urlscan.io logo urlscan.io
SecurityTrails logo

nationalpost.com Open in urlscan Pro
34.111.249.109  Public Scan

Go To Rescan Add Verdict Report
URL: https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
Submission: On August 11 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 95 IPs in 9 countries across 66 domains to perform 332 HTTP transactions. The main IP is 34.111.249.109, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is nationalpost.com. The Cisco Umbrella rank of the primary domain is 216236.
TLS certificate: Issued by GTS CA 1D4 on August 5th 2023. Valid for: 3 months.
This is the only time nationalpost.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 34.111.249.109 396982 (GOOGLE-CL...)
23 34.149.157.221 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
3 52.222.208.154 16509 (AMAZON-02)
2 23.56.202.187 16625 (AKAMAI-AS)
1 13.225.78.67 16509 (AMAZON-02)
1 2606:4700:e0:... 13335 (CLOUDFLAR...)
1 18.66.112.95 16509 (AMAZON-02)
36 34.117.54.29 396982 (GOOGLE-CL...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
7 2a00:1450:400... 15169 (GOOGLE)
1 1 2a03:2880:f27... 32934 (FACEBOOK)
1 2 2a03:2880:f27... 32934 (FACEBOOK)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 130.211.23.194 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 142.250.184.198 15169 (GOOGLE)
1 23.215.22.18 16625 (AKAMAI-AS)
3 52.208.23.60 16509 (AMAZON-02)
6 108.138.9.235 16509 (AMAZON-02)
1 5 104.18.24.185 13335 (CLOUDFLAR...)
1 35.227.252.103 15169 (GOOGLE)
2 216.52.2.86 32475 (SINGLEHOP...)
4 185.89.210.101 29990 (ASN-APPNEX)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 2a02:2638:3::7 44788 (ASN-CRITE...)
1 2602:803:c003... 26667 (RUBICONPR...)
2 99.83.154.140 16509 (AMAZON-02)
1 35.241.9.51 15169 (GOOGLE)
1 104.19.149.54 13335 (CLOUDFLAR...)
12 34.107.254.252 396982 (GOOGLE-CL...)
10 12 216.58.206.34 15169 (GOOGLE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 18.185.12.185 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
8 2606:4700::68... 13335 (CLOUDFLAR...)
29 2600:9000:223... 16509 (AMAZON-02)
8 2a00:1450:400... 15169 (GOOGLE)
1 4 13.32.99.90 16509 (AMAZON-02)
1 2a04:4e42:600... 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
3 2600:1f18:44f... 14618 (AMAZON-AES)
7 2a04:4e42:400... 54113 (FASTLY)
4 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a03:2880:f08... 32934 (FACEBOOK)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2600:9000:21f... 16509 (AMAZON-02)
7 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 52.222.214.32 16509 (AMAZON-02)
1 18.66.100.58 16509 (AMAZON-02)
5 2001:4860:480... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 18.66.112.89 16509 (AMAZON-02)
1 143.204.215.76 16509 (AMAZON-02)
1 63.34.81.234 16509 (AMAZON-02)
8 2600:1f18:1ac... 14618 (AMAZON-AES)
3 116.202.150.116 24940 (HETZNER-AS)
3 2a03:2880:f17... 32934 (FACEBOOK)
3 167.235.124.60 24940 (HETZNER-AS)
3 52.22.86.57 14618 (AMAZON-AES)
10 2606:4700::68... 13335 (CLOUDFLAR...)
3 50.16.182.242 14618 (AMAZON-AES)
2 2a02:2638:d::2 44788 (ASN-CRITE...)
1 2 2a02:2638:3::c 44788 (ASN-CRITE...)
1 178.250.1.11 44788 (ASN-CRITE...)
1 35.244.159.8 15169 (GOOGLE)
1 104.18.11.47 13335 (CLOUDFLAR...)
1 151.101.1.108 54113 (FASTLY)
2 23.32.184.192 16625 (AKAMAI-AS)
2 95.101.149.233 16625 (AKAMAI-AS)
2 18.194.175.181 16509 (AMAZON-02)
1 2 185.64.190.78 62713 (AS-PUBMATIC)
1 3 185.80.39.216 27381 (CASALE-MEDIA)
2 2 213.155.156.183 ()
5 198.47.127.205 ()
1 1 178.250.1.9 ()
2 185.64.190.80 ()
1 1 193.0.160.131 ()
3 5 67.220.226.234 ()
1 1 2620:116:800d... ()
1 54.171.34.84 ()
2 2 34.111.129.221 ()
1 34.111.131.239 ()
3 4 54.144.174.245 ()
3 3 37.157.6.233 ()
1 35.204.74.118 ()
3 52.223.40.198 ()
3 5 52.46.143.56 ()
1 1 35.214.220.225 ()
1 2.19.126.84 ()
1 52.211.100.125 ()
1 1 185.183.112.148 ()
1 104.18.10.47 ()
4 4 69.173.144.138 ()
1 1 2a05:d018:d29... ()
3 5 69.173.144.139 ()
1 2620:1ec:21::14 ()
332 95
1    34.111.249.109 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 109.249.111.34.bc.googleusercontent.com
nationalpost.com
23    34.149.157.221 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 221.157.149.34.bc.googleusercontent.com
smartcdn.gprod.postmedia.digital
2    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
10    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
3    52.222.208.154 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-208-154.fra56.r.cloudfront.net
c.amazon-adsystem.com
2    23.56.202.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-202-187.deploy.static.akamaitechnologies.com
micro.rubiconproject.com
ads.rubiconproject.com
1    13.225.78.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-67.fra2.r.cloudfront.net
cdn.adsafeprotected.com
1    2606:4700:e0::ac40:660b (United States)

ASN13335 (CLOUDFLARENET, US)
www.npttech.com
1    18.66.112.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-95.fra56.r.cloudfront.net
ak.sail-horizon.com
36    34.117.54.29 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 29.54.117.34.bc.googleusercontent.com
fem.gprod.postmedia.digital
dcs-static.gprod.postmedia.digital
1    2606:4700:20::ac43:4686 (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
7    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a03:2880:f276:1c3:face:b00c:0:43fe (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
platform.instagram.com
2    2a03:2880:f276:1e9:face:b00c:0:4420 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.instagram.com
2    2606:4700::6812:4eb (United States)

ASN13335 (CLOUDFLARENET, US)
auth.lrcontent.com
1    2606:4700::6812:1a98 (United States)

ASN13335 (CLOUDFLARENET, US)
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
2    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
3    130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
2    2606:4700:20::681a:346 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    142.250.184.198 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net
ad.doubleclick.net
1    23.215.22.18 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-22-18.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
3    52.208.23.60 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-23-60.eu-west-1.compute.amazonaws.com
pixel.adsafeprotected.com
6    108.138.9.235 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-9-235.fra56.r.cloudfront.net
aax.amazon-adsystem.com
5    104.18.24.185 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
dsum-sec.casalemedia.com
1    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
2    216.52.2.86 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
4    185.89.210.101 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    99.83.154.140 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa7557bb34ea5624b.awsglobalaccelerator.com
api.sail-personalize.com
1    35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co
1    104.19.149.54 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
12    34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com
api.permutive.com
googlesync.permutive.com
12    216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f2.1e100.net
cm.g.doubleclick.net
4    2606:4700::6812:5eb (United States)

ASN13335 (CLOUDFLARENET, US)
config.lrcontent.com
1    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
28deffd5e4e983f3e61fac08df7e21f3.safeframe.googlesyndication.com
4    18.185.12.185 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-12-185.eu-central-1.compute.amazonaws.com
postmedia.hub.loginradius.com
5    2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
8    2606:4700::6811:b8b1 (United States)

ASN13335 (CLOUDFLARENET, US)
experience.tinypass.com
cdn.tinypass.com
buy.tinypass.com
29    2600:9000:223c:8000:8:2ae1:d740:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.viafoura.net
8    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    13.32.99.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-90.fra60.r.cloudfront.net
sb.scorecardresearch.com
1    2a04:4e42:600::645 (United States)

ASN54113 (FASTLY, US)
jssdkcdns.mparticle.com
1    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    2600:1f18:44f0:4847:3717:5549:a9cb:125f (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
api.viafoura.co
7    2a04:4e42:400::645 (United States)

ASN54113 (FASTLY, US)
identity.mparticle.com
jssdks.mparticle.com
4    2a02:26f0:3500:293::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.cxense.com
1    2606:4700::6810:f015 (United States)

ASN13335 (CLOUDFLARENET, US)
c2.piano.io
2    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2606:4700::6812:9fa (United States)

ASN13335 (CLOUDFLARENET, US)
assets.ribn.com
2    2600:9000:21f3:9c00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
7    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2606:4700:3033::ac43:9fa2 (United States)

ASN13335 (CLOUDFLARENET, US)
sdk.mrf.io
1    52.222.214.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-32.fra56.r.cloudfront.net
get.s-onetag.com
1    18.66.100.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-100-58.fra56.r.cloudfront.net
cdn.parsely.com
5    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
region1.google-analytics.com
3    2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    18.66.112.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-89.fra56.r.cloudfront.net
onetag-geo.s-onetag.com
1    143.204.215.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-76.fra53.r.cloudfront.net
signal-beacon.s-onetag.com
1    63.34.81.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-81-234.eu-west-1.compute.amazonaws.com
p1.parsely.com
8    2600:1f18:1aca:4281:c590:b5e5:9637:f555 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dt.adsafeprotected.com
3    116.202.150.116 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: haproxy01.cl03.het.mrf.io
events.newsroom.bi
3    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    167.235.124.60 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nue0038.cxense.com
p1cluster.cxense.com
comcluster.cxense.com
id.cxense.com
3    52.22.86.57 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-86-57.compute-1.amazonaws.com
livecomments.viafoura.co
i.viafoura.co
10    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    50.16.182.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-182-242.compute-1.amazonaws.com
notifications.viafoura.co
livecomments.viafoura.co
2    2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
postmedia-d.openx.net
1    104.18.11.47 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
1    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    23.32.184.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-192.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    18.194.175.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-175-181.eu-central-1.compute.amazonaws.com
prebid-a.rubiconproject.com
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
3    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
ssum-sec.casalemedia.com
2    213.155.156.183 (None, )

ASN- ()
d5p.de17a.com
5    198.47.127.205 (None, )

ASN- ()
image2.pubmatic.com
1    178.250.1.9 (None, )

ASN- ()
dis.criteo.com
2    185.64.190.80 (None, )

ASN- ()
simage2.pubmatic.com
1    193.0.160.131 (None, )

ASN- ()
p.rfihub.com
5    67.220.226.234 (None, )

ASN- ()
aax-eu.amazon-adsystem.com
1    2620:116:800d:21:5ed4:8d5d:fed7:f5ef (None, )

ASN- ()
cms.quantserve.com
1    54.171.34.84 (None, )

ASN- ()
sync.crwdcntrl.net
2    34.111.129.221 (None, )

ASN- ()
cr.frontend.weborama.fr
1    34.111.131.239 (None, )

ASN- ()
idsync.frontend.weborama.fr
4    54.144.174.245 (None, )

ASN- ()
a.audrte.com
3    37.157.6.233 (None, )

ASN- ()
dmp.adform.net
c1.adform.net
1    35.204.74.118 (None, )

ASN- ()
um.simpli.fi
3    52.223.40.198 (None, )

ASN- ()
match.adsrvr.org
5    52.46.143.56 (None, )

ASN- ()
s.amazon-adsystem.com
1    35.214.220.225 (None, )

ASN- ()
csync.loopme.me
1    2.19.126.84 (None, )

ASN- ()
ads.stickyadstv.com
1    52.211.100.125 (None, )

ASN- ()
sync.springserve.com
1    185.183.112.148 (None, )

ASN- ()
sync.adotmob.com
1    104.18.10.47 (None, )

ASN- ()
cdn.indexww.com
4    69.173.144.138 (None, )

ASN- ()
token.rubiconproject.com
1    2a05:d018:d29:3601:9ed9:69f8:bfd6:471c (None, )

ASN- ()
pr-bh.ybp.yahoo.com
5    69.173.144.139 (None, )

ASN- ()
pixel.rubiconproject.com
1    2620:1ec:21::14 (None, )

ASN- ()
px.ads.linkedin.com
Apex Domain
Subdomains		 Transfer
59 postmedia.digital
smartcdn.gprod.postmedia.digital — Cisco Umbrella Rank: 101045
fem.gprod.postmedia.digital — Cisco Umbrella Rank: 158073
dcs-static.gprod.postmedia.digital — Cisco Umbrella Rank: 135125
491 KB
29 viafoura.net
cdn.viafoura.net — Cisco Umbrella Rank: 11717
538 KB
21 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 206
ad.doubleclick.net — Cisco Umbrella Rank: 194
cm.g.doubleclick.net — Cisco Umbrella Rank: 239
stats.g.doubleclick.net — Cisco Umbrella Rank: 114
178 KB
19 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 357
aax.amazon-adsystem.com — Cisco Umbrella Rank: 441
aax-eu.amazon-adsystem.com
s.amazon-adsystem.com
74 KB
16 rubiconproject.com
micro.rubiconproject.com — Cisco Umbrella Rank: 3182
ads.rubiconproject.com — Cisco Umbrella Rank: 2160
fastlane.rubiconproject.com — Cisco Umbrella Rank: 572
eus.rubiconproject.com — Cisco Umbrella Rank: 636
prebid-a.rubiconproject.com — Cisco Umbrella Rank: 2928
token.rubiconproject.com
pixel.rubiconproject.com
266 KB
14 adsafeprotected.com
cdn.adsafeprotected.com — Cisco Umbrella Rank: 3785
pixel.adsafeprotected.com — Cisco Umbrella Rank: 766
static.adsafeprotected.com — Cisco Umbrella Rank: 644
dt.adsafeprotected.com — Cisco Umbrella Rank: 585
125 KB
13 permutive.com
cdn.permutive.com — Cisco Umbrella Rank: 2852
api.permutive.com — Cisco Umbrella Rank: 2095
googlesync.permutive.com — Cisco Umbrella Rank: 9193
39 KB
12 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 592
ads.pubmatic.com — Cisco Umbrella Rank: 553
image6.pubmatic.com — Cisco Umbrella Rank: 809
image2.pubmatic.com
simage2.pubmatic.com
26 KB
11 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 130
28deffd5e4e983f3e61fac08df7e21f3.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 151
78 KB
10 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 245
94 KB
10 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 54
region1.google-analytics.com — Cisco Umbrella Rank: 2069
42 KB
9 viafoura.co
api.viafoura.co — Cisco Umbrella Rank: 11955
livecomments.viafoura.co — Cisco Umbrella Rank: 12908
i.viafoura.co — Cisco Umbrella Rank: 11841
notifications.viafoura.co — Cisco Umbrella Rank: 13195
7 KB
8 mparticle.com
jssdkcdns.mparticle.com — Cisco Umbrella Rank: 6250
identity.mparticle.com — Cisco Umbrella Rank: 2860
jssdks.mparticle.com — Cisco Umbrella Rank: 5182
60 KB
8 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 65
602 KB
8 tinypass.com
experience.tinypass.com — Cisco Umbrella Rank: 7995
cdn.tinypass.com — Cisco Umbrella Rank: 5741
buy.tinypass.com — Cisco Umbrella Rank: 6371
154 KB
8 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 662
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 478
dsum-sec.casalemedia.com
9 KB
7 cxense.com
cdn.cxense.com — Cisco Umbrella Rank: 5022
p1cluster.cxense.com — Cisco Umbrella Rank: 9354
comcluster.cxense.com — Cisco Umbrella Rank: 4565
id.cxense.com — Cisco Umbrella Rank: 10474
81 KB
7 gstatic.com
fonts.gstatic.com
170 KB
6 lrcontent.com
auth.lrcontent.com — Cisco Umbrella Rank: 68264
config.lrcontent.com — Cisco Umbrella Rank: 20430
98 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 3
region1.analytics.google.com — Cisco Umbrella Rank: 2770
2 KB
5 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 772
gum.criteo.com — Cisco Umbrella Rank: 425
mug.criteo.com — Cisco Umbrella Rank: 2553
dis.criteo.com
8 KB
5 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 221
acdn.adnxs.com — Cisco Umbrella Rank: 573
20 KB
4 audrte.com
a.audrte.com
3 KB
4 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 4345
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 5752
signal-beacon.s-onetag.com — Cisco Umbrella Rank: 6091
21 KB
4 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 155
3 KB
4 loginradius.com
postmedia.hub.loginradius.com — Cisco Umbrella Rank: 155470
1 KB
4 btloader.com
btloader.com — Cisco Umbrella Rank: 1116
api.btloader.com — Cisco Umbrella Rank: 1172
9 KB
3 adsrvr.org
match.adsrvr.org
793 B
3 adform.net
dmp.adform.net
c1.adform.net
2 KB
3 weborama.fr
cr.frontend.weborama.fr
idsync.frontend.weborama.fr
898 B
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
288 B
3 newsroom.bi
events.newsroom.bi — Cisco Umbrella Rank: 8029
2 KB
3 google.de
www.google.de — Cisco Umbrella Rank: 5933
578 B
3 instagram.com
platform.instagram.com — Cisco Umbrella Rank: 8765
www.instagram.com — Cisco Umbrella Rank: 1642
2 KB
2 de17a.com
d5p.de17a.com
560 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 709
cdn.indexww.com
2 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 617
60 KB
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 3020
p1.parsely.com — Cisco Umbrella Rank: 2210
26 KB
2 mrf.io
sdk.mrf.io — Cisco Umbrella Rank: 9883
45 KB
2 ribn.com
assets.ribn.com — Cisco Umbrella Rank: 135120
8 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 170
157 KB
2 sail-personalize.com
api.sail-personalize.com — Cisco Umbrella Rank: 3222
498 B
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 757
502 B
2 openx.net
rtb.openx.net — Cisco Umbrella Rank: 833
postmedia-d.openx.net — Cisco Umbrella Rank: 241816
434 B
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1192
1 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 356
3 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
2 KB
1 linkedin.com
px.ads.linkedin.com
865 B
1 yahoo.com
pr-bh.ybp.yahoo.com
621 B
1 adotmob.com
sync.adotmob.com
281 B
1 springserve.com
sync.springserve.com
206 B
1 stickyadstv.com
ads.stickyadstv.com
653 B
1 loopme.me
csync.loopme.me
291 B
1 simpli.fi
um.simpli.fi
610 B
1 crwdcntrl.net
sync.crwdcntrl.net
265 B
1 quantserve.com
cms.quantserve.com
589 B
1 rfihub.com
p.rfihub.com
793 B
1 piano.io
c2.piano.io — Cisco Umbrella Rank: 5178
3 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 214
57 KB
1 prmutv.co
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co — Cisco Umbrella Rank: 206170
393 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1390
17 KB
1 permutive.app
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app — Cisco Umbrella Rank: 163112
132 KB
1 sail-horizon.com
ak.sail-horizon.com — Cisco Umbrella Rank: 3326
33 KB
1 npttech.com
www.npttech.com — Cisco Umbrella Rank: 7693
3 KB
1 nationalpost.com
nationalpost.com — Cisco Umbrella Rank: 216236
117 KB
0 33across.com Failed
lexicon.33across.com Failed
332 66
Domain Requested by
30 dcs-static.gprod.postmedia.digital nationalpost.com
dcs-static.gprod.postmedia.digital
29 cdn.viafoura.net fem.gprod.postmedia.digital
cdn.viafoura.net
23 smartcdn.gprod.postmedia.digital nationalpost.com
12 cm.g.doubleclick.net 10 redirects
11 api.permutive.com 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
10 cdnjs.cloudflare.com buy.tinypass.com
8 dt.adsafeprotected.com
8 www.googletagmanager.com fem.gprod.postmedia.digital
jssdkcdns.mparticle.com
www.googletagmanager.com
www.google-analytics.com
7 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
nationalpost.com
7 fonts.gstatic.com fonts.googleapis.com
6 buy.tinypass.com cdn.tinypass.com
buy.tinypass.com
6 aax.amazon-adsystem.com c.amazon-adsystem.com
6 fem.gprod.postmedia.digital nationalpost.com
fem.gprod.postmedia.digital
5 pixel.rubiconproject.com 3 redirects
5 s.amazon-adsystem.com 3 redirects ssum-sec.casalemedia.com
5 aax-eu.amazon-adsystem.com 3 redirects ads.pubmatic.com
5 image2.pubmatic.com ads.pubmatic.com
5 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
5 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
5 securepubads.g.doubleclick.net nationalpost.com
securepubads.g.doubleclick.net
www.googletagservices.com
4 token.rubiconproject.com 4 redirects
4 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
4 a.audrte.com 3 redirects ads.pubmatic.com
4 livecomments.viafoura.co cdn.viafoura.net
4 cdn.cxense.com cdn.tinypass.com
cdn.cxense.com
4 identity.mparticle.com jssdkcdns.mparticle.com
4 sb.scorecardresearch.com 1 redirects fem.gprod.postmedia.digital
4 postmedia.hub.loginradius.com fem.gprod.postmedia.digital
auth.lrcontent.com
4 config.lrcontent.com auth.lrcontent.com
4 ib.adnxs.com micro.rubiconproject.com
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
acdn.adnxs.com
3 match.adsrvr.org ads.pubmatic.com
ssum-sec.casalemedia.com
3 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
3 www.facebook.com
3 events.newsroom.bi sdk.mrf.io
3 region1.google-analytics.com www.googletagmanager.com
3 www.google.de
3 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
3 jssdks.mparticle.com jssdkcdns.mparticle.com
3 api.viafoura.co cdn.viafoura.net
3 www.google.com tpc.googlesyndication.com
3 pixel.adsafeprotected.com cdn.adsafeprotected.com
nationalpost.com
3 api.btloader.com btloader.com
3 c.amazon-adsystem.com nationalpost.com
c.amazon-adsystem.com
2 c1.adform.net 2 redirects
2 cr.frontend.weborama.fr 2 redirects
2 simage2.pubmatic.com ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 image6.pubmatic.com 1 redirects ads.pubmatic.com
2 prebid-a.rubiconproject.com micro.rubiconproject.com
2 eus.rubiconproject.com micro.rubiconproject.com
eus.rubiconproject.com
2 ads.pubmatic.com micro.rubiconproject.com
ads.pubmatic.com
2 gum.criteo.com 1 redirects static.criteo.net
2 static.criteo.net micro.rubiconproject.com
static.criteo.net
2 onetag-geo.s-onetag.com get.s-onetag.com
signal-beacon.s-onetag.com
2 region1.analytics.google.com www.googletagmanager.com
2 sdk.mrf.io nationalpost.com
sdk.mrf.io
2 static.adsafeprotected.com pixel.adsafeprotected.com
nationalpost.com
2 assets.ribn.com www.googletagmanager.com
nationalpost.com
2 connect.facebook.net www.googletagmanager.com
connect.facebook.net
2 api.sail-personalize.com ak.sail-horizon.com
2 ap.lijit.com micro.rubiconproject.com
2 ad-delivery.net nationalpost.com
2 cdn.jsdelivr.net micro.rubiconproject.com
securepubads.g.doubleclick.net
2 auth.lrcontent.com nationalpost.com
cdn.viafoura.net
2 www.instagram.com 1 redirects nationalpost.com
2 fonts.googleapis.com nationalpost.com
buy.tinypass.com
1 px.ads.linkedin.com
1 pr-bh.ybp.yahoo.com 1 redirects
1 cdn.indexww.com ssum-sec.casalemedia.com
1 sync.adotmob.com 1 redirects
1 sync.springserve.com ssum-sec.casalemedia.com
1 ads.stickyadstv.com ssum-sec.casalemedia.com
1 csync.loopme.me 1 redirects
1 um.simpli.fi ads.pubmatic.com
1 dmp.adform.net 1 redirects
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 sync.crwdcntrl.net ads.pubmatic.com
1 cms.quantserve.com 1 redirects
1 p.rfihub.com 1 redirects
1 dis.criteo.com 1 redirects
1 acdn.adnxs.com micro.rubiconproject.com
1 js-sec.indexww.com micro.rubiconproject.com
1 postmedia-d.openx.net micro.rubiconproject.com
1 mug.criteo.com
1 notifications.viafoura.co cdn.viafoura.net
1 i.viafoura.co cdn.viafoura.net
1 id.cxense.com cdn.cxense.com
1 comcluster.cxense.com cdn.cxense.com
1 p1cluster.cxense.com cdn.cxense.com
1 p1.parsely.com
1 signal-beacon.s-onetag.com get.s-onetag.com
1 cdn.parsely.com www.googletagmanager.com
1 get.s-onetag.com www.googletagmanager.com
1 c2.piano.io cdn.tinypass.com
1 cdn.tinypass.com experience.tinypass.com
1 www.googletagservices.com securepubads.g.doubleclick.net
1 jssdkcdns.mparticle.com fem.gprod.postmedia.digital
1 experience.tinypass.com fem.gprod.postmedia.digital
1 28deffd5e4e983f3e61fac08df7e21f3.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 googlesync.permutive.com
1 cdn.permutive.com 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
1 23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
1 fastlane.rubiconproject.com micro.rubiconproject.com
1 bidder.criteo.com micro.rubiconproject.com
1 hbopenbid.pubmatic.com micro.rubiconproject.com
1 rtb.openx.net micro.rubiconproject.com
1 htlb.casalemedia.com micro.rubiconproject.com
1 secure.cdn.fastclick.net nationalpost.com
1 ad.doubleclick.net nationalpost.com
1 ads.rubiconproject.com micro.rubiconproject.com
1 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app fem.gprod.postmedia.digital
1 platform.instagram.com 1 redirects
1 btloader.com nationalpost.com
1 ak.sail-horizon.com nationalpost.com
1 www.npttech.com nationalpost.com
1 cdn.adsafeprotected.com nationalpost.com
1 micro.rubiconproject.com nationalpost.com
1 nationalpost.com
0 lexicon.33across.com Failed micro.rubiconproject.com
332 119
Subject Issuer Validity Valid
nationalpost.com
GTS CA 1D4		 2023-08-05 -
2023-11-03		 3 months crt.sh
gprod.postmedia.digital
GTS CA 1D4		 2023-07-07 -
2023-10-05		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.adsafeprotected.com
Amazon RSA 2048 M01		 2023-05-22 -
2024-06-19		 a year crt.sh
npttech.com
GTS CA 1P5		 2023-07-04 -
2023-10-02		 3 months crt.sh
ak.sail-horizon.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-01-16		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-06 -
2024-07-05		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
permutive.app
Cloudflare Inc ECC CA-3		 2023-07-09 -
2023-10-07		 3 months crt.sh
api.btloader.com
GTS CA 1D4		 2023-06-13 -
2023-09-11		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-02 -
2023-12-02		 a year crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-27		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-18		 3 months crt.sh
api.sail-personalize.com
Amazon RSA 2048 M01		 2023-04-25 -
2024-05-23		 a year crt.sh
*.prmutv.co
R3		 2023-06-06 -
2023-09-04		 3 months crt.sh
permutive.com
Cloudflare Inc ECC CA-3		 2023-01-26 -
2024-01-25		 a year crt.sh
api.permutive.com
R3		 2023-06-17 -
2023-09-15		 3 months crt.sh
*.loginradius.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-29 -
2023-12-15		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
viafoura.com
Amazon RSA 2048 M02		 2023-08-08 -
2024-09-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-15 -
2023-12-28		 a year crt.sh
jssdkcdns.mparticle.com
Go Daddy Secure Certificate Authority - G2		 2023-05-02 -
2024-06-02		 a year crt.sh
identity.mparticle.com
Go Daddy Secure Certificate Authority - G2		 2023-05-08 -
2024-06-08		 a year crt.sh
*.cxense.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-13		 a year crt.sh
piano.io
Cloudflare Inc ECC CA-3		 2023-03-27 -
2024-03-26		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-05-20 -
2023-08-18		 3 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
*.s-onetag.com
Amazon RSA 2048 M01		 2023-02-23 -
2024-01-02		 10 months crt.sh
*.parsely.com
Amazon RSA 2048 M02		 2023-05-06 -
2024-06-03		 a year crt.sh
jssdks.mparticle.com
Go Daddy Secure Certificate Authority - G2		 2022-09-15 -
2023-10-17		 a year crt.sh
www.google.de
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M02		 2023-05-09 -
2024-06-07		 a year crt.sh
ssl03.cert.cl03.k8s.mrf.io
R3		 2023-07-13 -
2023-10-11		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-31		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-16 -
2024-04-16		 a year crt.sh
*.springserve.com
Amazon RSA 2048 M01		 2023-08-02 -
2024-08-30		 a year crt.sh

This page contains 24 frames:

Primary Page: https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
Frame ID: 0B62D807EE8DD19D4CEBF0C600F7B51C
Requests: 240 HTTP requests in this frame

Frame: https://fem.gprod.postmedia.digital/v85.0/xd.html
Frame ID: 4B0D1E7707981042758DBA680A0912A6
Requests: 2 HTTP requests in this frame

Frame: https://28deffd5e4e983f3e61fac08df7e21f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 34679C9748187D9813804D98BC054ABE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C949265352AE444866905C9135A997B3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4653747997AE5B08CED2BAA7635BD172
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=928934&campId=728x90&pubId=4811995650&chanId=93943261&placementId=6320689129&pubCreative=138435367041&pubOrder=3214528277&cb=1176122421&custom=story&custom2=1&adsafe_par&impId=3be6785c-37fc-11ee-adc6-0a6fa201f3de
Frame ID: 3EBAFA8A33FA15DF7FCEA35DAB658ADC
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsttAgOx6Zj8ID8Zlun4P57zuhdqQZw-iAbHPJcEJR6LrB1xkF79EdlMptVWVmdn-m-ZGHTX2eTsSeqGJfCXwqJwuOADlUPQSz94wKs0g7qsZE_FlGkZneA6GfXzyvXpZYpLAbGFLD3weGgRRAp-vO0eeY8mctwupzEthbiwOCDiPXRcZrHB_oINBl7_6z4lSQICB6eLkkLvpVmMeynSmMnQkFoCfnPf_jtDHJTlbK_8OWUkGJAKKNPDg53FK7im8955iKYUgXQnWBEfhqQMvDeJFlUE6YB2yBBN0NxRTCMIoRHfTdUrMXGXL_Oa1UgGSdOIU5zmyZF6dg&sai=AMfl-YS5VHJ341SoVOc6k2W4Etqta5_PcU0boMtp6UmdqPTTT9aYuE19GIwk7pDD7NkwqRtUNriaypQwtMRCzrD4GRCef8ITAOfBgQOLfjsdJDFNBV4fWyae5NJAcSz36O8zql8ZouO-jDQWw9qSmk77&sig=Cg0ArKJSzPNVQPkYye3dEAE&uach_m=[UACH]&adurl=
Frame ID: F50E4CBD7EF12A8E7A9B9636453A6E09
Requests: 7 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/cacheableShow?aid=SE0WzqlbUG&templateId=OTB3H56G51WS&offerId=fakeOfferId&experienceId=EXEESQBGK2SK&iframeId=offer_f3c74e20a77ce001b7ae-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fnationalpost.com
Frame ID: 83FE664110215867A4191518ED8BDA49
Requests: 17 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 15E0FD352D7B58011E22A272C0B2CD43
Requests: 1 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: 3314D388C25B2C52DAAF622884152524
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: D3A41B06BFB16936783E16FF3B16467E
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=nationalpost.com
Frame ID: B410E1049D5D98D7CB100FF39897F8C8
Requests: 2 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13402707
Frame ID: A3422C8B2FE52B128C8E2FBE89701F0F
Requests: 1 HTTP requests in this frame

Frame: https://postmedia-d.openx.net/w/1.0/pd
Frame ID: CC8A5EE20C92BC3AA62E5948F4B92264
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 2C72E205C1C45E14251EFEC3E0E2F59C
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: CA871B4A3B3C3226F3B5C286E8798C2F
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Frame ID: 31F04DE9818E37132895B5BA015F4B12
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 5DCAC59B792954FB05AF7D9B76E12005
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnationalpost.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 770BBCED302FB7D547E4D47E5F0B6077
Requests: 10 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=350198267086225137
Frame ID: 56BB71AE3C0ECFACC5A9D04395A2ED3E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 34A8A48C4AD82B616B600C7276FCC349
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5141210826468656780
Frame ID: 3CDBDE9238DCCD15427968077AE2D90C
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=779CE4B0-72D9-453F-8385-D8E208E84C65&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 5788B1108F09992FFB060C4553006171
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=SN0DlRzaUcVTjQWQT49KkkuNX5ZTilGURtmhelPi
Frame ID: 370EFCAE11614DBA9B2CA4A42B40E57F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Vegan influencer who ate all-fruit diet dead at 39 | National PostNational PostUserFinancial Post

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
  • \bangular.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

