view.ceros.com Open in urlscan Pro
2606:4700:4400::6812:28fc Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://link.postmedia.com/click/33190020.2598/aHR0cHM6Ly92aWV3LmNlcm9zLmNvbS9wb3N0bWVkaWEtbmV0d29yay9oZWFsdGhpbmctc2lnbnVw...
Effective URL:
https://view.ceros.com/postmedia-network/healthing-signup/p/1?utm_source=Sailthru&utm_medium=email&utm_campaign=Healthi...
Submission: On December 28 via api (December 28th 2023, 12:53:28 am UTC) from BE — Scanned from DE

Summary HTTP 72 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 17 IPs in 2 countries across 12 domains to perform 72 HTTP transactions. The main IP is 2606:4700:4400::6812:28fc, located in United States and belongs to CLOUDFLARENET, US. The main domain is view.ceros.com. The Cisco Umbrella rank of the primary domain is 27226.
TLS certificate: Issued by E1 on November 4th 2023. Valid for: 3 months.

This is the only time view.ceros.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.226.166.212 3.226.166.212	14618 (AMAZON-AES) (AMAZON-AES)
6	2606:4700:440... 2606:4700:4400::6812:28fc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
3	2606:4700:440... 2606:4700:4400::ac40:9a42	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	2606:4700:440... 2606:4700:4400::ac40:9be3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3032::6815:e1d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	3.222.82.214 3.222.82.214	14618 (AMAZON-AES) (AMAZON-AES)
3	52.85.92.71 52.85.92.71	16509 (AMAZON-02) (AMAZON-02)
1	52.85.92.7 52.85.92.7	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
2	75.2.40.13 75.2.40.13	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
72	17

1 3.226.166.212 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-166-212.compute-1.amazonaws.com

link.postmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:4400::6812:28fc (United States)

ASN13335 (CLOUDFLARENET, US)

view.ceros.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::ac40:9a42 (United States)

ASN13335 (CLOUDFLARENET, US)

assets-s3-us-east-1.ceros.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2606:4700:4400::ac40:9be3 (United States)

ASN13335 (CLOUDFLARENET, US)

media-s3-us-east-1.ceros.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:e1d (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.intake-lr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.222.82.214 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-82-214.compute-1.amazonaws.com

link.calgaryherald.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.85.92.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-92-71.ham50.r.cloudfront.net

api.ceros.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.92.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-92-7.ham50.r.cloudfront.net

ak.sail-horizon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 75.2.40.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa7557bb34ea5624b.awsglobalaccelerator.com

api.sail-personalize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	ceros.com view.ceros.com — Cisco Umbrella Rank: 27226 assets-s3-us-east-1.ceros.com — Cisco Umbrella Rank: 34603 media-s3-us-east-1.ceros.com — Cisco Umbrella Rank: 28946 api.ceros.com — Cisco Umbrella Rank: 33499	1 MB
13	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 340 fonts.googleapis.com — Cisco Umbrella Rank: 29	67 KB
12	gstatic.com fonts.gstatic.com www.gstatic.com	391 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	190 KB
2	sail-personalize.com api.sail-personalize.com — Cisco Umbrella Rank: 3421	475 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	doubleclick.net pubads.g.doubleclick.net — Cisco Umbrella Rank: 414	751 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	sail-horizon.com ak.sail-horizon.com — Cisco Umbrella Rank: 3527	33 KB
1	calgaryherald.com link.calgaryherald.com	4 KB
1	intake-lr.com cdn.intake-lr.com — Cisco Umbrella Rank: 94742	164 KB
1	postmedia.com 1 redirects link.postmedia.com	690 B
72	12

	Domain	Requested by
20	media-s3-us-east-1.ceros.com	ajax.googleapis.com view.ceros.com
11	fonts.gstatic.com	fonts.googleapis.com link.calgaryherald.com
11	fonts.googleapis.com	view.ceros.com link.calgaryherald.com
6	view.ceros.com	view.ceros.com
3	api.ceros.com	ajax.googleapis.com
3	assets-s3-us-east-1.ceros.com	view.ceros.com
3	www.googletagmanager.com	view.ceros.com www.googletagmanager.com
2	api.sail-personalize.com	ak.sail-horizon.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	pubads.g.doubleclick.net	view.ceros.com
2	ajax.googleapis.com	view.ceros.com link.calgaryherald.com
1	www.gstatic.com	www.google.com
1	www.google.com	link.calgaryherald.com
1	ak.sail-horizon.com	link.calgaryherald.com
1	link.calgaryherald.com	ajax.googleapis.com
1	cdn.intake-lr.com	assets-s3-us-east-1.ceros.com
1	link.postmedia.com	1 redirects
72	17

This site contains links to these domains. Also see Links.

Domain
healthing.ca
www3.ceros.com

Subject Issuer	Validity	Valid
view.ceros.com E1	`2023-11-04` - `2024-02-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
assets-s3-us-east-1.ceros.com E1	`2023-11-16` - `2024-02-14`	3 months	crt.sh
media-s3-us-east-1.ceros.com E1	`2023-11-22` - `2024-02-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
intake-lr.com E1	`2023-11-09` - `2024-02-07`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
link.calgaryherald.com R3	`2023-12-22` - `2024-03-21`	3 months	crt.sh
*.ceros.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-14` - `2024-04-13`	a year	crt.sh
ak.sail-horizon.com Amazon RSA 2048 M02	`2023-12-04` - `2024-12-30`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
api.sail-personalize.com Amazon RSA 2048 M01	`2023-04-25` - `2024-05-23`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://view.ceros.com/postmedia-network/healthing-signup/p/1?utm_source=Sailthru&utm_medium=email&utm_campaign=Healthing:%20Morning%20Checkup%202023-10-30&utm_term=Healthing
Frame ID: CD373DE78D81495A098C4E14D1161ADB
Requests: 62 HTTP requests in this frame

Frame: https://link.calgaryherald.com/join/5r6/healthing&hash=8ab550e730a4fec36a0cb18697d40ddd
Frame ID: 926BA23D2BD911761CE857968A71F7C5
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Healthing - SignUp

Page URL History Show full URLs

https://link.postmedia.com/click/33190020.2598/aHR0cHM6Ly92aWV3LmNlcm9zLmNvbS9wb3N0bWVkaWEtbmV0d29yay9o... HTTP 302
https://view.ceros.com/postmedia-network/healthing-signup/p/1?utm_source=Sailthru&utm_medium=email&... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

72
Requests

97 %
HTTPS

71 %
IPv6

12
Domains

17
Subdomains

17
IPs

2
Countries

1936 kB
Transfer

6695 kB
Size

6
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://healthing.ca/
Title: Powered by Postmedia and the National Post

Search URL Search Domain Scan URL

URL: http://www3.ceros.com/poweredbyceros?utm_source=M-W-CerosPower&account=postmedia-network&experience=healthing-signup
Title: Powered by Ceros

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://link.postmedia.com/click/33190020.2598/aHR0cHM6Ly92aWV3LmNlcm9zLmNvbS9wb3N0bWVkaWEtbmV0d29yay9oZWFsdGhpbmctc2lnbnVwL3AvMQ/643aab9d1b98ac387c0a1f7dB84637454 HTTP 302
https://view.ceros.com/postmedia-network/healthing-signup/p/1?utm_source=Sailthru&utm_medium=email&utm_campaign=Healthing:%20Morning%20Checkup%202023-10-30&utm_term=Healthing Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

72 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 1 Show response
view.ceros.com/postmedia-network/healthing-signup/p/
Redirect Chain

https://link.postmedia.com/click/33190020.2598/aHR0cHM6Ly92aWV3LmNlcm9zLmNvbS9wb3N0bWVkaWEtbmV0d29yay9oZWFsdGhpbmctc2lnbnVwL3AvMQ/643aab9d1b98ac387c0a1f7dB84637454
https://view.ceros.com/postmedia-network/healthing-signup/p/1?utm_source=Sailthru&utm_medium=email&utm_campaign=Healthing:%20Morning%20Checkup%202023-10-30&utm_term=Healthing

25 KB
7 KB

106ms
61ms

Document
text/html

2606:4700:4400::6812:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://view.ceros.com/postmedia-network/healthing-signup/p/1?utm_source=Sailthru&utm_medium=email&utm_campaign=Healthing:%20Morning%20Checkup%202023-10-30&utm_term=Healthing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b2570b2c1c7f3f7de1bfcaad9feadc62680b4f35f45f3e5f5b819139e2b2fa9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
cf-cache-status: HIT
cf-ray: 83c5d36d2b95bbb5-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 28 Dec 2023 00:53:22 GMT
last-modified: Wed, 27 Dec 2023 23:39:10 GMT
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

connection: close
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 28 Dec 2023 00:53:22 GMT
location: https://view.ceros.com/postmedia-network/healthing-signup/p/1?utm_source=Sailthru&utm_medium=email&utm_campaign=Healthing:%20Morning%20Checkup%202023-10-30&utm_term=Healthing
server: Sailthru
x-robots-tag: noindex

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: view.ceros.com
URL: https://view.ceros.com/postmedia-network/healthing-signup/p/1?utm_source=Sailthru&utm_medium=email&utm_campaign=Healthing:%20Morning%20Checkup%202023-10-30&utm_term=Healthing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://view.ceros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 20:16:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102987
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Dec 2024 20:16:55 GMT

GET
H2 200 webfont-1.6.3.js Show response
view.ceros.com/ 11 KB
5 KB 36ms
36ms Script
text/javascript 2606:4700:4400::6812:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://view.ceros.com/webfont-1.6.3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c32949b380a8e2de4d20de669d0573ba34d27f172a459886d434512fa2781cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://view.ceros.com/postmedia-network/healthing-signup/p/1?utm_source=Sailthru&utm_medium=email&utm_campaign=Healthing:%20Morning%20Checkup%202023-10-30&utm_term=Healthing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 00:53:22 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Thu, 16 Nov 2023 01:12:39 GMT
x-content-type-options: nosniff
server: cloudflare
age: 7755
etag: W/"e5efb8110abda03656884f299395aad2"
vary: Accept-Encoding
content-type: text/javascript
cache-control: no-store
cf-ray: 83c5d36d9bdebbb5-FRA
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 112 KB
44 KB 35ms
15ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e01c0ad98f69c0c8fd4e3115c9e9535032cbf37b902a294948b79c3038a4dd27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://view.ceros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 00:53:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44184
x-xss-protection: 0
last-modified: Thu, 28 Dec 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 28 Dec 2023 00:53:22 GMT

