18 May 2021 21:21:19 GMT
server: sffe
age: 487913
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
expires: Wed, 25 May 2022 21:32:20 GMT

GET
H3-29 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ Frame EA9B 8 KB
8 KB 9ms
7ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,300,700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://shopping.kenoraminerandnews.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 02:03:02 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Nov 2020 22:01:48 GMT
server: sffe
age: 385271
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7832
x-xss-protection: 0
expires: Fri, 27 May 2022 02:03:02 GMT

GET
H3-29 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v15/ Frame EA9B 8 KB
8 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,300,700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://shopping.kenoraminerandnews.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 15:43:44 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Nov 2020 22:02:01 GMT
server: sffe
age: 336029
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7900
x-xss-protection: 0
expires: Fri, 27 May 2022 15:43:44 GMT

GET
H3-29 200 pubads_impl_2021052401.js Show response
securepubads.g.doubleclick.net/gpt/ 309 KB
108 KB 32ms
31ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

6aa7181afe0bea9dc4e90e1d040c0b27be388088f6a5ec3d195c60229fe3c9b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 31 May 2021 13:04:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 24 May 2021 08:37:29 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110966
x-xss-protection: 0
expires: Mon, 31 May 2021 13:04:13 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sp.images.pddataservices.com
URL: http://sp.images.pddataservices.com/sp6images/ntnp/14750052/2017-9-19-19-40-24?quality=90&strip=all&w=344&type=webp

Domain: sp.images.pddataservices.com
URL: http://sp.images.pddataservices.com/sp6images/ntnp/14743969/2017-9-19-12-42-27?quality=90&strip=all&w=344&type=webp

Domain: sp.images.pddataservices.com
URL: http://sp.images.pddataservices.com/sp6images/ntnp/14741577/2017-9-18-16-33-16?quality=90&strip=all&w=344&type=webp

Domain: sp.images.pddataservices.com
URL: http://sp.images.pddataservices.com/sp6images/ntnp/14743749/2017-9-19-9-0-39?quality=90&strip=all&w=344&type=webp

Domain: sp.images.pddataservices.com
URL: http://sp.images.pddataservices.com/sp6images/ntnp/14745576/2017-9-19-16-16-8?quality=90&strip=all&w=344&type=webp

Domain: driving.wpdstg1.canada.com
URL: http://driving.wpdstg1.canada.com/wp-content/uploads/sites/7/2016/09/img_4502.jpg?quality=90&strip=all&w=344&type=webp

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital/	1970-01-19 18:41:06	Name: __adblocker Value: false

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.adsafeprotected.com
d395dw5zk780j2.cloudfront.net
driving.wpdstg1.canada.com
fem.prod.postmedia.digital
fonts.googleapis.com
fonts.gstatic.com
gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital
securepubads.g.doubleclick.net
shopping.kenoraminerandnews.com
sp.images.pddataservices.com
static.wehaacdn.com
storage.googleapis.com
www.google-analytics.com
www.npttech.com
driving.wpdstg1.canada.com
sp.images.pddataservices.com
142.250.181.226
142.250.185.130
143.204.98.55
143.204.98.73
2600:9000:218c:0:8:f216:eb80:93a1
2606:4700:3035::ac43:cb3a
2a00:1450:4001:80e::2010
2a00:1450:4001:827::200e
2a00:1450:4001:829::2003
2a00:1450:4001:829::2010
2a00:1450:4001:831::200a
35.203.21.171
70.35.197.40
74.208.21.154
051daa366796c3316c8a69d7a88b1be338ef41b4f37a06b1f7f72f632ae40c86
0e4dcc6a44d62b8c06afe54662c7c579c2c217a9fed2c5808cdfedc3e79782b6
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
382c326e72c25a13214d100a633ab4bd2499d493fdd4ee84564f096ce8020676
40e562e806ce113ae7879d0dd76db82797b5c274794751c260381f2c8b283641
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
42f4b6568f8ebec57d8fd66400f7bb6686af536ee91c31c76341fd02ccb5a356
458971eb383ef1542252842ba1dfd06dd86fa7d29b51895882ef0452dbcabfea
4e7d5232efb974a7abd66d15c59d5ab7f2e6d214a9a05fb1d0c347d34affc49e
54138d578ed166d5381db70b3dd14a16830233553b6e4213402bae2fdb0564b4
54623e8c8ff4f1c4e612843e64e1c036cea1d80ef067ac19d2bdd95326ff3498
56472daccbb0dcae5cea8ba6aabe51fc1ad99d43fb01aa46d98465a840aec057
5fdf5757206da468353cbfe267bc6648d1c9bf49096cc6650e013f1414c0348f
6aa7181afe0bea9dc4e90e1d040c0b27be388088f6a5ec3d195c60229fe3c9b5
6ab25936d3def84e0255280375e9791dea2e0d479c27dfaa4efb4aaa3a69f7b4
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b
75f4068175052cba45b4f55abfcb5492a94c1f7087ecba0f56601d85d0dd44e6
79e0e7925a1f110e5fa997747ebd8a570eb2a93aa1e40272b3d9e8b71536380c
8cbca429752a2923c419b294fc1fc39e0e7b69aeaff54ebfcc2b2d0faad5cbc2
975a64dc9bbc5e1884ba8ca2e76d9b2791d16d5c9f3619bf30477cd21a8636d2
9e3993849e77664b305855e49680eac1910e79a82bb18b3535c9f5870f55c599
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a5f82a0345d8a8ca6d39fbcbbfb7062f3b5bc1abf2699a568c16754e0bd7f12a
a77e27429736cd9e53a3da43e4e0c0a167f28eca8255cde75dbc6dc98effa95f
a9f0a2b87945bec57d3bb21e9428badf9ea00457b9da28e511465ab632fbfa1a
ad0cb1f850d2f21834f878eeaa5e9812a18144be5a62db4d095d61810985d471
b0a38a8511b93101deac9194e4f22d0a7f5fc94bd90763e93889d08f56977ac2
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
b12e82f05ac96e3f0c09c28057f9a4b02896136c18c3fdde7f6026043dd208ee
b3e96011b3bb2c8e0c3055738beae1ddfa271b782f408fffb25896e791216d49
c7ca9347aed3fce4ce043db9e0acc0e97b7768dcac94b3eb77c9b334934e59b1
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
c8d3fe5115e80640b50f1a980ec29137fa5d5d553932c722a7cdcda3fd089b91
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital Open in urlscan Pro 35.203.21.171 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

43 Requests

77 %HTTPS

50 %IPv6

12 Domains

14 Subdomains

15 IPs

3 Countries

856 kBTransfer

1698 kBSize

1 Cookies

22 Outgoing links

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

gcp-rc-6551-kenoraminerandnews.gstage.postmedia.digital Open in urlscan Pro
35.203.21.171 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

77 %
HTTPS

50 %
IPv6

12
Domains

14
Subdomains

15
IPs

3
Countries

856 kB
Transfer

1698 kB
Size

1
Cookies

43 HTTP transactions
0 data transactions