332
Requests

92 %
HTTPS

40 %
IPv6

66
Domains

119
Subdomains

95
IPs

9
Countries

3860 kB
Transfer

13085 kB
Size

92
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • https://platform.instagram.com/en_US/embeds.js HTTP 301
  • https://www.instagram.com/embed.js HTTP 302
  • https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fembed.js
Request Chain 107
  • https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=c60a9942-e7a1-49ba-962e-1435c3023ea4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=c60a9942-e7a1-49ba-962e-1435c3023ea4&google_tc= HTTP 302
  • https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEAjZ-PiaISHWnsPi2OgElrU&error=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=c60a9942-e7a1-49ba-962e-1435c3023ea4&google_cver=1
Request Chain 161
  • https://sb.scorecardresearch.com/c2/10276888/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
Request Chain 253
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=nationalpost.com&sn=ChromeSyncframe&so=0&topUrl=nationalpost.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=JI0DPXxiQ3FhUlBQKzRRVmNmTE9HaWpDRkt2L08wdzBDUWxWYWwyMlJ0RGlwcHBEemp2VHJPZFNjZ2VFcGM5N3RzbHhhdzhoUmpWQ01XaHRUQ29KWlpCcnRSNlFhTitGTVR2KzNQWjUyYzBRSW9RcGdyU0dmMk95MW9ac2hvc1E2Rzc0eWtoNGdES0JvbkZ0Q2E4dEM4OVNUMmt5QXUwdXAwcDhZT1dVTnYyczZ6MENqRDFUalpWTGY4QnRCWFBsK1pkOXdWRjdGdXdZcmxIa1BFaFRnclFiR2ZNMFlFRmYyNkRsS09VdFhyTHRET1NJMmRicFBBaUNHNWV4TVcvZDcvWUpLVlhjbTJGeGxHNm51cStNQmVjT2JJdkh4QWdPTTVNSm4rMGZrWGtoRzhoND18&cppv=2
Request Chain 279
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnationalpost.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnationalpost.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 283
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=350198267086225137
Request Chain 284
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 285
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5141210826468656780
Request Chain 286
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=779CE4B0-72D9-453F-8385-D8E208E84C65&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=779CE4B0-72D9-453F-8385-D8E208E84C65&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 287
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=SN0DlRzaUcVTjQWQT49KkkuNX5ZTilGURtmhelPi
Request Chain 288
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=d5zksHLZRT-DhdjiCOhMZQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 290
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=4141744824 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=779CE4B0-72D9-453F-8385-D8E208E84C65
Request Chain 291
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=779CE4B0-72D9-453F-8385-D8E208E84C65 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MzcwcVBFdXpjTVpSVEdscUFHQS0tQ3AtUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=3401845650194904069&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 292
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Nzc5Q0U0QjAtNzJEOS00NTNGLTgzODUtRDhFMjA4RTg0QzY1&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 293
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKaBUT7hUlO6tapqcB3tLmA&google_cver=1
Request Chain 295
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3401845650194904069
Request Chain 297
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZNWzbnlo6UzWeOTZZWh4lAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEL4M-unuQsHIWHjN0dEeGeM&google_cver=1
Request Chain 299
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZNWzbnlo6UzWeOTZZWh4lAAAFGMAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJ_nGRNG5DOlDdOTcA8MCZE&google_cver=1
Request Chain 300
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZNWzbnlo6UzWeOTZZWh4lAAAFGMAAAIB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZNWzbnlo6UzWeOTZZWh4lAAAFGMAAAIB&gpp=&gpp_sid=&dcc=t
Request Chain 301
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=01c5786f-f332-4db1-8484-7dabd3dd7c43&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 304
  • https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATION%5D&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Request Chain 306
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/WjLOKSX8EFCWfiOOfpc1msn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-R5N.GE9E2oL3kjwA.qNZbopEHzRVVkyH7UAaXw--~A
Request Chain 307
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LL62E9VZ-18-90NH
Request Chain 308
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGNkYzdlZjgzMzYwOTE5MjZmOGYwZGNkZmQ2OGEwNDU3NDcwOTY3Ng
Request Chain 309
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=kRDcvnz_RhWvat2PqwsI0w&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=kRDcvnz_RhWvat2PqwsI0w
Request Chain 311
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEF7n7UDiC_1vy59dMtekt10&google_cver=1
Request Chain 312
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEw2MkU5VlotMTgtOTBOSA== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIYdszPziVTG_SH92KDCHyM&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEw2MkU5VlotMTgtOTBOSA==&google_push=
Request Chain 313
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=fW9-pooITLi6pKWWfNAwbA&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=fW9-pooITLi6pKWWfNAwbA

332 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
nationalpost.com/news/ 		608 KB
117 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.249.109 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
109.249.111.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
e23f9e7866a408e26ffb9c9b005d5e7823c3bb922b716090742a2558cf94aa16
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=180
content-encoding
gzip
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
content-type
text/html; charset=utf-8
date
Fri, 11 Aug 2023 04:04:56 GMT
expires
Fri, 11 Aug 2023 04:05:54 GMT
last-modified
Fri, 11 Aug 2023 04:00:54 GMT
permissions-policy
autoplay=(*), camera=(*), display-capture=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), microphone=(*), payment=(*)
referrer-policy
strict-origin-when-cross-origin
server
istio-envoy
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-dcs-cache-page
MISS
x-envoy-decorator-operation
pmd-nginx-proxy.nginx-proxy.svc.cluster.local:80/*
x-envoy-upstream-service-time
4
x-frame-options
SAMEORIGIN
x-pmd-backend
pmd-nginx-proxy-58cfb9ff56-tv4xz
x-pmd-cache
STALE
zhannadart-Cropped-1.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/08/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/08/zhannadart-Cropped-1.jpg?quality=90&strip=all&w=564&h=423&type=webp&sig=PJRSwtps_r6kB8lMCXE4yg
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
3f92f9ee26044ec522826051d957b517be6a347c6730a0163d027bfa6c9e4f96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Thu, 10 Aug 2023 17:58:34 GMT
via
1.1 google
server
nginx/1.18.0
age
36382
etag
"cecb90b2ac313b5f13cbf119dad172108af631c4"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-555wh
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56060
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Sans:700%7CPT+Serif:400,700%7CRoboto:400,700&display=swap
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d223012ef147ab4a402a55626d1b5f4cc4d7ea9bed0cb9eec418b5665cb89f4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 11 Aug 2023 04:04:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 11 Aug 2023 03:47:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 11 Aug 2023 04:04:56 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fedd907d02eb600d0303ba76b75cd9029434110e70d55fa58c008217c9ccc648
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:04:56 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28127
x-xss-protection
0
server
cafe
etag
848 / 19580 / m202308030102 / config-hash: 3193673216413745826
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 11 Aug 2023 04:04:56 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		246 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c7fe6da239be5e83a3d053138d413293ac50686169f09bade4ac60edf7f60120

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 03:49:31 GMT
content-encoding
gzip
via
1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront), 1.1 69cc5dd318e02cb1a7e8cb9951f553d8.cloudfront.net (CloudFront)
last-modified
Thu, 10 Aug 2023 21:28:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P3
age
926
x-amz-server-side-encryption
AES256
etag
W/"a7247ead77dd201b1e56acf0e565194b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
fS4NIaJT6cxxK1YK_I2jws3dz-MX7YzlkT5qP_wnlf4lgtg6pLt1Tw==
14648.js
micro.rubiconproject.com/prebid/dynamic/ 		2 MB
245 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://micro.rubiconproject.com/prebid/dynamic/14648.js
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-202-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
194d726236595065653a2b6610fcd3057e59569d745e5ea37ca5226080960b69

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:04:56 GMT
content-encoding
gzip
server
Apache
vary
accept-encoding, referer
edge-cache-tag
prod-prebid-14648_postmedia_pbjs.js
content-type
text/javascript
cache-control
public, must-revalidate, max-age=14400
content-length
250859
expires
Fri, 11 Aug 2023 05:21:56 GMT
iasPET.1.js
cdn.adsafeprotected.com/ 		22 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-67.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Wed, 09 Aug 2023 21:04:51 GMT
Via
1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Jun 2021 17:38:57 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA2-C2
Age
300714
ETag
W/"51636de3ce868a2172f9e6996c2934e0"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22521
X-Amz-Cf-Id
1BD5bPnprV00Z0s4OQmlLiwFn7iuw6AjARpYDmqwn9fcYKvNfX-QAQ==
advertising.js
www.npttech.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.npttech.com/advertising.js
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:660b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:04:56 GMT
x-amz-version-id
AqISHxpKTQvORh8RqBdMoHK.Vq6tURDV
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
5QN4F1N5TAJA3DN0
age
26
alt-svc
h3=":443"; ma=86400
x-amz-id-2
ixROpG9LrPJCYf5h8sRIjOXPpqPC7pzYLyy97hE85oUzdjHtzPJEfdqnZFfi6QprzeNSsSpeUHQ=
last-modified
Tue, 18 Oct 2022 13:20:01 GMT
server
cloudflare
etag
W/"df0e1827cd8f289a645f38d8fecaf6e0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z5T4ZGoCtziIAGQEqeIX10Twg0qItur%2FEHYDYTCtZF%2BCZB6obC1ykyge39yUqLO73RpthcFYmUg7BGDd8oaM1UZ%2FAg34EEmXpVItBVumbZinVqh3HSt1RqKBzHbDUDy33kG%2BzLJRUgY4wUtwNWM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=28800
cf-ray
7f4d98ed6e123826-FRA
spm.v1.min.js
ak.sail-horizon.com/spm/ 		98 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-95.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8c67d47496a8af1f4c99a350ababf131661cf111a02460c5e9f6d9539db481c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:02:51 GMT
content-encoding
gzip
via
1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
last-modified
Wed, 28 Jun 2023 16:11:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
126
x-amz-server-side-encryption
AES256
etag
W/"6f6b3838a24066fc24338c58c675bb27"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=600; must-revalidate
x-amz-cf-id
knF0MRG73o6UGJUzu-yKLMdwTHItH0nnrv-yBAnhZfUHaN7dKGUyrQ==
fem.js
fem.gprod.postmedia.digital/v85.0/ 		345 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v85.0/fem.js
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3b1d0361a0461ce106032877d434b6829fafbb3a8a4b8e4c332aeb06789f5fd4

Request headers

Referer
Origin
https://nationalpost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 12:18:35 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1690226631
age
747981
x-guploader-uploadid
ADPycdvjUvGy7_SfOm_c_ypLorQ8cXwIdB9T9eeMXw02UMBJHWYpuaBvsdhg1gWDVqxwW6xrWpvxPDf0SLZYEkiVTjSQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100025
last-modified
Mon, 24 Jul 2023 19:24:36 GMT
server
UploadServer
etag
W/"93a7038cfe72b3885574ff7c81b81203"
vary
Accept-Encoding
x-goog-generation
1690226676604634
x-goog-hash
crc32c=/Ot50w==, md5=k6cDjP5ys4hVdP98gbgSAw==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
352779
accept-ranges
none
content-type
application/javascript
tag
btloader.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5707352930516992&upapi=true
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
719877af1dec7f1f88b365106403d09145b6187c99204048943b3f9404d89b8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:04:56 GMT
via
1.1 google
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Fri, 11 Aug 2023 04:04:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"b22705427f1bec5363b525da066a4f46"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L%2F21C4tk%2FO5AZTiIDM2DHVpp8xu6YPJEixJOcEsCCiBXI6Wj3UYKdr12CAr0GdLT4oQVOcrG7DdPkPOM9gvSKf7oE9IeqEJBn%2FlE%2FLAJoToUhzXFLfU3mn18U0L6A3RVrJw767kAkg3i6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray
7f4d98ed5a3b2bf1-FRA
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:700%7CPT+Serif:400,700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nationalpost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 22:08:16 GMT
x-content-type-options
nosniff
age
107800
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Aug 2024 22:08:16 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:700%7CPT+Serif:400,700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nationalpost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 11:08:17 GMT
x-content-type-options
nosniff
age
492999
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 Aug 2024 11:08:17 GMT
icon-close-black.svg
dcs-static.gprod.postmedia.digital/14.1.1/websites/images/common-icon/ 		378 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/14.1.1/websites/images/common-icon/icon-close-black.svg
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
15b54a90686829d59ef0c2bc6a9e2e82b6a11536be56acf2b4ff414b081c891d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 17:17:16 GMT
x-goog-meta-goog-reserved-file-mtime
1691009568
age
643660
x-guploader-uploadid
ADPycdssN7cdoGZ1vh_inw517rpu1Ift5Vm0L6jo0uXOwJhipVaxMBMVoU-zrwlmlNN3Odcm1HaqQqSBP5PylNjwhat3QEsIgvFo
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
378
last-modified
Thu, 03 Aug 2023 17:09:20 GMT
server
UploadServer
etag
"6b517647b75beac7cede4e634ea51094"
x-goog-generation
1691082560455874
x-goog-hash
crc32c=wbQwCg==, md5=a1F2R7db6sfO3k5jTqUQlA==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
378
accept-ranges
bytes
icon-circle-email.svg
dcs-static.gprod.postmedia.digital/14.1.1/websites/images/share-icons/ 		976 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/14.1.1/websites/images/share-icons/icon-circle-email.svg
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
2a647bbfb5c6723ca10f9833ae08d3381b0061f982959571e56a55d7768cb7a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 17:17:16 GMT
x-goog-meta-goog-reserved-file-mtime
1691009569
age
643660
x-guploader-uploadid
ADPycduymOF6T4UMnWlEIEd5HZd3Hbv7VdGMq7tZMAdYHPiPAAQsEELdjyZE0GiiR07uGF4xNw0ZVw5I2dJ4YObvr4k5n6Wqnosr
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
976
last-modified
Thu, 03 Aug 2023 17:09:26 GMT
server
UploadServer
etag
"bef02ad8b1f137bbb303cefe8614b69f"
x-goog-generation
1691082566760915
x-goog-hash
crc32c=ZVCajw==, md5=vvAq2LHxN7uzA87+hhS2nw==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
976
accept-ranges
bytes
icon-soc-fb.svg
dcs-static.gprod.postmedia.digital/14.1.1/websites/images/share-icons/ 		775 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/14.1.1/websites/images/share-icons/icon-soc-fb.svg
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
40e562e806ce113ae7879d0dd76db82797b5c274794751c260381f2c8b283641

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 17:17:16 GMT
x-goog-meta-goog-reserved-file-mtime
1691009569
age
643660
x-guploader-uploadid
ADPycds99l16uGK_mn6cHpemv3sqNoSLfvuq0vYoY1rRRSTb-6TssJA2-vvBaPCi3jp8qiYsc0AacSVbUJ-t0pFaIHj1Ytp8BmZ5
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
775
last-modified
Thu, 03 Aug 2023 17:09:26 GMT
server
UploadServer
etag
"993353c51244defcc16154eac23ff88d"
x-goog-generation
1691082566772698
x-goog-hash
crc32c=Z/aKUg==, md5=mTNTxRJE3vzBYVTqwj/4jQ==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
775
accept-ranges
bytes
icon-soc-tw.svg
dcs-static.gprod.postmedia.digital/14.1.1/websites/images/share-icons/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/14.1.1/websites/images/share-icons/icon-soc-tw.svg
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
975a64dc9bbc5e1884ba8ca2e76d9b2791d16d5c9f3619bf30477cd21a8636d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 17:17:16 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1691009570
age
643660
x-guploader-uploadid
ADPycdtO6E1PB-Q_Mz2Cy0vdGN91s5Pkb8TMOzq1NEDBU1lQzIIWZpkfO2SFOBkEgUdGvtrHXODsIbTvyZxXRsAFmXxVUh0qB_7a
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
806
last-modified
Thu, 03 Aug 2023 17:09:26 GMT
server
UploadServer
etag
W/"df82c342c1176b84253c53e6e10eed05"
vary
Accept-Encoding
x-goog-generation
1691082566889579
x-goog-hash
crc32c=cbPk0w==, md5=34LDQsEXa4QlPFPm4Q7tBQ==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
1698
accept-ranges
none
icon-soc-rdit.svg
dcs-static.gprod.postmedia.digital/14.1.1/websites/images/share-icons/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/14.1.1/websites/images/share-icons/icon-soc-rdit.svg
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
1fb82c9bb456f6d5336430ebb3d5b1e596ceb303ee99690f0c9187aa13a0cd43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 17:17:16 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1691009570
age
643660
x-guploader-uploadid
ADPycds3MjF4ZckFZcmcqarwmYAbSbWUT6kl02zTdsmNx1FUNpDjco37N6cJvfJgPaUpC29c-8tmWq3ohkX-6ENoQDFk_vE_TRKW
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
803
last-modified
Thu, 03 Aug 2023 17:09:26 GMT
server
UploadServer
etag
W/"0304b8d3870cc1f4f888574a14022da4"
vary
Accept-Encoding
x-goog-generation
1691082566882172
x-goog-hash
crc32c=GJubKw==, md5=AwS404cMwfT4iFdKFAItpA==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
2135
accept-ranges
none
icon-soc-pin.svg
dcs-static.gprod.postmedia.digital/14.1.1/websites/images/share-icons/ 		2 KB
1001 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/14.1.1/websites/images/share-icons/icon-soc-pin.svg
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
73ce21104cbd5c5d38a7f58633f41f6aaf3cf9bb58d2166935871115df10086f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 17:17:16 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1691009569
age
643660
x-guploader-uploadid
ADPycdvSAjzU0xkPU4nE1kyQqjkfVu6-NvSqnKTaWKfLMd3L4ZDFNfu7N4Gybnp8_lb0yIohuAwhGfqtSU-7ZyuLTYABxMJuCTK2
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
753
last-modified
Thu, 03 Aug 2023 17:09:26 GMT
server
UploadServer
etag
W/"7dbe30e1f3c16e83b217e86f8fe87986"
vary
Accept-Encoding
x-goog-generation
1691082566888660
x-goog-hash
crc32c=CmGx6w==, md5=fb4w4fPBboOyF+hvj+h5hg==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
1904
accept-ranges
none
icon-soc-li.svg
dcs-static.gprod.postmedia.digital/14.1.1/websites/images/share-icons/ 		739 B
1009 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/14.1.1/websites/images/share-icons/icon-soc-li.svg
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
73f5cb8f7a137847e41aeb849588174535651b6e140d8b13575f46fff0c496a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 17:17:16 GMT
x-goog-meta-goog-reserved-file-mtime
1691009569
age
643660
x-guploader-uploadid
ADPycdsvoSTZg3ydjil5ihjcKKyOIhaWKOMustjqcrws86L_SxcUXWMBDfDOLmrMTsBJZkNpfdsYcK97YvGl0Zt1R5286hcyxHPn
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
739
last-modified
Thu, 03 Aug 2023 17:09:26 GMT
server
UploadServer
etag
"071e5c7f2df5f3dc2b856b2576752f1c"
x-goog-generation
1691082566841435
x-goog-hash
crc32c=PfZM8A==, md5=Bx5cfy3189wrhWsldnUvHA==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
739
accept-ranges
bytes
icon-soc-tblr.svg
dcs-static.gprod.postmedia.digital/14.1.1/websites/images/share-icons/ 		479 B
726 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/14.1.1/websites/images/share-icons/icon-soc-tblr.svg
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
bd42ab1e963caae23b78541c50e8b5d8146d0c6b2151fcfcfa938c17c417f68e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 17:17:16 GMT
x-goog-meta-goog-reserved-file-mtime
1691009569
age
643660
x-guploader-uploadid
ADPycdvBY7-E93lagGHZ2J6WHoheWph6jxXSZAslNGAI-3dIjml-Of_kwdeO2nLAO61vySz9xyzpsUT3KLH9V6W_50P5kIWmBx8k
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
479
last-modified
Thu, 03 Aug 2023 17:09:26 GMT
server
UploadServer
etag
"1ace9edc1bbac746d584a7270d791ff9"
x-goog-generation
1691082566896331
x-goog-hash
crc32c=08+Lmg==, md5=Gs6e3Bu6x0bVhKcnDXkf+Q==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
479
accept-ranges
bytes
icon-circle-share.svg
dcs-static.gprod.postmedia.digital/14.1.1/websites/images/share-icons/ 		561 B
794 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/14.1.1/websites/images/share-icons/icon-circle-share.svg
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
4bef0d2ce9ddd3dcd15889345ea8e4ae1eb38c2bcf50bcd76daed2dc63f0a424

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 17:17:16 GMT
x-goog-meta-goog-reserved-file-mtime
1691009569
age
643660
x-guploader-uploadid
ADPycduTst0-AztHjmdWSWYhykJXkfDd9NGxYuTJqVYPqYckOKwzQzm5Js-Cz4dqshpOUn4yGVMt114dOWnQ-TXF63r0qzh8-ZGv
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
561
last-modified
Thu, 03 Aug 2023 17:09:26 GMT
server
UploadServer
etag
"cbc289873c015f5baae7e9e8d4876ea9"
x-goog-generation
1691082566769649
x-goog-hash
crc32c=9Je3tg==, md5=y8KJhzwBX1uq5+no1IduqQ==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
561
accept-ranges
bytes
logo-identity-np.svg
dcs-static.gprod.postmedia.digital/14.1.1/websites/images/identity/ 		23 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/14.1.1/websites/images/identity/logo-identity-np.svg
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
4096c8a2384f56ad8b8f306e3a761362219102e460d438fc529752bcb82d7b39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 17:21:33 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1691009568
age
643403
x-guploader-uploadid
ADPycdv_00wm7gSc1sEL-iKxv_1rjnvBp1q6lKNy7inLKbKXJVaiovgVHoLdYX6jF9eozaJHjKZQRs3minxi9FD_Cwh-tw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10271
last-modified
Thu, 03 Aug 2023 17:09:24 GMT
server
UploadServer
etag
W/"9ea8b1cf29ac840dbbb7657687b10b28"
vary
Accept-Encoding
x-goog-generation
1691082564043869
x-goog-hash
crc32c=NJkvSg==, md5=nqixzymshA27t2V2h7ELKA==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
23628
accept-ranges
none
/
www.instagram.com/accounts/login/
Redirect Chain
  • https://platform.instagram.com/en_US/embeds.js
  • https://www.instagram.com/embed.js
  • https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fembed.js
0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fembed.js
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
Protocol
H2
Server
2a03:2880:f276:1e9:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Redirect headers

content-security-policy
default-src *.facebook.com *.fbcdn.net *.instagram.com data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self' *.instagram.com static.cdninstagram.com;style-src data: blob: 'unsafe-inline' *.fbcdn.net *.facebook.com *.instagram.com static.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* blob: *.instagram.com *.cdninstagram.com wss://*.instagram.com:* 'self' wss://edge-chat.instagram.com connect.facebook.net;font-src *.facebook.com data: *.fbcdn.net *.instagram.com static.cdninstagram.com *.intern.facebook.com;img-src *.instagram.com *.facebook.com *.fbcdn.net data: blob: *.cdninstagram.com *.fbsbx.com android-webview-video-poster: *.whatsapp.net;media-src *.facebook.com *.fbcdn.net *.instagram.com *.cdninstagram.com cdn.fbsbx.com data: blob:;frame-src *.instagram.com *.facebook.com *.fbsbx.com fbsbx.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
date
Fri, 11 Aug 2023 04:04:56 GMT
document-policy
force-load-at-top
content-security-policy-report-only
default-src *.facebook.com *.fbcdn.net *.instagram.com data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self' *.instagram.com static.cdninstagram.com;style-src data: blob: 'unsafe-inline' *.fbcdn.net *.facebook.com *.instagram.com static.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* blob: *.instagram.com *.cdninstagram.com wss://*.instagram.com:* 'self' wss://edge-chat.instagram.com connect.facebook.net;font-src *.facebook.com data: *.fbcdn.net *.instagram.com static.cdninstagram.com *.intern.facebook.com;img-src *.instagram.com *.facebook.com *.fbcdn.net data: blob: *.cdninstagram.com *.fbsbx.com android-webview-video-poster:;media-src *.facebook.com *.fbcdn.net *.instagram.com *.cdninstagram.com cdn.fbsbx.com data: blob:;frame-src *.instagram.com *.facebook.com *.fbsbx.com fbsbx.com data:;worker-src *.instagram.com static.cdninstagram.com;block-all-mixed-content;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
0
reporting-endpoints
default="https://www.instagram.com/error/ig_web_error_reports/?device_level=unknown"
pragma
no-cache
x-fb-debug
YGqq6AAAyyzHMz/foO7D8+w5Lq0GzSdK27Egw3rsrbTICtcAdGqDS4UVbw6GKhEUt0fBuPjFzpThUlXpsc7q3w==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/?device_level=unknown"}]}
content-type
text/html; charset="utf-8"
location
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fembed.js
origin-agent-cluster
?0
cache-control
private, no-cache, no-store, must-revalidate
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
carousel-previous.svg
dcs-static.gprod.postmedia.digital/14.1.1/websites/images/common-icon/ 		1 KB
750 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/14.1.1/websites/images/common-icon/carousel-previous.svg
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e5bab9427ec1d36c811e3ca40b2a1014b330dea0fc48b787041c572e1fdc4f28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 17:17:16 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1691009568
age
643660
x-guploader-uploadid
ADPycduu1rdxMzpULN5xU8qp9a3Kb_iAjtWN-puTW_vMHpJH7WrJD7rwP6y39CiU3YVyHt6XJYAqlciIsdAzQsRvkz_AFqOFudF0
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
519
last-modified
Thu, 03 Aug 2023 17:09:20 GMT
server
UploadServer
etag
W/"23fbd7cd311279a2b6eb68d8f6059047"
vary
Accept-Encoding
x-goog-generation
1691082560221214
x-goog-hash
crc32c=RxdKhw==, md5=I/vXzTESeaK262jY9gWQRw==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
1204
accept-ranges
none
carousel-next.svg
dcs-static.gprod.postmedia.digital/14.1.1/websites/images/common-icon/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/14.1.1/websites/images/common-icon/carousel-next.svg
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b510ee91066f77f938f78422378a73f44818d0ee661c0ccb5ad398cc7dd6b080

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 17:17:16 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1691009568
age
643660
x-guploader-uploadid
ADPycdvHXKJqi-xc3oenpcmF5epv-ceUdtQdDMo-oQA13qiTEc5gQr-crZxXbjzz6nHx1AaVDBsh4Ewa1vFblHkzRA06odQXVynj
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
520
last-modified
Thu, 03 Aug 2023 17:09:20 GMT
server
UploadServer
etag
W/"735fdba5ead6fce3777e91bf3fee8dd6"
vary
Accept-Encoding
x-goog-generation
1691082560215248
x-goog-hash
crc32c=8FG2nQ==, md5=c1/bperW/ON3fpG/P+6N1g==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
1204
accept-ranges
none
blockquote-np.svg
dcs-static.gprod.postmedia.digital/14.1.1/websites/images/np/ 		680 B
953 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/14.1.1/websites/images/np/blockquote-np.svg
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
130ace24529c659026448bbaa095596dae9dcc2028446ab4aa065a599598b87c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 17:22:16 GMT
x-goog-meta-goog-reserved-file-mtime
1691009569
age
643360
x-guploader-uploadid
ADPycduJ9SjKFhifGCgZkv-DmO0vwMrFZhPgiYMVx6rxmPKW1l4ktCOby2r18bX-tD0adqqQE1xQcU7iXINpPOx-xyOYRSD0SSEO
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
680
last-modified
Thu, 03 Aug 2023 17:09:25 GMT
server
UploadServer
etag
"45340ed3e966696b7b628557928a34ee"
x-goog-generation
1691082565888340
x-goog-hash
crc32c=iOZs6A==, md5=RTQO0+lmaWt7YoVXkoo07g==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
680
accept-ranges
bytes
EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v18/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptserif/v18/EJRVQgYoZZY2vCFuvAFWzr8.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:700%7CPT+Serif:400,700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nationalpost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 22:08:16 GMT
x-content-type-options
nosniff
age
107800
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33116
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:52:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Aug 2024 22:08:16 GMT
jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:700%7CPT+Serif:400,700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nationalpost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 08:57:05 GMT
x-content-type-options
nosniff
age
500871
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47048
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:55:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 Aug 2024 08:57:05 GMT
EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
fonts.gstatic.com/s/ptserif/v18/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptserif/v18/EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:700%7CPT+Serif:400,700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf23a7a4eebedbb87d4084a69496b29815914a18e339a00f5dc73a03c9c9328f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nationalpost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 07:36:26 GMT
x-content-type-options
nosniff
age
592110
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29588
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:28:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 03 Aug 2024 07:36:26 GMT
truncated
/ 		2 B
2 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
text/plain;charset=US-ASCII
vegan-calcium-advice.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2022/10/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2022/10/vegan-calcium-advice.jpg?h=96&strip=all&quality=80&sig=fKVf7qU3pjpQy9dpDYpoiQ
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
a7c88fc232371d8e67a78d27ebba2064592fb73e97c2493e171952180d24e12e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Thu, 10 Aug 2023 17:58:34 GMT
via
1.1 google
server
nginx/1.18.0
age
36382
etag
"15eb829e34d792ca6bc48829140739932fed5bde"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-555wh
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2514
vegan-air-canada-plane.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2022/08/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2022/08/vegan-air-canada-plane.jpg?h=96&strip=all&quality=80&sig=jr-tE9KoSz7aNA6hTjV3cw
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
5a3a5e60fd1d7d2bead85acdbac1c91c8219e3d2d3cbd8141dee2a001bfe75a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Wed, 09 Aug 2023 12:46:34 GMT
via
1.1 google
server
nginx/1.18.0
age
141502
etag
"03e9d24dc3f741ff52868e987c7432c5a6ed7646"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-5f7df9686c-2swp7
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2936
LoginRadiusV2.js
auth.lrcontent.com/v2/js/ 		204 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.lrcontent.com/v2/js/LoginRadiusV2.js
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
279e747cff38f395e407803cc28009a6d29d078f931691f9ec249c7412cf4ffb
Security Headers
Name Value
Strict-Transport-Security max-age= 63072000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:04:56 GMT
strict-transport-security
max-age= 63072000; includeSubdomains; preload
via
1.1 2d1e1e8dc0f3eb7773ec9d89a7d50ce2.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
gzip
age
4959
x-amz-cf-pop
FRA53-C1
cf-polished
origSize=1298564
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cf-bgj
minify
last-modified
Wed, 09 Aug 2023 06:27:36 GMT
server
cloudflare
etag
W/"1036f26e19da636199caa39ecb4f3b1e"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=14400
cf-ray
7f4d98ee4f7e4d58-FRA
x-amz-cf-id
N3xTr1j8MT-TuGDkKeBqgcGJDnnJtRgu5gt-_BgEJeXPiXlOJMT7wA==
expires
Fri, 11 Aug 2023 08:04:56 GMT
shared.99347ddcb2d5.js
dcs-static.gprod.postmedia.digital/14.1.1/CACHE/js/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.1.1/CACHE/js/shared.99347ddcb2d5.js
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
94f760c2f70eba9b94316e717bc2f103c401365a79dff456d584d8a287a9a695

Request headers

Referer
https://nationalpost.com/
Origin
https://nationalpost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 17:16:11 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1691009567
age
643725
x-guploader-uploadid
ADPycdsG1A0zM5d6e4forYHf5vyILdvViGPgltJT_5Wl3LmJIY11-9YWkKiJ04u-0VFw3Uokz__gfmbHYE4Mtcv20vHu
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7562
last-modified
Thu, 03 Aug 2023 17:09:01 GMT
server
UploadServer
etag
W/"0847633dd4bb94fe0811b465492da0f4"
vary
Accept-Encoding
x-goog-generation
1691082541990188
x-goog-hash
crc32c=S28U/w==, md5=CEdjPdS7lP4IEbRlSS2g9A==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
20803
accept-ranges
none
content-type
application/javascript
main.7ead3690e12f.js
dcs-static.gprod.postmedia.digital/14.1.1/CACHE/js/ 		92 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.1.1/CACHE/js/main.7ead3690e12f.js
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
7ead3690e12f75b5339e5c7387e715182416d8f2fd427d165224d5ed33e60d1c

Request headers

Referer
https://nationalpost.com/
Origin
https://nationalpost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 17:16:11 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1691009567
age
643725
x-guploader-uploadid
ADPycduMffZCcrMrEDuvOOYU3QKEWIkbSvkEGt1u2OsbEGBQfouyG2fYBLMSlgT-DCO9LvpSH3Bnwk0MUKoI5wkv2RJo
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31989
last-modified
Thu, 03 Aug 2023 17:09:01 GMT
server
UploadServer
etag
W/"d8bffe986f01273c14e5af050d9636ae"
vary
Accept-Encoding
x-goog-generation
1691082541815586
x-goog-hash
crc32c=IOYGmg==, md5=2L/+mG8BJzwU5a8FDZY2rg==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
94393
accept-ranges
none
content-type
application/javascript
icon-arrow-down-black.svg
dcs-static.gprod.postmedia.digital/14.1.1/websites/images/common-icon/ 		277 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/14.1.1/websites/images/common-icon/icon-arrow-down-black.svg
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
36260e9cb231e00f7334eacc8a181329ba4c622cb50312342edb9e8512812cf7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 17:17:16 GMT
x-goog-meta-goog-reserved-file-mtime
1691009568
age
643660
x-guploader-uploadid
ADPycdsMhCbs4aqf1SE-GxdpB9JEr_A-5tEttNhZzkrQjk40zeKys8ml6s1y_cbMjA0t5KoIBpk8jV6gy-XjkPfUulicBu6jE3Mt
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
277
last-modified
Thu, 03 Aug 2023 17:09:20 GMT
server
UploadServer
etag
"a5dd30b7839d3378d52ef14525a5aa5f"
x-goog-generation
1691082560272025
x-goog-hash
crc32c=BEI86Q==, md5=pd0wt4OdM3jVLvFFJaWqXw==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
277
accept-ranges
bytes
icon-fire.svg
dcs-static.gprod.postmedia.digital/14.1.1/websites/images/common-icon/ 		835 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/14.1.1/websites/images/common-icon/icon-fire.svg
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a345a18e5d3f6c07451cb14dd480bfad123f03663912b581265d617d4725fe9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 17:17:16 GMT
x-goog-meta-goog-reserved-file-mtime
1691009568
age
643660
x-guploader-uploadid
ADPycdsFnUuda9IFjnAMaRgibxeNz-6pLiEOlP7HuuS6YYEISEqBgUbHlBr0OkDUmBUXQpTm_krB1D0cX1H6Td0GULksZcgyXEVZ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
835
last-modified
Thu, 03 Aug 2023 17:09:20 GMT
server
UploadServer
etag
"9c6e99306a671d196d8945273b28bfe8"
x-goog-generation
1691082560528301
x-goog-hash
crc32c=0k5Zig==, md5=nG6ZMGpnHRltiUUnOyi/6A==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
835
accept-ranges
bytes
truncated
/ 		2 B
2 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
text/plain;charset=US-ASCII
23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/ 		460 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v85.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
356b97e86c75c9a846e3833a14c7ce7d2e78d540d6cd52cecad72302a6b2690d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:04:56 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
23dc09d6-b664-425a-a76e-0eed6a6cc102
age
0
x-guploader-uploadid
ADPycdukw70HssI_RDWsBZSNLd86qt74yHGdtp3QsS5gPRBFgJY1YQaJgOyvsSDIercJ6qRpcl69cM8WyeUjzWRf3Vuj4b3wHEQO
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
last-modified
Thu, 10 Aug 2023 14:13:31 GMT
server
cloudflare
etag
W/"f00a6b78cefea6e8250e4c152b0b569b"
vary
Accept-Encoding
x-goog-generation
1691676811511582
content-type
application/javascript
x-goog-hash
crc32c=cpAppQ==, md5=8ApreM7+puglDkwVKwtWmw==
cache-control
public, max-age=900
x-goog-stored-content-length
137140
timing-allow-origin
*
cf-ray
7f4d98eeee833627-FRA
expires
Fri, 11 Aug 2023 04:19:56 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/ 		400 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0b4bb74c7f550162d688cef16db8298a8b697ed71082729828f0bfc3b6bbe4dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 03:39:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
1519
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129487
x-xss-protection
0
server
cafe
etag
4885750571797100496
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 10 Aug 2024 03:39:37 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		353 B
709 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3528&u=https%3A%2F%2Fnationalpost.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
Server /
Resource Hash
d00b4c8953cdf25f549728ad667759e6f7650b5bf6146ecd3ec7c087bd3265b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 03:05:57 GMT
via
1.1 69cc5dd318e02cb1a7e8cb9951f553d8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
age
3539
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://nationalpost.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
353
x-amz-cf-id
Uickin23JLn70R-lWYvf8Ch4Vu3Xi-3uLS8uz7hzRnew3rKcFHjT9A==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding
gzip
via
1.1 9e1b24b39ac8b669f996f1e7907eb696.cloudfront.net (CloudFront)
date
Fri, 11 Aug 2023 03:20:26 GMT
x-amz-cf-pop
FRA56-P3
age
2671
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sat, 24 Jun 2023 09:19:11 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
WlL0k1-lh1KhgYoOUMnledeBKU20O_SdugoFql-oXaN-5Lkv_yUR2Q==
14648-pbjs-floors.json
ads.rubiconproject.com/floors/ 		60 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/floors/14648-pbjs-floors.json
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-202-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6f8bf0d53f59de17706c59736271bf6c7e0f28f106c5bc9ff5cc8b9f6f8fa339