GET
H2 200 require-min.js Show response
assets-s3-us-east-1.ceros.com/8.13.12/view.ceros.com/default/assets/player/shared/libs/require/ 15 KB
6 KB 78ms
34ms Script
application/x-javascript 2606:4700:4400::ac40:9a42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-s3-us-east-1.ceros.com/8.13.12/view.ceros.com/default/assets/player/shared/libs/require/require-min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9a42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b0a585ef0d7a06ed38fd133e0fdcf28cd5c2f9f2ac40114580f1dce13498123

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://view.ceros.com/
Origin: https://view.ceros.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 00:53:22 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
age: 7655
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 27 Dec 2023 22:30:39 GMT
server: cloudflare
etag: W/"b03b66057d7df9b2cc9aa9c4c18aa569"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/x-javascript
access-control-max-age: 3000
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
x-frame-options: DENY
cf-ray: 83c5d36ddbff3675-FRA

GET
H2 200 bootstrap-optimized.js Show response
assets-s3-us-east-1.ceros.com/8.13.12/view.ceros.com/default/assets/player/applications/html5-player/ 3 MB
816 KB 25ms
25ms Script
application/x-javascript 2606:4700:4400::ac40:9a42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-s3-us-east-1.ceros.com/8.13.12/view.ceros.com/default/assets/player/applications/html5-player/bootstrap-optimized.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9a42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee4fa9595606f0ae1663e33ff728671f8a9059da4664697e0d597cb45c760f54

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://view.ceros.com/
Origin: https://view.ceros.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 00:53:22 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
age: 7655
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 27 Dec 2023 22:30:24 GMT
server: cloudflare
etag: W/"fce73d5eb7536f01ec2cb8664d339a62"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/x-javascript
access-control-max-age: 3000
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
x-frame-options: DENY
cf-ray: 83c5d36e1c2e3675-FRA

GET
H2 200 html5-player.css
assets-s3-us-east-1.ceros.com/8.13.12/view.ceros.com/default/assets/player/applications/html5-player/css/ 91 KB
19 KB 83ms
39ms Stylesheet
text/css 2606:4700:4400::ac40:9a42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-s3-us-east-1.ceros.com/8.13.12/view.ceros.com/default/assets/player/applications/html5-player/css/html5-player.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9a42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b39ab96645cc2d45836805757e2559d9782041a0ebd165afb4a6e0facfd9ab86

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://view.ceros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 00:53:22 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
age: 7663
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 27 Dec 2023 22:30:25 GMT
server: cloudflare
etag: W/"0298c186510590de52132b2d5ee47c65"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
cf-ray: 83c5d36ddf7b5d4d-FRA

GET
H2 200 experience-version-61a147b950d4d.js Show response
media-s3-us-east-1.ceros.com/postmedia-network/doc-version-json/v11/ 226 KB
32 KB 61ms
26ms Script
application/javascript 2606:4700:4400::ac40:9be3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media-s3-us-east-1.ceros.com/postmedia-network/doc-version-json/v11/experience-version-61a147b950d4d.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9be3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c5fdc45e64972ceabb514d7a64b858da644a27969f54e09cb67e37def21aa88

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://view.ceros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 00:53:22 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
age: 105877
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 26 Nov 2021 20:46:50 GMT
server: cloudflare
etag: W/"ab63368cf59c41c6ce5010460b71fad1"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
cf-ray: 83c5d36e4cb22bb2-FRA

GET
H2 200 activity;xsp=4747642;ord=8176200575524.884
pubads.g.doubleclick.net/ 42 B
209 B 120ms
78ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;xsp=4747642;ord=8176200575524.884?

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://view.ceros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 00:53:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activity;xsp=4745973;ord=4689317307833.137
pubads.g.doubleclick.net/ 42 B
542 B 84ms
43ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;xsp=4745973;ord=4689317307833.137?

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://view.ceros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 00:53:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
68 KB 21ms
20ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-149272255-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

198ff02337b5b54d784e382a3844eb37b8825808a7b8a93c4f4540eb9151c49f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://view.ceros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 00:53:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69065
x-xss-protection: 0
last-modified: Thu, 28 Dec 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 28 Dec 2023 00:53:22 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 224 KB
79 KB 23ms
22ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FKDH4C0E3B&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-149272255-1&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ab36bbc8f9e1c1ad1b24e177048da7ad90d708d14b0fe8389b7f23627717c8c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://view.ceros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 00:53:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81173
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 28 Dec 2023 00:53:22 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 30ms
5ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-149272255-1&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://view.ceros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 27 Dec 2023 23:48:17 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3905
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 28 Dec 2023 01:48:17 GMT

GET
H2 200 logger-1.min.js Show response
cdn.intake-lr.com/ 827 KB
164 KB 74ms
33ms Script
text/javascript 2606:4700:3032::6815:e1d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.intake-lr.com/logger-1.min.js

Requested by

Host: assets-s3-us-east-1.ceros.com
URL: https://assets-s3-us-east-1.ceros.com/8.13.12/view.ceros.com/default/assets/player/applications/html5-player/bootstrap-optimized.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:e1d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7824fc6371418aa2cfdb8dc6719e49472d6a667f7fa58943886d33729674705e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://view.ceros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 00:53:22 GMT
strict-transport-security: max-age=31556926
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 77
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-ams21076-AMS
last-modified: Wed, 27 Dec 2023 22:19:53 GMT
server: cloudflare
x-timer: S1703715887.481842,VS0,VE2
etag: W/"0eb0eda8d3aac8bb287d90b17f8671494502cdf5bc17ff4acb458df9d1140225"
vary: x-fh-requested-host, accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IKIk097MHsUCpAU9mO%2FPqP6EOVsF5PApk2vVHdnJ1yPDzo%2FElgMllSpSYMDPftQylELDw1EowKA%2FB43%2F5UI0hLxhdZ7SRvsfAHNANODSS43v1Pp0nTrQ7hBDd3R%2B8xc8B6NS%2BpHitaqCaz7hhA97aw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 83c5d36fcc7eb8f1-AMS
x-cache-hits: 1

GET
BLOB 200
OK 4acb69fd-8df0-4b3e-bedf-17b1879d22f6
https://view.ceros.com/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://view.ceros.com/4acb69fd-8df0-4b3e-bedf-17b1879d22f6
Requested by: Host: view.ceros.com
URL: https://view.ceros.com/postmedia-network/healthing-signup/p/1?utm_source=Sailthru&utm_medium=email&utm_campaign=Healthing:%20Morning%20Checkup%202023-10-30&utm_term=Healthing
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H2 200 ceros-fonts-2023-01-26.css
view.ceros.com/ 407 B
324 B 40ms
40ms Stylesheet
text/css 2606:4700:4400::6812:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://view.ceros.com/ceros-fonts-2023-01-26.css

Requested by

Host: view.ceros.com
URL: https://view.ceros.com/webfont-1.6.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b82466a6fe31e0baf68cee789f451980ffd808f9425e045e8f205abc574e683

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://view.ceros.com/postmedia-network/healthing-signup/p/1?utm_source=Sailthru&utm_medium=email&utm_campaign=Healthing:%20Morning%20Checkup%202023-10-30&utm_term=Healthing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 00:53:22 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Mon, 04 Dec 2023 22:54:53 GMT
x-content-type-options: nosniff
server: cloudflare
age: 7755
etag: W/"206ef34c0d1bd67a404b0b733c6350b1"
vary: Accept-Encoding
content-type: text/css
cache-control: no-store
cf-ray: 83c5d3700d8ebbb5-FRA
x-xss-protection: 0

GET
H2 200 avenir-next-lt.css
view.ceros.com/ 3 KB
479 B 39ms
39ms Stylesheet
text/css 2606:4700:4400::6812:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://view.ceros.com/avenir-next-lt.css

Requested by

Host: view.ceros.com
URL: https://view.ceros.com/webfont-1.6.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f619dac7a65a742377859042634f38d1ac996ee20c2897bc5e73befb52957743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://view.ceros.com/postmedia-network/healthing-signup/p/1?utm_source=Sailthru&utm_medium=email&utm_campaign=Healthing:%20Morning%20Checkup%202023-10-30&utm_term=Healthing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 00:53:22 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Mon, 04 Dec 2023 22:54:53 GMT
x-content-type-options: nosniff
server: cloudflare
age: 7755
etag: W/"2de96d67a05f8ff4db4685ab78cdde91"
vary: Accept-Encoding
content-type: text/css
cache-control: no-store
cf-ray: 83c5d3700d8fbbb5-FRA
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ 2 KB
981 B 37ms
15ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:italic

Requested by

Host: view.ceros.com
URL: https://view.ceros.com/webfont-1.6.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d7de4e163aa948cd78502140dc4e7056b9c4b557662d863c9e44166716d75c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://view.ceros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 28 Dec 2023 00:53:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 28 Dec 2023 00:53:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 28 Dec 2023 00:53:22 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
644 B 37ms
16ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700

Requested by

Host: view.ceros.com
URL: https://view.ceros.com/webfont-1.6.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

992052b3f5033727a2aa70a6d5b4acf2012f63a951e528fc4675307414fff6e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://view.ceros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 28 Dec 2023 00:53:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 27 Dec 2023 23:16:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 28 Dec 2023 00:53:22 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
624 B 42ms
21ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300Italic

Requested by

Host: view.ceros.com
URL: https://view.ceros.com/webfont-1.6.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

887baddcc8933010b0971248b88b622b16f90d25498343f54f9dc5f987c94bc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://view.ceros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 28 Dec 2023 00:53:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 28 Dec 2023 00:53:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 28 Dec 2023 00:53:22 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
644 B 43ms
22ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300

Requested by

Host: view.ceros.com
URL: https://view.ceros.com/webfont-1.6.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4d20f3d941ac9828ed48f9424e249fba0939dc62e99875ae214e85de9886b62d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://view.ceros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 28 Dec 2023 00:53:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 27 Dec 2023 23:28:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 28 Dec 2023 00:53:22 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
688 B 38ms
17ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:regular

Requested by

Host: view.ceros.com
URL: https://view.ceros.com/webfont-1.6.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a80283a2a54ea158b37690f2c26663c329737910163b122fed2c5766c9b95962