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 11 Aug 2023 04:04:56 GMT
content-encoding
gzip
last-modified
Fri, 11 Aug 2023 03:40:45 GMT
server
Apache
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1500
access-control-allow-credentials
true
accept-ranges
bytes
content-length
5439
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230811
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a38efc84a770d3860ebb30fe420bf4b5824389759b16d3eb4f742a0466d7460
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 11 Aug 2023 04:04:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
245
x-jsd-version
1.0.1778
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-yyz4535-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"63f-pZAMQ8u3TvJroN7US8aSM61rQAg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CEHRie1jqzVWtfdMAS6Wfdd9huAeVnS3gdCwOFEA5Huttkrp38jk%2FYzbt7zvB4PXp9YKgttsQVUSBCng1YZFU72fhYc343QSDD9uzGMIsqt95Ad6w459C4LmUzrwVvo18Hxy4gCEwXIgv2zqwhk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7f4d98efdd85bbf5-FRA
state
api.btloader.com/mw/ 		0
101 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5707352930516992&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 11 Aug 2023 04:04:57 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/ 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:04:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
296206
x-guploader-uploadid
ADPycdvof54aj3nJF9j2pFkT7XyFfMr2eTNswXxrgFKh1yS0BnLimqeYg1sKLzp2-QT788JsKH4W5KoT_pem8-HW54kFdsBXjpPW
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dGsqxKGMtm7mWdhJz12GJHnWRT%2BQ8licKKAfeyO%2Fpcciufz7PaiEd4AA4ufRjd%2F6H2%2BHEshQLe%2FPKzbP57Z%2B4QWSUOUYkK7m%2F0xfp3aD5VLe69KtDaAwgVAdTEIEfWfIdcEzgm4G3xWrYWs%2FUg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7f4d98efec5d2bf2-FRA
expires
Mon, 07 Aug 2023 18:48:06 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.198 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 10 Aug 2023 05:55:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79761
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 11 Aug 2023 05:55:35 GMT
px.gif
ad-delivery.net/ 		43 B
935 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.32424998645090297
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:04:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
296206
x-guploader-uploadid
ADPycdvof54aj3nJF9j2pFkT7XyFfMr2eTNswXxrgFKh1yS0BnLimqeYg1sKLzp2-QT788JsKH4W5KoT_pem8-HW54kFdsBXjpPW
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qpW7ST%2Bg0p2KrjF%2BoZgKqxov5BI1gBN3xzAe9gCD5%2BpecrLYskL60JdeLBLRrCEgnZICA7fFAP2rMD0CC%2BmMqUL%2F2f7PaxQDDfJZrsgKjCl47C5aJeUA9s93RNiRUarWz8NlSsZIAuKByuAVOg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7f4d98efec5f2bf2-FRA
expires
Mon, 07 Aug 2023 18:48:06 GMT
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.215.22.18 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-22-18.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:04:57 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Fri, 11 Aug 2023 04:19:57 GMT
xd.html
fem.gprod.postmedia.digital/v85.0/ Frame 4B0D 		165 B
194 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v85.0/xd.html
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v85.0/fem.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
cd44a6cdf121c34f8e2d09644a8d1739be0d214e2dbaf1d849616645dc343364

Request headers

Referer
https://nationalpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
811475
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=31622400
content-length
165
content-type
text/html
date
Tue, 01 Aug 2023 18:40:21 GMT
etag
"ad8bbb986916331571ab56057787924b"
last-modified
Mon, 24 Jul 2023 19:24:37 GMT
server
UploadServer
x-cache-hit
hit
x-goog-generation
1690226677395131
x-goog-hash
crc32c=Wd6RrA== md5=rYu7mGkWMxVxq1YFd4eSSw==
x-goog-meta-goog-reserved-file-mtime
1690226631
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
165
x-guploader-uploadid
ADPycduF8xLhibstrvdFJMN69kwj6TVCdjtK-Fl99PrZslspYQS9atyzTXfRlBx0s6WN3goKT5ruXHV-VMtMG_j2zB_YI59BmFT_
cp2886481.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/08/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/08/cp2886481.jpg?quality=90&strip=all&w=150&type=webp&sig=AL3T8-TGwDItX4s1pUsr4Q
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
7fd7890680926681b67aabaa0560618fd31b06844344a3707c73c668ed0dfb92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Thu, 10 Aug 2023 17:47:19 GMT
via
1.1 google
server
nginx/1.18.0
age
37057
etag
"f034224becfacf2145e9e45dbbb1edb67bec5199"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-gvb5r
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5234
Steven-Guilbeault-1.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/08/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/08/Steven-Guilbeault-1.jpg?quality=90&strip=all&w=150&type=webp&sig=j7QqgIxxExGuhGICwnMErQ
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
534e496086f14885de313be975a05a6174197668a865842191a2c45094d5a9fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Fri, 11 Aug 2023 00:05:05 GMT
via
1.1 google
server
nginx/1.18.0
age
14391
etag
"abb2dbfdaad73686f6b8933e3d46c5dc5d58df8f"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-d6scf
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5038
CP13288971.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/08/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/08/CP13288971.jpg?quality=90&strip=all&w=150&type=webp&sig=R3Qrrnt9vY_b__rks52I7Q
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
bed8674e46bd7c49fe5c662505017c8624668174b4b71e82eefc284a2f8a6b40

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Thu, 10 Aug 2023 14:34:15 GMT
via
1.1 google
server
nginx/1.18.0
age
48641
etag
"79d632a867e00c57b0627e1e9e14f87fc468caba"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-5f7df9686c-lnjwh
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7382
gettyimages-663882220.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/08/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/08/gettyimages-663882220.jpg?quality=90&strip=all&w=150&type=webp&sig=fBNv2ER4RoeVk53XzRO26Q
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
cd754f30e7594b88c1d163a21253d0586e816fb3ec27ff991bf1ac15c612ccde

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Thu, 10 Aug 2023 14:59:05 GMT
via
1.1 google
server
nginx/1.18.0
age
47151
etag
"9fb6cb9d9d0c3fd8bebcebe84f53278c8e8fb243"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-5f7df9686c-qzbjt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3900
Castle.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/08/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/08/Castle.jpg?quality=90&strip=all&w=150&type=webp&sig=U7v1eeqjL0OLxXC2ukkjIw
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
0465d9e8f79bd90c91071735e1fb63a5f9b030413a907f26d2d5c53c15930a73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Thu, 10 Aug 2023 20:27:00 GMT
via
1.1 google
server
nginx/1.18.0
age
27476
etag
"80b55913ab857a1743997a91bbdfe748672e5a97"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-gvb5r
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7720
cp2886481.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/08/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/08/cp2886481.jpg?quality=90&strip=all&w=344&type=webp&sig=x_QTOlim3VdXwEBL_Z0xEA
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
c310017401c4eee5944462dd42f47aefeff2df652d58f85babb62c1cbddfb2df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Thu, 10 Aug 2023 17:42:31 GMT
via
1.1 google
server
nginx/1.18.0
age
37345
etag
"55a5ee9c2d48b349a9c3c4d9870098d4a33f9cd7"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-m6m74
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19450
Steven-Guilbeault-1.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/08/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/08/Steven-Guilbeault-1.jpg?quality=90&strip=all&w=344&type=webp&sig=4dLhy6tqv5jnU-1AxreUGQ
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
a72d3e0474387d99479a2514edd11fb512970a31f7f0bc4241863664a97fecba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Fri, 11 Aug 2023 00:01:11 GMT
via
1.1 google
server
nginx/1.18.0
age
14625
etag
"936734d763c2c89e798114b43df2399b10585099"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-d6scf
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14404
CP13288971.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/08/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/08/CP13288971.jpg?quality=90&strip=all&w=344&type=webp&sig=RNQj2g0tMoArFdCBNffrIQ
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
0b4e871db476c5cd38b0bc9fc3f5ab944ef115e10da7243b25be3994a4b2b817

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Thu, 10 Aug 2023 13:25:35 GMT
via
1.1 google
server
nginx/1.18.0
age
52761
etag
"fb05bdf1b0052ff64984b136ea43cd3f4ab3aaa9"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-5f7df9686c-vkqgm
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25874
gettyimages-663882220.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/08/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/08/gettyimages-663882220.jpg?quality=90&strip=all&w=344&type=webp&sig=83Cm0zFJmiTxlM265DgXjA
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
c7f2656e323443bddb68954120e20dcc258b7a41c0f11e9efb206f2132b7a327

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Thu, 10 Aug 2023 14:50:37 GMT
via
1.1 google
server
nginx/1.18.0
age
47659
etag
"7c00e33679116eba45408bfbf7535cb13b03349f"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-5f7df9686c-vkqgm
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12440
Castle.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/08/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/08/Castle.jpg?quality=90&strip=all&w=344&type=webp&sig=ngM7nNCc8jM3aeKwQ_spfg
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
a08d9c7a735870eda9254652cbb86f9e47b00c896da4e0204fb483265ac39433

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Thu, 10 Aug 2023 20:16:57 GMT
via
1.1 google
server
nginx/1.18.0
age
28079
etag
"8631d98c98ad9367b17182655be3014326ae1ec3"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-gvb5r
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36092
GettyImages-1222219561-e1615395464396.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2021/03/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2021/03/GettyImages-1222219561-e1615395464396.jpg?quality=90&strip=all&w=344&type=webp&sig=Zir8DBU7EZdw1ES2eVyysA
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
5298202a537770c56dcb3589b5524cf03f1af58c2b875e7686948c805eaf49c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Thu, 10 Aug 2023 19:01:59 GMT
via
1.1 google
server
nginx/1.18.0
age
32577
etag
"48a161d5d911e3bd220c21d4083ab2645f1774d9"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-ss9kz
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16694
0812-this-just-in-summer.jpg
smartcdn.gprod.postmedia.digital/vancouversun/wp-content/uploads/2023/08/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/vancouversun/wp-content/uploads/2023/08/0812-this-just-in-summer.jpg?quality=90&strip=all&w=344&type=webp&sig=N8EsLxpNFO9gAVvW8o5niw
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
009b0f51fe99aa3eeabcf53c1bc67ab000fac5e2da438d12dfdff8c77d13b3c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-pmd-smartcdn-requester
vancouversun
date
Thu, 10 Aug 2023 16:05:54 GMT
via
1.1 google
server
nginx/1.18.0
age
43142
etag
"55a24b5e5849b897bf94260477f5dbf21895318b"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-5f7df9686c-cgzn8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2252
shutterstock_710210185-e1690908457441.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/07/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/07/shutterstock_710210185-e1690908457441.jpg?quality=90&strip=all&w=344&type=webp&sig=vX2o1Y2_YyKB0Q0t6uMExA
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
5e894c70375c943d36bf55f44ca9a3b9fde5fe275cb9e0b592295971fb44813a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Thu, 10 Aug 2023 16:44:07 GMT
via
1.1 google
server
nginx/1.18.0
age
40849
etag
"3ad0251d6b605a516f278e9db3bd1a6a53b28529"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-5f7df9686c-xhzhp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23878
termperature-guns-e1691533743611.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/07/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/07/termperature-guns-e1691533743611.jpg?quality=90&strip=all&w=344&type=webp&sig=wQ_dveENk-fkzy9jzYyE_Q
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
96496f8d6db8422593435beb0790093fb8338b626ca31854f0e0d53ac983c5f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Thu, 10 Aug 2023 12:31:22 GMT
via
1.1 google
server
nginx/1.18.0
age
56014
etag
"cf6bbee6afe776f700a973270e75d2ecaee4afae"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-5f7df9686c-nbkkv
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3282
0813-beauty-bar.jpg
smartcdn.gprod.postmedia.digital/vancouversun/wp-content/uploads/2023/08/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/vancouversun/wp-content/uploads/2023/08/0813-beauty-bar.jpg?quality=90&strip=all&w=344&type=webp&sig=xsZSs6gstUQZrOfmes_1oA
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
0aefd4dfa33ea883915663df6cc7e97b73c1b8dd0879c58face2d9bf32829e30

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-pmd-smartcdn-requester
vancouversun
date
Wed, 09 Aug 2023 18:07:06 GMT
via
1.1 google
server
nginx/1.18.0
age
122270
etag
"8267fe45129bc48ec45bb23a6aebd52b151bb124"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-5f7df9686c-xhzhp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12916
661f0c84785f13f8660931.js
dcs-static.gprod.postmedia.digital/14.1.1/websites/js/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.1.1/websites/js/661f0c84785f13f8660931.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.1.1/CACHE/js/shared.99347ddcb2d5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e0c867c8b4ddc4704dea1c8f1cfd309b9a4bd9cdd64a9fbbf21ffd1b31bf156a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 17:16:57 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1691009568
age
643679
x-guploader-uploadid
ADPycdvPd4joyQoAnr5QeI_ila92DdzZFp5z9yTmF5UP6l-Z2GlOQUGalhmlSQgs7ozBT7_uI6Dk6oNpjSvJupDiY25iSESUFyUF
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2264
last-modified
Thu, 03 Aug 2023 17:09:29 GMT
server
UploadServer
etag
W/"8f66e8bc3032ac3dc8ebd62539ebc17b"
vary
Accept-Encoding
x-goog-generation
1691082569475801
x-goog-hash
crc32c=HMgZdw==, md5=j2bovDAyrD3I69YlOevBew==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
8968
accept-ranges
none
aba096c430a315872d8730.js
dcs-static.gprod.postmedia.digital/14.1.1/websites/js/ 		1 KB
811 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.1.1/websites/js/aba096c430a315872d8730.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.1.1/CACHE/js/shared.99347ddcb2d5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
93b8402a673173fe8db4b9643ec4dbec0cf15e8a86524c99c3a9c4ad3f7904a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 17:16:57 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1691009568
age
643679
x-guploader-uploadid
ADPycduGNnf-zG1l-LpD26rTlevDCtZvctSsthgDWKzEc0YKrN4W0dhVLkbS0ugd-ioFIAh-2R4SncJ3WELSYfVkHyzm8shprp1d
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
564
last-modified
Thu, 03 Aug 2023 17:09:29 GMT
server
UploadServer
etag
W/"75b92a97331c0ac10fc16dd46a7ebbeb"
vary
Accept-Encoding
x-goog-generation
1691082569981589
x-goog-hash
crc32c=jePDKQ==, md5=dbkqlzMcCsEPwW3Uan676w==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
1353
accept-ranges
none
d29574067a0bb7d8c8bd3.js
dcs-static.gprod.postmedia.digital/14.1.1/websites/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.1.1/websites/js/d29574067a0bb7d8c8bd3.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.1.1/CACHE/js/shared.99347ddcb2d5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
69193c467efacbd943f4138e5b2b93dd1ded275d6e8233fd28b2a0f74765365b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 17:16:57 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1691009568
age
643679
x-guploader-uploadid
ADPycduIjshcE9N5j4ZxttLNtTnmWH7KcYWYMzi84jK81bTK54u-j8aR2i0gOSTxn-OZvMzHP6NKgfMhpxb1Oc8ZKPEFUJdUwKOU
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3629
last-modified
Thu, 03 Aug 2023 17:09:30 GMT
server
UploadServer
etag
W/"233d9c59e0bd2b47b18fd5358ef0160f"
vary
Accept-Encoding
x-goog-generation
1691082570353861
x-goog-hash
crc32c=jLECtw==, md5=Iz2cWeC9K0exj9U1jvAWDw==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
11403
accept-ranges
none
8ae633f3387ab3d9f89616.js
dcs-static.gprod.postmedia.digital/14.1.1/websites/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.1.1/websites/js/8ae633f3387ab3d9f89616.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.1.1/CACHE/js/shared.99347ddcb2d5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
6029effcb1fb7327b832ce827a84f8ebe8c7a2154cb43f4186e5ea2bd6f9f49f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 17:16:57 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1691009568
age
643679
x-guploader-uploadid
ADPycduudqTTPOZJD3-POBoJMTS8AklEu3C5lZsUaQCbVyGhB-exDNLWgg4Q5eBbOp2HW3_Ydnnl7w8g-mEWokEuFM3gNYFN0hlx
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4428
last-modified
Thu, 03 Aug 2023 17:09:29 GMT
server
UploadServer
etag
W/"8c886839348e84eeb16a0f142757b307"
vary
Accept-Encoding
x-goog-generation
1691082569718296
x-goog-hash
crc32c=Jbp6BQ==, md5=jIhoOTSOhO6xag8UJ1ezBw==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
13988
accept-ranges
none
9a5c5e168c23aa00f50a14.js
dcs-static.gprod.postmedia.digital/14.1.1/websites/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.1.1/websites/js/9a5c5e168c23aa00f50a14.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.1.1/CACHE/js/shared.99347ddcb2d5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
19387a25aa708b3419f639b862c4d8b52daeb8d40a8fdb3622a0f1a7ff16f575

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 17:16:57 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1691009568
age
643679
x-guploader-uploadid
ADPycduHYum7cZoHyYSr0MgKhQ2jpUyPEPUYd59Si1oh0c5z7PMDLOVTs6xZ50TFRRgOcssBVyeFHf4fX5H_-j4ADMbO4md7IQpT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1603
last-modified
Thu, 03 Aug 2023 17:09:29 GMT
server
UploadServer
etag
W/"b82ca67cf6c02d752df773262138235a"
vary
Accept-Encoding
x-goog-generation
1691082569853620
x-goog-hash
crc32c=cLcf7g==, md5=uCymfPbALXUt93MmITgjWg==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
3936
accept-ranges
none
4614ae231c0a2b57dd6926.js
dcs-static.gprod.postmedia.digital/14.1.1/websites/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.1.1/websites/js/4614ae231c0a2b57dd6926.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.1.1/CACHE/js/shared.99347ddcb2d5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
9f62e9f8bf63e2614008fcebd71faef975394171448981ecde856f7c0b239099

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 17:16:57 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1691009568
age
643679
x-guploader-uploadid
ADPycdsWWrxMYlY2ZSXQkzq6lc80f2HFFMbGQ7exuY8fqNi-7XyfS7-CLGD4Mj9HrZUzxNcvIHfCZzQBC8yzEr0UOOfbhb6OJV84
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2153
last-modified
Thu, 03 Aug 2023 17:09:28 GMT
server
UploadServer
etag
W/"0b75e24dbe9aa10a5267be188a5c9892"
vary
Accept-Encoding
x-goog-generation
1691082568963416
x-goog-hash
crc32c=cFEdPA==, md5=C3XiTb6aoQpSZ74YilyYkg==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
6373
accept-ranges
none
89c990664a3c5e637fda35.js
dcs-static.gprod.postmedia.digital/14.1.1/websites/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.1.1/websites/js/89c990664a3c5e637fda35.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.1.1/CACHE/js/shared.99347ddcb2d5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
057195b80c1594769bccb5bbb495f6b011b0fa6b0a39f12194248ef9dc15420a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 17:16:57 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1691009568
age
643679
x-guploader-uploadid
ADPycdvnEC2eRD3eRlDhe3PKyLS24jxfey0ikZIpLvwAWz6Susg-S924BOOOmCNZE34yX-a-MvA5HxxFC8EmGUlxHjJ0yvoBkvOl
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1071
last-modified
Thu, 03 Aug 2023 17:09:29 GMT
server
UploadServer
etag
W/"d02f8c5e62b55a0b33441e24cf495155"
vary
Accept-Encoding
x-goog-generation
1691082569706761
x-goog-hash
crc32c=/bKBxw==, md5=0C+MXmK1WgszRB4kz0lRVQ==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
2461
accept-ranges
none
pub
pixel.adsafeprotected.com/services/ 		723 B
957 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=928934&slot=%7Bid:ad-1,ss:%5B1200.90,970.90,728.90%5D,p:/3081/npo.com/news/story,t:display%7D&slot=%7Bid:ad-2,ss:%5B6.6,1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/npo.com/news/story,t:display%7D&slot=%7Bid:ad-3,ss:%5B7.7,1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/npo.com/news/story,t:display%7D&slot=%7Bid:ad-native-2,ss:%5B5.5%5D,p:/3081/npo.com/news/story,t:display%7D&slot=%7Bid:ad-native-1,ss:%5B5.5%5D,p:/3081/npo.com/news/story,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=fbb22b16-46a1-cd7c-5135-9ab5723e2562&url=https%253A%252F%252Fnationalpost.com%252Fnews%252Fvegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.23.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-23-60.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
2c10ab9daf8380e6b89fba9a9e61f970af04a1365104413ce206662d4c755a68

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:04:57 GMT
server
nginx
x-server-name
app03.ie.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://nationalpost.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223528%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
416 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223528%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22started%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fnationalpost.com%252Fnews%252Fvegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.9.235 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-9-235.fra56.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Aug 2023 04:04:57 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
GKPSA62AQWXTNC626J5M
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
2PpGX4ACa7EatRvmBu9llGIu2H1JyvVo8FKPTWfnmQ3mRRLK4Z4Axg==
bid
aax.amazon-adsystem.com/e/dtb/ 		64 B
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3528&u=https%3A%2F%2Fnationalpost.com%2Fnews%2Fvegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections&pid=M4U6BMStROYXB&cb=0&ws=1600x1200&v=23.725.1446&t=2000&slots=%5B%7B%22sd%22%3A%22ad-1%22%2C%22s%22%3A%5B%221200x90%22%2C%22970x90%22%2C%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22ad-2%22%2C%22s%22%3A%5B%226x6%22%2C%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-3%22%2C%22s%22%3A%5B%227x7%22%2C%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-2%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-1%22%2C%22s%22%3A%5B%225x5%22%5D%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.9.235 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-9-235.fra56.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:04:57 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 88cabd6b8652306789c6bc8090fbcb1a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
8VKR37232A1C9RQ7JA2C
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://nationalpost.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
5h4-tkEDt30uI4qGj_rjhZQXgkld0P5FEKEkSaTiYeGjZ0GeV_Fp4Q==
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223528%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
416 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223528%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22cancelled%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fnationalpost.com%252Fnews%252Fvegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.9.235 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-9-235.fra56.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Aug 2023 04:04:57 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
63MY57K779PNKFP9P8HF
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
zAY5Hg2JAFm0vzyunWOZCMS1INcUuzGDUFVQR4K6VQtAKkrBpZxEoQ==
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223528%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
416 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223528%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22cancelled%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fnationalpost.com%252Fnews%252Fvegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.9.235 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-9-235.fra56.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Aug 2023 04:04:57 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
5QKJF6JV1YZ761A2MYQS
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
8XUSkR8LMnUpAFqx2JTJJbZA5B6HxYlryRVhDinY1BrxHeW-hnAI_w==
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223528%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
414 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223528%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22cancelled%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fnationalpost.com%252Fnews%252Fvegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.9.235 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-9-235.fra56.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Aug 2023 04:04:57 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
A4JCMCQV212978KFY3KF
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
eCwZghHNms-R0kB3robGilfCzYKAhPx454_nGD0xHr-U5pjxwjDbvA==
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223528%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
415 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223528%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22cancelled%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fnationalpost.com%252Fnews%252Fvegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.9.235 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-9-235.fra56.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Aug 2023 04:04:57 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
09X1VDFT4PG7APFBBT09
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
yb0r2s4PcDH4mqnbsTSulz4pBa8hYLKwnQPvpWKAYBNSBfkrQOGYwQ==
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:04:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
37943
x-jsd-version
master
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230042-FRA, cache-yyz4527-YYZ
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SI004DcMf047IRL7cQBRhPLjgAsCxYfRxZzJWyhCE2wI66ZTXFCHKsB0Ng9n7AMDSVkbXZGWU6S9yLauoY1%2Biads%2BeZkh4d1mfNu7FMcoB7MRsh%2FpJ0TcjcxoRfIgQzwY5FPrzHMA55eyMzg8zQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7f4d98f139594dcc-FRA
db937de5f271191df6744.js
dcs-static.gprod.postmedia.digital/14.1.1/websites/js/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.1.1/websites/js/db937de5f271191df6744.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.1.1/CACHE/js/shared.99347ddcb2d5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
07af69012c290d3655c6c0e638f4ac4e504d55363dff7eb7a1319615336c9fd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 17:16:11 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1691009568
age
643726
x-guploader-uploadid
ADPycdsIZ9UK8KN31RC9rroslIN91IAGBlEThZZjsx4ayqaDInr--q0MqsvwF1n82YcaheGWR7C1Umu9hHWbJk8iTOae
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4394
last-modified
Thu, 03 Aug 2023 17:09:30 GMT
server
UploadServer
etag
W/"3bfbd59f97296aaf58442bbdf53f71d3"
vary
Accept-Encoding
x-goog-generation
1691082570390578
x-goog-hash
crc32c=TWNiDw==, md5=O/vVn5cpaq9YRCu99T9x0w==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
15526
accept-ranges
none
4e8720b61d861864435e36.js
dcs-static.gprod.postmedia.digital/14.1.1/websites/js/ 		224 B
253 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.1.1/websites/js/4e8720b61d861864435e36.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.1.1/CACHE/js/shared.99347ddcb2d5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
da9b18821986663ec3e5f926699020bfcd9ca73aec75fbed9006866022808e8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 17:16:11 GMT
x-goog-meta-goog-reserved-file-mtime
1691009568
age
643726
x-guploader-uploadid
ADPycdt-a7QDYEBNdhBB20w0YhSrwMlZi-D49Npja-v5xCQm5Y34ZXLkxbDjUOwUZB3RwgR4Rv2VB8uTrXuqbuCruuvt
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
224
last-modified
Thu, 03 Aug 2023 17:09:29 GMT
server
UploadServer
etag
"087008fa497bb67bcdf1a4c150537516"
x-goog-generation
1691082569169464
x-goog-hash
crc32c=UBw1Fg==, md5=CHAI+kl7tnvN8aTBUFN1Fg==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
224
accept-ranges
bytes
c54d8838f24e11c572ba28.js
dcs-static.gprod.postmedia.digital/14.1.1/websites/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.1.1/websites/js/c54d8838f24e11c572ba28.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.1.1/CACHE/js/shared.99347ddcb2d5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
bf96a4cb97d885f1ece0482419a5097dcb59c168772a37b8ff911750836ddbca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 17:16:11 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1691009568
age
643726
x-guploader-uploadid
ADPycdtJAKNsjFIVOLg_QlDLhytkFji4BArTQbKZ3oyknFF8iohkoy9GvyYFw58regjBSS6Q1Nt0JOpI42UnioQmv4p5
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1007
last-modified
Thu, 03 Aug 2023 17:09:30 GMT
server
UploadServer
etag
W/"cdb254cbf05bd6d72f05ca54bd55a4a5"
vary
Accept-Encoding
x-goog-generation
1691082570221282
x-goog-hash
crc32c=x3vP1Q==, md5=zbJUy/Bb1tcvBcpUvVWkpQ==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
2390
accept-ranges
none
7380f428297495c9787e0.js
dcs-static.gprod.postmedia.digital/14.1.1/websites/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.1.1/websites/js/7380f428297495c9787e0.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.1.1/CACHE/js/shared.99347ddcb2d5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8d3d191d44b6a042adb3ac86d403f8eaa0f7d28056ce74fb3ec3bc65aff5178f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 17:16:11 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1691009568
age
643726
x-guploader-uploadid
ADPycdvmVAG8JADrtAdaZCjIQIuGiXEisJRtCvSY5FzYm4mDMXvVG8P_nZLouaVis89mJOOZ3i4rxOWxbsqF3jYT-CqK
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2826
last-modified
Thu, 03 Aug 2023 17:09:29 GMT
server
UploadServer
etag
W/"16a345a6eb36c4391df09d45582d99e7"
vary
Accept-Encoding
x-goog-generation
1691082569552506
x-goog-hash
crc32c=eCv7Ug==, md5=FqNFpus2xDkd8J1FWC2Z5w==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
6981
accept-ranges
none
a3ec7ed2dfcc00ca264c23.js
dcs-static.gprod.postmedia.digital/14.1.1/websites/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.1.1/websites/js/a3ec7ed2dfcc00ca264c23.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.1.1/CACHE/js/shared.99347ddcb2d5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ce559c0f43ec2a0dc664159bd06a2ac3bd3e5fdde0958a7db9418a80b1c4cf09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 17:16:11 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1691009568
age
643726
x-guploader-uploadid
ADPycdsmhX2eP4q9XzjU9TjOoYkIWIKLWfJaGKaUYGrfGzsm6kHT1fT3aEvjbg1pjIau09I5ZyS1yh8xA79-tgSCjNj9
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2088
last-modified
Thu, 03 Aug 2023 17:09:29 GMT
server
UploadServer
etag
W/"a382b48ee1cf980223c8003d301c2f39"
vary
Accept-Encoding
x-goog-generation
1691082569957479
x-goog-hash
crc32c=TYe94Q==, md5=o4K0juHPmAIjyAA9MBwvOQ==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
6047
accept-ranges
none
a5cd204ab7f441c3586232.js
dcs-static.gprod.postmedia.digital/14.1.1/websites/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.1.1/websites/js/a5cd204ab7f441c3586232.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.1.1/CACHE/js/shared.99347ddcb2d5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8f2ecfe8f3671ad30765a6af5b64c8511775f5cb609d30d9709dae88f2010dfa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 17:16:11 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1691009568
age
643726
x-guploader-uploadid
ADPycdtRu9ZOaDjncbxlqUEgjzl7FJZVpJvnZ-PKvqSJhxmqyMbas808W9I_zqsGWVuDZQ6P8OVQlwRAWLas2mA75JRF
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2516
last-modified
Thu, 03 Aug 2023 17:09:29 GMT
server
UploadServer
etag
W/"d3f6327857b84d484af39c2804392833"
vary
Accept-Encoding
x-goog-generation
1691082569957942
x-goog-hash
crc32c=KGQBNQ==, md5=0/YyeFe4TUhK85woBDkoMw==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
6721
accept-ranges
none
xd.js
fem.gprod.postmedia.digital/v85.0/ Frame 4B0D 		51 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v85.0/xd.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v85.0/xd.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8f92f2d1f186e48942e3d37b11524101fa721da66074b44bc4ff69f8148fcb90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fem.gprod.postmedia.digital/v85.0/xd.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 18:40:21 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1690226631
age
811476
x-guploader-uploadid
ADPycdu60rrkQsiFbvJjsgzMN8ht41MXwMiwd7-xv_4O5MDKSP1njpGQ_rTEYzBuYu2pVRF49grWmuMWtTjbZU5LEtedCN_LNsDT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17104
last-modified
Mon, 24 Jul 2023 19:24:37 GMT
server
UploadServer
etag
W/"2dad80baf6eea16d84e34db3a1a98253"
vary
Accept-Encoding
x-goog-generation
1690226677447294
x-goog-hash
crc32c=8oYf8w==, md5=La2AuvbuoW2E402zoamCUw==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
51869
accept-ranges
none
country
api.btloader.com/ 		16 B
141 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5707352930516992&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:04:57 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
pv
api.btloader.com/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=y7Er1QpVe&w=6230644934311936&o=5707352930516992&cv=2.1.17-2-g0b33bd3&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fnationalpost.com%2Fnews%2Fvegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections&sid=lTJKT8bJT&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5707352930516992&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 11 Aug 2023 04:04:57 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
pbjs
htlb.casalemedia.com/openrtb/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=617068
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82de1c71b1965a6888eac09dceb3ed35cfcfebc776bd6ef68dab1673f990b28d

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 11 Aug 2023 04:04:57 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aFmYacWXRK7NXLJcDagNuxF5Jcg8yKKuY8RDfhgFyc1ybA020IV9Y0b3brragaOfMz6DXutO%2FoLfduivWw36%2BvWzU8b5rU8ngt0zZ7gr7%2BgPG4vM0R3HS4Ih9%2Frt9wy9H8AyPwL9"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://nationalpost.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7f4d98f20d5818b7-FRA
alt-svc
h3=":443"; ma=86400
expires
0
prebidjs
rtb.openx.net/openrtbb/ 		53 B
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4882daf540d3bbda6915932253de72886d589f192cf931c0327d8c0fa6716866

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 11 Aug 2023 04:04:57 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://nationalpost.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
bid
ap.lijit.com/rtb/ 		94 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.54.0
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.86 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
a89c5fb4eedad66c9f93745c6ff8bdefbdf57679500db01044c392048b854fcb

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 11 Aug 2023 04:04:57 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://nationalpost.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
prebid
ib.adnxs.com/ut/v3/ 		379 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
c8c9f51e9a0b354956c1b663d19a33c7b4c60e1e894d8ee40e632cd4ffcb56c7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 11 Aug 2023 04:04:57 GMT
an-x-request-uuid
63a8a3b0-b427-4dec-85a5-bcf7654311ff
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nationalpost.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
84.19.175.183; 84.19.175.183; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
379
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nationalpost.com
date
Fri, 11 Aug 2023 04:04:57 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		0
195 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.0&cb=22601420773&lsavail=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nationalpost.com
date
Fri, 11 Aug 2023 04:04:57 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
fastlane.json
fastlane.rubiconproject.com/a/api/ 		725 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14648&site_id=359816&zone_id=1939398&size_id=2%3B15%3B15&alt_size_ids=55%3B2%2C55%2C57%3B2%2C55%2C57&eid_pubcid.org=2c668ba8-d5d1-4019-bf3e-2a4418d92e10%5E1&rf=https%3A%2F%2Fnationalpost.com%2Fnews%2Fvegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections&tg_i.domain=nationalpost.com&tg_i.page=https%3A%2F%2Fnationalpost.com%2Fnews%2Fvegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections&tg_i.aupname=%2F3081%2F.*(%3F%3C!viafoura.*)%24&tg_i.pbadslot=%2F3081%2Fnpo.com%2Fnews%2Fstory%23ad-1%3B%2F3081%2Fnpo.com%2Fnews%2Fstory%23ad-2%3B%2F3081%2Fnpo.com%2Fnews%2Fstory%23ad-3&tk_flint=dmpbjs_v7.54.0&x_source.tid=59f45b7e-af92-4abe-90e5-e4c1ae78737f%3B6f8c05e5-950f-4fd9-876d-edc9acad424d%3Be22122cd-55d2-450b-8977-5f42f59213e6&l_pb_bid_id=44f6ebd90900a07%3B45a3d6669a4193a%3B46f7570944d538c&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=59f45b7e-af92-4abe-90e5-e4c1ae78737f%3B6f8c05e5-950f-4fd9-876d-edc9acad424d%3Be22122cd-55d2-450b-8977-5f42f59213e6&rp_hard_floor=0.39&rp_maxbids=1&p_gpid=%2F3081%2Fnpo.com%2Fnews%2Fstory%23ad-1%3B%2F3081%2Fnpo.com%2Fnews%2Fstory%23ad-2%3B%2F3081%2Fnpo.com%2Fnews%2Fstory%23ad-3&slots=3&rand=0.6333107210074285
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c1720c51f6e31cf61ca97d051c51ecc9531f2cdfd8c23271a07ff38009d11341

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 11 Aug 2023 04:04:57 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nationalpost.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
simple
api.sail-personalize.com/v1/personalize/ 		288 B
498 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Requested by
Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash
0305ec619fa00f4120812a08b93aff1d68ff2abde8c97f9d16ce63aa5a1b968c

Request headers

x-lib-version
v1.0.1
accept-language
de-DE,de;q=0.9
authorization
Bearer b9d3df2fccd108b5eff3c44f573b2cd6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
application/json
accept
application/json
Referer
https://nationalpost.com/
x-referring-url
https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections

Response headers

pragma
no-cache
date
Fri, 11 Aug 2023 04:04:57 GMT
content-encoding
gzip
allowedorigins
*
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
allowedmethods
GET,OPTIONS
cache-control
no-store
access-control-allow-credentials
true
allowedheaders
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length
197
expires
-1
simple
api.sail-personalize.com/v1/personalize/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-lib-version,x-referring-url
Access-Control-Request-Method
GET
Origin
https://nationalpost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
access-control-allow-methods
OPTIONS,GET,POST,PUT,DELETE
access-control-allow-origin
https://nationalpost.com
access-control-max-age
1800
allow
HEAD,GET,OPTIONS
content-length
18
content-type
text/plain
date
Fri, 11 Aug 2023 04:04:57 GMT
pxid
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/v2.0/ 		46 B
393 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/v2.0/pxid?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.9.241.35.bc.googleusercontent.com
Software
Permutive /
Resource Hash
c0b514e68356a91ef7fc6e840e1800c4506325971a581cf7a0e5786de8cf8767

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 11 Aug 2023 04:04:57 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://nationalpost.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66
getuidj
ib.adnxs.com/ 		11 B
573 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 11 Aug 2023 04:04:57 GMT
an-x-request-uuid
10914962-2f45-44fa-ab37-54b0d0be657a
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nationalpost.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
84.19.175.183; 84.19.175.183; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
11
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
1d2c44f3-2629-4286-9fbe-1c74acaf3bb1
https://nationalpost.com/ 		176 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://nationalpost.com/1d2c44f3-2629-4286-9fbe-1c74acaf3bb1
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b5067e5834f1b90474d3d6e88b1dca2872d96b4d26c72292c50244c911d3fb22

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Length
180498
Content-Type
407dfc70-c9bb-41cb-99d5-c3630a367aaf
https://nationalpost.com/ 		176 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://nationalpost.com/407dfc70-c9bb-41cb-99d5-c3630a367aaf
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b5067e5834f1b90474d3d6e88b1dca2872d96b4d26c72292c50244c911d3fb22

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Length
180498
Content-Type
23dc09d6-b664-425a-a76e-0eed6a6cc102-models.bin
cdn.permutive.com/models/v2/ 		53 KB
37 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/models/v2/23dc09d6-b664-425a-a76e-0eed6a6cc102-models.bin
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.149.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e2ebaba73999330a3adec9d71ce3d0fd7537e3204945d1b0ff41ca5a7e5723c

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 11 Aug 2023 04:04:57 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
x-goog-meta-oid
23dc09d6-b664-425a-a76e-0eed6a6cc102
age
0
x-guploader-uploadid
ADPycdu5Qda4tLvKOqa9hacq5DwJkNhbqeJOE5F0ghcSYyYkWJtsslqJo_8SXwk0ssjC4XNyhYmu3nhZ5vibzMQsOohA7uRk2nGr
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
37045
last-modified
Tue, 08 Aug 2023 06:02:24 GMT
server
cloudflare
etag
"939ca2f8dad96a46d7ece0c71ea86281"
vary
Accept-Encoding
x-goog-generation
1691474544159444
content-type
application/x-binary
access-control-allow-origin
*
x-goog-hash
crc32c=GR8uRA==, md5=k5yi+NrZakbX7ODHHqhigQ==
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=900, no-transform
x-goog-stored-content-length
37045
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7f4d98f2b9df1997-FRA
expires
Fri, 11 Aug 2023 04:04:57 GMT
geoip
api.permutive.com/v2.0/ 		235 B
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
99076d574fa054a3a93d2687f4021cfc74986f32882405c680e2a08cdb3b30e6

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 11 Aug 2023 04:04:57 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://nationalpost.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
163
watson
api.permutive.com/v2.0/ 		382 B
326 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/watson?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
703c7db8caf634db1260f93afe24ee8b80b6db8451d7217689b358a0e5b47ff0

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 11 Aug 2023 04:04:57 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://nationalpost.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
261
identify
api.permutive.com/v2.0/ 		50 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
99c4b47843b5e39c5372178b3f41d797977c66585c81493a92995730bdf55017

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 11 Aug 2023 04:04:57 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://nationalpost.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
segment
api.permutive.com/adv/v2/ 		44 B
108 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/adv/v2/segment?new-session=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
406b6d79687c2601d33b029cf7867ab6cedc6c01ef13d669835b743f967d5d52

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 11 Aug 2023 04:04:57 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44
content-type
application/json
sync
googlesync.permutive.com/v2.0/px/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=c60a9942-e7a1-49ba-962e-1435c3023ea4
  • https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=c60a9942-e7a1-49ba-962e-1435c3023ea4&google_tc=
  • https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEAjZ-PiaISHWnsPi2OgElrU&error=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=c60a9942-e7a1-49ba-962e-1435c3023ea4&google_cver=1
35 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEAjZ-PiaISHWnsPi2OgElrU&error=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=c60a9942-e7a1-49ba-962e-1435c3023ea4&google_cver=1
Protocol
H2
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:04:57 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
vary
Origin
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 11 Aug 2023 04:04:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEAjZ-PiaISHWnsPi2OgElrU&error=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=c60a9942-e7a1-49ba-962e-1435c3023ea4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
404
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
appInfo
config.lrcontent.com/ciam/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://config.lrcontent.com/ciam/appInfo?apikey=1a9a7ccf-c3f1-4ec9-a65f-2c3e8d9510a5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:5eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
https://nationalpost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-headers
x-requested-with
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://nationalpost.com
allow
GET, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7f4d98f41ff09048-FRA
date
Fri, 11 Aug 2023 04:04:57 GMT
server
cloudflare
vary
Origin
appInfo
config.lrcontent.com/ciam/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://config.lrcontent.com/ciam/appInfo?apikey=1a9a7ccf-c3f1-4ec9-a65f-2c3e8d9510a5
Requested by
Host: auth.lrcontent.com
URL: https://auth.lrcontent.com/v2/js/LoginRadiusV2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:5eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1d82b2f7c752ef9d32865cbe234a0ca0b0d5822c5508627b317705ffd23ef2e

Request headers

Referer
https://nationalpost.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:04:57 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json
access-control-allow-origin
https://nationalpost.com
cache-control
max-age=86400
cf-ray
7f4d98f4680f9048-FRA
b8b0ef9d6ea4dd18cee3.js
fem.gprod.postmedia.digital/v85.0/chunks/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v85.0/chunks/b8b0ef9d6ea4dd18cee3.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v85.0/fem.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
44c46b2edb60329726390cf58b9135fb4b64d836dbeaf4e139f52b5d9df73981

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 18:40:22 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1690226631
age
811475
x-guploader-uploadid
ADPycdu1NjpB8ttBhjJ5s8NBTmnfyW0TpoDhcRo0MuuVIwCp1CdVUJjcV7JV517GqgXIiGxbvvj3vzhOQhlIVBlAtvXydgVGyZ65
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1100
last-modified
Mon, 24 Jul 2023 19:24:36 GMT
server
UploadServer
etag
W/"e7822f987ca517aa3b2a889aa12ea62d"
vary
Accept-Encoding
x-goog-generation
1690226676217651
x-goog-hash
crc32c=3ae0Dg==, md5=54IvmHylF6o7KoiaoS6mLQ==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
3197
accept-ranges
none
ads
securepubads.g.doubleclick.net/gampad/ 		212 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=808963941788743&correlator=1799691506287106&eid=31076923&output=ldjh&gdfp_req=1&vrg=202308030102&ptt=17&impl=fifs&iu_parts=3081%2Cnpo.com%2Cnews%2Cstory&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=1200x90%7C970x90%7C728x90%2C6x6%7C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C7x7%7C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C5x5&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1691726697555&lmt=1691719254&adxs=200%2C797%2C797%2C798%2C798&adys=202%2C4051%2C4391%2C6418%2C7592&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C2%7C3%7C4&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fnationalpost.com%2Fnews%2Fvegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections&frm=20&vis=1&psz=1600x90%7C1600x250%7C1600x250%7C530x5%7C530x5&msz=1600x-1%7C1600x-1%7C1600x-1%7C530x5%7C530x5&fws=4%2C4%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C564%2C564&ga_vid=1195366512.1691726698&ga_sid=1691726698&ga_hid=1021796587&ga_fc=false&a3p=EjsKCnB1YmNpZC5vcmcSJDJjNjY4YmE4LWQ1ZDEtNDAxOS1iZjNlLTJhNDQxOGQ5MmUxMBjAppOWnjFIAA..&dlt=1691726696327&idt=647&prev_scp=loc%3D1%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D3be6785c-37fc-11ee-adc6-0a6fa201f3de%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%2C90%7Cloc%3D2%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D3be6785d-37fc-11ee-adc6-0a6fa201f3de%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%7Cloc%3D3%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D3be6785e-37fc-11ee-adc6-0a6fa201f3de%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%2C50%7Cloc%3D2%26amznbid%3D2%26amznp%3D2%26id%3D3be6785f-37fc-11ee-adc6-0a6fa201f3de%7Cloc%3D1%26amznbid%3D2%26amznp%3D2%26id%3D3be67860-37fc-11ee-adc6-0a6fa201f3de&cust_params=permutive%3D96400%252C105542%252C105543%252C105833%252Cbsjr%252Cbsjf%252Crts%26prmtvvid%3D1039c399-1691-4a9f-885d-3aa213df415b%26prmtvwid%3D23dc09d6-b664-425a-a76e-0eed6a6cc102%26aid%3Dba43eb46-2322-4761-8644-4ef4fbf90637%252C80209084%26author%3DNational%2520Post%2520Staff%26no_pol%3Dtrue%26page%3Dstory%26pr%3Dnp%26sensitive%3Dy%26sct%3Dalcohol%26negative%3Dy%26nkb%3DOntarioSecuritiesCommission%252CCIBC%252CGM%252CPPC%252CJLR%252CLandRover%252CHyundaiNegative%252Ccovid%252Cloblaw%252CSamsung%252CEVAUTO%252CBoeing%252CHyundai%252CBLM%252CQuestTradeNegative%26asrc%3Dnp%26ck%3Dnews%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3DIAS_13640_KW%252CIAS_9052_KW%26prmtvsdk%3Dweb&adks=2562942734%2C3327764108%2C3743872890%2C1355143746%2C1355143747
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bc581de6b528ed786f9d42770f33664d272c929bc0e39acddd6bb60795820df3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:04:57 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20895
x-xss-protection
0
google-lineitem-id
6320689129,6320677576,6322217884,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138435367041,138435360861,138435628803,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nationalpost.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308030102&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
32302c0f697c3b686ad662ab44bd33f571e4eb40879a727c5a5bbda0aa4876fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:04:57 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11712
x-xss-protection
0
container.html
28deffd5e4e983f3e61fac08df7e21f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3467 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://28deffd5e4e983f3e61fac08df7e21f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nationalpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 11 Aug 2023 04:04:57 GMT
expires
Sat, 10 Aug 2024 04:04:57 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
login
postmedia.hub.loginradius.com/ssologin/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.185.12.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-12-185.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://nationalpost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,OPTIONS POST, GET, PUT, OPTIONS, DELETE
Access-Control-Allow-Origin
https://nationalpost.com
Connection
keep-alive
Date
Fri, 11 Aug 2023 04:04:57 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-LoginRadius-Server
Primary - IDX - AWS
X-Server
ms_idx_primary
login
postmedia.hub.loginradius.com/ssologin/ 		38 B
550 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v85.0/fem.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.185.12.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-12-185.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
application/json

Response headers

Date
Fri, 11 Aug 2023 04:04:57 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Server
nginx
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,OPTIONS, POST, GET, PUT, OPTIONS, DELETE
Content-Type
application/json
Access-Control-Allow-Origin
https://nationalpost.com
X-LoginRadius-Server
Primary - IDX - AWS
Access-Control-Allow-Credentials
true
X-Server
ms_idx_primary
Connection
keep-alive
Content-Length
38
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:04:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 11 Aug 2023 04:04:57 GMT
7c8c0ea80645ebe6bda1.js
fem.gprod.postmedia.digital/v85.0/chunks/ 		2 KB
753 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v85.0/chunks/7c8c0ea80645ebe6bda1.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v85.0/fem.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
6a072892a3723620f682538ba122888a77614a6344368dee9f90c6063fbe461b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 06:21:00 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1690226631
age
769437
x-guploader-uploadid
ADPycdvdyS6sxgo48GJGibBr6qLdJIPktBkgTD0oDga3J_kDIdJqKkNJ-pWowEpaduU-s3xNJ0YALgdlX3jcbGYAb8E7
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
712
last-modified
Mon, 24 Jul 2023 19:24:36 GMT
server
UploadServer
etag
W/"b4fc2c56a4d895d3ee41f42fcc6f0cb0"
vary
Accept-Encoding
x-goog-generation
1690226676314102
x-goog-hash
crc32c=StyjNw==, md5=tPwsVqTYldPuQfQvzG8MsA==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
1759
accept-ranges
none
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C949 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nationalpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
5385
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 11 Aug 2023 02:35:12 GMT
expires
Sat, 10 Aug 2024 02:35:12 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4653 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c33b1b724eafeaffed2aae7205f2f2dcaccf53a11d489dcf91fe67e10d96c741
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4h0wpZ5PUooYUjV6S_eaDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nationalpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-4h0wpZ5PUooYUjV6S_eaDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 11 Aug 2023 04:04:57 GMT
expires
Fri, 11 Aug 2023 04:04:57 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
pagead2.googlesyndication.com/bg/ Frame C949 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 01:49:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
8124
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14666
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 12:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 10 Aug 2024 01:49:33 GMT
load
experience.tinypass.com/xbuilder/experience/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://experience.tinypass.com/xbuilder/experience/load?aid=SE0WzqlbUG
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v85.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5b8e3551a7b7aded43d7a1484ceef1c21720ca49581d680b606fa338245972e
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
date
Fri, 11 Aug 2023 04:04:57 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 11 Aug 2023 03:50:31 GMT
server
cloudflare
age
866
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=1800
cf-ray
7f4d98f60de9196a-FRA
alt-svc
h3=":443"; ma=86400
x-request-id
3usq9z8chz
expires
Fri, 11 Aug 2023 04:34:57 GMT
vf-v2.js
cdn.viafoura.net/ 		835 KB
197 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/vf-v2.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v85.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:8000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ab8521fd07bf36348650841fdfe4707974047fe057fa866bdc6104f498e9d675

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
YfhDyNazKsc0cD7eYCa6DSKEEJqL_T.z
content-encoding
br
via
1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
date
Fri, 11 Aug 2023 04:02:52 GMT
x-amz-cf-pop
FRA56-P2
age
126
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 01 Aug 2023 17:34:55 GMT
server
AmazonS3
etag
W/"95c9d1a8edc688cc1a369bbc135d2405"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
x-amz-cf-id
5dh8PiOL8OxdKlbRIWkx9IgZeI8uSBW_jKETdozkJ8_5qFqcvHhRmw==
f3ca7b675a2cd3f7a513.js
fem.gprod.postmedia.digital/v85.0/chunks/ 		946 B
984 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v85.0/chunks/f3ca7b675a2cd3f7a513.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v85.0/fem.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
01bdc5347a380eab81e5dcec7e5d5e1cd6eeeff47b56be7548b73a18fff3611e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 18:40:22 GMT
x-goog-meta-goog-reserved-file-mtime
1690226631
age
811475
x-guploader-uploadid
ADPycdvm3JMDgsnLP-WkEblYl4LzESRF5oXye16NfsFPRki2yk8DVINZc4lqFkCmxYlZKTPadiORKrkvZEipZ4UvfgrweNPGzLG7
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
946
last-modified
Mon, 24 Jul 2023 19:24:36 GMT
server
UploadServer
etag
"8628cbb272754b6ea0f567467c2e34bf"
x-goog-generation
1690226676245872
x-goog-hash
crc32c=e/Ko5Q==, md5=hijLsnJ1S26g9WdGfC40vw==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
946
accept-ranges
bytes
gtm.js
www.googletagmanager.com/ 		399 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v85.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7550dc0850af915cc9d6d560c54063359c9112995f9631d82d021bf712844fc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:04:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110349
x-xss-protection
0
last-modified
Fri, 11 Aug 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 11 Aug 2023 04:04:58 GMT
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v85.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-90.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 10 Aug 2023 22:24:05 GMT
content-encoding
gzip
via
1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jul 2023 22:21:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
20453
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
X-a9v-xBJSs5tBss9vi-Xv5praRkGEFM8lY0IWZFlzyx2l5RlX5Wsw==
mparticle.js
jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/ 		222 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v85.0/fem.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
7521fac2db4e5a743c196ad0f50a81571bfb74bddfd08e4085e58b98dfc613e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-served-by
cache-iad-kcgs7200117-IAD, cache-fra-eddf8230085-FRA
date
Fri, 11 Aug 2023 04:04:58 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
server
Kestrel
age
26
x-timer
S1691726698.008058,VS0,VE1
x-origin-name
fastlyshield--shield_ssl_cache_iad_kcgs7200117_IAD
x-cache
HIT, HIT
content-type
application/javascript
vary
Accept, Accept-Encoding
cache-control
public, max-age=3600
accept-ranges
bytes
content-length
59991
x-cache-hits
12, 1
gtm.js
www.googletagmanager.com/ 		188 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v85.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
48a150da2b9d2bd7518c8db5deaa7bcc651dd3ddd598f9beb0879afd780a300a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:04:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61730
x-xss-protection
0
last-modified
Fri, 11 Aug 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 11 Aug 2023 04:04:58 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4653 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308030102&jk=808963941788743&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers
jload
pixel.adsafeprotected.com/ Frame 3EBA 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=928934&campId=728x90&pubId=4811995650&chanId=93943261&placementId=6320689129&pubCreative=138435367041&pubOrder=3214528277&cb=1176122421&custom=story&custom2=1&adsafe_par&impId=3be6785c-37fc-11ee-adc6-0a6fa201f3de
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.23.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-23-60.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
22169c5a7f5bce7e84770a3899cad5a7dd737897aca53f80513e3fdedfa796de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Aug 2023 04:04:58 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame F50E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsttAgOx6Zj8ID8Zlun4P57zuhdqQZw-iAbHPJcEJR6LrB1xkF79EdlMptVWVmdn-m-ZGHTX2eTsSeqGJfCXwqJwuOADlUPQSz94wKs0g7qsZE_FlGkZneA6GfXzyvXpZYpLAbGFLD3weGgRRAp-vO0eeY8mctwupzEthbiwOCDiPXRcZrHB_oINBl7_6z4lSQICB6eLkkLvpVmMeynSmMnQkFoCfnPf_jtDHJTlbK_8OWUkGJAKKNPDg53FK7im8955iKYUgXQnWBEfhqQMvDeJFlUE6YB2yBBN0NxRTCMIoRHfTdUrMXGXL_Oa1UgGSdOIU5zmyZF6dg&sai=AMfl-YS5VHJ341SoVOc6k2W4Etqta5_PcU0boMtp6UmdqPTTT9aYuE19GIwk7pDD7NkwqRtUNriaypQwtMRCzrD4GRCef8ITAOfBgQOLfjsdJDFNBV4fWyae5NJAcSz36O8zql8ZouO-jDQWw9qSmk77&sig=Cg0ArKJSzPNVQPkYye3dEAE&uach_m=[UACH]&adurl=
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:04:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame F50E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 10 Aug 2023 10:51:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
61989
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 24 Aug 2023 10:51:48 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F50E 		179 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:04:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57470
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1691580806885528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Aug 2023 04:04:58 GMT
9652936438462743070
tpc.googlesyndication.com/simgad/ Frame F50E 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9652936438462743070
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
39ec75c6ac932686734c2364194a647078df28ff2a262c86316d2ca132cead0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 04:17:14 GMT
x-content-type-options
nosniff
age
604063
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36460
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 20:40:21 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 03 Aug 2024 04:17:14 GMT
truncated
/ Frame F50E 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
670f7ef79132850ce112c2ace0c4150973283d791476dbe2fd91b6b6ae4ef7ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/png
tinypass.min.js
cdn.tinypass.com/api/ 		352 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tinypass.com/api/tinypass.min.js?version=2
Requested by
Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=SE0WzqlbUG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76630bbc94f26374853dddf4e3c04d8d5ed36f55379ba657456b51d8eab42ae0
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:04:58 GMT
x-amz-version-id
UTVrwUUwlSHV51PKsKnDP8AojQ04Ko2w
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=86400; includeSubDomains
x-amz-request-id
BJD7N0KN3YNEXJPJ
age
14059
x-amz-server-side-encryption
AES256
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
48Do4zkRnQ6gIcuicG4QuLpjiVcUvGLeN3Xk+9WTQ41od5iK29QlqdtFZceHC+8CJxfOaKImSiA=
last-modified
Thu, 10 Aug 2023 08:09:22 GMT
server
cloudflare
etag
W/"332e533e2c7e9a845b64ecaa7645eda8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
7f4d98f69e54196a-FRA
expires
Fri, 11 Aug 2023 08:04:58 GMT
events
api.permutive.com/v2.0/batch/ 		101 B
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
585be3f7dd7b31d45fc546624d62396308f373b647e43c7f50bb36d65e604609

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 11 Aug 2023 04:04:58 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://nationalpost.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
109
generate_204
tpc.googlesyndication.com/ Frame C949 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?_9e-cQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:04:58 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
v2
api.viafoura.co/v2/nationalpost.com/bootstrap/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/nationalpost.com/bootstrap/v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4847:3717:5549:a9cb:125f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nationalpost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
access-control-allow-origin
https://nationalpost.com
access-control-max-age
1728000
cache-control
max-age=0
date
Fri, 11 Aug 2023 04:04:58 GMT
expires
Fri, 11 Aug 2023 04:04:58 GMT
server
nginx/1.18.0 (Ubuntu)
v2
api.viafoura.co/v2/nationalpost.com/bootstrap/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/nationalpost.com/bootstrap/v2
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4847:3717:5549:a9cb:125f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
d28ae0424f5584829aec47ef0e63c84761da803e4b88c75cf92ad18a1a2b971f

Request headers

Accept
application/json, text/plain, */*
Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

x-instance-id
i-057f6829b23351c55
pragma
no-cache
date
Fri, 11 Aug 2023 04:04:58 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://nationalpost.com
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Fri, 11 Aug 2023 04:04:58 GMT
identify
identity.mparticle.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-mp-key
Access-Control-Request-Method
POST
Origin
https://nationalpost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type,x-mp-key
access-control-allow-methods
POST
access-control-allow-origin
*
age
1256
date
Fri, 11 Aug 2023 04:04:58 GMT
server
Kestrel
strict-transport-security
max-age=900
via
1.1 varnish
x-cache
HIT
x-cache-hits
289
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by
cache-fra-eddf8230067-FRA
x-timer
S1691726698.186946,VS0,VE0
gtm.js
www.googletagmanager.com/ 		156 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5KMC8ND&l=dl_mparticle
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
aa4a3da355e329657b4cc4162c33a1be2ed98c048175a74e580cabfd5c0f56d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:04:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46579
x-xss-protection
0
last-modified
Fri, 11 Aug 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 11 Aug 2023 04:04:58 GMT
identify
identity.mparticle.com/v1/ 		175 B
285 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
359db532fbc5e8f8dcee8e07aa7f9d9906fe78fe3d36e63760c3270de128b83b
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

x-mp-key
us1-99b65fde89a1a145894d2d51d283cc83
Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json

Response headers

x-served-by
cache-fra-eddf8230067-FRA
date
Fri, 11 Aug 2023 04:04:58 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=900
server
Kestrel
x-timer
S1691726698.208463,VS0,VE105
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-cache
MISS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-cache-hits
0
cx.cce.js
cdn.cxense.com/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.cce.js
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js?version=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:293::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
8774018c1144b86e36ee08be52ead31829085c7f81669101e728e6d3edc9b18b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Fri, 11 Aug 2023 04:04:58 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Aug 2023 09:25:23 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6042
Expires
Fri, 11 Aug 2023 05:04:58 GMT
execute
c2.piano.io/xbuilder/experience/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2.piano.io/xbuilder/experience/execute?aid=SE0WzqlbUG
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js?version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ee81ab225c24259de31fd935aee0df8a40e8d6426896f8a41d4af1abe2cee6b
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 11 Aug 2023 04:04:58 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400
x-request-id
g8g3fjea7p
pragma
no-cache
server
cloudflare
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://nationalpost.com
access-control-expose-headers
Composer-Request-Control-Policy
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
7f4d98f7fbbc4daa-FRA
view
securepubads.g.doubleclick.net/pcs/ Frame F50E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst2nuXaL7LtqIsC9qu11A1LdWQD1_kO3DwjZrGHkFvDhgBNu8Vh9KQBfGJ3QIDffiJhVtdeCqc6rjBhGVWI_r2BDMElKWg5p-obdnbKL11n7MmPT9Z6CA3c3PkKh_xAwKiY-NYA6Kde4g1jDFoERAbzLssBSEay8BorRl1QQZMBJYkUva-MbNIu5IDXJ1uyohWvQ6h0mVywbXNECR4oBr-htv8Atjeth4IiX123pQD2QWnl_kyyiD6IIpdAh2qNJHvQuVkkaJwIk9yFSU5tZruEIxAK_lbELbHs0AgcRGX3tmzrNC3po5Zt112hzKgfxlFov5-AVmnZ02zk&sai=AMfl-YSMyj3wZPRsUrNJ3xMHTBtEp-Rq0WEUg_jvuJRBhOtd-Q1YptVjObSHDVErRzRpGD_FYr8mFhGPz-NRDf5sqqcsv3_3rj1QmOlbsbG4edns7Yxx8EE3qMfucYXCUPwUDcGS3y34V3VZ7dirO5io&sig=Cg0ArKJSzLRlDmDtpm6WEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:04:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 11 Aug 2023 04:04:58 GMT
gtm.js
www.googletagmanager.com/ 		211 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NFGNKKG&l=gtm_data_layer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d05b2c2cb0e3c2a6b8ac0701766dc725be9e8f729fe0ed06c62af97f3bd2b05c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:04:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70412
x-xss-protection
0
last-modified
Fri, 11 Aug 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 11 Aug 2023 04:04:58 GMT
gtm.js
www.googletagmanager.com/ 		294 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
79f777aa15fa0b107868ac2ebfe1c632aae72056e98024cd20a782d2200f05cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:04:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
89783
x-xss-protection
0
last-modified
Fri, 11 Aug 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 11 Aug 2023 04:04:58 GMT
fbevents.js
connect.facebook.net/en_US/ 		172 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9b78354357bc04de9fa52562968bad64ef1311b665cc6ea927d2ec08bcc82cd8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 11 Aug 2023 04:04:58 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
47151
x-xss-protection
0
pragma
public
x-fb-debug
nrMWLhYTDlX98RHQhwXJSuvuRiaPIerZ1ZZaaCrsp0Fc50D+E46kyKwt6xJgj1GH6SZl8moRQvWYgw3NtWX5bA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		252 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-72QH41ZTMR&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d7d990fd051e65e8340d3434d69e150b2b5af80aa7ea0877ed4f70da745f7ef4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:04:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
87257
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 11 Aug 2023 04:04:58 GMT
ribn.min.js
assets.ribn.com/production/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.ribn.com/production/ribn.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:9fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d22c2b457592d1f744afe93fdca6657e1985e47f0fade89674ae45ebce1d6428

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:04:58 GMT
content-encoding
gzip
via
1.1 6496fb3360d739b36cc4ad98e9afba64.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
MXP64-P2
age
3682
x-cache
Hit from cloudfront
last-modified
Wed, 28 Oct 2020 14:49:59 GMT
server
cloudflare
etag
W/"6b213f30955b664fd78dc9e388b17e54"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=14400
cf-ray
7f4d98f8f97f1c8b-FRA
x-amz-cf-id
3xxkFCR1IhdB_zBIoaXJLdDUaW4-fdOHmABoVM1JGfJakwI-Cqb0nw==
expires
Fri, 11 Aug 2023 08:04:58 GMT
ribn-postmedia.min.js
assets.ribn.com/v2/production/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.ribn.com/v2/production/ribn-postmedia.min.js
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:9fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c81cab8c63d469329c0e0724770c6c8622f0d5d1fb8b6f919b6d7dddfadba190

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:04:58 GMT
content-encoding
gzip
via
1.1 7f2e853c8bb51d66c5391aa0ee14b7d4.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
MXP64-P2
age
38
x-cache
Hit from cloudfront
last-modified
Wed, 01 Sep 2021 18:06:03 GMT
server
cloudflare
etag
W/"baaa6497dd2dea88d8fdb6d6cca08cf2"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=14400
cf-ray
7f4d98f8f9801c8b-FRA
x-amz-cf-id
yStyzQ6U_owd7BKhlT0O_MtyllQnDVB8Ugr8a8gfc3b59WGYV3UHWw==
expires
Fri, 11 Aug 2023 08:04:58 GMT
main.19.8.434.js
static.adsafeprotected.com/ Frame 3EBA 		207 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.434.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=928934&campId=728x90&pubId=4811995650&chanId=93943261&placementId=6320689129&pubCreative=138435367041&pubOrder=3214528277&cb=1176122421&custom=story&custom2=1&adsafe_par&impId=3be6785c-37fc-11ee-adc6-0a6fa201f3de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:9c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4edf37d240c72f41cf96d12cfff4407d66226a3afa1f8109824d03ebe54be9d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 21:07:18 GMT
x-amz-version-id
qAsuaBHKvPMGjxqFerKb066Em7kDT_J7
content-encoding
gzip
via
1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
1493861
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 24 Jul 2023 19:17:38 GMT
server
AmazonS3
etag
W/"1f5f5321da98e6d89323d191f36c01c9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
aKUpYilI8Sz6jh_wQu8zMYJdERIsi1rtOeWTWNe1jSXYNCP3cEPhrA==
js
www.googletagmanager.com/gtag/ 		183 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XXXXX&l=dl_mparticle&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5KMC8ND&l=dl_mparticle
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d42eed878a4999fb639c40a8a9dee1aeeccaf04b3c7360d863613c340df84bec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:04:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69680
x-xss-protection
0
last-modified
Fri, 11 Aug 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 11 Aug 2023 04:04:58 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 11 Aug 2023 03:49:43 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
915
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 11 Aug 2023 05:49:43 GMT
marfeel-sdk.js
sdk.mrf.io/statics/ 		124 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:9fa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcc8beebbfab8462184c8c864e5474cd84672b6d46dcb3c4131d609821883c6f

Request headers

Referer
https://nationalpost.com/
Origin
https://nationalpost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:04:58 GMT
content-encoding
gzip
cf-cache-status
HIT
age
117
x-envoy-upstream-service-time
5
alt-svc
h3=":443"; ma=86400
content-length
35214
x-response-time
1ms
last-modified
Fri, 11 Aug 2023 04:03:01 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
7f4d98f91d3b5c4a-FRA
tag.min.js
get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/ 		37 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/tag.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-32.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2a76292a2e3564ef61e7a900f9c998e83d78fb5f91547e704ab9168b5dca6c48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
LhWu_AMlaCmeK.6Ee04qRop66YKc4nhd
content-encoding
gzip
via
1.1 3092bdd288d2a449c56d11f2cf4a9b88.cloudfront.net (CloudFront)
date
Thu, 10 Aug 2023 05:01:08 GMT
last-modified
Thu, 20 Jul 2023 12:08:34 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
83031
x-amz-server-side-encryption
AES256
etag
W/"4b00b328a85d4cd9f81165354453f1e4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
CTPtSllodqVfn88B2mGaEdPYAtmivkMKqcbXA5SFGKfhGXgS8Lo5sA==
p.js
cdn.parsely.com/keys/nationalpost.com/ 		74 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/nationalpost.com/p.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.100.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-100-58.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
afc586d83d948c96fff7d9a4da54a5e7b3f7a6fc441d803cdbd26dd5a9f63f58