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://view.ceros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 28 Dec 2023 00:53:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 28 Dec 2023 00:27:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 28 Dec 2023 00:53:22 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
688 B 37ms
17ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:700

Requested by

Host: view.ceros.com
URL: https://view.ceros.com/webfont-1.6.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a68ffe40a7237a1f9dc253209ccc3705ad3fdc6adcad7309f5b7556310fc9e19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://view.ceros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 28 Dec 2023 00:53:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 28 Dec 2023 00:17:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 28 Dec 2023 00:53:22 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
643 B 38ms
18ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:regular

Requested by

Host: view.ceros.com
URL: https://view.ceros.com/webfont-1.6.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://view.ceros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 28 Dec 2023 00:53:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 27 Dec 2023 23:48:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 28 Dec 2023 00:53:22 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
623 B 42ms
22ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700Italic

Requested by

Host: view.ceros.com
URL: https://view.ceros.com/webfont-1.6.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7ef969391222b77140bd0a54be9fd5f4522fd8dc1d947e19bed2d7c67c66d3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://view.ceros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 28 Dec 2023 00:53:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 28 Dec 2023 00:53:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 28 Dec 2023 00:53:22 GMT

GET
H2 200 healthing-ca-rev.png
media-s3-us-east-1.ceros.com/postmedia-network/images/2021/11/25/bd2e9a6d2405a0d3d859b2555b28886b/ 3 KB
3 KB 127ms
127ms Image
image/avif 2606:4700:4400::ac40:9be3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-s3-us-east-1.ceros.com/postmedia-network/images/2021/11/25/bd2e9a6d2405a0d3d859b2555b28886b/healthing-ca-rev.png?imageOpt=1&fit=bounds&width=218

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9be3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6b9cb032d1b63307d9fd9514153a94e7c2e207d1adb772ba6c162081e8c0655

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://view.ceros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 00:53:22 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
content-length: 2676
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 25 Nov 2021 20:01:33 GMT
server: cloudflare
etag: "cfD2Uoeaj0og3HjW2HXjjcF-TM14BtbA93bpku-SHsDQ:4878828efaeeafc366e6cbc2bb8253a3"
vary: Accept, Accept-Encoding
x-frame-options: DENY
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
cf-ray: 83c5d370fe182bb2-FRA

GET
H2 200 CerosIcons-Regular-2023-01-26.woff
view.ceros.com/ 47 KB
47 KB 40ms
40ms Font
application/x-font-woff 2606:4700:4400::6812:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://view.ceros.com/CerosIcons-Regular-2023-01-26.woff

Requested by

Host: view.ceros.com
URL: https://view.ceros.com/ceros-fonts-2023-01-26.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2dea4035f77031a35f930dd5ffd12db5f5cab458f69272c07d8968e1d289a247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://view.ceros.com/ceros-fonts-2023-01-26.css
Origin: https://view.ceros.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 00:53:22 GMT
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Wed, 30 Aug 2023 21:29:19 GMT
x-content-type-options: nosniff
server: cloudflare
age: 7698
etag: "7814c91459be51eb8fbdc05c65db6b46"
vary: Accept-Encoding
content-type: application/x-font-woff
cache-control: no-store
accept-ranges: bytes
cf-ray: 83c5d370fe2abbb5-FRA
content-length: 47628
x-xss-protection: 0

GET
H2 200 Avenir%20Next%20LT%20W05%20Regular.woff2
view.ceros.com/ 35 KB
35 KB 39ms
39ms Font
application/octet-stream 2606:4700:4400::6812:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://view.ceros.com/Avenir%20Next%20LT%20W05%20Regular.woff2

Requested by

Host: view.ceros.com
URL: https://view.ceros.com/avenir-next-lt.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e3fd3c3fedec9fded5a9493a3d261dc1e140e2bf77ba10b8f07242414a03bad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://view.ceros.com/avenir-next-lt.css
Origin: https://view.ceros.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 00:53:22 GMT
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Mon, 20 Nov 2023 23:14:55 GMT
x-content-type-options: nosniff
server: cloudflare
age: 7698
etag: "07382a6efc7520ca9dd45e6d0c2f862a"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: no-store
accept-ranges: bytes
cf-ray: 83c5d370fe2cbbb5-FRA
content-length: 36040
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 124 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5c11a0405bfcca07e1a05baa52631f30ac97b8dba84e6fc2e92dfda853303291

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 39ms
18ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://view.ceros.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 00:01:51 GMT
x-content-type-options: nosniff
age: 175891
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Dec 2024 00:01:51 GMT

GET
H2 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
17 KB 34ms
14ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://view.ceros.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 14:33:15 GMT
x-content-type-options: nosniff
age: 210007
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17368
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Dec 2024 14:33:15 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 28ms
9ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://view.ceros.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 16:39:21 GMT
x-content-type-options: nosniff
age: 461641
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Dec 2024 16:39:21 GMT

GET
H2 200 ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyWyosBO5Xw.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 20 KB
20 KB 33ms
16ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyWyosBO5Xw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:regular

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

948d25dc34ee935a5254468691714c9f2e53a2927652a077c2ca84cb03fa4895

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://view.ceros.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 16:39:23 GMT
x-content-type-options: nosniff
age: 461639
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20824
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 17:53:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Dec 2024 16:39:23 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 21ms
7ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:regular

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://view.ceros.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 08:54:09 GMT
x-content-type-options: nosniff
age: 143953
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Dec 2024 08:54:09 GMT

GET
H2 200 postmedia-white-at-2x.png
media-s3-us-east-1.ceros.com/postmedia-network/images/2019/10/09/70323e92e697a2bfc48f9f3aac3ee863/ 2 KB
2 KB 147ms
147ms Image
image/avif 2606:4700:4400::ac40:9be3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-s3-us-east-1.ceros.com/postmedia-network/images/2019/10/09/70323e92e697a2bfc48f9f3aac3ee863/postmedia-white-at-2x.png?imageOpt=1&fit=bounds&width=195

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9be3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13266106d958efde8aee1b85bf758fcc488fd57b9095759f7a5bc9d1564767e0

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://view.ceros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 00:53:22 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
content-length: 1935
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 09 Oct 2019 15:36:09 GMT
server: cloudflare
etag: "cfr1zxiVIOUbc6qpTNdiU_XLa_9s7D51C4gTAcxNI-DQ:cbfb45cd951a161663392f0f842a02af"
vary: Accept, Accept-Encoding
x-frame-options: DENY
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
cf-ray: 83c5d3713e272bb2-FRA

GET
BLOB 200
OK e334540d-8010-4bd1-8e18-00385bbf920a
https://view.ceros.com/ 461 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://view.ceros.com/e334540d-8010-4bd1-8e18-00385bbf920a
Requested by: Host: view.ceros.com
URL: https://view.ceros.com/postmedia-network/healthing-signup/p/1?utm_source=Sailthru&utm_medium=email&utm_campaign=Healthing:%20Morning%20Checkup%202023-10-30&utm_term=Healthing
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3bf44c6e08409fa80eefce121e3a80ac3ad64ee7301f4a9e597302c09b40d357

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 471638
Content-Type

GET
H2 200 healthing-ca-rev.png
media-s3-us-east-1.ceros.com/postmedia-network/images/2021/11/25/bd2e9a6d2405a0d3d859b2555b28886b/ 7 KB
7 KB 119ms
119ms Image
image/avif 2606:4700:4400::ac40:9be3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-s3-us-east-1.ceros.com/postmedia-network/images/2021/11/25/bd2e9a6d2405a0d3d859b2555b28886b/healthing-ca-rev.png?imageOpt=1&fit=bounds&width=709

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9be3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5bebc5e1fb4b8c153374eae8c1108ec6e2da9ca151383c4b9d04a8177a6e807d

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://view.ceros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 00:53:22 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
content-length: 7380
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 25 Nov 2021 20:01:33 GMT
server: cloudflare
etag: "cfD2Uoeaj0og3HjW2HXjjcF-TMlm-zpxPbYkxPi0EQDQ:4878828efaeeafc366e6cbc2bb8253a3"
vary: Accept, Accept-Encoding
x-frame-options: DENY
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
cf-ray: 83c5d371ce6f2bb2-FRA

GET
H2 200 ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyVVpcBO5Xw.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 21 KB
21 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyVVpcBO5Xw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9514372ab8ac313ea8019966fdcfe91b201c3aa69f92de8346ab34af461bbad2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://view.ceros.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 17:10:42 GMT
x-content-type-options: nosniff
age: 27760
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21140
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 17:53:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Dec 2024 17:10:42 GMT

GET
H2 200 KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
17 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700Italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://view.ceros.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 19:24:10 GMT
x-content-type-options: nosniff
age: 451752
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17032
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Dec 2024 19:24:10 GMT

GET
H2 200 KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
17 KB 10ms
10ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300Italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb8007225d94a099cddbade7ea904667c0dd0b68d5e30778e5c6257589ab94d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://view.ceros.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 00:41:12 GMT
x-content-type-options: nosniff
age: 173530
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17508
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Dec 2024 00:41:12 GMT

GET
H/1.1 200
OK healthing&hash=8ab550e730a4fec36a0cb18697d40ddd Show response
link.calgaryherald.com/join/5r6/ Frame 926B 10 KB
4 KB 397ms
111ms Document
text/html 3.222.82.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://link.calgaryherald.com/join/5r6/healthing&hash=8ab550e730a4fec36a0cb18697d40ddd

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.222.82.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-222-82-214.compute-1.amazonaws.com

Software

Sailthru /

Resource Hash

050d0d038e3a62c3728cc3f9f81f5176354056c6cda44466167c52f3b7a90eb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://view.ceros.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

connection: close
content-encoding: gzip
content-length: 3399
content-type: text/html; charset=UTF-8
date: Thu, 28 Dec 2023 00:53:23 GMT
server: Sailthru
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK a Show response
api.ceros.com/ 18 B
557 B 184ms
142ms XHR
application/json 52.85.92.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ceros.com/a?data=eyJjb21tb24iOnsiYWNjb3VudF9zbHVnIjoicG9zdG1lZGlhLW5ldHdvcmsiLCJjbGllbnRfdmVyc2lvbiI6MTEsInVzZXJfdG9rZW4iOiIxOGNhZGU5NjFlMjhkOC0wYzJkZTg0NTgwNjI2ZC02OTNkNTc1My0xZDRjMDAtMThjYWRlOTYxZTMxZjU1IiwidmlzaXRfc2x1ZyI6IjE4Y2FkZTk2MWU1MWZhMS0wMmM4MmI5ODdiYTg3NS02OTNkNTc1My0xZDRjMDAtMThjYWRlOTYxZTY5MDkiLCJ1c2VyX2NvbnNlbnQiOnRydWUsImV4cGVyaWVuY2VfYWxpYXMiOiJoZWFsdGhpbmctc2lnbnVwIiwiZXhwZXJpZW5jZV9zbHVnIjoiZXhwZXJpZW5jZS01ZDliM2RjMTM5ZDQwIiwiZXhwZXJpZW5jZV92ZXJzaW9uX3NsdWciOiJleHBlcmllbmNlLXZlcnNpb24tNjFhMTQ3Yjk1MGQ0ZCIsInByb2plY3Rfc2x1ZyI6ImhlYWx0aGluZyIsImN1cnJlbnRfbGF5b3V0IjoiZGVza3RvcCJ9LCJleHRlbmRlZF9jb21tb24iOnsiYnJvd3NlciI6IkNocm9tZSIsInRyaWFsIjpmYWxzZSwiYnJvd3Nlcl92ZXJzaW9uIjoiMTIwIiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjEwOSBTYWZhcmkvNTM3LjM2IiwiZGV2aWNlX3R5cGUiOiJkZXNrdG9wIiwicGxheWVyX3R5cGUiOiJodG1sNSIsImluaXRpYWxfb3JpZW50YXRpb24iOiJsYW5kc2NhcGUiLCJjb29raWVzX2VuYWJsZWQiOnRydWUsImVtYmVkZGVkIjpmYWxzZSwiaHR0cHMiOnRydWUsImRldmljZV9waXhlbF9yYXRpbyI6MSwib3MiOiJXaW5kb3dzIiwib3NfdmVyc2lvbiI6IjEwLjAiLCJ1dG1fc291cmNlIjoiU2FpbHRocnUiLCJ1dG1fbWVkaXVtIjoiZW1haWwiLCJ1dG1fY2FtcGFpZ24iOiJIZWFsdGhpbmc6IE1vcm5pbmcgQ2hlY2t1cCAyMDIzLTEwLTMwIiwidXRtX3Rlcm0iOiJIZWFsdGhpbmciLCJzY3JlZW5fd2lkdGgiOjE2MDAsInNjcmVlbl9oZWlnaHQiOjEyMDAsImluaXRpYWxfc2NhbGUiOjEuMjUsInNjYWxlIjoxLjI1LCJ0aW1lem9uZSI6LTF9LCJldmVudHMiOlt7ImV2ZW50X3NsdWciOiIxOGNhZGU5NjM2MjE2Mi0wMzliZDAzZTQzODc3NS02OTNkNTc1My0xZDRjMDAtMThjYWRlOTYzNjMxZDMzIiwibG9hZF90aW1lIjowLjY5NywicGFnZV9zbHVnIjoicGFnZS02MWExNDdiOTUwZDcwIiwicGFnZV9udW0iOjEsImdyYWNlX3BlcmlvZF9leHBpcmVkIjpmYWxzZSwiZXZlbnRfbmFtZSI6InBsYXllci5leHBlcmllbmNlLm9wZW4iLCJjbGllbnRfdGltZXN0YW1wIjoxNzAzNzI0ODAyOTE2fSx7ImV2ZW50X3NsdWciOiIxOGNhZGU5NjFlODEwNmEtMDNmMDAzM2EyYjhmMmItNjkzZDU3NTMtMWQ0YzAwLTE4Y2FkZTk2MWU5MWY4NiIsInBlcmZvcm1hbmNlX21hcmtlcl9uYW1lIjoic3RhcnQtdHJhY2tpbmciLCJwZXJmb3JtYW5jZV9tYXJrZXJfdGltZSI6MCwiZXZlbnRfbmFtZSI6InBsYXllci5wZXJmb3JtYW5jZS5tYXJrZXIiLCJjbGllbnRfdGltZXN0YW1wIjoxNzAzNzI0ODAyNTM4fSx7ImV2ZW50X3NsdWciOiIxOGNhZGU5NjFlYTE2YjgtMGQ3Zjk4NTg4ZjYwY2MtNjkzZDU3NTMtMWQ0YzAwLTE4Y2FkZTk2MWViMWYzNSIsInBlcmZvcm1hbmNlX21hcmtlcl9uYW1lIjoicnVuLXN0YXJ0IiwicGVyZm9ybWFuY2VfbWFya2VyX3RpbWUiOjMyMSwiZXZlbnRfbmFtZSI6InBsYXllci5wZXJmb3JtYW5jZS5tYXJrZXIiLCJjbGllbnRfdGltZXN0YW1wIjoxNzAzNzI0ODAyNTQwfSx7ImV2ZW50X3NsdWciOiIxOGNhZGU5NjFmODIwNWYtMDZkOWQ0ZmJiYzA5MjgtNjkzZDU3NTMtMWQ0YzAwLTE4Y2FkZTk2MWY5YzZhIiwicGVyZm9ybWFuY2VfbWFya2VyX25hbWUiOiJkb20tcmVhZHkiLCJwZXJmb3JtYW5jZV9tYXJrZXJfdGltZSI6MzM0LCJldmVudF9uYW1lIjoicGxheWVyLnBlcmZvcm1hbmNlLm1hcmtlciIsImNsaWVudF90aW1lc3RhbXAiOjE3MDM3MjQ4MDI1NTR9LHsiZXZlbnRfc2x1ZyI6IjE4Y2FkZTk2MWZkMTNmZC0wZDVkYTJkNWM3MjNiOS02OTNkNTc1My0xZDRjMDAtMThjYWRlOTYxZmUyMGM3IiwicGVyZm9ybWFuY2VfbWFya2VyX25hbWUiOiJzcGlubmVyLXNob3duIiwicGVyZm9ybWFuY2VfbWFya2VyX3RpbWUiOjM0MCwiZXZlbnRfbmFtZSI6InBsYXllci5wZXJmb3JtYW5jZS5tYXJrZXIiLCJjbGllbnRfdGltZXN0YW1wIjoxNzAzNzI0ODAyNTU5fSx7ImV2ZW50X3NsdWciOiIxOGNhZGU5NjIwZTE2ZTItMGE4MDk3OWMwZTNhOTYtNjkzZDU3NTMtMWQ0YzAwLTE4Y2FkZTk2MjBmMjE4NSIsInBlcmZvcm1hbmNlX21hcmtlcl9uYW1lIjoiZG9jLXZlcnNpb24tbG9hZGVkIiwicGVyZm9ybWFuY2VfbWFya2VyX3RpbWUiOjM1NywiZXZlbnRfbmFtZSI6InBsYXllci5wZXJmb3JtYW5jZS5tYXJrZXIiLCJjbGllbnRfdGltZXN0YW1wIjoxNzAzNzI0ODAyNTc2fV19&_=1703724802210
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.92.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-92-71.ham50.r.cloudfront.net
Software: /
Resource Hash: 80d04a9018987b4cc89c281142cba5e7ef9f8771d90a1d9631fe03cc536f8cce

Request headers

Accept: */*
Referer: https://view.ceros.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 28 Dec 2023 00:53:23 GMT
Via: 1.1 a69bfd4d39a9b992855d914318a2c366.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: HAM50-C1
X-Amzn-Trace-Id: Root=1-658cc703-61e396e51b8c540a7579e51d;Sampled=0;lineage=694441d6:0
x-amzn-RequestId: 18b18707-dd8e-4dad-83ed-a2bea70773ef
X-Cache: Miss from cloudfront
Content-Type: application/json
Access-Control-Allow-Origin: *
Connection: keep-alive
x-amz-apigw-id: QoQIhFrmoAMEQ1g=
Content-Length: 18
X-Amz-Cf-Id: HcIAhCubhLFQOk84wu-pbCWyBk96KruV_Pk_no7bIwi6Be11Uo-b1w==