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
public
date
Fri, 11 Aug 2023 02:44:39 GMT
content-encoding
gzip
via
1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
last-modified
Wed, 14 Dec 2022 21:12:47 GMT
server
nginx
x-amz-cf-pop
FRA56-P2
age
4819
etag
W/"639a3c4f-1281e"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
Bi-ruTPsCkTiuTKmuPTlDKcYDSRafb6mXS-fpXLWnOY48CY0lLcHIA==
expires
Sat, 12 Aug 2023 02:44:39 GMT
b
sb.scorecardresearch.com/ 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=10276888&ns__t=1691726698339&ns_c=UTF-8&c8=Vegan%20influencer%20who%20ate%20all-fruit%20diet%20dead%20at%2039%20%7C%20National%20Post&c7=https%3A%2F%2Fnationalpost.com%2Fnews%2Fvegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections&c9=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-90.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:04:58 GMT
via
1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
WH9kQ0PKH8vuWw47HwVA6StIe5TMSNzhP5VHXXpqX_kz2HhND6qsMA==
x-cache
Miss from cloudfront
cx.js
cdn.cxense.com/ 		110 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.cce.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:293::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
e9bbc41140d0533e49877dd77507f016365c5e5f9f7af0883b8753424d3f1676

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Fri, 11 Aug 2023 04:04:58 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Aug 2023 12:14:51 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
36533
Expires
Fri, 11 Aug 2023 05:04:58 GMT
Forwarding
jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 		0
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/Forwarding
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-fra-eddf8230081-FRA
date
Fri, 11 Aug 2023 04:04:58 GMT
via
1.1 varnish
server
Kestrel
x-timer
S1691726699.563236,VS0,VE2
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
x-cache-hits
0
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/10276888/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
364 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol
H2
Server
13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-90.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 10 Aug 2023 04:13:55 GMT
via
1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
last-modified
Mon, 03 Jul 2023 14:48:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
85864
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
0
x-amz-cf-id
VCVJzPI5P4tNShaF7pBJ2_W2Duf64uBIUV9E4j2WJ5dxqgHWt52-LQ==

Redirect headers

date
Fri, 11 Aug 2023 04:04:58 GMT
via
1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
location
/internal-c2/default/cs.js
content-length
0
x-amz-cf-id
QpZuq7RfFB4T4Ewk-pubwJbvzJDYbvxYCVLSEwEsi6l_ncd6R3SD0w==
loadTemplateContext
buy.tinypass.com/api/v3/anon/template/ 		586 B
662 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=SE0WzqlbUG
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js?version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f10b4e1841301e153e79de2a129330dc51eb0cdf93f2326be762056a2755feb
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 11 Aug 2023 04:04:58 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
x-request-id
Maok7zrql5q
pragma
no-cache
wn
prod-dash-10-0-141-51
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
server-time
0.003
cache-control
no-cache, no-store, must-revalidate
cf-ray
7f4d98fa08a618d5-FRA
expires
0
cacheableShow
buy.tinypass.com/checkout/template/ Frame 83FE 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/checkout/template/cacheableShow?aid=SE0WzqlbUG&templateId=OTB3H56G51WS&offerId=fakeOfferId&experienceId=EXEESQBGK2SK&iframeId=offer_f3c74e20a77ce001b7ae-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fnationalpost.com
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js?version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27dc5852c2117f24277c8a6587187dba028c25f008b214849e73db1cb680672b
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://nationalpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-methods
*
access-control-allow-origin
https://dashboard.piano.io
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=900
cf-cache-status
MISS
cf-ray
7f4d98f9f8ad196a-FRA
content-encoding
br
content-type
text/html;charset=UTF-8
date
Fri, 11 Aug 2023 04:04:58 GMT
expires
Fri, 11 Aug 2023 04:19:58 GMT
last-modified
Fri, 11 Aug 2023 04:04:58 GMT
p3p
CP="NON DSP COR OUR IND"
pragma
server
cloudflare
server-time
0.001
strict-transport-security
max-age=86400; includeSubDomains
vary
accept-encoding
wn
prod-dash-10-0-86-63
x-forwarded-https
on
x-request-id
Maok7zryfRO
x-xss-protection
0
collect
region1.analytics.google.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-72QH41ZTMR&gtm=45je3890&_p=1021796587&_gaz=1&cid=1195366512.1691726698&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEIE&_s=1&sid=1691726698&sct=1&seg=0&dl=https%3A%2F%2Fnationalpost.com%2Fnews%2Fvegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections&dt=Vegan%20influencer%20who%20ate%20all-fruit%20diet%20dead%20at%2039%20%7C%20National%20Post&en=ad_impression&_fv=1&_ss=1&_c=1&ep.query_id=CIuE-Ibd04ADFQa-3godk_sOvA
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-72QH41ZTMR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Aug 2023 04:04:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nationalpost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
245 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-72QH41ZTMR&cid=1195366512.1691726698&gtm=45je3890&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-72QH41ZTMR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Aug 2023 04:04:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nationalpost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-72QH41ZTMR&cid=1195366512.1691726698&gtm=45je3890&aip=1&z=213320170
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Aug 2023 04:04:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
identify
identity.mparticle.com/v1/ 		175 B
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
fa70655639bb30dec254811fe2fb54a92acdf62f3ce52e7e89f3a512e6b48000
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

x-mp-key
us1-99b65fde89a1a145894d2d51d283cc83
Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json

Response headers

x-served-by
cache-fra-eddf8230067-FRA
date
Fri, 11 Aug 2023 04:04:58 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=900
server
Kestrel
x-timer
S1691726698.492730,VS0,VE114
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-cache
MISS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-cache-hits
0
Forwarding
jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/Forwarding
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-fra-eddf8230081-FRA
date
Fri, 11 Aug 2023 04:04:58 GMT
via
1.1 varnish
server
Kestrel
x-timer
S1691726699.563300,VS0,VE8
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
x-cache-hits
0
collect
region1.google-analytics.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-XXXXX&gtm=45je3890&_p=1021796587&cid=1195366512.1691726698&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1691726698&sct=1&seg=0&dl=https%3A%2F%2Fnationalpost.com%2Fnews%2Fvegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections&dt=Vegan%20influencer%20who%20ate%20all-fruit%20diet%20dead%20at%2039%20%7C%20National%20Post&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XXXXX&l=dl_mparticle&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Aug 2023 04:04:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nationalpost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1685973801652415
connect.facebook.net/signals/config/ 		386 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1685973801652415?v=2.9.121&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0c57432f2159f3dfe09da54a771b3e4177286dba5981e91e1d65e99e9a5fbdbc
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 11 Aug 2023 04:04:58 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
112441
x-xss-protection
0
pragma
public
x-fb-debug
4KZ2+TYtZEAU3QAX2oKz8H3pdtt7kKBYDe2ojhMMDXREjhQmbzUtA4icu3mcuuwktvfrhu8yItRQ7Bmvl0a8nA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1021796587&t=pageview&_s=1&dl=https%3A%2F%2Fnationalpost.com%2Fnews%2Fvegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections&ul=en-us&de=UTF-8&dt=Vegan%20influencer%20who%20ate%20all-fruit%20diet%20dead%20at%2039%20%7C%20National%20Post&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACAABBAAAACAEK~&jid=1037146629&gjid=2050718846&cid=1195366512.1691726698&tid=UA-213173459-3&_gid=1925380050.1691726699&_r=1&_slc=1&gtm=45He3890n81P3Q4QHW&cd2=2023-08-11T06%3A04%3A58.331%2B02%3A00&cd7=anonymous&cd17=0&cd23=National%20Post&cd24=Cheetah&cd25=14.1.1&cd26=v85.0&cd27=0&cd28=GTM-P3Q4QHW&cd29=51&cd31=story&cd50=true&cd51=Vegan%20raw%20food%20influencer%20who%20ate%20all-fruit%20diet%20allegedly%20dies%20of%20malnutrition%2C%20infections&cd52=news&cd53=world&cd56=explainer%2C%20influencer%2C%20realtime%2C%20social-media%2C%20tiktok%2C%20veganism&cd57=619&cd58=3027&cd59=National%20Post%20Staff&cd60=1691143211&cd62=ba43eb46-2322-4761-8644-4ef4fbf90637&cd64=false&cd65=true&cd68=Health&cd69=Vera%20Samsonova%2C1%7CSamsonova%27s%20mother%2C0.8575%7Cfruit%2C0.7022%7Craw%20tropical%20fruit%20diet%2C0.701%7Craw%20vegan%20diet%2C0.6236&cd70=People%2Cperson%20name%2CVera%20Samsonova%2C0.9445%7CWebsites%2CSocial%20Network%20Website%2CInstagram%2C0.5389%7CCountries%2Clocation%2CRussia%2C0.2477%7CDiseases%2Cdisease%2CCOVID-19%2C0.2345%7CLocations%20%26%20natural%20formations%2Clocation%2CSoutheast%20Asia%2C0.2298&cd89=Newsroom%20daily&cd1=1195366512.1691726698&z=911718617
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 11 Aug 2023 04:04:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nationalpost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		15 B
83 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1021796587&t=pageview&_s=1&dl=https%3A%2F%2Fnationalpost.com%2Fnews%2Fvegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections&ul=en-us&de=UTF-8&dt=Vegan%20influencer%20who%20ate%20all-fruit%20diet%20dead%20at%2039%20%7C%20National%20Post&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACAABBAAAACAEK~&jid=734166157&gjid=20622833&cid=1195366512.1691726698&tid=UA-138335866-2&_gid=1925380050.1691726699&_r=1&_slc=1&gtm=45He3890n81P3Q4QHW&z=1457061106
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
715504b046206568b164b467062068b29d3e44f6b39dfbb4706c9ddb319f4f2a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 11 Aug 2023 04:04:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nationalpost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
identify
identity.mparticle.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-mp-key
Access-Control-Request-Method
POST
Origin
https://nationalpost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type,x-mp-key
access-control-allow-methods
POST
access-control-allow-origin
*
age
1256
date
Fri, 11 Aug 2023 04:04:58 GMT
server
Kestrel
strict-transport-security
max-age=900
via
1.1 varnish
x-cache
HIT
x-cache-hits
290
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by
cache-fra-eddf8230067-FRA
x-timer
S1691726698.469789,VS0,VE0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 15E0 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:9c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 21:19:49 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
5467510
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
SSRu-Qo_PyUrZhddgvz6gCt1SrZXwxuE7lnkx_UDvroYeYnsWBf1Nw==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=928934&campId=728x90&pubId=4811995650&chanId=93943261&placementId=6320689129&pubCreative=138435367041&pubOrder=3214528277&cb=1176122421&custom=story&custom2=1&adsafe_par&impId=3be6785c-37fc-11ee-adc6-0a6fa201f3de&adsafe_url=https%3A%2F%2Fnationalpost.com%2Fnews%2Fvegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fnationalpost.com%2F&adsafe_type=f&adsafe_jsinfo=,id:33f41340-5dfe-5e22-bf8a-d1d4d3d8df9d,c:kXjsAh,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-7bdf49c444-t8qg5,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:436.157.728.90,am:i,cc:436.157.728.90,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:263,mot:0,app:0,maw:0,fm:tMAUOYw+11%7C12%7C13%7C14%7C15%7C16*.928934%7C161%7C17,idMap:16*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:290,oid:3c765bd0-37fc-11ee-98d2-d2b802be8f57,v:19.8.434,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.23.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-23-60.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Aug 2023 04:04:58 GMT
server
nginx
x-server-name
app03.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
/
onetag-geo.s-onetag.com/ 		555 B
961 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-89.fra56.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:04:58 GMT
via
1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront), 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6, FRA56-P5
x-amzn-requestid
44899621-8530-4d8a-9ee7-e0990dc5d2a9
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
Jej4wE4PCYcFSYA=
content-length
555
x-amz-cf-id
4jZh_aa11JjdDR18NxfJR4patDEfsTeFxVhUplk35_Gk3oQ98FHm0g==
beacon.min.js
signal-beacon.s-onetag.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signal-beacon.s-onetag.com/beacon.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-76.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b0a16378462c7afcb27d8e14cf50e2cd3a8980af2895d20622640b096920719e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
bto3eb0o1YxjKQVMPWidTjdqvOBrBN1F
content-encoding
gzip
via
1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
date
Thu, 10 Aug 2023 20:05:40 GMT
last-modified
Tue, 13 Jun 2023 14:58:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
78962
x-amz-server-side-encryption
AES256
etag
W/"565eb88b90415391668a5cb7cfb4557a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
bo5yovmdYXIP0v36WUDwjQrZonRLuV5J6OW_z2xYZdycRilZddGYpw==
/
p1.parsely.com/plogger/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1691726698609&plid=2369a06f-d10d-4895-bae3-3edc8e0044d0&idsite=nationalpost.com&url=https%3A%2F%2Fnationalpost.com%2Fnews%2Fvegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22login_status%22%3A%22anonymous%22%7D&sid=1&surl=https%3A%2F%2Fnationalpost.com%2Fnews%2Fvegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections&sref=&sts=1691726698604&slts=0&title=Vegan+influencer+who+ate+all-fruit+diet+dead+at+39+%7C+National+Post&date=Fri+Aug+11+2023+06%3A04%3A58+GMT%2B0200+(Central+European+Summer+Time)&action=pageview&pvid=a34cb52a-76db-45c0-9f20-adaeed0adf2d&u=pid%3Dd18a5400-e4c1-4dd0-b248-aefb4faeee2a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.81.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-81-234.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Fri, 11 Aug 2023 04:04:58 GMT
Cache-Control
no-cache
Last-Modified
Friday, 11-Aug-2023 04:04:58 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
identify
api.permutive.com/v2.0/ 		50 B
132 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
99c4b47843b5e39c5372178b3f41d797977c66585c81493a92995730bdf55017

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 11 Aug 2023 04:04:58 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://nationalpost.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=33f41340-5dfe-5e22-bf8a-d1d4d3d8df9d&tv=%7Bc:kXjsAY,pingTime:0,time:332,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:289%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:333,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:288,wc:0.0.1600.1200,ac:436.157.728.90,am:i,cc:436.157.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B65~100%5D,as:%5B65~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tMAUOYw+11%7C12%7C13%7C14%7C15%7C16*.928934%7C161%7C17,idMap:16*,rmeas:1,rend:1,renddet:IMG.qs,siq:290%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:c590:b5e5:9637:f555 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Aug 2023 04:04:58 GMT
server
nginx
x-server-name
dt14.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sp1.html
cdn.cxense.com/ Frame 3314 		672 B
747 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/sp1.html
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:293::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
72e60b6eb3be9d5d931fdeb84475759aa558145f9a848f1804423f5b1e611ecc

Request headers

Referer
https://nationalpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Cache-Control
max-age=864000
Connection
keep-alive
Content-Encoding
gzip
Content-Length
377
Content-Type
text/html
Date
Fri, 11 Aug 2023 04:04:58 GMT
Expires
Mon, 21 Aug 2023 04:04:58 GMT
Last-Modified
Wed, 02 Aug 2023 12:14:52 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
ingest.php
events.newsroom.bi/ 		50 B
852 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.150.116 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy01.cl03.het.mrf.io
Software
istio-envoy /
Resource Hash
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 11 Aug 2023 04:04:58 GMT
content-encoding
gzip
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://nationalpost.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
66
5c169ba25b6215d80072.js
sdk.mrf.io/statics/ 		39 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.mrf.io/statics/5c169ba25b6215d80072.js
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:9fa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06cee8a130277b3634273c3866e17bb64d5fc5163e5419d5b6c7b42dfe7347d8

Request headers

Referer
https://nationalpost.com/
Origin
https://nationalpost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:04:58 GMT
content-encoding
gzip
via
1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA56-P2
age
117
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
7
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 24 Jul 2023 11:00:31 GMT
server
cloudflare
etag
W/"f38e6161c92e3f5f2dd25be8f3ae8fdd"
access-control-max-age
3600
access-control-allow-methods
GET
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
vary
Accept-Encoding
timing-allow-origin
*
cf-ray
7f4d98faae785c4a-FRA
x-amz-cf-id
Rbv-62uWeau7zIsT33i2t93IKp6seHUj8IkV9sfrLWuJXFJ3vvBCIg==
events
jssdks.mparticle.com/v3/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 		41 B
157 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v3/JS/us1-99b65fde89a1a145894d2d51d283cc83/events
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
f6283564739a4dcb05ad208d9cdd8b7141950ec7315115659a16c06ed73e82c9

Request headers

Accept
text/plain;charset=UTF-8
Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-fra-eddf8230081-FRA
date
Fri, 11 Aug 2023 04:04:58 GMT
content-encoding
gzip
via
1.1 varnish
server
Kestrel
x-timer
S1691726699.685483,VS0,VE4
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-cache-hits
0
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=33f41340-5dfe-5e22-bf8a-d1d4d3d8df9d&tv=%7Bc:kXjsBX,pingTime:-2,time:393,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:330,beZ:332,mfA:593,cmA:595,inA:595,inZ:601,prA:602,prZ:612,si:620,poA:620,poZ:637,cmZ:637,mfZ:637,loA:665,loZ:668,ltA:723,ltZ:723,mdA:332,mdZ:444%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:289%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:393,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:288,wc:0.0.1600.1200,ac:436.157.728.90,am:i,cc:436.157.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B126~100%5D,as:%5B126~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tMAUOYw+11%7C12%7C13%7C14%7C15%7C16*.928934%7C161%7C17,idMap:16*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:IMG.qs,siq:290,slid:%5Bgoogle_ads_iframe_/3081/npo.com/news/story_0,google_ads_iframe_/3081/npo.com/news/story_0__container__,ad-1,ad__inner-1,main-content%5D,sinceFw:103,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:c590:b5e5:9637:f555 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Aug 2023 04:04:58 GMT
server
nginx
x-server-name
dt12.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
collect
stats.g.doubleclick.net/j/ 		4 B
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-213173459-3&cid=1195366512.1691726698&jid=1037146629&gjid=2050718846&_gid=1925380050.1691726699&_u=YCDACAAABAAAACAEK~&z=1070883056
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 11 Aug 2023 04:04:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nationalpost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		220 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-N3GM17BS91&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f491a3f9eeebca2fe9a8c6bf6c1fd31fbbc781b2e7b320c00be12fd927d77595
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:04:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79936
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 11 Aug 2023 04:04:58 GMT
cx.js
cdn.cxense.com/ Frame 3314 		110 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:293::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
09b19fc33b7ef1ced85b83e359f755cc5a5e1f9b97478cfc9b8b27362990468f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.cxense.com/sp1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Fri, 11 Aug 2023 04:04:58 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Aug 2023 12:14:51 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
36533
Expires
Fri, 11 Aug 2023 05:04:58 GMT
audiences
api.permutive.com/audience-matching/v1/id/c60a9942-e7a1-49ba-962e-1435c3023ea4/ 		12 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/audience-matching/v1/id/c60a9942-e7a1-49ba-962e-1435c3023ea4/audiences?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
/
Resource Hash
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 11 Aug 2023 04:04:58 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12
content-type
application/json
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1685973801652415&ev=PageView&dl=https%3A%2F%2Fnationalpost.com%2Fnews%2Fvegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections&rl=&if=false&ts=1691726698720&sw=1600&sh=1200&v=2.9.121&r=stable&ec=0&o=30&fbp=fb.1.1691726698716.413075754&cs_est=true&it=1691726698512&coo=false&tm=1&exp=a1&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 11 Aug 2023 04:04:58 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1685973801652415&ev=PageView&dl=https%3A%2F%2Fnationalpost.com%2Fnews%2Fvegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections&rl=&if=false&ts=1691726698723&sw=1600&sh=1200&v=2.9.121&r=stable&ec=1&o=30&fbp=fb.1.1691726698716.413075754&cs_est=true&it=1691726698512&coo=false&exp=a1&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 11 Aug 2023 04:04:58 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
thirdpartycookie
api.viafoura.co/v2/nationalpost.com/ 		45 B
649 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/nationalpost.com/thirdpartycookie?section=
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4847:3717:5549:a9cb:125f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356

Request headers

Accept
application/json, text/plain, */*
Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-instance-id
i-04de400c95d7c2abb
pragma
no-cache
date
Fri, 11 Aug 2023 04:04:58 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://nationalpost.com
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Fri, 11 Aug 2023 04:04:58 GMT
ga-audiences
www.google.com/ads/ 		42 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-213173459-3&cid=1195366512.1691726698&jid=1037146629&_u=YCDACAAABAAAACAEK~&z=1382459438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Aug 2023 04:04:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-213173459-3&cid=1195366512.1691726698&jid=1037146629&_u=YCDACAAABAAAACAEK~&z=1382459438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Aug 2023 04:04:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-geo.s-onetag.com/ 		555 B
961 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-89.fra56.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:04:58 GMT
via
1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront), 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6, FRA56-P5
x-amzn-requestid
44899621-8530-4d8a-9ee7-e0990dc5d2a9
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
Jej4wE4PCYcFSYA=
content-length
555
x-amz-cf-id
S8MePZ5dNVpdNSgYNGfIpmPlRuRlBDvLIQ-_Cn3MBEG5j62aUm6eOg==
p1.js
p1cluster.cxense.com/ Frame 3314 		47 B
638 B 		Script
General
Check archive.org
Download Go to
Full URL
https://p1cluster.cxense.com/p1.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.235.124.60 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nue0038.cxense.com
Software
Jetty(9.4.28.v20200408) /
Resource Hash
c0ed994cd78b5ae5ad0925b57c9a4423f03cbdd82ec0c41685bd0308ff591858

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.cxense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:04:58 GMT
last-modified
Sat, 11 Feb 2023 04:04:58 GMT
server
Jetty(9.4.28.v20200408)
etag
1g8l41x78x0ma22kn0p25vw0w5
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
text/javascript;charset=utf-8
cache-control
private, proxy-revalidate
content-length
47
expires
Sun, 11 Aug 2024 04:04:58 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-N3GM17BS91&gtm=45je3890&_p=1021796587&ul=en-us&sr=1600x1200&cid=1195366512.1691726698&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fnationalpost.com%2Fnews%2Fvegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections&dt=Vegan%20influencer%20who%20ate%20all-fruit%20diet%20dead%20at%2039%20%7C%20National%20Post&sid=1691726698&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N3GM17BS91&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Aug 2023 04:04:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nationalpost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308030102&jk=808963941788743&bg=!2dql2o7NAAaiGN5Pghg7ADkAdvg8WsmrWc-UVTvc6AGQa-Tx1bTwyZhfwQuh-2PIH59un4n0itl9GkGYj_fj931sJHsnhKIBVyMCAAABM1IAAAAFaAEHmQLIldzjAJf8hzV_fuD5hN9iMZBJZ0uGshR9YqjNdSoWX3jBlHE-MFJgvzZO4WUWdRv3dICX76xz2SR51AAFHEqHYjC8-fOETrCPIHj86sZAYheyAJLPxWR9nk4EAP26mnNXuVH6P9Swo2gJ6LVIMccwo0Zj87yMktkT0PajN0SeEDr95yf-aUDtIJMrOutEorddGE5vJ60oB_HhmP7-u_5KLMBiIfTcZH4ghKacUYHbwnJ9Rc3GP5qFYbLbPGQ_wmzs3OLxQ2IioXzHSLapNMYOAUOG9cfsQJyhOHRrJIrGKXkbbbTwqqYHopqdrFNTYmeacHsOPBxjxr0-3ujMG5A6xOo36o9l3mo4o8xIrbJRFsTzQxcWVH-k8dwx2EYhiBLMIOFwRFoz603PFWq4jLOt8WzfkZW903KQ4QwoBh-qxJfb2RC-OYxjri0jcTgagIx9o0bOU-gamv5U1Gs1CuvUOdbulOI4wjW1Zqm7uhL28tZ712A55hlhPOjgVl5H23--tfu_CVGgnyEMKkYpeZARp1ldUhe5GOM6qgDSebixFv0Q-Kk-gre6Q0GUjiTgYXaD5qRTnp6l7r8U-0QdYvVVHGvblzQIDDajWjrrysZYIZZJfevrsTp8OjoB9bu8_UQvymZ3eMNN4RenqqEloPWVMJyVXx8bWF5bztajYzRO5JyQypgwMIebhIFxUwvh40V-CDSJ03dx-p3uA-Dh1ptgldj6yp4Xjko-T6X5Q4ORkXLv7GrERu6R__dAxFwv1x3FHTL__AfvqMlNlqQnfu0NzSeVjgILC_AnmWOnW07Ps7MVpcCeZYhGuWFP5oh69X51PVTrERo9nwlupI7HuynVUCWjRRiKbp6rUfGqH_I_QOK0TzVr74-24DliL4XecoWkTp5Adcv2LH1g3IZAAKR_TEQa3Wle735p3tXHHEa7SMS_UNLp2Gl1WQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=33f41340-5dfe-5e22-bf8a-d1d4d3d8df9d&tv=%7Bc:kXjsE5,time:525,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:525,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:288,wc:0.0.1600.1200,ac:436.157.728.90,am:i,cc:436.157.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B257~100%5D,as:%5B257~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tMAUOYw+11%7C12%7C13%7C14%7C15%7C16*.928934%7C161%7C17,idMap:16*,rmeas:1,rend:1,renddet:IMG.qs,siq:290,sis:403%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:c590:b5e5:9637:f555 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Aug 2023 04:04:58 GMT
server
nginx
x-server-name
dt11.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
intl-messageformat.401c18c9757b51332b6a.js
cdn.viafoura.net/chunks/defaultVendors~languages/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/defaultVendors~languages/intl-messageformat.401c18c9757b51332b6a.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:8000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
09517c4c41c1744e90cd9c856434b0301f7164f855e848882d0f3a6a6f896662

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 17:35:07 GMT
x-amz-version-id
pj022ogd_bV5mWCOr_soLtT.drBhXQE_
content-encoding
br
via
1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
815392
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 01 Aug 2023 17:34:23 GMT
server
AmazonS3
etag
W/"78ffac5f5ecfb6cdb701539b4effd77f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
FcVsMyuAuXZ58kma93MsYB4LyM1kY_VL4Y0FPsE_X82bzUDQ28U1oA==
intl-messageformat.ae28c82cbab9f4f192db.js
cdn.viafoura.net/chunks/languages/ 		135 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/intl-messageformat.ae28c82cbab9f4f192db.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:8000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a68facae97d9ba4aad337e58159f1e5da5f2fe6331a513928d570edaac63e984

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 17:35:08 GMT
x-amz-version-id
7OqFZnjeAklq03Qf8ylaM7aYqPiyoXdp
via
1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
815391
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
135
last-modified
Tue, 01 Aug 2023 17:34:29 GMT
server
AmazonS3
etag
"73d7f8bfdaa57b2f8bd9c91892a82603"
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
eGuvq8TBf1DcVzTlx_AeLlUAaTMs_nvVm-1UZmvhh5IS_hkqaEJ9YA==
en-us-base-json.0decd3d525f8cf6a6798.js
cdn.viafoura.net/chunks/languages/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/en-us-base-json.0decd3d525f8cf6a6798.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:8000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
24b6d5c61c96dbd20a707b4e6ab0eb1256ae3fded2f6b54b44477d399881cfef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 17:35:07 GMT
x-amz-version-id
q2Xsj9hRUY.EcGDh.5QDmpB8V5vTAkMa
content-encoding
br
via
1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
815391
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 01 Aug 2023 17:34:26 GMT
server
AmazonS3
etag
W/"6ba7265e0b8b22d5fa41b4f4c07be32a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
grTmWgSRVVSCFtEzOkw2To8Hge2S4UFgq-nn6LG3eT57lnM2pKigwQ==
rep.gif
comcluster.cxense.com/Repo/ Frame 3314 		43 B
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comcluster.cxense.com/Repo/rep.gif?ver=2.8.28&typ=pgv&rnd=ll62eahuxv8h1mt0&sid=1138596495834131577&loc=https%3A%2F%2Fnationalpost.com%2Fnews%2Fvegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections&new=1&arf=0&ltm=1691726698544&ref=&tzo=-120&wsz=1600x1200&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=ll62eav94x6jjue2&ckp=ll62eahuy5qsb6j6&glb=&cp_userState=anon&cst=1g8l41x78x0ma22kn0p25vw0w5
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.235.124.60 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nue0038.cxense.com
Software
Jetty(9.4.28.v20200408) /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.cxense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date
Fri, 11 Aug 2023 04:04:58 GMT
server
Jetty(9.4.28.v20200408)
content-length
43
content-type
image/gif
id
id.cxense.com/public/user/ 		103 B
676 B 		Script
General
Check archive.org
Download Go to
Full URL
https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22ll62eahuy5qsb6j6%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%221g8l41x78x0ma22kn0p25vw0w5%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%221g8l41x78x0ma22kn0p25vw0w5%22%7D%5D%2C%22siteId%22%3A%221138596495834131577%22%2C%22location%22%3A%22https%3A%2F%2Fnationalpost.com%2Fnews%2Fvegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections%22%7D&callback=cXJsonpCB1
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.235.124.60 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nue0038.cxense.com
Software
Jetty(9.4.28.v20200408) /
Resource Hash
77ca32d74206464f28af19c7fa389e2398f5dfb352a32cfe45c2598d3744b957
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Aug 2023 04:04:58 GMT
x-content-type-options
nosniff
server
Jetty(9.4.28.v20200408)
content-type
text/javascript;charset=utf-8
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-store, no-cache, must-revalidate
content-length
103
expires
Mon, 26 Jul 1997 05:00:00 GMT
vf-css.80560332b9080ac5aba7.js
cdn.viafoura.net/chunks/ 		324 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vf-css.80560332b9080ac5aba7.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:8000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f52a85a1077fa0bce665e1aa3d6b750b3635b105da2b487d535cc2492e6e814b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 17:35:07 GMT
x-amz-version-id
iWyGflgaJ8s2x07h4bYd0j.hji2u_eox
content-encoding
br
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
age
815392
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 01 Aug 2023 17:34:42 GMT
server
AmazonS3
etag
W/"89f8e54c4071a0bf836c15a0231fd059"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
EhjqtTjq3QNhFsUumpdviVjDkvbca5ShNKKX0kZuVv_GVobZLBihjQ==
LoginRadiusV2.js
auth.lrcontent.com/v2/ 		204 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.lrcontent.com/v2/LoginRadiusV2.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
279e747cff38f395e407803cc28009a6d29d078f931691f9ec249c7412cf4ffb
Security Headers
Name Value
Strict-Transport-Security max-age= 63072000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:04:58 GMT
strict-transport-security
max-age= 63072000; includeSubdomains; preload
via
1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
gzip
age
3929
x-amz-cf-pop
FRA53-C1
cf-polished
origSize=1298564
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cf-bgj
minify
last-modified
Wed, 09 Aug 2023 06:27:35 GMT
server
cloudflare
etag
W/"1036f26e19da636199caa39ecb4f3b1e"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=14400
cf-ray
7f4d98fc0a9d4d58-FRA
x-amz-cf-id
wTWt7RnE9zKoJI_UlgqaSc1pvvcnFTOayMfS4XhkXMs4FEfc9hdyWQ==
expires
Fri, 11 Aug 2023 08:04:58 GMT
en-us-conversations-json.3ec4002c30d0cc9081eb.js
cdn.viafoura.net/chunks/languages/ 		14 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/en-us-conversations-json.3ec4002c30d0cc9081eb.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:8000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0954d1f01500fbf498b695ce9fb07dfa45bcb27efa977bfa8935e65da696fff9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 17:35:07 GMT
x-amz-version-id
7_ZszuDl_bQsaEkUmiaZgFMX0wU43fgg
content-encoding
br
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
age
815392
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 01 Aug 2023 17:34:27 GMT
server
AmazonS3
etag
W/"eb058e336c7eafb04a7c3895ba1ac273"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
nxbGled5qvBEDBu6Zq_4FsnAyizfkw0YhXOGA3VjRtMcSS88qe_WBA==
en-us-polls-json.ea093ed9c52ab82cb6b8.js
cdn.viafoura.net/chunks/languages/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/en-us-polls-json.ea093ed9c52ab82cb6b8.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:8000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
38169883691b0d21f22a1bd68540cba62fa73b57178666d1ba5378c014ce98ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 17:35:09 GMT
x-amz-version-id
yrO1F4yod9kIkVra1FIU2PcmBy562USC
content-encoding
br
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
age
815390
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 01 Aug 2023 17:34:29 GMT
server
AmazonS3
etag
W/"6a420db1061254a0fd1c0eeb8e3c6b8f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
QBI6HHi6p-uEMMfJpUSi_z6-LaLatAd59w02IkSc2FKVr3tyndnRrw==
content-module-js.733e489bc57fed7f58ae.js
cdn.viafoura.net/chunks/vuex_store/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vuex_store/content-module-js.733e489bc57fed7f58ae.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:8000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8a4aaee51fca507ae33b4acd3ea6407cbd421565807a5e2303011ead5206bcb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 17:35:07 GMT
x-amz-version-id
QD6U4t8ZqGRUbFZXlw0sNJrZUg2huI2Q
content-encoding
br
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
age
815392
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 01 Aug 2023 17:34:37 GMT
server
AmazonS3
etag
W/"e8786ec39070f60fa49d4df9fa6436fb"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
zUV5rncdPrZlTqqJi2A171ssFS945svipwwwUVoVZ5sIUsxR7xPGuQ==
content_container-module-js.362107b744c3c790f2b8.js
cdn.viafoura.net/chunks/vuex_store/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vuex_store/content_container-module-js.362107b744c3c790f2b8.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:8000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d1f990dd3c391e051369e19df6ea54dbbc79a427c27a284bd080b4bfc2581f91