GET
H/1.1 200
OK a Show response
api.ceros.com/ 18 B
557 B 197ms
156ms XHR
application/json 52.85.92.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ceros.com/a?data=eyJjb21tb24iOnsiYWNjb3VudF9zbHVnIjoicG9zdG1lZGlhLW5ldHdvcmsiLCJjbGllbnRfdmVyc2lvbiI6MTEsInVzZXJfdG9rZW4iOiIxOGNhZGU5NjFlMjhkOC0wYzJkZTg0NTgwNjI2ZC02OTNkNTc1My0xZDRjMDAtMThjYWRlOTYxZTMxZjU1IiwidmlzaXRfc2x1ZyI6IjE4Y2FkZTk2MWU1MWZhMS0wMmM4MmI5ODdiYTg3NS02OTNkNTc1My0xZDRjMDAtMThjYWRlOTYxZTY5MDkiLCJ1c2VyX2NvbnNlbnQiOnRydWUsImV4cGVyaWVuY2VfYWxpYXMiOiJoZWFsdGhpbmctc2lnbnVwIiwiZXhwZXJpZW5jZV9zbHVnIjoiZXhwZXJpZW5jZS01ZDliM2RjMTM5ZDQwIiwiZXhwZXJpZW5jZV92ZXJzaW9uX3NsdWciOiJleHBlcmllbmNlLXZlcnNpb24tNjFhMTQ3Yjk1MGQ0ZCIsInByb2plY3Rfc2x1ZyI6ImhlYWx0aGluZyIsImN1cnJlbnRfbGF5b3V0IjoiZGVza3RvcCJ9LCJleHRlbmRlZF9jb21tb24iOnsiYnJvd3NlciI6IkNocm9tZSIsInRyaWFsIjpmYWxzZSwiYnJvd3Nlcl92ZXJzaW9uIjoiMTIwIiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjEwOSBTYWZhcmkvNTM3LjM2IiwiZGV2aWNlX3R5cGUiOiJkZXNrdG9wIiwicGxheWVyX3R5cGUiOiJodG1sNSIsImluaXRpYWxfb3JpZW50YXRpb24iOiJsYW5kc2NhcGUiLCJjb29raWVzX2VuYWJsZWQiOnRydWUsImVtYmVkZGVkIjpmYWxzZSwiaHR0cHMiOnRydWUsImRldmljZV9waXhlbF9yYXRpbyI6MSwib3MiOiJXaW5kb3dzIiwib3NfdmVyc2lvbiI6IjEwLjAiLCJ1dG1fc291cmNlIjoiU2FpbHRocnUiLCJ1dG1fbWVkaXVtIjoiZW1haWwiLCJ1dG1fY2FtcGFpZ24iOiJIZWFsdGhpbmc6IE1vcm5pbmcgQ2hlY2t1cCAyMDIzLTEwLTMwIiwidXRtX3Rlcm0iOiJIZWFsdGhpbmciLCJzY3JlZW5fd2lkdGgiOjE2MDAsInNjcmVlbl9oZWlnaHQiOjEyMDAsImluaXRpYWxfc2NhbGUiOjEuMjUsInNjYWxlIjoxLjI1LCJ0aW1lem9uZSI6LTF9LCJldmVudHMiOlt7ImV2ZW50X3NsdWciOiIxOGNhZGU5NjM2NTE4MTctMGU0YjgxMWEyYWNhMTQtNjkzZDU3NTMtMWQ0YzAwLTE4Y2FkZTk2MzY2MWYyNSIsInBhZ2Vfc2x1ZyI6InBhZ2UtNjFhMTQ3Yjk1MGQ3MCIsInBhZ2VfbnVtIjoxLCJldmVudF9uYW1lIjoicGxheWVyLnBhZ2UudmlldyIsImNsaWVudF90aW1lc3RhbXAiOjE3MDM3MjQ4MDI5MTl9LHsiZXZlbnRfc2x1ZyI6IjE4Y2FkZTk2MjE5MTkxZi0wZjFlNGVmZDNmNzU3OC02OTNkNTc1My0xZDRjMDAtMThjYWRlOTYyMWEyMjU0IiwicGVyZm9ybWFuY2VfbWFya2VyX25hbWUiOiJoaWdoLXByaW9yaXR5LWltYWdlcy1zdGFydC1sb2FkaW5nIiwicGVyZm9ybWFuY2VfbWFya2VyX3RpbWUiOjM2OCwiZXZlbnRfbmFtZSI6InBsYXllci5wZXJmb3JtYW5jZS5tYXJrZXIiLCJjbGllbnRfdGltZXN0YW1wIjoxNzAzNzI0ODAyNTg3fSx7ImV2ZW50X3NsdWciOiIxOGNhZGU5NjIxYjE4ZTYtMDI0M2Y2MDA4NTlhZDEtNjkzZDU3NTMtMWQ0YzAwLTE4Y2FkZTk2MjFjMjIzYyIsInBlcmZvcm1hbmNlX21hcmtlcl9uYW1lIjoicHJpb3JpdHktcXVldWUtZW1wdGllZCIsInBlcmZvcm1hbmNlX21hcmtlcl90aW1lIjozNzAsImV2ZW50X25hbWUiOiJwbGF5ZXIucGVyZm9ybWFuY2UubWFya2VyIiwiY2xpZW50X3RpbWVzdGFtcCI6MTcwMzcyNDgwMjU4OX0seyJldmVudF9zbHVnIjoiMThjYWRlOTYyMjBmMWYtMDA2NTIzYmE3MTNiZDMtNjkzZDU3NTMtMWQ0YzAwLTE4Y2FkZTk2MjIxMjE3YyIsInBlcmZvcm1hbmNlX21hcmtlcl9uYW1lIjoibG93LXByaW9yaXR5LWltYWdlcy1zdGFydC1sb2FkaW5nIiwicGVyZm9ybWFuY2VfbWFya2VyX3RpbWUiOjM3NSwiZXZlbnRfbmFtZSI6InBsYXllci5wZXJmb3JtYW5jZS5tYXJrZXIiLCJjbGllbnRfdGltZXN0YW1wIjoxNzAzNzI0ODAyNTk0fSx7ImV2ZW50X3NsdWciOiIxOGNhZGU5NjI4MjJjYi0wYzMzMzU5ODZjNDIwZS02OTNkNTc1My0xZDRjMDAtMThjYWRlOTYyODMxZTc4IiwicGVyZm9ybWFuY2VfbWFya2VyX25hbWUiOiJiZWdpbi1wcmVyZW5kZXJpbmctcGFnZXMiLCJwZXJmb3JtYW5jZV9tYXJrZXJfdGltZSI6NDczLCJldmVudF9uYW1lIjoicGxheWVyLnBlcmZvcm1hbmNlLm1hcmtlciIsImNsaWVudF90aW1lc3RhbXAiOjE3MDM3MjQ4MDI2OTJ9LHsiZXZlbnRfc2x1ZyI6IjE4Y2FkZTk2Mjk3ZDhjLTBjNGI4MTdhZjYzNWIyLTY5M2Q1NzUzLTFkNGMwMC0xOGNhZGU5NjI5ODIxM2UiLCJwZXJmb3JtYW5jZV9tYXJrZXJfbmFtZSI6ImFsbC1wYWdlcy1wcmVyZW5kZXJlZCIsInBlcmZvcm1hbmNlX21hcmtlcl90aW1lIjo0OTQsImV2ZW50X25hbWUiOiJwbGF5ZXIucGVyZm9ybWFuY2UubWFya2VyIiwiY2xpZW50X3RpbWVzdGFtcCI6MTcwMzcyNDgwMjcxM31dfQ%3D%3D&_=1703724802211
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.92.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-92-71.ham50.r.cloudfront.net
Software: /
Resource Hash: 80d04a9018987b4cc89c281142cba5e7ef9f8771d90a1d9631fe03cc536f8cce

Request headers

Accept: */*
Referer: https://view.ceros.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 28 Dec 2023 00:53:23 GMT
Via: 1.1 d66ba6ddafce2f17d4194c66f1af89fc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: HAM50-C1
X-Amzn-Trace-Id: Root=1-658cc703-54b0427e00755cb308beaf58;Sampled=0;lineage=694441d6:0
x-amzn-RequestId: 6917c37f-10f3-464d-92d8-69e9e74fdcf9
X-Cache: Miss from cloudfront
Content-Type: application/json
Access-Control-Allow-Origin: *
Connection: keep-alive
x-amz-apigw-id: QoQIhFjdIAMEGXw=
Content-Length: 18
X-Amz-Cf-Id: GZimwH8sxsSDYyGKUlCYJFRw3PBPHCuPrrg0zqg5P04ZjTXMdTw40Q==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
205 B 14ms
14ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1645257911&t=pageview&_s=1&dl=https%3A%2F%2Fview.ceros.com%2Fpostmedia-network%2Fhealthing-signup%2Fp%2F1%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DHealthing%3A%2520Morning%2520Checkup%25202023-10-30%26utm_term%3DHealthing&dp=%2Fpostmedia-network%2Fhealthing-signup%2Fp%2F1%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DHealthing%3A%2520Morning%2520Checkup%25202023-10-30%26utm_term%3DHealthing&ul=en-us&de=UTF-8&dt=Healthing%20-%20SignUp&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUABAAAAACAAI~&jid=1320842560&gjid=271241817&cid=1963696714.1703724803&tid=UA-149272255-1&_gid=1291515408.1703724803&_r=1&gtm=457e3bt0&gcd=11l1n1l1l5&dma_cps=sypham&dma=1&gcs=G1-1&jsscut=1&z=671381995

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://view.ceros.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 00:53:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://view.ceros.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
623 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:500Italic

Requested by

Host: view.ceros.com
URL: https://view.ceros.com/webfont-1.6.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6bd0aebe6c69ac5a983ab307835db249ca5c2c24737e41e51c8597222c38a698

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://view.ceros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 28 Dec 2023 00:53:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 28 Dec 2023 00:53:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 28 Dec 2023 00:53:22 GMT

GET
H2 200 processed-svg-instagram.svg Show response
media-s3-us-east-1.ceros.com/postmedia-network/images/2021/11/26/e40dfbf421a1b874882cce4a9e4bb468/ 2 KB
1 KB 154ms
135ms XHR
image/svg+xml 2606:4700:4400::ac40:9be3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media-s3-us-east-1.ceros.com/postmedia-network/images/2021/11/26/e40dfbf421a1b874882cce4a9e4bb468/processed-svg-instagram.svg

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9be3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98b24dfd7d60633bf4763d1dbc6f3d76cb99e681bb89647bc796cdeb552ff381

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://view.ceros.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 00:53:23 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 26 Nov 2021 20:44:29 GMT
server: cloudflare
etag: W/"6fe677483988bcffd11783af227f457a"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, PUT, POST, HEAD
content-type: image/svg+xml
access-control-max-age: 3000
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
x-frame-options: DENY
cf-ray: 83c5d372bbf64d64-FRA

GET
H2 200 processed-svg-linkedin-icon.svg Show response
media-s3-us-east-1.ceros.com/postmedia-network/images/2021/11/26/d949fac80986a00a051e0c96078ccdbb/ 3 KB
2 KB 125ms
125ms XHR
image/svg+xml 2606:4700:4400::ac40:9be3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media-s3-us-east-1.ceros.com/postmedia-network/images/2021/11/26/d949fac80986a00a051e0c96078ccdbb/processed-svg-linkedin-icon.svg

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9be3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

141aa2ab62b406fa02b570110d823cb3f820341db0aa9c3ee3b41bea89cecd7c

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://view.ceros.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 00:53:23 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 26 Nov 2021 20:44:29 GMT
server: cloudflare
etag: W/"ae195fded58e74d2d6108811f028ff85"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, PUT, POST, HEAD
content-type: image/svg+xml
access-control-max-age: 3000
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
x-frame-options: DENY
cf-ray: 83c5d372bbfc4d64-FRA

GET
H2 200 processed-svg-twittericon.svg Show response
media-s3-us-east-1.ceros.com/postmedia-network/images/2021/11/26/43e8fda076699524a0bdf07f4f8ea3db/ 3 KB
2 KB 2053ms
2053ms XHR
image/svg+xml 2606:4700:4400::ac40:9be3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media-s3-us-east-1.ceros.com/postmedia-network/images/2021/11/26/43e8fda076699524a0bdf07f4f8ea3db/processed-svg-twittericon.svg

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9be3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f92407968879dbd57c789f6e29f6774d13eaf9a48319be842ed5b6731d9201f7

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://view.ceros.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 00:53:25 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 26 Nov 2021 20:44:28 GMT
server: cloudflare
etag: W/"9eac14fcfd44b3544be53c01ffa66b1b"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, PUT, POST, HEAD
content-type: image/svg+xml
access-control-max-age: 3000
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
x-frame-options: DENY
cf-ray: 83c5d3738c6b4d64-FRA

GET
H2 200 processed-svg-facebookicon.svg Show response
media-s3-us-east-1.ceros.com/postmedia-network/images/2021/11/26/bb19af0c3a8cd249d2ffb6ecbf00f1a8/ 2 KB
1 KB 129ms
129ms XHR
image/svg+xml 2606:4700:4400::ac40:9be3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media-s3-us-east-1.ceros.com/postmedia-network/images/2021/11/26/bb19af0c3a8cd249d2ffb6ecbf00f1a8/processed-svg-facebookicon.svg

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9be3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

721a189a9c60face50cf0de14de75dfb580b0605ee9c4da7bc43ddc80a6bab5f

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://view.ceros.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 00:53:23 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 26 Nov 2021 20:44:28 GMT
server: cloudflare
etag: W/"6482b1b6b744696659b9ac81fb449843"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, PUT, POST, HEAD
content-type: image/svg+xml
access-control-max-age: 3000
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
x-frame-options: DENY
cf-ray: 83c5d3739c6f4d64-FRA

GET
H2 200 virus-01.png
media-s3-us-east-1.ceros.com/postmedia-network/images/2020/03/23/a3dc30b93411ebea31a6042883816f53/ 5 KB
5 KB 116ms
116ms Image
image/avif 2606:4700:4400::ac40:9be3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-s3-us-east-1.ceros.com/postmedia-network/images/2020/03/23/a3dc30b93411ebea31a6042883816f53/virus-01.png?imageOpt=1&fit=bounds&width=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9be3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38df9aa57ca1d88dfa9deeba2920c3c31a4b35a1d95ceb8bb6027b6ccb9d17b6

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://view.ceros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 00:53:23 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
content-length: 5134
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 23 Mar 2020 17:37:59 GMT
server: cloudflare
etag: "cfV-qGV1UNLlrCQKh0weovh7m3Okzmfk-vBAuwETO6DQ:b4f659658fca81c7f0625779453423c5"
vary: Accept, Accept-Encoding
x-frame-options: DENY
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
cf-ray: 83c5d3746f932bb2-FRA

GET
H3 200 css
fonts.googleapis.com/ Frame 926B 4 KB
642 B 19ms
19ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:500,700&display=swap

Requested by

Host: link.calgaryherald.com
URL: https://link.calgaryherald.com/join/5r6/healthing&hash=8ab550e730a4fec36a0cb18697d40ddd

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6ce31b549538b4681b35820b85353612afd5c8de7c1dbb5d0e4bcd12617f49dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link.calgaryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 28 Dec 2023 00:53:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 28 Dec 2023 00:53:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 28 Dec 2023 00:53:23 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ Frame 926B 82 KB
29 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js

Requested by

Host: link.calgaryherald.com
URL: https://link.calgaryherald.com/join/5r6/healthing&hash=8ab550e730a4fec36a0cb18697d40ddd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link.calgaryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 20:16:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102988
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29671
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Dec 2024 20:16:55 GMT

GET
H2 200 spm.v1.min.js Show response
ak.sail-horizon.com/spm/ Frame 926B 98 KB
33 KB 77ms
19ms Script
application/javascript 52.85.92.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by: Host: link.calgaryherald.com
URL: https://link.calgaryherald.com/join/5r6/healthing&hash=8ab550e730a4fec36a0cb18697d40ddd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.92.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-92-7.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8ed1c626af66981552aac1e9cd693fb3bbf73411f1af5ad340723545258fab7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link.calgaryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 00:47:19 GMT
content-encoding: gzip
via: 1.1 7eb78201dd5759c1d23b9ba1db9d8cd8.cloudfront.net (CloudFront)
last-modified: Tue, 29 Aug 2023 21:44:22 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C1
age: 365
x-amz-server-side-encryption: AES256
etag: W/"edee28fbd3a5c9f3c17e0333554b5646"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=600; must-revalidate
x-amz-cf-id: oPkJNGopcQMfayR-L52uI_zOBUbvNkOTDwnXuIT5Ksc1a7hEv9HFOg==

GET
H2 200 api.js Show response
www.google.com/recaptcha/ Frame 926B 1 KB
1 KB 37ms
16ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=st_recaptcha_onload&render=explicit

Requested by

Host: link.calgaryherald.com
URL: https://link.calgaryherald.com/join/5r6/healthing&hash=8ab550e730a4fec36a0cb18697d40ddd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5453169a5cb26640d1dc743c8f279ba070d8d689e0e8aa7cc11cfbdc6ee16973

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link.calgaryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 00:53:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 28 Dec 2023 00:53:23 GMT

GET
H2 200 virus-01.png
media-s3-us-east-1.ceros.com/postmedia-network/images/2020/03/23/b0e652f39e8746f2716f6a1bb75d1b93/ 5 KB
5 KB 124ms
124ms Image
image/avif 2606:4700:4400::ac40:9be3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-s3-us-east-1.ceros.com/postmedia-network/images/2020/03/23/b0e652f39e8746f2716f6a1bb75d1b93/virus-01.png?imageOpt=1&fit=bounds&width=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9be3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b42a5a1572709ad1266ca1096a4b8b96d8f25c3be2bf0959e610942b73f07466

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://view.ceros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 00:53:23 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
content-length: 5299
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 23 Mar 2020 17:42:57 GMT
server: cloudflare
etag: "cfJ_wReLAYC1gHCaUlC9NsofPcOkzmfk-vBAuwETO6DQ:733d353c667fdaaa9e2b21f7091c27ee"
vary: Accept, Accept-Encoding
x-frame-options: DENY
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
cf-ray: 83c5d3752ff72bb2-FRA

GET
H2 200 simple Show response
api.sail-personalize.com/v1/personalize/ Frame 926B 256 B
475 B 101ms
101ms Fetch
application/json 75.2.40.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sail-personalize.com/v1/personalize/simple?isMobile=0
Requested by: Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.40.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa7557bb34ea5624b.awsglobalaccelerator.com
Software: /
Resource Hash: a1227d7bc0b5ceaf04786c23475fa84978830b99c515dd171f0a5edc886a6ba4

Request headers

x-lib-version: v1.0.1
accept-language: de-DE,de;q=0.9
authorization: Bearer b9d3df2fccd108b5eff3c44f573b2cd6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: application/json
accept: application/json
Referer: https://link.calgaryherald.com/
x-referring-url: https://link.calgaryherald.com/join/5r6/healthing&hash=8ab550e730a4fec36a0cb18697d40ddd

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 00:53:23 GMT
content-encoding: gzip
allowedorigins: *
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
allowedmethods: GET,OPTIONS
cache-control: no-store
access-control-allow-credentials: true
allowedheaders: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length: 174
expires: -1

OPTIONS
H2 200 simple
api.sail-personalize.com/v1/personalize/ Frame 0
0 312ms
99ms Preflight
text/plain 75.2.40.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sail-personalize.com/v1/personalize/simple?isMobile=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.40.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa7557bb34ea5624b.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-lib-version,x-referring-url
Access-Control-Request-Method: GET
Origin: https://link.calgaryherald.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
access-control-allow-methods: OPTIONS,GET,POST,PUT,DELETE
access-control-allow-origin: https://link.calgaryherald.com
access-control-max-age: 1800
allow: HEAD,GET,OPTIONS
content-length: 18
content-type: text/plain
date: Thu, 28 Dec 2023 00:53:23 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 926B 16 KB
16 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://link.calgaryherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:38:05 GMT
x-content-type-options: nosniff
age: 198918
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Dec 2024 17:38:05 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 926B 15 KB
16 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://link.calgaryherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 16:39:21 GMT
x-content-type-options: nosniff
age: 461642
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Dec 2024 16:39:21 GMT

GET
H3 200 mem8YaGs126MiZpBA-UFVZ0e.ttf
fonts.gstatic.com/s/opensans/v15/ Frame 926B 26 KB
17 KB 10ms
10ms Font
font/ttf 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0e.ttf

Requested by

Host: link.calgaryherald.com
URL: https://link.calgaryherald.com/join/5r6/healthing&hash=8ab550e730a4fec36a0cb18697d40ddd

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

927658fe940c899225567ad7885c40a7871dee09c2b9f00d31f7ca62d1f424fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://link.calgaryherald.com/
Origin: https://link.calgaryherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 02:05:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 168460
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17857
x-xss-protection: 0
last-modified: Wed, 11 Oct 2017 21:49:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Dec 2024 02:05:43 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 926B 505 KB
203 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=st_recaptcha_onload&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

122bd7b997b91e56e9efd54743ffbeccefca5b8bb59c566d6ec63adf14be896e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://link.calgaryherald.com/
Origin: https://link.calgaryherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 20:05:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17288
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207437
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Dec 2024 20:05:15 GMT

GET
H2 200 virus-01.png
media-s3-us-east-1.ceros.com/postmedia-network/images/2020/03/23/b0e652f39e8746f2716f6a1bb75d1b93/ 5 KB
5 KB 23ms
23ms Image
image/avif 2606:4700:4400::ac40:9be3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-s3-us-east-1.ceros.com/postmedia-network/images/2020/03/23/b0e652f39e8746f2716f6a1bb75d1b93/virus-01.png?imageOpt=1&fit=bounds&width=100

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9be3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b42a5a1572709ad1266ca1096a4b8b96d8f25c3be2bf0959e610942b73f07466

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://view.ceros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 00:53:23 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
content-length: 5299
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 23 Mar 2020 17:42:57 GMT
server: cloudflare
etag: "cfJ_wReLAYC1gHCaUlC9NsofPcOkzmfk-vBAuwETO6DQ:733d353c667fdaaa9e2b21f7091c27ee"
vary: Accept, Accept-Encoding
x-frame-options: DENY
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
cf-ray: 83c5d375f8a12bb2-FRA

GET
H2 200 healthing-logo-at-2x.png
media-s3-us-east-1.ceros.com/postmedia-network/images/2019/10/09/acce453b3ad7c6558fddc1c3feaeede2/ 2 KB
2 KB 120ms
120ms Image
image/avif 2606:4700:4400::ac40:9be3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-s3-us-east-1.ceros.com/postmedia-network/images/2019/10/09/acce453b3ad7c6558fddc1c3feaeede2/healthing-logo-at-2x.png?imageOpt=1&fit=bounds&width=132

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9be3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23ae78c733e2ee6b585a04d5f8907ec2e1f6267a0028f76e3ddb3abb688ff6af