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 17:35:07 GMT
x-amz-version-id
mJLozod0Cs_gWvoMbed9Q1H_y9dNQF6M
content-encoding
br
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
age
815392
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 01 Aug 2023 17:34:36 GMT
server
AmazonS3
etag
W/"5043567337b66f0d1a50c1e1be4ad004"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
kzYuGcSWNUh5rbwiCSQZbz1Y4pg6iymz-bcfx8QlmKJkKFympphasg==
livecomments-module-js.4a55296e6079d5e2ee14.js
cdn.viafoura.net/chunks/default~vuex_store/liveblog-module-js~vuex_store/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/default~vuex_store/liveblog-module-js~vuex_store/livecomments-module-js.4a55296e6079d5e2ee14.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:8000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1af6f9dcdebd629dacc29ef518b3e90e82b6be357c5beb19a58d23b402f74440

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 17:35:07 GMT
x-amz-version-id
EhK_jWLZOK2hwZ1foxs3Jufcue27_jzo
content-encoding
br
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
age
815392
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 01 Aug 2023 17:34:35 GMT
server
AmazonS3
etag
W/"b74ffbc895f1c794840bc1b8aa7b28a5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
AS2PgWxtQhznXdWibXP1QRGhB6D_dShmRI69P_OgFZ10PPm95SciwA==
livecomments-module-js.5623c053b68ecd98d331.js
cdn.viafoura.net/chunks/vuex_store/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vuex_store/livecomments-module-js.5623c053b68ecd98d331.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:8000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f63fa05114141aaa71a4480beea2f746cb7b554ba2b0fb349f1c3a3eec03a622

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 17:35:07 GMT
x-amz-version-id
8zciXPmqKTsjuGagNq.F.bBKYyutsjAE
content-encoding
br
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
age
815392
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 01 Aug 2023 17:34:37 GMT
server
AmazonS3
etag
W/"13101796d38c06e8686a6bb397ddfd9f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
tZhyyzXhoyuzP2gB7maB5nY5uhk_0Feuek97JbKLQZGfhJSB3pNziQ==
0.f99c6fdf5c69e7a4db7c.css
cdn.viafoura.net/ 		87 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/0.f99c6fdf5c69e7a4db7c.css
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:8000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0ba2ecf50ec70160cad7f2a6439601fa7adf27e3dbfaeca8467f0085a4f0e2ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 17:35:07 GMT
x-amz-version-id
ZDDh2S1KYoj_NZC1RlLBY6r9rCFmDJqF
content-encoding
br
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
age
815392
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 01 Aug 2023 17:34:54 GMT
server
AmazonS3
etag
W/"7cf8ada02971d75dcc191b4a3274273f"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
ECFaiZnBgnciUA6pXdtH9cTEgI6pIy3j583HF2lg9qWaXqYXmvlVsw==
da.c96fe60028a45fede592.js
cdn.viafoura.net/chunks/ 		142 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/da.c96fe60028a45fede592.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:8000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4f42cbb78d31e1cb1f670b8370059b160a65d25bfb265361fe52e109f95378d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 17:35:07 GMT
x-amz-version-id
IysONYtdnLyJSNW_laFDtIwlsWlFykco
content-encoding
br
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
age
815392
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 01 Aug 2023 17:34:40 GMT
server
AmazonS3
etag
W/"d847208ea1ce7a95a743b839ac48bb46"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
uv2omTZFFfOmEttqCqqFZi7iHSnVMa01vMa5nARV1BHcWhM_HfBTYg==
172.dd6f80c2e3142703cdac.css
cdn.viafoura.net/ 		1 KB
843 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/172.dd6f80c2e3142703cdac.css
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:8000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ee2c028d4244587f9674e8745915865ae382a33b43b34eb6abdfd3931d28f66e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 17:35:07 GMT
x-amz-version-id
uNyoGccpBfv1yApF9zvqwkaEyGP2_CmV
content-encoding
br
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
age
815392
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 01 Aug 2023 17:34:52 GMT
server
AmazonS3
etag
W/"8dc84e5eb3701c14df0647accabf84b0"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
c6nIMsGGTu23lfdi9Zakz1HClaJEFtpuChvr3Se94L0sJI2MtKQ4SQ==
tray-trigger.6fc79389aea8f763935e.js
cdn.viafoura.net/chunks/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/tray-trigger.6fc79389aea8f763935e.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:8000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5033788b4737063af8e07fbe10b6e8c4e1296a83251acb26233032d3c5c64130

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 17:35:07 GMT
x-amz-version-id
KRoBy0GxPsL3ya81x7nBymEmqBP2SpSP
content-encoding
br
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
age
815392
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 01 Aug 2023 17:34:43 GMT
server
AmazonS3
etag
W/"fa1a0924b329edcbebe380b0464adeff"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
OenVHxGfM9LXT3IRxCEIh7jDgkcCFiRxG5Nk0qfMvOM48FYDkpYmrw==
en-us-trending_articles-json.36f307008a8781e5aaf9.js
cdn.viafoura.net/chunks/languages/ 		1 KB
946 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/en-us-trending_articles-json.36f307008a8781e5aaf9.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:8000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2c129c4bf63a63d679e21f179b789bdaa0ffc803b7afd7fea4ac4c66a0a6dec9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 17:35:08 GMT
x-amz-version-id
KtK2U8wFZAUjbNlu1o0WyIf7KhIWkOe1
content-encoding
br
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
age
815391
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 01 Aug 2023 17:34:31 GMT
server
AmazonS3
etag
W/"42eb199c5a7229f31046f5ecd0a46b2f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
PEqKmhXzdoshwISy5CwlBNyFXQjINEqWZ4CEV9RiJt9KmlwYy85Jig==
id
livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-05d38950df07/contentcontainer/ 		791 B
487 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-05d38950df07/contentcontainer/id?container_id=ba43eb46-2322-4761-8644-4ef4fbf90637
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.86.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-86-57.compute-1.amazonaws.com
Software
/
Resource Hash
14dc0c324a5d79656e7773e079e18e5d7838e65636ccdb0872685b2548a7ff49

Request headers

Accept
application/json
Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json;charset=utf-8

Response headers

access-control-allow-origin
https://nationalpost.com
date
Fri, 11 Aug 2023 04:04:59 GMT
content-encoding
gzip
access-control-allow-credentials
true
content-length
333
content-type
application/json
roboto-700.woff2
cdn.viafoura.net/front/assets/fonts/roboto/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/front/assets/fonts/roboto/roboto-700.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:8000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
be54ac8b9843afcd92dea7b3e72306efec71ba3b6365f679f179c7ca4a0aea9f

Request headers

Referer
https://nationalpost.com/
Origin
https://nationalpost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 17:35:08 GMT
x-amz-version-id
vi34hbLPTGmXJs0GAXKY98ORsVkdBPIs
via
1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
age
815391
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
50196
last-modified
Thu, 01 Sep 2022 19:35:44 GMT
server
AmazonS3
etag
"bc4866b032d34d1ab1fe7d30fe7d2af2"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
x-amz-cf-id
Us80sIIgJFDx6xBoRSgDD2LghfLXFLsncas2i_hSxMS8S9wMFvLbmQ==
roboto-regular.woff2
cdn.viafoura.net/front/assets/fonts/roboto/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/front/assets/fonts/roboto/roboto-regular.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:8000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
659a8dee04b272c247129ff6513d23c16f4f9c183b5d64e7347815af8861a2a4

Request headers

Referer
https://nationalpost.com/
Origin
https://nationalpost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 17:35:08 GMT
x-amz-version-id
agv1.DiuywVdOwrN9dZKThSZsHWi0VwW
via
1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
age
815391
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
50240
last-modified
Thu, 01 Sep 2022 19:35:45 GMT
server
AmazonS3
etag
"184a2a669cf798f8d80bcfba041c3ecf"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
x-amz-cf-id
dTdrRmfWFfUJFqpmbztg-KKVfXpjtTyDxs-hMvQkySnBg1tp9Goqww==
roboto-italic.woff2
cdn.viafoura.net/front/assets/fonts/roboto/ 		53 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/front/assets/fonts/roboto/roboto-italic.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:8000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d81cea0747b72749235dbf26147ef5f8391f9b5c30497b6fb2d1881486512d4d

Request headers

Referer
https://nationalpost.com/
Origin
https://nationalpost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 17:35:08 GMT
x-amz-version-id
oE21zu9nTimXaXHd6KwdfQA2sxj8Z.aB
via
1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
age
815391
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
54136
last-modified
Thu, 01 Sep 2022 19:35:44 GMT
server
AmazonS3
etag
"d6014e8c7bc6e309f52ef06bd16549f4"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
x-amz-cf-id
XWg0JPvSuOYYCbxHUepkOkp8-PmDi5TGpAOTodMMUCohaDfbfM8Tiw==
ingest
i.viafoura.co/v3/nationalpost.com/ 		67 B
392 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://i.viafoura.co/v3/nationalpost.com/ingest
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.86.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-86-57.compute-1.amazonaws.com
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://nationalpost.com
date
Fri, 11 Aug 2023 04:04:59 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/png
content-length
67
expires
Fri, 01 Jan 1990 00:00:00 GMT
template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame 83FE 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=SE0WzqlbUG&templateId=OTB3H56G51WS&offerId=fakeOfferId&experienceId=EXEESQBGK2SK&iframeId=offer_f3c74e20a77ce001b7ae-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fnationalpost.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62b28569a733e072413ed1649ad9fd346e6fa5ee81327522c04dcc409606fc77
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=SE0WzqlbUG&templateId=OTB3H56G51WS&offerId=fakeOfferId&experienceId=EXEESQBGK2SK&iframeId=offer_f3c74e20a77ce001b7ae-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fnationalpost.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:04:59 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
6871
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 07 Aug 2023 01:56:44 GMT
wn
prod-dash-10-0-114-51
server
cloudflare
etag
W/"26850-1691373404000"
vary
accept-encoding
content-type
text/css
server-time
0.001
cache-control
public, max-age=7200
cf-ray
7f4d98fcba7b196a-FRA
expires
Fri, 11 Aug 2023 06:04:59 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ Frame 83FE 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=SE0WzqlbUG&templateId=OTB3H56G51WS&offerId=fakeOfferId&experienceId=EXEESQBGK2SK&iframeId=offer_f3c74e20a77ce001b7ae-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fnationalpost.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:04:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1837921
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
30323
last-modified
Thu, 22 Jun 2023 11:06:06 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942b1e-7673"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BwLtid7AJuKWPJavz5n4V6RTff%2BKC%2F2Jq5AXxrEqEAgCyIstV3oxDGl5PL2VP8QQ6yKLavEnVU%2FCt7JZNXuJSHxIxivcPhxPS%2FGHN6da54GrWPRoyCeSRKfyiBW0dhcjzVlxmcUluTWyyIH7LL4NgjsR"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7f4d98fd4b922c52-FRA
expires
Wed, 31 Jul 2024 04:04:59 GMT
jquery-migrate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/ Frame 83FE 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=SE0WzqlbUG&templateId=OTB3H56G51WS&offerId=fakeOfferId&experienceId=EXEESQBGK2SK&iframeId=offer_f3c74e20a77ce001b7ae-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fnationalpost.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:04:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
6822793
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3550
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-2748"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hDZRNJSXvWEJrOy4CfnjKmEJYJyfWzk0%2B9aoFsMNz%2FASowgNTqHpeIHPDhph1oQVhsWeznH60Kk4DidKSb1NfbPtCFRbLdYSWyRrtwX1TBsWZGctanKIXBk%2BGttj0rQB0jC3Y8cNSHOMh2GYjP4DwDuL"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7f4d98fd4b932c52-FRA
expires
Wed, 31 Jul 2024 04:04:59 GMT
angular.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 83FE 		104 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=SE0WzqlbUG&templateId=OTB3H56G51WS&offerId=fakeOfferId&experienceId=EXEESQBGK2SK&iframeId=offer_f3c74e20a77ce001b7ae-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fnationalpost.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:04:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5661646
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
35086
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-1a191"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MuqTjdDJo7lE5SgcmsG5eWNUmE8MJ97s9rdGAdyNE8Y%2FGPUykjGY24SCeM6BgMF4cngRIm65urcuam1KMpcsZr%2B4xdGjkT%2Fkw975X%2Bndj1IQDQ3sG90%2F4OP%2B5aBpoFh8zEkBs3lmLZzrY51wcdiit0I8"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7f4d98fd4b942c52-FRA
expires
Wed, 31 Jul 2024 04:04:59 GMT
angular-animate.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 83FE 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-animate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=SE0WzqlbUG&templateId=OTB3H56G51WS&offerId=fakeOfferId&experienceId=EXEESQBGK2SK&iframeId=offer_f3c74e20a77ce001b7ae-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fnationalpost.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:04:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1320703
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3978
last-modified
Thu, 22 Jun 2023 10:45:05 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942631-f8a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uAUmyg3EUdAr9vNGKBL3UlUHeJeGYMOxeG0N23EAzBhP8%2FWM4Wl%2BFLmFFyMqzPBbfeADY6GsvXTKNo1VY9YH%2BNDrGNSym0UO%2BEhV8mwrmZtHKWyNVu2fipa6cbo7pb5SoFhq4hBmcQLDoHT%2FTwQ3zFci"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7f4d98fd4b952c52-FRA
expires
Wed, 31 Jul 2024 04:04:59 GMT
angular-cookies.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 83FE 		825 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-cookies.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=SE0WzqlbUG&templateId=OTB3H56G51WS&offerId=fakeOfferId&experienceId=EXEESQBGK2SK&iframeId=offer_f3c74e20a77ce001b7ae-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fnationalpost.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:04:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5392380
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
434
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-339"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1tBeotc2jFDouYHeVptn%2F%2B6OdP8KZQsfk4G0EbeKdQ54hyWEEAth2d%2BQKuYa0QtKMGsQc4wazIoqahAxZix5CNJnE0CZB6yM4rEz5MhoOdtN8qjYmEBboPq5bkWed2ZwmZOV5JbpOPCUG9sXFmeR1n5J"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7f4d98fd4b982c52-FRA
expires
Wed, 31 Jul 2024 04:04:59 GMT
angular-sanitize.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 83FE 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-sanitize.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=SE0WzqlbUG&templateId=OTB3H56G51WS&offerId=fakeOfferId&experienceId=EXEESQBGK2SK&iframeId=offer_f3c74e20a77ce001b7ae-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fnationalpost.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:04:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
8152189
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2171
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-11cf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nVA%2BbXs6%2BXFrLG9EfihEbEDF3a1iaKi5D5t3Tp2DAYyZ6%2BTxtu%2Bhov%2FlrKbCxMeXlBvfmscI5Jl5DbtVc1JEht8pOWSD17DsxPBhP0AhNy1x9lvzqYFulhnjITc8clY4XJi8FWM9uB7H93pm00RF9loD"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7f4d98fd4b992c52-FRA
expires
Wed, 31 Jul 2024 04:04:59 GMT
tmhDynamicLocale.min.js
cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/ Frame 83FE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/tmhDynamicLocale.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=SE0WzqlbUG&templateId=OTB3H56G51WS&offerId=fakeOfferId&experienceId=EXEESQBGK2SK&iframeId=offer_f3c74e20a77ce001b7ae-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fnationalpost.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:04:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
6697407
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
953
last-modified
Mon, 04 May 2020 16:04:43 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d1b-ad6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c4K%2B7yrr8KwU%2FvNi8caCF09yfVsQ588HKmOoQM4TCmsKBm0lAfUfkY7D6T73zzWL12txJkCDIPnYBao7j88xWZ9%2FgAaJ3hxjsMYLmIbk3Oe1wdPbwfHL0%2BH%2F%2F8XNr46sD9DNmSb%2Fjz4mL0azAEFQW%2FRR"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7f4d98fd6bb52c52-FRA
expires
Wed, 31 Jul 2024 04:04:59 GMT
angular-ui-utils.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/ Frame 83FE 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/angular-ui-utils.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=SE0WzqlbUG&templateId=OTB3H56G51WS&offerId=fakeOfferId&experienceId=EXEESQBGK2SK&iframeId=offer_f3c74e20a77ce001b7ae-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fnationalpost.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:04:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1331408
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7490
last-modified
Thu, 22 Jun 2023 10:45:04 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942630-1d42"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ll%2BiBtxH00DWoyGVNlz7o1%2BJAhdPyc684RrUyq8moDYbdY%2Fz5HDM74967Ax1fAW%2BU4VkzRBV7qeZ7hErNUHgW6%2BKJqPWapumyhscVnSezXTkLEfNRM7cuLORwPC7D6MmKGjGk9peR6%2BeoNftS7BhR%2BRe"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7f4d98fd6bb42c52-FRA
expires
Wed, 31 Jul 2024 04:04:59 GMT
angular-ui-ieshiv.js
cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/ Frame 83FE 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/angular-ui-ieshiv.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=SE0WzqlbUG&templateId=OTB3H56G51WS&offerId=fakeOfferId&experienceId=EXEESQBGK2SK&iframeId=offer_f3c74e20a77ce001b7ae-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fnationalpost.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:04:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
300822
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
911
last-modified
Thu, 22 Jun 2023 10:45:04 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942630-38f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7RbiVEFmRccqLjgrvUcGHmu7%2BJcekUGsHfoyFv0qfkiLUm8RU6Judbd17fJXCPubda7KMUWzpvc3yo12uxR0ehoDFpuZkAOjX5m52YsEaoJT7PvLp%2Fy6phgfFbw8GXjR%2Fa8PovvkKDgHONO8OsRYT%2Bio"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7f4d98fd4b9b2c52-FRA
expires
Wed, 31 Jul 2024 04:04:59 GMT
angular-ui-router.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/ Frame 83FE 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/angular-ui-router.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=SE0WzqlbUG&templateId=OTB3H56G51WS&offerId=fakeOfferId&experienceId=EXEESQBGK2SK&iframeId=offer_f3c74e20a77ce001b7ae-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fnationalpost.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:04:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
126919
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6935
last-modified
Thu, 22 Jun 2023 10:45:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"6494262f-1b17"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8l%2FBzISF5ixLEkQp4TJmCXN5nJPJuGmYXzq%2BNQD4I63LOAUsXpN0bBVJSblgyFsChBpnN4IAo0T9glzPEfcK5sTO9ryocaNvuO8TvQMlXxfkZBdV4zb6WdlKfZbxJqo40IX5D8ttIPcwHLJw7tZvvEMz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7f4d98fd4b9a2c52-FRA
expires
Wed, 31 Jul 2024 04:04:59 GMT
H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA
buy.tinypass.com/_sam/ Frame 83FE 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=15.241.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=SE0WzqlbUG&templateId=OTB3H56G51WS&offerId=fakeOfferId&experienceId=EXEESQBGK2SK&iframeId=offer_f3c74e20a77ce001b7ae-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fnationalpost.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6dc0f5dee2a67da2df69cadfd63e71250d0112515dc45213917f6ae66293b25
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=SE0WzqlbUG&templateId=OTB3H56G51WS&offerId=fakeOfferId&experienceId=EXEESQBGK2SK&iframeId=offer_f3c74e20a77ce001b7ae-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fnationalpost.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:04:59 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
3258
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 09 Aug 2023 18:28:24 GMT
wn
prod-dash-10-0-141-51
server
cloudflare
optimized-by
_sam
vary
Accept-Encoding
content-type
text/javascript
server-time
0.001
cache-control
public, max-age=601542
cf-ray
7f4d98fcba7d196a-FRA
expires
Fri, 18 Aug 2023 03:10:41 GMT
css2
fonts.googleapis.com/ Frame 83FE 		4 KB
767 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=SE0WzqlbUG&templateId=OTB3H56G51WS&offerId=fakeOfferId&experienceId=EXEESQBGK2SK&iframeId=offer_f3c74e20a77ce001b7ae-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fnationalpost.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 11 Aug 2023 04:04:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 11 Aug 2023 03:40:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 11 Aug 2023 04:04:59 GMT
svod-module-js.0afd399e705ef46a33ca.js
cdn.viafoura.net/chunks/vuex_store/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vuex_store/svod-module-js.0afd399e705ef46a33ca.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:8000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e34e26ff8e940c5a518051df2c481545a8850d8ee1547402fa773ef9563be515

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 17:35:07 GMT
x-amz-version-id
iT1ur1L7gOydue0K.QJVyOluFqvVfNk4
content-encoding
br
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
age
815393
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 01 Aug 2023 17:34:37 GMT
server
AmazonS3
etag
W/"8bfa5eea773c1c874c9a24bc9b66879e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
PBsytiuQqdy_-Bq1BnSieys0v9vsqfS4dCJKsHODApJy2SWyTH56xQ==
events
api.permutive.com/v2.0/batch/ 		201 B
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
233b26d91f93e1ef86a78ec0e3df44ece8d1ff04fb68313b8e3ee3cff2b654ea

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 11 Aug 2023 04:04:59 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://nationalpost.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
142
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=33f41340-5dfe-5e22-bf8a-d1d4d3d8df9d&tv=%7Bc:kXjsHO,pingTime:-10,time:757,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE1LjAuNTc5MC4xNzAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1691726699044%7C%7C769fa2af24081fcb376b94b5715978e6%7C%7C37d7be34f85ebd2dc555d2e13b92cc86%7C%7Cc184dde395e43ded91060be3298b0d7d%7C%7Ce9c728f1194f52c7c4d44ad422a8dcfc%7C%7Cd24bff4b57d1fb99de9c0e5120c37e8e%7C%7Cdbdcf7b2e2d67bc5b5e94af7f58b6131%7C%7C53c12ca90a3705aa71f3ab75006fe271%7C%7C1663701684%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:c590:b5e5:9637:f555 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Aug 2023 04:04:59 GMT
server
nginx
x-server-name
dt14.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
all
notifications.viafoura.co/v5/notifications/00000000-0000-4000-8000-05d38950df07/ 		36 B
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://notifications.viafoura.co/v5/notifications/00000000-0000-4000-8000-05d38950df07/all
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.182.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-182-242.compute-1.amazonaws.com
Software
/
Resource Hash
b6dc85459fbb9d03f478d91eae99e6627e04c8f805b08e4b97423ffbc3870d9d

Request headers

Accept
application/json, text/plain, */*
Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin
https://nationalpost.com
date
Fri, 11 Aug 2023 04:04:59 GMT
content-encoding
gzip
access-control-allow-credentials
true
content-length
59
content-type
application/json; charset=utf-8
id
livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-05d38950df07/contentcontainer/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-05d38950df07/contentcontainer/id?container_id=ba43eb46-2322-4761-8644-4ef4fbf90637
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.182.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-182-242.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://nationalpost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,X-REQUEST-SIGNATURE,content-type,X-UNIQUE-ID
access-control-allow-methods
PATCH,PUT,GET,DELETE,POST
access-control-allow-origin
https://nationalpost.com
access-control-max-age
43200
content-length
0
date
Fri, 11 Aug 2023 04:04:59 GMT
appInfo
config.lrcontent.com/ciam/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://config.lrcontent.com/ciam/appInfo?apikey=1a9a7ccf-c3f1-4ec9-a65f-2c3e8d9510a5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:5eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
https://nationalpost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-headers
x-requested-with
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://nationalpost.com
allow
GET, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7f4d98fd6be99048-FRA
date
Fri, 11 Aug 2023 04:04:59 GMT
server
cloudflare
vary
Origin
appInfo
config.lrcontent.com/ciam/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://config.lrcontent.com/ciam/appInfo?apikey=1a9a7ccf-c3f1-4ec9-a65f-2c3e8d9510a5
Requested by
Host: auth.lrcontent.com
URL: https://auth.lrcontent.com/v2/LoginRadiusV2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:5eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1d82b2f7c752ef9d32865cbe234a0ca0b0d5822c5508627b317705ffd23ef2e

Request headers

Referer
https://nationalpost.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:04:59 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json
access-control-allow-origin
https://nationalpost.com
cache-control
max-age=86400
cf-ray
7f4d98fdbc0d9048-FRA
fail-icon.png
buy.tinypass.com/widget/dist/template/css/img/ Frame 83FE 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buy.tinypass.com/widget/dist/template/css/img/fail-icon.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:04:59 GMT
strict-transport-security
max-age=86400; includeSubDomains
cf-cache-status
HIT
age
6871
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
content-length
2177
last-modified
Wed, 09 Aug 2023 18:28:24 GMT
wn
prod-dash-10-0-141-55
server
cloudflare
etag
W/"2177-1691605704000"
vary
Accept-Encoding
content-type
image/png
server-time
0.000
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
7f4d98fe0e2c9b67-FRA
expires
Fri, 11 Aug 2023 06:04:59 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 83FE 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://buy.tinypass.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 11:08:17 GMT
x-content-type-options
nosniff
age
493002
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 Aug 2024 11:08:17 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 83FE 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://buy.tinypass.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 22:08:16 GMT
x-content-type-options
nosniff
age
107803
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Aug 2024 22:08:16 GMT
login
postmedia.hub.loginradius.com/ssologin/ 		38 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Requested by
Host: auth.lrcontent.com
URL: https://auth.lrcontent.com/v2/LoginRadiusV2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.185.12.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-12-185.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://nationalpost.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Fri, 11 Aug 2023 04:04:59 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Server
nginx
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,OPTIONS, POST, GET, PUT, OPTIONS, DELETE
Content-Type
application/json
Access-Control-Allow-Origin
https://nationalpost.com
X-LoginRadius-Server
Primary - IDX - AWS
Access-Control-Allow-Credentials
true
X-Server
ms_idx_primary
Connection
keep-alive
Content-Length
38
login
postmedia.hub.loginradius.com/ssologin/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.185.12.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-12-185.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
https://nationalpost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
x-requested-with
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,OPTIONS POST, GET, PUT, OPTIONS, DELETE
Access-Control-Allow-Origin
https://nationalpost.com
Connection
keep-alive
Date
Fri, 11 Aug 2023 04:04:59 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-LoginRadius-Server
Primary - IDX - AWS
X-Server
ms_idx_primary
activeview
pagead2.googlesyndication.com/pcs/ Frame F50E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsty6sVPQ_FoImZKOUybZKhaAoFNhcRkHWu55TS3OQyVbuIvee6Ci_D7IM-WLaxk5-fNtv02IFf5--s30xK_owO1h5zs5ZPihUwPx7tOYsmalEv-3A2l&sig=Cg0ArKJSzKXrtF1_d7FvEAE&id=lidar2&mcvt=1011&p=157,436,247,1164&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&v=20230809&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2562942734&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1691726697950&rpt=254&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Aug 2023 04:04:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		93 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:04:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 19 May 2023 17:15:21 GMT
server
nginx
etag
W/"6467aea9-175c4"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 12 Aug 2023 04:04:59 GMT
/
www.facebook.com/tr/ Frame D3A4 		0
72 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://nationalpost.com
Referer
https://nationalpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://nationalpost.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Fri, 11 Aug 2023 04:04:59 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
syncframe
gum.criteo.com/ Frame B410 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=nationalpost.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://nationalpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 11 Aug 2023 04:04:58 GMT
server
Kestrel
server-processing-duration-in-ticks
227005
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		93 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:04:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 19 May 2023 17:15:21 GMT
server
nginx
etag
W/"6467aea9-175c4"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 12 Aug 2023 04:04:59 GMT
sid
mug.criteo.com/ Frame B410
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=nationalpost.com&sn=ChromeSyncframe&so=0&topUrl=nationalpost.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=JI0DPXxiQ3FhUlBQKzRRVmNmTE9HaWpDRkt2L08wdzBDUWxWYWwyMlJ0RGlwcHBEemp2VHJPZFNjZ2VFcGM5N3RzbHhhdzhoUmpWQ01XaHRUQ29KWlpCcnRSNlFhTitGTVR2KzNQWjUyYzBRSW9RcGdyU0dmMk95MW9ac2...
447 B
670 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=JI0DPXxiQ3FhUlBQKzRRVmNmTE9HaWpDRkt2L08wdzBDUWxWYWwyMlJ0RGlwcHBEemp2VHJPZFNjZ2VFcGM5N3RzbHhhdzhoUmpWQ01XaHRUQ29KWlpCcnRSNlFhTitGTVR2KzNQWjUyYzBRSW9RcGdyU0dmMk95MW9ac2hvc1E2Rzc0eWtoNGdES0JvbkZ0Q2E4dEM4OVNUMmt5QXUwdXAwcDhZT1dVTnYyczZ6MENqRDFUalpWTGY4QnRCWFBsK1pkOXdWRjdGdXdZcmxIa1BFaFRnclFiR2ZNMFlFRmYyNkRsS09VdFhyTHRET1NJMmRicFBBaUNHNWV4TVcvZDcvWUpLVlhjbTJGeGxHNm51cStNQmVjT2JJdkh4QWdPTTVNSm4rMGZrWGtoRzhoND18&cppv=2
Protocol
H2
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
f250ef7d4945ba10b9ffb4167e10b0c0f2cd794eeaeab6d90347e05890d0d9a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Aug 2023 04:04:58 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1127916
expires
0

Redirect headers

pragma
no-cache
date
Fri, 11 Aug 2023 04:04:58 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=JI0DPXxiQ3FhUlBQKzRRVmNmTE9HaWpDRkt2L08wdzBDUWxWYWwyMlJ0RGlwcHBEemp2VHJPZFNjZ2VFcGM5N3RzbHhhdzhoUmpWQ01XaHRUQ29KWlpCcnRSNlFhTitGTVR2KzNQWjUyYzBRSW9RcGdyU0dmMk95MW9ac2hvc1E2Rzc0eWtoNGdES0JvbkZ0Q2E4dEM4OVNUMmt5QXUwdXAwcDhZT1dVTnYyczZ6MENqRDFUalpWTGY4QnRCWFBsK1pkOXdWRjdGdXdZcmxIa1BFaFRnclFiR2ZNMFlFRmYyNkRsS09VdFhyTHRET1NJMmRicFBBaUNHNWV4TVcvZDcvWUpLVlhjbTJGeGxHNm51cStNQmVjT2JJdkh4QWdPTTVNSm4rMGZrWGtoRzhoND18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
263285
content-length
0
expires
0
events
api.permutive.com/v2.0/batch/ 		101 B
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
48e614cf0236b31dac1b67e2d79590aab87d7fc9f0be33b8aae157b830fa6b0b

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 11 Aug 2023 04:04:59 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://nationalpost.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=33f41340-5dfe-5e22-bf8a-d1d4d3d8df9d&tv=%7Bc:kXjsR8,pingTime:1,time:1334,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:289%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1334,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:288,wc:0.0.1600.1200,ac:436.157.728.90,am:i,cc:436.157.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1066~100%5D,as:%5B1066~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:125,fm:tMAUOYw+11%7C12%7C13%7C14%7C15%7C16*.928934%7C161%7C17,idMap:16*,rmeas:1,rend:1,renddet:IMG.qs,siq:290,sis:403%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:c590:b5e5:9637:f555 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Aug 2023 04:04:59 GMT
server
nginx
x-server-name
dt27.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=33f41340-5dfe-5e22-bf8a-d1d4d3d8df9d&tv=%7Bc:kXjsR8,pingTime:1,time:1334,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:289%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1334,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:288,wc:0.0.1600.1200,ac:436.157.728.90,am:i,cc:436.157.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1066~100%5D,as:%5B1066~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:125,fm:tMAUOYw+11%7C12%7C13%7C14%7C15%7C16*.928934%7C161%7C17,idMap:16*,rmeas:1,rend:1,renddet:IMG.qs,siq:290,sis:403,metricId:publ1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:c590:b5e5:9637:f555 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Aug 2023 04:04:59 GMT
server
nginx
x-server-name
dt01.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=33f41340-5dfe-5e22-bf8a-d1d4d3d8df9d&tv=%7Bc:kXjsR8,pingTime:1,time:1334,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:289%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1334,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:288,wc:0.0.1600.1200,ac:436.157.728.90,am:i,cc:436.157.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1066~100%5D,as:%5B1066~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:125,fm:tMAUOYw+11%7C12%7C13%7C14%7C15%7C16*.928934%7C161%7C17,idMap:16*,rmeas:1,rend:1,renddet:IMG.qs,siq:290,sis:403,metricId:grpm1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:c590:b5e5:9637:f555 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Aug 2023 04:04:59 GMT
server
nginx
x-server-name
dt13.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
state
api.permutive.com/v1.0/ 		0
33 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v1.0/state?fetch_unseen=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 11 Aug 2023 04:05:00 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
gaAccount
buy.tinypass.com/api/v3/anon/assets/ 		65 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/assets/gaAccount?aid=SE0WzqlbUG
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js?version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d6d609a4f433032e7f423c2769d91c4951aab96cd7fabedf27fa84b503656b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 11 Aug 2023 04:05:01 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
wn
prod-dash-10-0-86-63
server
cloudflare
p3p
CP="NON DSP COR OUR IND"
access-control-allow-origin
*
server-time
0.002
content-type
application/json
cache-control
public, max-age=86400, s-maxage=86400
x-forwarded-https
on
cf-ray
7f4d990bdfdb18d5-FRA
alt-svc
h3=":443"; ma=86400
x-request-id
Mdok7zr2CBi
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: nationalpost.com
URL: https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 11 Aug 2023 03:49:43 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
918
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 11 Aug 2023 05:49:43 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1021796587&t=event&ni=1&_s=1&dl=https%3A%2F%2Fnationalpost.com%2Fnews%2Fvegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections&ul=en-us&de=UTF-8&dt=Vegan%20influencer%20who%20ate%20all-fruit%20diet%20dead%20at%2039%20%7C%20National%20Post&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=experienceExecute&el=Experience%20execute&_u=6CDACEABBAAAACAEK~&jid=1633401980&gjid=1028501582&cid=1195366512.1691726698&tid=UA-46077098-2&_gid=1925380050.1691726699&_r=1&_slc=1&z=698409684
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 11 Aug 2023 04:05:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nationalpost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1021796587&t=event&ni=1&_s=2&dl=https%3A%2F%2Fnationalpost.com%2Fnews%2Fvegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections&ul=en-us&de=UTF-8&dt=Vegan%20influencer%20who%20ate%20all-fruit%20diet%20dead%20at%2039%20%7C%20National%20Post&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=showTemplate&el=Show%20template&_u=6CDACEABBAAAACAEK~&jid=&gjid=&cid=1195366512.1691726698&tid=UA-46077098-2&_gid=1925380050.1691726699&z=1578716999
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Aug 2023 08:11:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
71584
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1021796587&t=event&ni=1&_s=3&dl=https%3A%2F%2Fnationalpost.com%2Fnews%2Fvegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections&ul=en-us&de=UTF-8&dt=Vegan%20influencer%20who%20ate%20all-fruit%20diet%20dead%20at%2039%20%7C%20National%20Post&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=meterActive&el=Meter%20active&_u=6CDACEABBAAAACAEK~&jid=&gjid=&cid=1195366512.1691726698&tid=UA-46077098-2&_gid=1925380050.1691726699&z=751037868
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Aug 2023 08:11:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
71584
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-46077098-2&cid=1195366512.1691726698&jid=1633401980&gjid=1028501582&_gid=1925380050.1691726699&_u=6CDACEABBAAAACAEK~&z=598973439
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 11 Aug 2023 04:05:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nationalpost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
recirculation.php
events.newsroom.bi/ 		12 B
717 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/recirculation.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.150.116 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy01.cl03.het.mrf.io
Software
istio-envoy /
Resource Hash
a2702f6a67d243b8c2451ed8022b8fd0a6701cd104781ad922dc25fc6aa6fc3b

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 11 Aug 2023 04:05:01 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://nationalpost.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
12
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-46077098-2&cid=1195366512.1691726698&jid=1633401980&_u=6CDACEABBAAAACAEK~&z=2073889994
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Aug 2023 04:05:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-46077098-2&cid=1195366512.1691726698&jid=1633401980&_u=6CDACEABBAAAACAEK~&z=2073889994
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Aug 2023 04:05:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
metrics
api.permutive.com/v2.0/internal/ 		2 B
37 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/internal/metrics?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 11 Aug 2023 04:05:02 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
content-type
text/plain;charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22
envelope
lexicon.33across.com/v1/ 		0
0
beacon
ap.lijit.com/ Frame A342 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13402707
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.86 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://nationalpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Fri, 11 Aug 2023 04:05:02 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap4ams1
pd
postmedia-d.openx.net/w/1.0/ Frame CC8A 		0
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://postmedia-d.openx.net/w/1.0/pd
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nationalpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Fri, 11 Aug 2023 04:05:02 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ixmatch.html
js-sec.indexww.com/um/ Frame 2C72 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://nationalpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
184
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7f4d99136b901e68-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 11 Aug 2023 04:05:02 GMT
expires
Fri, 11 Aug 2023 08:05:02 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame CA87 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://nationalpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
77432
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 11 Aug 2023 04:05:02 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 27 Jul 2023 06:34:02 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
4481, 354473
X-Served-By
cache-lga13626-LGA, cache-fra-etou8220069-FRA
X-Timer
S1691726703.642621,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 31F0 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://nationalpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=158925
content-encoding
gzip
content-length
5606
content-type
text/html
date
Fri, 11 Aug 2023 04:05:02 GMT
expires
Sun, 13 Aug 2023 00:13:47 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 5DCA 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://nationalpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 11 Aug 2023 04:05:02 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.175.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-175-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nationalpost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Fri, 11 Aug 2023 04:05:02 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ 		0
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.175.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-175-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Fri, 11 Aug 2023 04:05:02 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
PugMaster
image6.pubmatic.com/AdServer/ Frame 31F0 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=49616782&p=160305&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
3f79c40d10ea5b3d6a9fa179c39a06a463d16d929029452a518a86932a880abe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Fri, 11 Aug 2023 04:05:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usermatch
ssum-sec.casalemedia.com/ Frame 770B
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnationalpost.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnationalpost.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnationalpost.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
dbcad9fa3ccf74f21ba461c936582b42a4878a58c5cabcf5b66e5e4ff977facf

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Type
text/html
Date
Fri, 11 Aug 2023 04:05:02 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Fri, 11 Aug 2023 04:05:02 GMT
Expires
0
Keep-Alive
timeout=1, max=500
Location
/usermatch?d=https%3A%2F%2Fnationalpost.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
recirculation.php
events.newsroom.bi/ 		12 B
717 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/recirculation.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.150.116 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy01.cl03.het.mrf.io
Software
istio-envoy /
Resource Hash
a2702f6a67d243b8c2451ed8022b8fd0a6701cd104781ad922dc25fc6aa6fc3b

Request headers

Referer
https://nationalpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 11 Aug 2023 04:05:02 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://nationalpost.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
12
async_usersync
ib.adnxs.com/ Frame CA87 		0
595 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Aug 2023 04:05:02 GMT
an-x-request-uuid
e7307cf8-67e0-4499-9ea8-0ce4148c6a94
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
84.19.175.183; 84.19.175.183; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 5DCA 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4b83af29908c720034221bfe516d0dd8b36f9144ebae338d9efc5face3f43fd2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Fri, 11 Aug 2023 04:05:02 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Aug 2023 15:41:14 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=41714
Connection
keep-alive
Content-Length
10114
Expires
Fri, 11 Aug 2023 15:40:16 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 56BB
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=350198267086225137
42 B
194 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=350198267086225137
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 11 Aug 2023 04:05:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=350198267086225137
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 34A8
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 11 Aug 2023 04:05:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Fri, 11 Aug 2023 04:05:02 GMT
expires
Fri, 11 Aug 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
693646
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame 3CDB
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5141210826468656780
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5141210826468656780
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 11 Aug 2023 04:05:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Fri, 11 Aug 2023 04:05:02 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5141210826468656780
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
dcm
aax-eu.amazon-adsystem.com/s/ Frame 5788
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=779CE4B0-72D9-453F-8385-D8E208E84C65&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=779CE4B0-72D9-453F-8385-D8E208E84C65&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=779CE4B0-72D9-453F-8385-D8E208E84C65&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.226.234 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 11 Aug 2023 04:05:03 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
510HW61Y00FDXYBQKNET

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Fri, 11 Aug 2023 04:05:03 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=779CE4B0-72D9-453F-8385-D8E208E84C65&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
MSYY1BD9FD15W366JKBF
Pug
image2.pubmatic.com/AdServer/ Frame 370E
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=SN0DlRzaUcVTjQWQT49KkkuNX5ZTilGURtmhelPi
42 B
570 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=SN0DlRzaUcVTjQWQT49KkkuNX5ZTilGURtmhelPi
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 11 Aug 2023 04:05:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Fri, 11 Aug 2023 04:05:02 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=SN0DlRzaUcVTjQWQT49KkkuNX5ZTilGURtmhelPi
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 31F0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=d5zksHLZRT-DhdjiCOhMZQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:05:02 GMT
content-encoding
gzip
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=158925
accept-ranges
bytes
content-length
5606
expires
Sun, 13 Aug 2023 00:13:47 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Aug 2023 04:05:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 31F0 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=779CE4B0-72D9-453F-8385-D8E208E84C65&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.34.84 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Aug 2023 04:05:02 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.28.33
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame 31F0
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=4141744824
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=779CE4B0-72D9-453F-8385-D8E208E84C65
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=779CE4B0-72D9-453F-8385-D8E208E84C65
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Server
34.111.131.239 -, , ASN (),
Reverse DNS
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Aug 2023 04:05:02 GMT
via
1.1 google
last-modified
Fri, 11 Aug 2023 04:05:03 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=779CE4B0-72D9-453F-8385-D8E208E84C65
date
Fri, 11 Aug 2023 04:05:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame 31F0
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=779CE4B0-72D9-453F-8385-D8E208E84C65
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MzcwcVBFdXpjTVpSVEdscUFHQS0tQ3AtUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=3401845650194904069&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
HTTP/1.1
Server
54.144.174.245 -, , ASN (),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Fri, 11 Aug 2023 04:05:03 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 11 Aug 2023 04:05:03 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 31F0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Nzc5Q0U0QjAtNzJEOS00NTNGLTgzODUtRDhFMjA4RTg0QzY1&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Server
198.47.127.205 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 11 Aug 2023 04:05:02 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 11 Aug 2023 04:05:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 31F0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKaBUT7hUlO6tapqcB3tLmA&google_cver=1
42 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKaBUT7hUlO6tapqcB3tLmA&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Server
198.47.127.205 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 11 Aug 2023 04:05:00 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 11 Aug 2023 04:05:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKaBUT7hUlO6tapqcB3tLmA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 31F0 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:05:02 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Thu, 10 Aug 2023 04:05:02 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 31F0
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3401845650194904069
42 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3401845650194904069
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 11 Aug 2023 04:05:03 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 11 Aug 2023 04:05:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3401845650194904069
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 31F0 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 11 Aug 2023 04:05:02 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 770B
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZNWzbnlo6UzWeOTZZWh4lAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEL4M-unuQsHIWHjN0dEeGeM&google_cver=1
43 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEL4M-unuQsHIWHjN0dEeGeM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnationalpost.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Aug 2023 04:05:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZEGQuO7x0S3WGxRihRYpELk4EyefSI5CLIPbSgZ7gc1ORTIlqWcluszeScjYIKm9YGXOEgrMplLH%2FKtZ0YJrHCpiZfcdryaDSomYWV3pV4SytgxdyAkwF4EAmK7KL57Qtf7Y9vg1q%2FeLhg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f4d99153edb18b7-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 11 Aug 2023 04:05:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEL4M-unuQsHIWHjN0dEeGeM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 770B 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnationalpost.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 11 Aug 2023 04:05:02 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame 770B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZNWzbnlo6UzWeOTZZWh4lAAAFGMAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJ_nGRNG5DOlDdOTcA8MCZE&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJ_nGRNG5DOlDdOTcA8MCZE&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnationalpost.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Aug 2023 04:05:02 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 11 Aug 2023 04:05:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJ_nGRNG5DOlDdOTcA8MCZE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 770B
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZNWzbnlo6UzWeOTZZWh4lAAAFGMAAAIB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZNWzbnlo6UzWeOTZZWh4lAAAFGMAAAIB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZNWzbnlo6UzWeOTZZWh4lAAAFGMAAAIB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnationalpost.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
52.46.143.56 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Aug 2023 04:05:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
JSDH47CXAMM1FQB2C80Z
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 11 Aug 2023 04:05:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
7XVYZQ2XF0VJWGG5F0DR
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZNWzbnlo6UzWeOTZZWh4lAAAFGMAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 770B
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=01c5786f-f332-4db1-8484-7dabd3dd7c43&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=01c5786f-f332-4db1-8484-7dabd3dd7c43&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnationalpost.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Aug 2023 04:05:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OJFhfk9ub0pIxths9azoq2BDrkkmt82MBzlKP7jZI3usmJ0p6NRM9mhIU%2Fq%2FWE%2BxMSWuXASsiqci%2Fjrey6jtMFRkoPai99%2Failu%2BLsr7CtKl0UqHHlSYYV%2FUiO8BPItv6%2FJIGGxk94moxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache
cf-ray
7f4d9915cb8c3619-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=01c5786f-f332-4db1-8484-7dabd3dd7c43&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
date
Fri, 11 Aug 2023 04:05:02 GMT
server
_
content-length
0
user-registering
ads.stickyadstv.com/ Frame 770B 		43 B
653 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZNWzbnlo6UzWeOTZZWh4lAAAFGMAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnationalpost.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.126.84 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Aug 2023 04:05:02 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1691726702690093-549
Expires
Fri, 11 Aug 2023 04:05:02 GMT
usersync
sync.springserve.com/ Frame 770B 		43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1000005&gdpr=&gdpr_consent=&us_privacy=&uuid=ZNWzbnlo6UzWeOTZZWh4lAAAFGMAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnationalpost.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.100.125 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 11 Aug 2023 04:05:02 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame 770B
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATI...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
43 B
770 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnationalpost.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Aug 2023 04:05:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ePg4MHQNZFlgyEbZ1ysX6FZQjiwrqER8nmP%2B0xNataLZYQh%2BWjX76Qn8eRzzWXo2ABOn2%2F0e%2BmxGCXZnsjIFhe4VGJnGmqc5ef0qKiZxbCF0eWzZtiJJHBoGzWg2pvvzp3NJCCCD0Uh1UA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f4d99157b4e3619-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
date
Fri, 11 Aug 2023 04:05:02 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame 770B 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZNWzbnlo6UzWeOTZZWh4lAAA%265219
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnationalpost.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.47 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:05:02 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
31219
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7f4d99155d752c3d-FRA
content-length
43
expires
Sat, 12 Aug 2023 04:05:02 GMT
tap.php
pixel.rubiconproject.com/ Frame 5DCA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/WjLOKSX8EFCWfiOOfpc1msn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-R5N.GE9E2oL3kjwA.qNZbopEHzRVVkyH7UAaXw--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-R5N.GE9E2oL3kjwA.qNZbopEHzRVVkyH7UAaXw--~A
Protocol
HTTP/1.1
Server
69.173.144.139 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Fri, 11 Aug 2023 04:05:03 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-R5N.GE9E2oL3kjwA.qNZbopEHzRVVkyH7UAaXw--~A
content-length
0
setuid
px.ads.linkedin.com/ Frame 5DCA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LL62E9VZ-18-90NH
0
865 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LL62E9VZ-18-90NH
Protocol
H2
Server
2620:1ec:21::14 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:05:02 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: C21120C3F7E74D688202743705871B93 Ref B: DUS30EDGE0905 Ref C: 2023-08-11T04:05:03Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYCndEyDil2m6jN6vexow==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LL62E9VZ-18-90NH
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 5DCA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGNkYzdlZjgzMzYwOTE5MjZmOGYwZGNkZmQ2OGEwNDU3NDcwOTY3Ng
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGNkYzdlZjgzMzYwOTE5MjZmOGYwZGNkZmQ2OGEwNDU3NDcwOTY3Ng
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Aug 2023 04:05:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGNkYzdlZjgzMzYwOTE5MjZmOGYwZGNkZmQ2OGEwNDU3NDcwOTY3Ng
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 5DCA
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=kRDcvnz_RhWvat2PqwsI0w&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=kRDcvnz_RhWvat2PqwsI0w
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=kRDcvnz_RhWvat2PqwsI0w
Protocol
HTTP/1.1
Server
67.220.226.234 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Aug 2023 04:05:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
XXFVDJYVPSSKA29RCTBT
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=kRDcvnz_RhWvat2PqwsI0w
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 5DCA 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 11 Aug 2023 04:05:02 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame 5DCA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEF7n7UDiC_1vy59dMtekt10&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEF7n7UDiC_1vy59dMtekt10&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.139 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 11 Aug 2023 04:05:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEF7n7UDiC_1vy59dMtekt10&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5DCA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEw2MkU5VlotMTgtOTBOSA==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIYdszPziVTG_SH92KDCHyM&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEw2MkU5VlotMTgtOTBOSA==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEw2MkU5VlotMTgtOTBOSA==&google_push=
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Aug 2023 04:05:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEw2MkU5VlotMTgtOTBOSA==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
Expires
0
ecm3
s.amazon-adsystem.com/ Frame 5DCA
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=fW9-pooITLi6pKWWfNAwbA&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=fW9-pooITLi6pKWWfNAwbA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=fW9-pooITLi6pKWWfNAwbA
Protocol
HTTP/1.1
Server
52.46.143.56 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Aug 2023 04:05:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VGT9DNY2ND2NGEWF7C3R
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=fW9-pooITLi6pKWWfNAwbA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-72QH41ZTMR&gtm=45je3890&_p=1021796587&cid=1195366512.1691726698&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=2&sid=1691726698&sct=1&seg=1&dl=https%3A%2F%2Fnationalpost.com%2Fnews%2Fvegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections&dt=Vegan%20influencer%20who%20ate%20all-fruit%20diet%20dead%20at%2039%20%7C%20National%20Post&en=page_view&_et=3
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-72QH41ZTMR&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Aug 2023 04:05:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nationalpost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-XXXXX&gtm=45je3890&_p=1021796587&cid=1195366512.1691726698&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1691726698&sct=1&seg=1&dl=https%3A%2F%2Fnationalpost.com%2Fnews%2Fvegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections&dt=Vegan%20influencer%20who%20ate%20all-fruit%20diet%20dead%20at%2039%20%7C%20National%20Post&en=page_view&ep.article_tags=explainer%2C%20influencer%2C%20realtime%2C%20social-media%2C%20tiktok%2C%20veganism&ep.article_authors=National%20Post%20Staff&epn.character_count=3027&ep.main_category=news&ep.metered_content=true&ep.nlp_category=Health&ep.nlp_entity=People%2Cperson%20name%2CVera%20Samsonova%2C0.9445%7CWebsites%2CSocial%20Network%20Website%2CInstagram%2C0.5389%7CCountries%2Clocation%2CRussia%2C0.2477%7CDiseases%2Cdisease%2CCOVID-19%2C0.2345%7CLocations%20%26%20natural%20formations%2Clocation%2CSoutheast%20Asia%2C0.2298&ep.nlp_topic=Vera%20Samsonova%2C1%7CSamsonova%27s%20mother%2C0.8575%7Cfruit%2C0.7022%7Craw%20tropical%20fruit%20diet%2C0.701%7Craw%20vegan%20diet%2C0.6236&ep.originating_property=true&ep.project_type=Newsroom%20daily&ep.publish_timestamp=1691143211&ep.wire_content=false&epn.word_count=619&ep.article_id=ba43eb46-2322-4761-8644-4ef4fbf90637&ep.ad_blocker_enabled=false&ep.browser=Chrome&ep.browser_language=en-US&ep.brand=National%20Post&ep.device_type=desktop&ep.division=npnp&ep.domain=nationalpost.com&ep.fem_version=v85.0&ep.page_url=https%3A%2F%2Fnationalpost.com%2Fnews%2Fvegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections&ep.page_type=story&ep.platform=Cheetah&ep.platform_version=14.1.1&ep.user_status=anonymous&ep.view_type=HTML&_et=3&up.mpid=9005399267626631435
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XXXXX&l=dl_mparticle&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Aug 2023 04:05:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nationalpost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=33f41340-5dfe-5e22-bf8a-d1d4d3d8df9d&tv=%7Bc:kXjtTE,pingTime:5,time:5334,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:289%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5334,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:288,wc:0.0.1600.1200,ac:436.157.728.90,am:i,cc:436.157.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5066~100%5D,as:%5B5066~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:109,fm:tMAUOYw+11%7C12%7C13%7C14%7C15%7C16*.928934%7C161%7C17,idMap:16*,rmeas:1,rend:1,renddet:IMG.qs,siq:290,sis:403%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:c590:b5e5:9637:f555 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Aug 2023 04:05:03 GMT
server
nginx
x-server-name
dt04.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
async_usersync
ib.adnxs.com/ Frame CA87 		0
595 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Aug 2023 04:05:03 GMT
an-x-request-uuid
fff8e575-dcd7-4206-b120-6279f6126ebb
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
84.19.175.183; 84.19.175.183; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
4.a2d7945b56cc201183a8.css
cdn.viafoura.net/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/4.a2d7945b56cc201183a8.css
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:8000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
65fa034a932b6a9eb93b9d881c3c399b07874f5ab9421ed526094def5bcfad5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 17:35:07 GMT
x-amz-version-id
GdlYP9wuFBtmOsMnex.t90olm.Y5T2hS
content-encoding
br
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
age
815397
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 01 Aug 2023 17:34:54 GMT
server
AmazonS3
etag
W/"9d1c262999565fd492801a0953705a40"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
koiP0iwZHPJ1GutVDWpvtCwIAQg56vKLD9GSSso0DJc3iICSPcPU8g==
default~comments_js~conversation_starter_js~liveblog_js~standalone_ad_js~trending_articles_js.efb9d2f704a1e9f682cf.js
cdn.viafoura.net/chunks/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/default~comments_js~conversation_starter_js~liveblog_js~standalone_ad_js~trending_articles_js.efb9d2f704a1e9f682cf.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:8000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b9d222e5c2c3231c1ab672b0027b5e8b58e974d9eb6ff89674630f4e8b718497

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 17:35:07 GMT
x-amz-version-id
nLrDg1M0.BxZq6.YXvFUCeIBaL1MDGP6
content-encoding
br
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
age
815397
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 01 Aug 2023 17:34:40 GMT
server
AmazonS3
etag
W/"6680b6f03b9fd38cf6f2fcb0c9d19306"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
H-tCfY_0HSlTpNwS94xUib6SKoN2tjV8KiALNOEs1tCB0gCcGLAc3w==
173.852524046e2229a84e73.css
cdn.viafoura.net/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/173.852524046e2229a84e73.css
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:8000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d6869ac2bd808830ffd6b8a33796f6cf15c09c38874de0e6a24e1e97274d003d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 17:35:08 GMT
x-amz-version-id
QYQTaKdAhv9ua3w7psFDyOmiVzIZkgKh
content-encoding
br
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
age
815396
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 01 Aug 2023 17:34:53 GMT
server
AmazonS3
etag
W/"2b2140234afdb18b7fc8a75ce225f5ea"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
9DFh5t3-o1eKUeFyIlF5JQCclBvuqS6iltVWj4JP8dBAI-1_Kyl8sA==
trending_articles_js.ee46c7ed4567df532d54.js
cdn.viafoura.net/chunks/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/trending_articles_js.ee46c7ed4567df532d54.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:8000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dc76986fb18ed5abfb05fed6594dc20ddabd8592822366e234e754b7554b21b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 17:35:08 GMT
x-amz-version-id
xO5V1sp4NVUmOKkeM7ksB5nnTE8CeyT9
content-encoding
br
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
age
815396
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 01 Aug 2023 17:34:42 GMT
server
AmazonS3
etag
W/"a596c8eb1e9f8e3572608dec2881d82e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
6Dv6-_XRbVtRgvG8yjdjtuLv3pkIkURdpIS8qMECycDSpjZM10p5Rw==
trending_articles-module-js.1d8be1ab90058b1009f0.js
cdn.viafoura.net/chunks/vuex_store/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vuex_store/trending_articles-module-js.1d8be1ab90058b1009f0.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:8000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
533edc3291c327bab76d434e3f3d40489ab64c25799e607013f0ebdc62854f3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 17:35:08 GMT
x-amz-version-id
sB0jKUzupDDb1l3TlS6znEbxDKOW4EFB
content-encoding
br
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
age
815396
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 01 Aug 2023 17:34:36 GMT
server
AmazonS3
etag
W/"fd92c2645c2bb74f2eac528174ec91a2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
Ilkoym0w2kOQpP-zgjuFbOcKWKb1CTVwZbiMeuilBWv96V4R6W5VfQ==
trendingrecommended
livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-05d38950df07/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-05d38950df07/trendingrecommended?limit=6&content_container_window_days=7&content_window_hours=3&sorted_by=total_visible_contents
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.182.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-182-242.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-unique-id
Access-Control-Request-Method
GET
Origin
https://nationalpost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,X-REQUEST-SIGNATURE,content-type,X-UNIQUE-ID
access-control-allow-methods
PATCH,PUT,GET,DELETE,POST
access-control-allow-origin
https://nationalpost.com
access-control-max-age
43200
content-length
0
date
Fri, 11 Aug 2023 04:05:04 GMT
trendingrecommended
livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-05d38950df07/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-05d38950df07/trendingrecommended?limit=6&content_container_window_days=7&content_window_hours=3&sorted_by=total_visible_contents
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.86.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-86-57.compute-1.amazonaws.com
Software
/
Resource Hash
3e23899ef3e45f0211026e657239c4b79d9e090fc5320ada0dce02aff01f45eb

Request headers

Accept
application/json
Referer
https://nationalpost.com/
X-UNIQUE-ID
bb8d31ed-73b5-49d3-b993-80451b466861
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json;charset=utf-8

Response headers

access-control-allow-origin
https://nationalpost.com
date
Fri, 11 Aug 2023 04:05:04 GMT
content-encoding
gzip
access-control-allow-credentials
true
content-length
2696
content-type
application/json
40.bacbaddae828218d5d29.css
cdn.viafoura.net/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/40.bacbaddae828218d5d29.css
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:8000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
237a8dd9858a310f93f4938b40419aab3015db6bab30fd65f7b8274b33012a95

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 17:35:08 GMT
x-amz-version-id
pujfJSMIklIkvqOpOXeIU5g3FJQfIIBb
content-encoding
br
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
age
815397
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 01 Aug 2023 17:34:53 GMT
server
AmazonS3
etag
W/"2a7b0042550c55923dba963d9bc483b9"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
Qbo8g_PpoLhKbLu4k_voDqCM3ELCxL5xgDi3KXWdmfST5P0Sptqi4g==
defaultVendors~content_recirculation_js.a32c867bacd251ec9d56.js
cdn.viafoura.net/chunks/ 		139 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/defaultVendors~content_recirculation_js.a32c867bacd251ec9d56.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:8000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4d08ff82cda6187fb892de7ab635d1733c91047f9c975c60683c1c811721ef21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 17:35:07 GMT
x-amz-version-id
wBq8PNVcBASPP9ckwJgEITdq4FDHGtbC
content-encoding
br
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
age
815398
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 01 Aug 2023 17:34:47 GMT
server
AmazonS3
etag
W/"aac5c98b36534632b4cabc59b66eb3af"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
wMSQSVv7WxKix2KiILPQx09_BLkwlgoVNj2tUubjxDo8NNnvVG-ExQ==
36.c30985f3abcd4a10a984.css
cdn.viafoura.net/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/36.c30985f3abcd4a10a984.css
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:8000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
23c96a1d49f43964aaef9194748ef8f26adcabe0d9482e60bb43141653f08d90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 17:35:08 GMT
x-amz-version-id
LADSo0w8qwaczxxUFNIqhTrJvLuH4NWj
content-encoding
br
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
age
815397
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 01 Aug 2023 17:34:54 GMT
server
AmazonS3
etag
W/"bbf72748c10b54e371786b24221c082e"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
2mSfjlteyXuPD3fEXdsKXKJUgyv_q3X9cMAYeVsNFkcMBArrN8GIFA==
content_recirculation_js.5ee3606a525552b695b1.js
cdn.viafoura.net/chunks/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/content_recirculation_js.5ee3606a525552b695b1.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:8000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e20779b2a6efde420c6b1e7348a2b3851d3548a10f687d2d881777f38bfa7eeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 17:35:08 GMT
x-amz-version-id
GsoWUXLDtp_7JIjqjTjq0KY5Cu4QSHhP
content-encoding
br
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
age
815397
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 01 Aug 2023 17:34:45 GMT
server
AmazonS3
etag
W/"919c2f68967a4ac931d6f799d6937439"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
mfxhWOMxgUBK7pwYpqvXP0yjLhypbKiFbbdk3EU_DQ9v0M9DjDPqow==
Steven-Guilbeault-1.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/08/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/08/Steven-Guilbeault-1.jpg?w=210&type=webp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
2bb30c72b3e79549c2690f8e37f288ec1bb619339ceadf781409e8a13c1e8981

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Thu, 10 Aug 2023 23:40:44 GMT
via
1.1 google
server
nginx/1.18.0
age
15860
etag
"2297352378afb9e0136881849bb94c599b7f1d03"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-xtwfm
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4944
humantrafficking038.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/08/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/08/humantrafficking038.jpg?w=210&type=webp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
28c0908acc02f2e10930da3723eaa54d948104572a5cf92ab8f27fb9fa65bec7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Fri, 11 Aug 2023 01:15:08 GMT
via
1.1 google
server
nginx/1.18.0
age
10196
etag
"8d2dfaad1c11f5ffde34e87680640f8453eaa78c"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-xtwfm
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5072
cp2886481.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/08/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/08/cp2886481.jpg?w=210&type=webp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
7dca073fedcfe546628b8d3a50eefa2a594fbc8efba1a062dd57b4c7d5fe141c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Thu, 10 Aug 2023 17:51:11 GMT
via
1.1 google
server
nginx/1.18.0
age
36833
etag
"9428e73b3ea30b36f2a3ba1cbcc7a3196220aea7"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-m6m74
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5672
gettyimages-663882220.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/08/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/08/gettyimages-663882220.jpg?w=210&type=webp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
a320f0a0c5c94c1d9ee6f486581aed8d463803f1d4872a9b30a1fdbf27943f8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Thu, 10 Aug 2023 15:10:00 GMT
via
1.1 google
server
nginx/1.18.0
age
46504
etag
"3d8254049f58b64dd47ef11b773f85b6e0f8297d"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-5f7df9686c-vkqgm
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4176
BC-courts-1.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/08/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/08/BC-courts-1.jpg?w=210&type=webp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
8489cf31ad7fdac104c6edbbf98ffb958f2dc6dde0de678648b496039fc81ee9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nationalpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Thu, 10 Aug 2023 23:35:34 GMT
via
1.1 google
server
nginx/1.18.0
age
16170
etag
"5271c461be9857a8b907208cb9e7d7f77111d38f"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-h4ffd
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8498

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
lexicon.33across.com
URL
https://lexicon.33across.com/v1/envelope?pid=0015a0000344KfnAAE&gdpr=0&src=pbjs&ver=7.54.0

Verdicts & Comments Add Verdict or Comment

130 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 function| setNptTechAdblockerCookie object| script object| modern_script_elem object| legacy_script_elem object| ytAdTargetingLoadEvent function| script_onload string| locSrc object| ytVideoAdTargetingConfig object| BlockAdBlock object| blockAdBlock object| webpackJsonpFrontEndModules object| tp object| __iasPET object| FrontEndModules object| googletag object| permutive object| apstag object| pbjs object| diagPixSentCodes object| __iasAdRefreshConfig object| ggeac object| google_tag_data object| google_js_reporting_queue object| _aps boolean| apstagLOADED object| apscustom object| pbjsChunk object| _pbjsGlobals object| __bt_tag_d object| __bt_tag_am object| __bt_intrnl object| __bt object| LRNameSpace object| LoginRadiusDefaults function| LoginRadiusUtility function| LoginRadiusApiFramework function| setLoginRadiusDefaultSchema function| setLoginRadiusModuleFunctions function| LoginRadiusHooksModel function| SetLoginRadiusCommonFunctions function| LoginRadiusControllers function| LoginRadiusV2 function| FormValidator object| hash object| webpackChunkdjango_content_services undefined| google_measure_js_timing boolean| __bt_already_invoked object| PublisherCommonId string| iasScores object| Criteo object| Sailthru object| __permutive object| social_lrobj number| google_unique_id object| gaGlobal object| GoogleGcLKhOms function| html5passToken object| vf object| vfQ boolean| femCePnIdReadyTriggered object| dataLayer object| mParticle object| gtm_data_layer object| _vfP boolean| vfLoaded function| setImmediate function| clearImmediate object| viafoura object| COMSCORE object| _comscore object| mpOneTrustKit object| GoogleTagManagerKit function| OptanonWrapper object| dl_mparticle object| google_tag_manager function| _typeof boolean| pnFullTPVersion number| pnInitPerformance boolean| pnHasPolyfilled object| pn string| __tpVersion object| SWG function| ___tp function| postscribe object| google_tag_manager_external function| fbq function| _fbq object| _fbq_gtm_ids function| onYouTubeIframeAPIReady object| Ribn string| GoogleAnalyticsObject function| ga function| e function| t object| marfeel object| PARSELY function| autotrack object| cX function| cxCCE_callQueueExecute object| cxTest function| gtag object| PianoESPConfig object| gaplugins object| gaData function| _ga_originalSendHitTask object| ari object| __connect object| webpackChunk_marfeel_marfeel_sdk object| __mrfCompass object| __IntegralASExec object| google_image_requests undefined| cXJsonpCB1 object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_136 object| Criteo_prebid_136