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://view.ceros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 00:53:23 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
content-length: 1663
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 09 Oct 2019 14:40:26 GMT
server: cloudflare
etag: "cfI9sQowiKYqU_Mep8XWuWMLDQVbIV5K6Xhlz9fjx4DQ:11dee3d46177f6854f5c055945b32b6f"
vary: Accept, Accept-Encoding
x-frame-options: DENY
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
cf-ray: 83c5d375f8a22bb2-FRA

GET
H2 200 healthing-logo-at-2x.png
media-s3-us-east-1.ceros.com/postmedia-network/images/2019/10/09/acce453b3ad7c6558fddc1c3feaeede2/ 2 KB
2 KB 22ms
22ms Image
image/avif 2606:4700:4400::ac40:9be3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-s3-us-east-1.ceros.com/postmedia-network/images/2019/10/09/acce453b3ad7c6558fddc1c3feaeede2/healthing-logo-at-2x.png?imageOpt=1&fit=bounds&width=132

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9be3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23ae78c733e2ee6b585a04d5f8907ec2e1f6267a0028f76e3ddb3abb688ff6af

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://view.ceros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 00:53:23 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
content-length: 1663
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 09 Oct 2019 14:40:26 GMT
server: cloudflare
etag: "cfI9sQowiKYqU_Mep8XWuWMLDQVbIV5K6Xhlz9fjx4DQ:11dee3d46177f6854f5c055945b32b6f"
vary: Accept, Accept-Encoding
x-frame-options: DENY
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
cf-ray: 83c5d376b8fb2bb2-FRA

GET
H2 200 healthing-logo-at-2x.png
media-s3-us-east-1.ceros.com/postmedia-network/images/2019/10/09/acce453b3ad7c6558fddc1c3feaeede2/ 7 KB
7 KB 361ms
360ms Image
image/avif 2606:4700:4400::ac40:9be3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-s3-us-east-1.ceros.com/postmedia-network/images/2019/10/09/acce453b3ad7c6558fddc1c3feaeede2/healthing-logo-at-2x.png?imageOpt=1&fit=bounds&width=530

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9be3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76916ae7f993f7335f769bd7c3839aa73474d34dcb1abc181c5855da64766d6b

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://view.ceros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 00:53:23 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
content-length: 6821
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 09 Oct 2019 14:40:26 GMT
server: cloudflare
etag: "cfI9sQowiKYqU_Mep8XWuWMLDQaxHsoGORoi5IvBGtDQ:11dee3d46177f6854f5c055945b32b6f"
vary: Accept, Accept-Encoding
x-frame-options: DENY
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
cf-ray: 83c5d376b8ff2bb2-FRA

GET
H3 200 css
fonts.googleapis.com/ 2 KB
570 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:500

Requested by

Host: view.ceros.com
URL: https://view.ceros.com/webfont-1.6.3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fd3fad3e15262b0e096e7d7cc57efd2e684a679ccacb704d94542ba3d7d93d17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://view.ceros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 28 Dec 2023 00:53:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 28 Dec 2023 00:47:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 28 Dec 2023 00:53:24 GMT

GET
H2 200 healthing-logo-at-2x.png
media-s3-us-east-1.ceros.com/postmedia-network/images/2019/10/09/acce453b3ad7c6558fddc1c3feaeede2/ 7 KB
7 KB 20ms
20ms Image
image/avif 2606:4700:4400::ac40:9be3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-s3-us-east-1.ceros.com/postmedia-network/images/2019/10/09/acce453b3ad7c6558fddc1c3feaeede2/healthing-logo-at-2x.png?imageOpt=1&fit=bounds&width=530

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9be3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76916ae7f993f7335f769bd7c3839aa73474d34dcb1abc181c5855da64766d6b

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://view.ceros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 00:53:24 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
content-length: 6821
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 09 Oct 2019 14:40:26 GMT
server: cloudflare
etag: "cfI9sQowiKYqU_Mep8XWuWMLDQaxHsoGORoi5IvBGtDQ:11dee3d46177f6854f5c055945b32b6f"
vary: Accept, Accept-Encoding
x-frame-options: DENY
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
cf-ray: 83c5d37909f22bb2-FRA

GET
H2 200 virus-websitelogo-comingoutofcovid.png
media-s3-us-east-1.ceros.com/postmedia-network/images/2020/05/25/61f06c0ab089298fc90913703564a01f/ 4 KB
4 KB 174ms
174ms Image
image/avif 2606:4700:4400::ac40:9be3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-s3-us-east-1.ceros.com/postmedia-network/images/2020/05/25/61f06c0ab089298fc90913703564a01f/virus-websitelogo-comingoutofcovid.png?imageOpt=1&fit=bounds&width=120

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9be3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4001801efe6e7c95a2f7d9f4631bc93b44115b5b543a0f2dee838e4ae915f50c

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://view.ceros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 00:53:24 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
content-length: 4448
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 25 May 2020 18:52:18 GMT
server: cloudflare
etag: "cfeniFOVQ1f9PyPQj-YpDOti_FJdk1evGZmOAHYdJcDQ:a0ad6770df02931b12fd345dbba8c0cb"
vary: Accept, Accept-Encoding
x-frame-options: DENY
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
cf-ray: 83c5d37919fe2bb2-FRA

GET
H2 200 virus-websitelogo-comingoutofcovid.png
media-s3-us-east-1.ceros.com/postmedia-network/images/2020/05/25/61f06c0ab089298fc90913703564a01f/ 4 KB
4 KB 20ms
20ms Image
image/avif 2606:4700:4400::ac40:9be3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-s3-us-east-1.ceros.com/postmedia-network/images/2020/05/25/61f06c0ab089298fc90913703564a01f/virus-websitelogo-comingoutofcovid.png?imageOpt=1&fit=bounds&width=120

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9be3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4001801efe6e7c95a2f7d9f4631bc93b44115b5b543a0f2dee838e4ae915f50c

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://view.ceros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 00:53:24 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
content-length: 4448
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 25 May 2020 18:52:18 GMT
server: cloudflare
etag: "cfeniFOVQ1f9PyPQj-YpDOti_FJdk1evGZmOAHYdJcDQ:a0ad6770df02931b12fd345dbba8c0cb"
vary: Accept, Accept-Encoding
x-frame-options: DENY
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
cf-ray: 83c5d37a3a842bb2-FRA

GET
H2 200 virus-websitelogo-comingoutofcovid.png
media-s3-us-east-1.ceros.com/postmedia-network/images/2020/05/25/61f06c0ab089298fc90913703564a01f/ 16 KB
17 KB 425ms
425ms Image
image/avif 2606:4700:4400::ac40:9be3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-s3-us-east-1.ceros.com/postmedia-network/images/2020/05/25/61f06c0ab089298fc90913703564a01f/virus-websitelogo-comingoutofcovid.png?imageOpt=1&fit=bounds&width=360

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9be3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94f8c91025f076d66036a765a398e324f9062da8bf9fc64e5d39ae414724c06f

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://view.ceros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 00:53:24 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
content-length: 16851
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 25 May 2020 18:52:18 GMT
server: cloudflare
etag: "cfeniFOVQ1f9PyPQj-YpDOti_FdmqSpEbcf_gsGBKiDQ:a0ad6770df02931b12fd345dbba8c0cb"
vary: Accept, Accept-Encoding
x-frame-options: DENY
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
cf-ray: 83c5d37a3a8a2bb2-FRA

GET
H2 200 weekender-logo.svg Show response
media-s3-us-east-1.ceros.com/postmedia-network/images/2020/12/07/e5fc3feadc47658c95b5ca68f8ab08a6/ 2 KB
963 B 168ms
168ms XHR
image/svg+xml 2606:4700:4400::ac40:9be3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media-s3-us-east-1.ceros.com/postmedia-network/images/2020/12/07/e5fc3feadc47658c95b5ca68f8ab08a6/weekender-logo.svg

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9be3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0789a7e672c5ad424681e3500741375662a7b54cac83eee91e5385f55a4619a

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://view.ceros.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 00:53:24 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 07 Dec 2020 16:49:08 GMT
server: cloudflare
etag: W/"bce6940f8e3bdd18933d191809312554"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, PUT, POST, HEAD
content-type: image/svg+xml
access-control-max-age: 3000
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
x-frame-options: DENY
cf-ray: 83c5d37cea044d64-FRA

GET
H2 200 virus-websitelogo-comingoutofcovid.png
media-s3-us-east-1.ceros.com/postmedia-network/images/2020/05/25/61f06c0ab089298fc90913703564a01f/ 16 KB
17 KB 20ms
19ms Image
image/avif 2606:4700:4400::ac40:9be3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-s3-us-east-1.ceros.com/postmedia-network/images/2020/05/25/61f06c0ab089298fc90913703564a01f/virus-websitelogo-comingoutofcovid.png?imageOpt=1&fit=bounds&width=360

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9be3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94f8c91025f076d66036a765a398e324f9062da8bf9fc64e5d39ae414724c06f

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://view.ceros.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 00:53:24 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
content-length: 16851
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 25 May 2020 18:52:18 GMT
server: cloudflare
etag: "cfeniFOVQ1f9PyPQj-YpDOti_FdmqSpEbcf_gsGBKiDQ:a0ad6770df02931b12fd345dbba8c0cb"
vary: Accept, Accept-Encoding
x-frame-options: DENY
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
cf-ray: 83c5d37cebdd2bb2-FRA