92 Cookies

Domain/Path Name / Value
nationalpost.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.nationalpost.com/ Name: pbjs_sharedId
Value: 2c668ba8-d5d1-4019-bf3e-2a4418d92e10
nationalpost.com/ Name: __adblocker
Value: false
nationalpost.com/ Name: sailthru_pageviews
Value: 1
.nationalpost.com/ Name: permutive-id
Value: c60a9942-e7a1-49ba-962e-1435c3023ea4
nationalpost.com/ Name: political-ad-opt-out
Value: {"data":false,"exp":604800000,"ts":1691726697324,"mac":383148344}
.23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/ Name: pxid
Value: f6a7fe6e-1336-4571-8b72-5d70ba079a22
.adnxs.com/ Name: icu
Value: ChgI_7p2EAoYASABKAEw6ebWpgY4AUABSAEQ6ebWpgYYAA..
.adnxs.com/ Name: uuid2
Value: 5870706510901965399
.rubiconproject.com/ Name: khaos
Value: LL62E9VZ-18-90NH
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qpNPx9urOjnp+bASkO6QPb7E03ikE5KqM320dyKxB4PpHIHtVWHKNg63p6Re8UUF6LBRkJkh6j5tOBxGCOXoSK1A0KbpMOtHQy+xUA9sgf/4b7FQD2yB//h
.doubleclick.net/ Name: IDE
Value: AHWqTUkE2LPhyO1695s62ugg71v0meiAwpNJnAFlEOexs2Y2L1Jtt_h1HMReOt-t-wI
nationalpost.com/ Name: sailthru_content
Value: f3e9b3bdf0920306794cb206445c3266
nationalpost.com/ Name: sailthru_visitor
Value: eabf694c-359d-464a-8f24-bbb3db519723
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
nationalpost.com/ Name: x-id
Value: {"data":{"adLight":false,"id":"ke7tt5nss4i9q48b4pdm84hsoiiy0mv3","updated":1691726697891,"printSubscriber":false},"exp":604800000,"ts":1691726697891,"mac":-1170122127}
fem.gprod.postmedia.digital/ Name: x-id
Value: {"data":{"adLight":false,"id":"ke7tt5nss4i9q48b4pdm84hsoiiy0mv3","updated":1691726697891,"printSubscriber":false},"exp":604800000,"ts":1691726697898,"mac":-1170121910}
.nationalpost.com/ Name: __gads
Value: ID=e8f6e9ae6fb609bc:T=1691726697:RT=1691726697:S=ALNI_MY8eRhrd3uSRBkvVwuWr4I-EwGSpA
.nationalpost.com/ Name: __gpi
Value: UID=00000c5dd09937f7:T=1691726697:RT=1691726697:S=ALNI_MYDllnaqMkFr7wr4jB-K2LzQEC34g
.nationalpost.com/ Name: _pctx
Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAEzIEYOBmADgFYAnADYALIP69uonh34B2eSAC%2BQA
.nationalpost.com/ Name: _pcid
Value: %7B%22browserId%22%3A%22ll62eahuy5qsb6j6%22%7D
.nationalpost.com/ Name: _pcus
Value: eyJ1c2VyU2VnbWVudHMiOm51bGx9
nationalpost.com/ Name: __pnahc
Value: 0
.nationalpost.com/ Name: _gcl_au
Value: 1.1.1468933034.1691726698
.piano.io/ Name: __cf_bm
Value: kOvz155.IzolIjrDWKw9xjfukf1moWv_rESyuFLnB6w-1691726698-0-AXaVwWnKNIBD/LNCT82KuY1tBrAX3zZyVGGDK/xcUKWZMFvIwMe57H1ETt/S2vOExdCCvcZGBcSmxWSkE/uakkg=
.nationalpost.com/ Name: __tbc
Value: %7Bkpex%7DEoCyyHiqxNx80U7SFiZxiGK1ofPboPmZlY8VbWFdSUcrlEyi1tgL3vf3bAJkdhMj
.nationalpost.com/ Name: __pat
Value: -14400000
.nationalpost.com/ Name: __pvi
Value: eyJpZCI6InYtbGw2MmVhaTE2MmNzcDdpNCIsImRvbWFpbiI6Ii5uYXRpb25hbHBvc3QuY29tIiwidGltZSI6MTY5MTcyNjY5ODQwNH0%3D
.nationalpost.com/ Name: xbc
Value: %7Bkpex%7Du9JIFAD5EODTMuCgIrZkFLTLbIyRICBTlZu_9z2XTfCeXfgQDgaru3gNuu7_C2CFNgEzvUG_lZxAuQBwjSdkyNRioXXhZ34IyL0Ty4eFbk90bgr-u-m7ePrqsvraaONR
.nationalpost.com/ Name: _ga_72QH41ZTMR
Value: GS1.1.1691726698.1.1.1691726698.60.0.0
.nationalpost.com/ Name: _ga_XXXXX
Value: GS1.1.1691726698.1.1.1691726698.0.0.0
.nationalpost.com/ Name: _ga
Value: GA1.2.1195366512.1691726698
.nationalpost.com/ Name: _gid
Value: GA1.2.1925380050.1691726699
.nationalpost.com/ Name: _gat_UA-213173459-3
Value: 1
.nationalpost.com/ Name: _gat_UA-138335866-2
Value: 1
.nationalpost.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections%22%2C%22sref%22:%22%22%2C%22sts%22:1691726698604%2C%22slts%22:0}
.nationalpost.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=d18a5400-e4c1-4dd0-b248-aefb4faeee2a%22%2C%22session_count%22:1%2C%22last_session_ts%22:1691726698604}
.nationalpost.com/ Name: cX_P
Value: ll62eahuy5qsb6j6
.nationalpost.com/ Name: ___nrbic
Value: %7B%22previousVisit%22%3A1691726698%2C%22currentVisitStarted%22%3A1691726698%2C%22sessionId%22%3A%224bf14263-89df-476f-ac4f-4d5601bb4e91%22%2C%22sessionVars%22%3A%5B%5D%2C%22visitedInThisSession%22%3Atrue%2C%22pagesViewed%22%3A1%2C%22landingPage%22%3A%22https%3A//nationalpost.com/news/vegan-raw-food-influencer-who-ate-all-fruit-diet-allegedly-dies-of-malnutrition-infections%22%2C%22referrer%22%3A%22%22%7D
.nationalpost.com/ Name: ___nrbi
Value: %7B%22firstVisit%22%3A1691726698%2C%22userId%22%3A%227d355168-5966-4d3c-ab82-37ffe401022b%22%2C%22userVars%22%3A%5B%5D%2C%22futurePreviousVisit%22%3A1691726698%2C%22timesVisited%22%3A1%7D
.nationalpost.com/ Name: compass_uid
Value: 7d355168-5966-4d3c-ab82-37ffe401022b
.nationalpost.com/ Name: mprtcl-v4_4662F03F
Value: {'gs':{'ie':1|'dt':'us1-99b65fde89a1a145894d2d51d283cc83'|'av':'1.0.0'|'cgid':'51bdbb4d-c0f7-498e-bcce-e4aace054076'|'das':'da9b2ecb-71cc-40db-70c6-388f7afb7e07'|'csm':'WyI5MDA1Mzk5MjY3NjI2NjMxNDM1Il0='|'sid':'669CA470-9C37-4EB0-9EEB-4F642FDA93F4'|'les':1691726698676|'ssd':1691726698115}|'l':1|'9005399267626631435':{'fst':1691726698369|'ui':'eyIwIjoia2U3dHQ1bnNzNGk5cTQ4YjRwZG04NGhzb2lpeTBtdjMifQ=='}|'cu':'9005399267626631435'}
.viafoura.co/ Name: VfSess
Value: uclkl3cik67v1scapnf37fgvj9
.viafoura.co/ Name: vfThirdpartyCookiesEnabled
Value: true
.nationalpost.com/ Name: _fbp
Value: fb.1.1691726698716.413075754
events.newsroom.bi/ Name: 1528_u
Value: 7d355168-5966-4d3c-ab82-37ffe401022b
events.newsroom.bi/ Name: 1528_lv
Value: null
events.newsroom.bi/ Name: 1528_ut
Value: 0
.nationalpost.com/ Name: _ga_N3GM17BS91
Value: GS1.2.1691726698.1.0.1691726698.0.0.0
nationalpost.com/ Name: _vfz
Value: nationalpost%2Ecom.00000000-0000-4000-8000-05d38950df07.1691726699.1.medium=direct|source=|sharer_uuid=|terms=
.nationalpost.com/ Name: _vfa
Value: nationalpost%2Ecom.00000000-0000-4000-8000-05d38950df07.bb8d31ed-73b5-49d3-b993-80451b466861.1691726699.1691726699.1691726699.1
.cxense.com/ Name: gckp
Value: 22s9rifo5ti4a2ld5a8ek74ej7
.nationalpost.com/ Name: _vfb
Value: nationalpost%2Ecom.00000000-0000-4000-8000-05d38950df07.2..1691726699....
.nationalpost.com/ Name: cX_G
Value: cx%3A3it56dr9l108r1v0gkvxgqkggu%3A35ihmvc3ai7hy
.viafoura.co/ Name: vfDeviceId
Value: 9fc98446-21e9-44ce-a9e3-75e4084992ec
.criteo.com/ Name: uid
Value: 195ed67b-f11b-44a9-8a96-65d025d46f5a
.nationalpost.com/ Name: cto_bundle
Value: TYCQmF9qaEwzbUo2cmNYUDB5OUYxYkRkMkw0aXlpNm9LbzVWNWFab3V1dFhMWEdZTjFKVGhxekxwUkxkeVhwSmJFc3hTVzl2WFlIMEQlMkJPVzBBRzc0TEg1WmV0M0JtRTYlMkZtNG1tamRZd3dvSEpQdXM5bnM2bVZwVnZwZXAzeFFuJTJGdFBJVVhkbSUyRnZPcW9hMm9odHduZm1mbllFVVc4Y1lTc1pKcWlxRkd3bEpQRlhSOCUzRA
.nationalpost.com/ Name: _gat_pianoTracker
Value: 1
.ads.pubmatic.com/ Name: KCCH
Value: YES
.casalemedia.com/ Name: CMID
Value: ZNWzbnlo6UzWeOTZZWh4lAAA
.casalemedia.com/ Name: CMPS
Value: 5219
.casalemedia.com/ Name: CMPRO
Value: 5219
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 779CE4B0-72D9-453F-8385-D8E208E84C65
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 160305:2
.pubmatic.com/ Name: DPSync3
Value: 1692921600%3A201_245_241_235
.pubmatic.com/ Name: SyncRTB3
Value: 1692921600%3A8_21_56_251_54_220_13_161_46%7C1693008000%3A35
.quantserve.com/ Name: d
Value: EL4BCwHXKfijAA
.quantserve.com/ Name: mc
Value: 64d5b36e-db01f-25d86-c6480
.weborama.fr/ Name: AFFICHE_W
Value: 3GMTQWF8RWXc77
.simpli.fi/ Name: suid
Value: AE08752EAFF5444EAA9AB65B370E8821
.adform.net/ Name: C
Value: 1
.de17a.com/ Name: guid
Value: 1.350198267086225137
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTQyNLAwMjMxszAzNTO3MBDiM9TVNfd28y0yySpPcvQAAKM_sR4lAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmlobmRmbmBkaWoAAIysNzYQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTQyNLAwMjMxszAzNTO3MBDiM9TVNfd28y0yySpPcvQAAKM_sR4lAAAA
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-SN0DlRzaUcVTjQWQT49KkkuNX5ZTilGURtmhelPi&KRTB&19420-SN0DlRzaUcVTjQWQT49KkkuNX5ZTilGURtmhelPi&KRTB&22979-SN0DlRzaUcVTjQWQT49KkkuNX5ZTilGURtmhelPi&KRTB&23403-SN0DlRzaUcVTjQWQT49KkkuNX5ZTilGURtmhelPi
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEKaBUT7hUlO6tapqcB3tLmA&KRTB&23025-CAESEKaBUT7hUlO6tapqcB3tLmA&KRTB&23386-CAESEKaBUT7hUlO6tapqcB3tLmA
.adform.net/ Name: uid
Value: 3401845650194904069
.csync.loopme.me/ Name: viewer_token
Value: 01c5786f-f332-4db1-8484-7dabd3dd7c43
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5141210826468656780
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-3401845650194904069&KRTB&23263-3401845650194904069&KRTB&23481-3401845650194904069
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-350198267086225137
.pubmatic.com/ Name: PugT
Value: 1691726702
.yahoo.com/ Name: A3
Value: d=AQABBG-z1WQCENf8HW9qP8f23y94HhyLbq4FEgEBAQEE12TfZAAAAAAA_eMAAA&S=AQAAAjuJZCyeAL87-NBAkqHqskU
.linkedin.com/ Name: bcookie
Value: "v=2&57cc375b-0213-4e22-8cdd-fe8d5f0a252c"
.linkedin.com/ Name: li_gc
Value: MTswOzE2OTE3MjY3MDM7MjswMjGwZ7tDdh5v+OzpYb5Mx7buLTIffxrK97F+V/AGKSXX/g==
.linkedin.com/ Name: lidc
Value: "b=TGST05:s=T:r=T:a=T:p=T:g=2814:u=1:x=1:i=1691726703:t=1691813103:v=2:sig=AQHtvaSjFz9ufl6k8Df1U5bbP5U5b5I9"
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.amazon-adsystem.com/ Name: ad-id
Value: A-TRcGwDlEBzk9YgUdCRtkc|t
.audrte.com/ Name: arcki2
Value: 370qPEuzcMZRTGlqAGA--Cp-Q!20220908!1691726703242!ip#84.19.175.183
.audrte.com/ Name: arcki2_pubmatic
Value: 779CE4B0-72D9-453F-8385-D8E208E84C65!20220908!1691726703245

1 Console Messages

Source Level URL
Text
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=779CE4B0-72D9-453F-8385-D8E208E84C65&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co
28deffd5e4e983f3e61fac08df7e21f3.safeframe.googlesyndication.com
a.audrte.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
ads.pubmatic.com
ads.rubiconproject.com
ads.stickyadstv.com
ak.sail-horizon.com
ap.lijit.com
api.btloader.com
api.permutive.com
api.sail-personalize.com
api.viafoura.co
assets.ribn.com
auth.lrcontent.com
bidder.criteo.com
btloader.com
buy.tinypass.com
c.amazon-adsystem.com
c1.adform.net
c2.piano.io
cdn.adsafeprotected.com
cdn.cxense.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.parsely.com
cdn.permutive.com
cdn.tinypass.com
cdn.viafoura.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
comcluster.cxense.com
config.lrcontent.com
connect.facebook.net
cr.frontend.weborama.fr
csync.loopme.me
d5p.de17a.com
dcs-static.gprod.postmedia.digital
dis.criteo.com
dmp.adform.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eus.rubiconproject.com
events.newsroom.bi
experience.tinypass.com
fastlane.rubiconproject.com
fem.gprod.postmedia.digital
fonts.googleapis.com
fonts.gstatic.com
get.s-onetag.com
googlesync.permutive.com
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.viafoura.co
ib.adnxs.com
id.cxense.com
identity.mparticle.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image6.pubmatic.com
js-sec.indexww.com
jssdkcdns.mparticle.com
jssdks.mparticle.com
lexicon.33across.com
livecomments.viafoura.co
match.adsrvr.org
micro.rubiconproject.com
mug.criteo.com
nationalpost.com
notifications.viafoura.co
onetag-geo.s-onetag.com
p.rfihub.com
p1.parsely.com
p1cluster.cxense.com
pagead2.googlesyndication.com
pixel.adsafeprotected.com
pixel.rubiconproject.com
platform.instagram.com
postmedia-d.openx.net
postmedia.hub.loginradius.com
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
px.ads.linkedin.com
region1.analytics.google.com
region1.google-analytics.com
rtb.openx.net
s.amazon-adsystem.com
sb.scorecardresearch.com
sdk.mrf.io
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
signal-beacon.s-onetag.com
simage2.pubmatic.com
smartcdn.gprod.postmedia.digital
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
sync.adotmob.com
sync.crwdcntrl.net
sync.springserve.com
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.instagram.com
www.npttech.com
lexicon.33across.com
104.18.10.47
104.18.11.47
104.18.24.185
104.19.149.54
108.138.9.235
116.202.150.116
13.225.78.67
13.32.99.90
130.211.23.194
142.250.184.198
143.204.215.76
151.101.1.108
167.235.124.60
178.250.1.11
178.250.1.9
18.185.12.185
18.194.175.181
18.66.100.58
18.66.112.89
18.66.112.95
185.183.112.148
185.64.189.112
185.64.190.78
185.64.190.80
185.80.39.216
185.89.210.101
193.0.160.131
198.47.127.205
2.19.126.84
2001:4860:4802:34::36
213.155.156.183
216.52.2.86
216.58.206.34
23.215.22.18
23.32.184.192
23.56.202.187
2600:1f18:1aca:4281:c590:b5e5:9637:f555
2600:1f18:44f0:4847:3717:5549:a9cb:125f
2600:9000:21f3:9c00:8:48e:53c0:93a1
2600:9000:223c:8000:8:2ae1:d740:93a1
2602:803:c003:200::41
2606:4700:20::681a:346
2606:4700:20::ac43:4686
2606:4700:3033::ac43:9fa2
2606:4700::6810:5714
2606:4700::6810:f015
2606:4700::6811:180e
2606:4700::6811:b8b1
2606:4700::6812:1a98
2606:4700::6812:4eb
2606:4700::6812:5eb
2606:4700::6812:9fa
2606:4700:e0::ac40:660b
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2620:1ec:21::14
2a00:1450:4001:806::2001
2a00:1450:4001:810::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::200a
2a00:1450:4001:829::2001
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2003
2a00:1450:4001:831::2003
2a00:1450:4001:831::2008
2a00:1450:400c:c07::9a
2a02:2638:3::7
2a02:2638:3::c
2a02:2638:d::2
2a02:26f0:3500:293::268b
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a03:2880:f276:1c3:face:b00c:0:43fe
2a03:2880:f276:1e9:face:b00c:0:4420
2a04:4e42:400::645
2a04:4e42:600::645
2a05:d018:d29:3601:9ed9:69f8:bfd6:471c
34.107.254.252
34.111.129.221
34.111.131.239
34.111.249.109
34.117.54.29
34.149.157.221
35.204.74.118
35.214.220.225
35.227.252.103
35.241.9.51
35.244.159.8
37.157.6.233
50.16.182.242
52.208.23.60
52.211.100.125
52.22.86.57
52.222.208.154
52.222.214.32
52.223.40.198
52.46.143.56
54.144.174.245
54.171.34.84
63.34.81.234
67.220.226.234
69.173.144.138
69.173.144.139
95.101.149.233
99.83.154.140
009b0f51fe99aa3eeabcf53c1bc67ab000fac5e2da438d12dfdff8c77d13b3c7
01bdc5347a380eab81e5dcec7e5d5e1cd6eeeff47b56be7548b73a18fff3611e
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
0305ec619fa00f4120812a08b93aff1d68ff2abde8c97f9d16ce63aa5a1b968c
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
0465d9e8f79bd90c91071735e1fb63a5f9b030413a907f26d2d5c53c15930a73
057195b80c1594769bccb5bbb495f6b011b0fa6b0a39f12194248ef9dc15420a
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06cee8a130277b3634273c3866e17bb64d5fc5163e5419d5b6c7b42dfe7347d8
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
07af69012c290d3655c6c0e638f4ac4e504d55363dff7eb7a1319615336c9fd1
09517c4c41c1744e90cd9c856434b0301f7164f855e848882d0f3a6a6f896662
0954d1f01500fbf498b695ce9fb07dfa45bcb27efa977bfa8935e65da696fff9
09b19fc33b7ef1ced85b83e359f755cc5a5e1f9b97478cfc9b8b27362990468f
0aefd4dfa33ea883915663df6cc7e97b73c1b8dd0879c58face2d9bf32829e30
0b4bb74c7f550162d688cef16db8298a8b697ed71082729828f0bfc3b6bbe4dd
0b4e871db476c5cd38b0bc9fc3f5ab944ef115e10da7243b25be3994a4b2b817
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba2ecf50ec70160cad7f2a6439601fa7adf27e3dbfaeca8467f0085a4f0e2ac
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
0c57432f2159f3dfe09da54a771b3e4177286dba5981e91e1d65e99e9a5fbdbc
130ace24529c659026448bbaa095596dae9dcc2028446ab4aa065a599598b87c
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
14dc0c324a5d79656e7773e079e18e5d7838e65636ccdb0872685b2548a7ff49
15b54a90686829d59ef0c2bc6a9e2e82b6a11536be56acf2b4ff414b081c891d
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19387a25aa708b3419f639b862c4d8b52daeb8d40a8fdb3622a0f1a7ff16f575
194d726236595065653a2b6610fcd3057e59569d745e5ea37ca5226080960b69
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1af6f9dcdebd629dacc29ef518b3e90e82b6be357c5beb19a58d23b402f74440
1fb82c9bb456f6d5336430ebb3d5b1e596ceb303ee99690f0c9187aa13a0cd43
22169c5a7f5bce7e84770a3899cad5a7dd737897aca53f80513e3fdedfa796de
233b26d91f93e1ef86a78ec0e3df44ece8d1ff04fb68313b8e3ee3cff2b654ea
237a8dd9858a310f93f4938b40419aab3015db6bab30fd65f7b8274b33012a95
23c96a1d49f43964aaef9194748ef8f26adcabe0d9482e60bb43141653f08d90
24b6d5c61c96dbd20a707b4e6ab0eb1256ae3fded2f6b54b44477d399881cfef
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
279e747cff38f395e407803cc28009a6d29d078f931691f9ec249c7412cf4ffb
27dc5852c2117f24277c8a6587187dba028c25f008b214849e73db1cb680672b
28c0908acc02f2e10930da3723eaa54d948104572a5cf92ab8f27fb9fa65bec7
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63
2a647bbfb5c6723ca10f9833ae08d3381b0061f982959571e56a55d7768cb7a5
2a76292a2e3564ef61e7a900f9c998e83d78fb5f91547e704ab9168b5dca6c48
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78
2bb30c72b3e79549c2690f8e37f288ec1bb619339ceadf781409e8a13c1e8981
2c10ab9daf8380e6b89fba9a9e61f970af04a1365104413ce206662d4c755a68
2c129c4bf63a63d679e21f179b789bdaa0ffc803b7afd7fea4ac4c66a0a6dec9
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
32302c0f697c3b686ad662ab44bd33f571e4eb40879a727c5a5bbda0aa4876fa
356b97e86c75c9a846e3833a14c7ce7d2e78d540d6cd52cecad72302a6b2690d
359db532fbc5e8f8dcee8e07aa7f9d9906fe78fe3d36e63760c3270de128b83b
36260e9cb231e00f7334eacc8a181329ba4c622cb50312342edb9e8512812cf7
38169883691b0d21f22a1bd68540cba62fa73b57178666d1ba5378c014ce98ce
39ec75c6ac932686734c2364194a647078df28ff2a262c86316d2ca132cead0d
3b1d0361a0461ce106032877d434b6829fafbb3a8a4b8e4c332aeb06789f5fd4
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e23899ef3e45f0211026e657239c4b79d9e090fc5320ada0dce02aff01f45eb
3f79c40d10ea5b3d6a9fa179c39a06a463d16d929029452a518a86932a880abe
3f92f9ee26044ec522826051d957b517be6a347c6730a0163d027bfa6c9e4f96
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
406b6d79687c2601d33b029cf7867ab6cedc6c01ef13d669835b743f967d5d52
4096c8a2384f56ad8b8f306e3a761362219102e460d438fc529752bcb82d7b39
40e562e806ce113ae7879d0dd76db82797b5c274794751c260381f2c8b283641
4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44c46b2edb60329726390cf58b9135fb4b64d836dbeaf4e139f52b5d9df73981
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4882daf540d3bbda6915932253de72886d589f192cf931c0327d8c0fa6716866
48a150da2b9d2bd7518c8db5deaa7bcc651dd3ddd598f9beb0879afd780a300a
48e614cf0236b31dac1b67e2d79590aab87d7fc9f0be33b8aae157b830fa6b0b
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4b83af29908c720034221bfe516d0dd8b36f9144ebae338d9efc5face3f43fd2
4bef0d2ce9ddd3dcd15889345ea8e4ae1eb38c2bcf50bcd76daed2dc63f0a424
4d08ff82cda6187fb892de7ab635d1733c91047f9c975c60683c1c811721ef21
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4edf37d240c72f41cf96d12cfff4407d66226a3afa1f8109824d03ebe54be9d2
4f42cbb78d31e1cb1f670b8370059b160a65d25bfb265361fe52e109f95378d2
5033788b4737063af8e07fbe10b6e8c4e1296a83251acb26233032d3c5c64130
5298202a537770c56dcb3589b5524cf03f1af58c2b875e7686948c805eaf49c7
533edc3291c327bab76d434e3f3d40489ab64c25799e607013f0ebdc62854f3d
534e496086f14885de313be975a05a6174197668a865842191a2c45094d5a9fe
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
585be3f7dd7b31d45fc546624d62396308f373b647e43c7f50bb36d65e604609
5a3a5e60fd1d7d2bead85acdbac1c91c8219e3d2d3cbd8141dee2a001bfe75a2
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1
5e894c70375c943d36bf55f44ca9a3b9fde5fe275cb9e0b592295971fb44813a
5ee81ab225c24259de31fd935aee0df8a40e8d6426896f8a41d4af1abe2cee6b
6029effcb1fb7327b832ce827a84f8ebe8c7a2154cb43f4186e5ea2bd6f9f49f
61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62b28569a733e072413ed1649ad9fd346e6fa5ee81327522c04dcc409606fc77
659a8dee04b272c247129ff6513d23c16f4f9c183b5d64e7347815af8861a2a4
65fa034a932b6a9eb93b9d881c3c399b07874f5ab9421ed526094def5bcfad5c
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c
670f7ef79132850ce112c2ace0c4150973283d791476dbe2fd91b6b6ae4ef7ed
69193c467efacbd943f4138e5b2b93dd1ded275d6e8233fd28b2a0f74765365b
6a072892a3723620f682538ba122888a77614a6344368dee9f90c6063fbe461b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d6d609a4f433032e7f423c2769d91c4951aab96cd7fabedf27fa84b503656b9
6e2ebaba73999330a3adec9d71ce3d0fd7537e3204945d1b0ff41ca5a7e5723c
6f8bf0d53f59de17706c59736271bf6c7e0f28f106c5bc9ff5cc8b9f6f8fa339
703c7db8caf634db1260f93afe24ee8b80b6db8451d7217689b358a0e5b47ff0
715504b046206568b164b467062068b29d3e44f6b39dfbb4706c9ddb319f4f2a
719877af1dec7f1f88b365106403d09145b6187c99204048943b3f9404d89b8c
72e60b6eb3be9d5d931fdeb84475759aa558145f9a848f1804423f5b1e611ecc
73ce21104cbd5c5d38a7f58633f41f6aaf3cf9bb58d2166935871115df10086f
73f5cb8f7a137847e41aeb849588174535651b6e140d8b13575f46fff0c496a2
7521fac2db4e5a743c196ad0f50a81571bfb74bddfd08e4085e58b98dfc613e2
7550dc0850af915cc9d6d560c54063359c9112995f9631d82d021bf712844fc2
76630bbc94f26374853dddf4e3c04d8d5ed36f55379ba657456b51d8eab42ae0
77ca32d74206464f28af19c7fa389e2398f5dfb352a32cfe45c2598d3744b957
79f777aa15fa0b107868ac2ebfe1c632aae72056e98024cd20a782d2200f05cd
7dca073fedcfe546628b8d3a50eefa2a594fbc8efba1a062dd57b4c7d5fe141c
7ead3690e12f75b5339e5c7387e715182416d8f2fd427d165224d5ed33e60d1c
7f10b4e1841301e153e79de2a129330dc51eb0cdf93f2326be762056a2755feb
7fd7890680926681b67aabaa0560618fd31b06844344a3707c73c668ed0dfb92
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
82de1c71b1965a6888eac09dceb3ed35cfcfebc776bd6ef68dab1673f990b28d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8489cf31ad7fdac104c6edbbf98ffb958f2dc6dde0de678648b496039fc81ee9
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8774018c1144b86e36ee08be52ead31829085c7f81669101e728e6d3edc9b18b
8a38efc84a770d3860ebb30fe420bf4b5824389759b16d3eb4f742a0466d7460
8a4aaee51fca507ae33b4acd3ea6407cbd421565807a5e2303011ead5206bcb1
8c67d47496a8af1f4c99a350ababf131661cf111a02460c5e9f6d9539db481c3
8d3d191d44b6a042adb3ac86d403f8eaa0f7d28056ce74fb3ec3bc65aff5178f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f2ecfe8f3671ad30765a6af5b64c8511775f5cb609d30d9709dae88f2010dfa
8f92f2d1f186e48942e3d37b11524101fa721da66074b44bc4ff69f8148fcb90
93b8402a673173fe8db4b9643ec4dbec0cf15e8a86524c99c3a9c4ad3f7904a8
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
94f760c2f70eba9b94316e717bc2f103c401365a79dff456d584d8a287a9a695
96496f8d6db8422593435beb0790093fb8338b626ca31854f0e0d53ac983c5f2
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
975a64dc9bbc5e1884ba8ca2e76d9b2791d16d5c9f3619bf30477cd21a8636d2
99076d574fa054a3a93d2687f4021cfc74986f32882405c680e2a08cdb3b30e6
99c4b47843b5e39c5372178b3f41d797977c66585c81493a92995730bdf55017
9b78354357bc04de9fa52562968bad64ef1311b665cc6ea927d2ec08bcc82cd8
9f62e9f8bf63e2614008fcebd71faef975394171448981ecde856f7c0b239099
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a08d9c7a735870eda9254652cbb86f9e47b00c896da4e0204fb483265ac39433
a2702f6a67d243b8c2451ed8022b8fd0a6701cd104781ad922dc25fc6aa6fc3b
a320f0a0c5c94c1d9ee6f486581aed8d463803f1d4872a9b30a1fdbf27943f8f
a345a18e5d3f6c07451cb14dd480bfad123f03663912b581265d617d4725fe9a
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a68facae97d9ba4aad337e58159f1e5da5f2fe6331a513928d570edaac63e984
a72d3e0474387d99479a2514edd11fb512970a31f7f0bc4241863664a97fecba
a7c88fc232371d8e67a78d27ebba2064592fb73e97c2493e171952180d24e12e
a89c5fb4eedad66c9f93745c6ff8bdefbdf57679500db01044c392048b854fcb
aa4a3da355e329657b4cc4162c33a1be2ed98c048175a74e580cabfd5c0f56d4
ab8521fd07bf36348650841fdfe4707974047fe057fa866bdc6104f498e9d675
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afc586d83d948c96fff7d9a4da54a5e7b3f7a6fc441d803cdbd26dd5a9f63f58
b0a16378462c7afcb27d8e14cf50e2cd3a8980af2895d20622640b096920719e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
b5067e5834f1b90474d3d6e88b1dca2872d96b4d26c72292c50244c911d3fb22
b510ee91066f77f938f78422378a73f44818d0ee661c0ccb5ad398cc7dd6b080
b6dc85459fbb9d03f478d91eae99e6627e04c8f805b08e4b97423ffbc3870d9d
b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e
b9d222e5c2c3231c1ab672b0027b5e8b58e974d9eb6ff89674630f4e8b718497
bc581de6b528ed786f9d42770f33664d272c929bc0e39acddd6bb60795820df3
bd42ab1e963caae23b78541c50e8b5d8146d0c6b2151fcfcfa938c17c417f68e
be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e
be54ac8b9843afcd92dea7b3e72306efec71ba3b6365f679f179c7ca4a0aea9f
bed8674e46bd7c49fe5c662505017c8624668174b4b71e82eefc284a2f8a6b40
bf23a7a4eebedbb87d4084a69496b29815914a18e339a00f5dc73a03c9c9328f
bf96a4cb97d885f1ece0482419a5097dcb59c168772a37b8ff911750836ddbca
c0b514e68356a91ef7fc6e840e1800c4506325971a581cf7a0e5786de8cf8767
c0ed994cd78b5ae5ad0925b57c9a4423f03cbdd82ec0c41685bd0308ff591858
c1720c51f6e31cf61ca97d051c51ecc9531f2cdfd8c23271a07ff38009d11341
c1d82b2f7c752ef9d32865cbe234a0ca0b0d5822c5508627b317705ffd23ef2e
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c310017401c4eee5944462dd42f47aefeff2df652d58f85babb62c1cbddfb2df
c33b1b724eafeaffed2aae7205f2f2dcaccf53a11d489dcf91fe67e10d96c741
c6dc0f5dee2a67da2df69cadfd63e71250d0112515dc45213917f6ae66293b25
c7f2656e323443bddb68954120e20dcc258b7a41c0f11e9efb206f2132b7a327
c7fe6da239be5e83a3d053138d413293ac50686169f09bade4ac60edf7f60120
c81cab8c63d469329c0e0724770c6c8622f0d5d1fb8b6f919b6d7dddfadba190
c8c9f51e9a0b354956c1b663d19a33c7b4c60e1e894d8ee40e632cd4ffcb56c7
cd44a6cdf121c34f8e2d09644a8d1739be0d214e2dbaf1d849616645dc343364
cd754f30e7594b88c1d163a21253d0586e816fb3ec27ff991bf1ac15c612ccde
ce559c0f43ec2a0dc664159bd06a2ac3bd3e5fdde0958a7db9418a80b1c4cf09
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d00b4c8953cdf25f549728ad667759e6f7650b5bf6146ecd3ec7c087bd3265b8
d05b2c2cb0e3c2a6b8ac0701766dc725be9e8f729fe0ed06c62af97f3bd2b05c
d1f990dd3c391e051369e19df6ea54dbbc79a427c27a284bd080b4bfc2581f91
d223012ef147ab4a402a55626d1b5f4cc4d7ea9bed0cb9eec418b5665cb89f4d
d22c2b457592d1f744afe93fdca6657e1985e47f0fade89674ae45ebce1d6428
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d28ae0424f5584829aec47ef0e63c84761da803e4b88c75cf92ad18a1a2b971f
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
d42eed878a4999fb639c40a8a9dee1aeeccaf04b3c7360d863613c340df84bec
d6869ac2bd808830ffd6b8a33796f6cf15c09c38874de0e6a24e1e97274d003d
d7d990fd051e65e8340d3434d69e150b2b5af80aa7ea0877ed4f70da745f7ef4
d81cea0747b72749235dbf26147ef5f8391f9b5c30497b6fb2d1881486512d4d
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
da9b18821986663ec3e5f926699020bfcd9ca73aec75fbed9006866022808e8a
dbcad9fa3ccf74f21ba461c936582b42a4878a58c5cabcf5b66e5e4ff977facf
dc76986fb18ed5abfb05fed6594dc20ddabd8592822366e234e754b7554b21b3
dcc8beebbfab8462184c8c864e5474cd84672b6d46dcb3c4131d609821883c6f
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0c867c8b4ddc4704dea1c8f1cfd309b9a4bd9cdd64a9fbbf21ffd1b31bf156a
e20779b2a6efde420c6b1e7348a2b3851d3548a10f687d2d881777f38bfa7eeb
e23f9e7866a408e26ffb9c9b005d5e7823c3bb922b716090742a2558cf94aa16
e34e26ff8e940c5a518051df2c481545a8850d8ee1547402fa773ef9563be515
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b8e3551a7b7aded43d7a1484ceef1c21720ca49581d680b606fa338245972e
e5bab9427ec1d36c811e3ca40b2a1014b330dea0fc48b787041c572e1fdc4f28
e9bbc41140d0533e49877dd77507f016365c5e5f9f7af0883b8753424d3f1676
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ee2c028d4244587f9674e8745915865ae382a33b43b34eb6abdfd3931d28f66e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f250ef7d4945ba10b9ffb4167e10b0c0f2cd794eeaeab6d90347e05890d0d9a0
f491a3f9eeebca2fe9a8c6bf6c1fd31fbbc781b2e7b320c00be12fd927d77595
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f52a85a1077fa0bce665e1aa3d6b750b3635b105da2b487d535cc2492e6e814b
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6283564739a4dcb05ad208d9cdd8b7141950ec7315115659a16c06ed73e82c9
f63fa05114141aaa71a4480beea2f746cb7b554ba2b0fb349f1c3a3eec03a622
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9
fa70655639bb30dec254811fe2fb54a92acdf62f3ce52e7e89f3a512e6b48000
fedd907d02eb600d0303ba76b75cd9029434110e70d55fa58c008217c9ccc648