GET
H/1.1 200
OK a Show response
api.ceros.com/ 18 B
557 B 154ms
154ms XHR
application/json 52.85.92.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ceros.com/a?data=eyJjb21tb24iOnsiYWNjb3VudF9zbHVnIjoicG9zdG1lZGlhLW5ldHdvcmsiLCJjbGllbnRfdmVyc2lvbiI6MTEsInVzZXJfdG9rZW4iOiIxOGNhZGU5NjFlMjhkOC0wYzJkZTg0NTgwNjI2ZC02OTNkNTc1My0xZDRjMDAtMThjYWRlOTYxZTMxZjU1IiwidmlzaXRfc2x1ZyI6IjE4Y2FkZTk2MWU1MWZhMS0wMmM4MmI5ODdiYTg3NS02OTNkNTc1My0xZDRjMDAtMThjYWRlOTYxZTY5MDkiLCJ1c2VyX2NvbnNlbnQiOnRydWUsImV4cGVyaWVuY2VfYWxpYXMiOiJoZWFsdGhpbmctc2lnbnVwIiwiZXhwZXJpZW5jZV9zbHVnIjoiZXhwZXJpZW5jZS01ZDliM2RjMTM5ZDQwIiwiZXhwZXJpZW5jZV92ZXJzaW9uX3NsdWciOiJleHBlcmllbmNlLXZlcnNpb24tNjFhMTQ3Yjk1MGQ0ZCIsInByb2plY3Rfc2x1ZyI6ImhlYWx0aGluZyIsImN1cnJlbnRfbGF5b3V0IjoiZGVza3RvcCJ9LCJleHRlbmRlZF9jb21tb24iOnsiYnJvd3NlciI6IkNocm9tZSIsInRyaWFsIjpmYWxzZSwiYnJvd3Nlcl92ZXJzaW9uIjoiMTIwIiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjEwOSBTYWZhcmkvNTM3LjM2IiwiZGV2aWNlX3R5cGUiOiJkZXNrdG9wIiwicGxheWVyX3R5cGUiOiJodG1sNSIsImluaXRpYWxfb3JpZW50YXRpb24iOiJsYW5kc2NhcGUiLCJjb29raWVzX2VuYWJsZWQiOnRydWUsImVtYmVkZGVkIjpmYWxzZSwiaHR0cHMiOnRydWUsImRldmljZV9waXhlbF9yYXRpbyI6MSwib3MiOiJXaW5kb3dzIiwib3NfdmVyc2lvbiI6IjEwLjAiLCJ1dG1fc291cmNlIjoiU2FpbHRocnUiLCJ1dG1fbWVkaXVtIjoiZW1haWwiLCJ1dG1fY2FtcGFpZ24iOiJIZWFsdGhpbmc6IE1vcm5pbmcgQ2hlY2t1cCAyMDIzLTEwLTMwIiwidXRtX3Rlcm0iOiJIZWFsdGhpbmciLCJzY3JlZW5fd2lkdGgiOjE2MDAsInNjcmVlbl9oZWlnaHQiOjEyMDAsImluaXRpYWxfc2NhbGUiOjEuMjUsInNjYWxlIjoxLjI1LCJ0aW1lem9uZSI6LTF9LCJldmVudHMiOlt7ImV2ZW50X3NsdWciOiIxOGNhZGU5NjM1YTE4MmUtMDBjNTM1ODFlMzI5NzQtNjkzZDU3NTMtMWQ0YzAwLTE4Y2FkZTk2MzViMWJlYiIsInBlcmZvcm1hbmNlX21hcmtlcl9uYW1lIjoic3Bpbm5lci1oaWRkZW4iLCJwZXJmb3JtYW5jZV9tYXJrZXJfdGltZSI6Njg5LCJldmVudF9uYW1lIjoicGxheWVyLnBlcmZvcm1hbmNlLm1hcmtlciIsImNsaWVudF90aW1lc3RhbXAiOjE3MDM3MjQ4MDI5MDh9LHsiZXZlbnRfc2x1ZyI6IjE4Y2FkZTk2YWI3ZWExLTBhODg1ZGRlMTIwYjBkLTY5M2Q1NzUzLTFkNGMwMC0xOGNhZGU5NmFiODE0MDAiLCJwZXJmb3JtYW5jZV9tYXJrZXJfbmFtZSI6ImFsbC1yZXNvdXJjZXMtbG9hZGVkIiwicGVyZm9ybWFuY2VfbWFya2VyX3RpbWUiOjI1NzQsImV2ZW50X25hbWUiOiJwbGF5ZXIucGVyZm9ybWFuY2UubWFya2VyIiwiY2xpZW50X3RpbWVzdGFtcCI6MTcwMzcyNDgwNDc5M31dfQ%3D%3D&_=1703724802212
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.92.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-92-71.ham50.r.cloudfront.net
Software: /
Resource Hash: 80d04a9018987b4cc89c281142cba5e7ef9f8771d90a1d9631fe03cc536f8cce

Request headers

Accept: */*
Referer: https://view.ceros.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 28 Dec 2023 00:53:28 GMT
Via: 1.1 d66ba6ddafce2f17d4194c66f1af89fc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: HAM50-C1
X-Amzn-Trace-Id: Root=1-658cc707-02ad35e474a65929482f0a3e;Sampled=0;lineage=694441d6:0
x-amzn-RequestId: cd6e2aaa-69a8-4de0-b797-c22734768cb2
X-Cache: Miss from cloudfront
Content-Type: application/json
Access-Control-Allow-Origin: *
Connection: keep-alive
x-amz-apigw-id: QoQJSGx-IAMEnbg=
Content-Length: 18
X-Amz-Cf-Id: s8rFrCIHsFvWlEl5XhXgBhJpxkhQgQZNd9CYOvgqPRLoDFucASAiDA==

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.postmedia.com/	1970-01-21 02:01:21	Name: sailthru_hid Value: e005d79f6c01e82831c33da831150d36643aab9d1b98ac387c0a1f7d807cb3c89ebe523be374cbbe5eff8a81
.postmedia.com/	1970-01-20 17:15:35	Name: sailthru_bid Value: 33190020.2598
.doubleclick.net/	1970-01-20 17:15:25	Name: test_cookie Value: CheckForPermission
.ceros.com/	1970-01-21 02:51:24	Name: _ga Value: GA1.2.1963696714.1703724803
.ceros.com/	1970-01-20 17:16:51	Name: _gid Value: GA1.2.1291515408.1703724803
.ceros.com/	1970-01-20 17:15:24	Name: _gat_gtag_UA_149272255_1 Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
ak.sail-horizon.com
api.ceros.com
api.sail-personalize.com
assets-s3-us-east-1.ceros.com
cdn.intake-lr.com
fonts.googleapis.com
fonts.gstatic.com
link.calgaryherald.com
link.postmedia.com
media-s3-us-east-1.ceros.com
pubads.g.doubleclick.net
view.ceros.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
2606:4700:3032::6815:e1d
2606:4700:4400::6812:28fc
2606:4700:4400::ac40:9a42
2606:4700:4400::ac40:9be3
2a00:1450:4001:801::2003
2a00:1450:4001:806::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:80f::200a
2a00:1450:4001:828::2004
2a00:1450:4001:82a::200a
2a00:1450:4001:830::200e
2a00:1450:4001:831::2003
3.222.82.214
3.226.166.212
52.85.92.7
52.85.92.71
75.2.40.13
050d0d038e3a62c3728cc3f9f81f5176354056c6cda44466167c52f3b7a90eb1
0b82466a6fe31e0baf68cee789f451980ffd808f9425e045e8f205abc574e683
122bd7b997b91e56e9efd54743ffbeccefca5b8bb59c566d6ec63adf14be896e
13266106d958efde8aee1b85bf758fcc488fd57b9095759f7a5bc9d1564767e0
141aa2ab62b406fa02b570110d823cb3f820341db0aa9c3ee3b41bea89cecd7c
198ff02337b5b54d784e382a3844eb37b8825808a7b8a93c4f4540eb9151c49f
1b2570b2c1c7f3f7de1bfcaad9feadc62680b4f35f45f3e5f5b819139e2b2fa9
23ae78c733e2ee6b585a04d5f8907ec2e1f6267a0028f76e3ddb3abb688ff6af
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
2c32949b380a8e2de4d20de669d0573ba34d27f172a459886d434512fa2781cd
2c5fdc45e64972ceabb514d7a64b858da644a27969f54e09cb67e37def21aa88
2d7de4e163aa948cd78502140dc4e7056b9c4b557662d863c9e44166716d75c2
2dea4035f77031a35f930dd5ffd12db5f5cab458f69272c07d8968e1d289a247
38df9aa57ca1d88dfa9deeba2920c3c31a4b35a1d95ceb8bb6027b6ccb9d17b6
3b0a585ef0d7a06ed38fd133e0fdcf28cd5c2f9f2ac40114580f1dce13498123
3bf44c6e08409fa80eefce121e3a80ac3ad64ee7301f4a9e597302c09b40d357
4001801efe6e7c95a2f7d9f4631bc93b44115b5b543a0f2dee838e4ae915f50c
4d20f3d941ac9828ed48f9424e249fba0939dc62e99875ae214e85de9886b62d
5453169a5cb26640d1dc743c8f279ba070d8d689e0e8aa7cc11cfbdc6ee16973
5bebc5e1fb4b8c153374eae8c1108ec6e2da9ca151383c4b9d04a8177a6e807d
5c11a0405bfcca07e1a05baa52631f30ac97b8dba84e6fc2e92dfda853303291
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bd0aebe6c69ac5a983ab307835db249ca5c2c24737e41e51c8597222c38a698
6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38
6ce31b549538b4681b35820b85353612afd5c8de7c1dbb5d0e4bcd12617f49dd
6e3fd3c3fedec9fded5a9493a3d261dc1e140e2bf77ba10b8f07242414a03bad
721a189a9c60face50cf0de14de75dfb580b0605ee9c4da7bc43ddc80a6bab5f
76916ae7f993f7335f769bd7c3839aa73474d34dcb1abc181c5855da64766d6b
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
7824fc6371418aa2cfdb8dc6719e49472d6a667f7fa58943886d33729674705e
80d04a9018987b4cc89c281142cba5e7ef9f8771d90a1d9631fe03cc536f8cce
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
887baddcc8933010b0971248b88b622b16f90d25498343f54f9dc5f987c94bc7
8ed1c626af66981552aac1e9cd693fb3bbf73411f1af5ad340723545258fab7e
927658fe940c899225567ad7885c40a7871dee09c2b9f00d31f7ca62d1f424fc
948d25dc34ee935a5254468691714c9f2e53a2927652a077c2ca84cb03fa4895
94f8c91025f076d66036a765a398e324f9062da8bf9fc64e5d39ae414724c06f
9514372ab8ac313ea8019966fdcfe91b201c3aa69f92de8346ab34af461bbad2
98b24dfd7d60633bf4763d1dbc6f3d76cb99e681bb89647bc796cdeb552ff381
992052b3f5033727a2aa70a6d5b4acf2012f63a951e528fc4675307414fff6e7
a1227d7bc0b5ceaf04786c23475fa84978830b99c515dd171f0a5edc886a6ba4
a68ffe40a7237a1f9dc253209ccc3705ad3fdc6adcad7309f5b7556310fc9e19
a80283a2a54ea158b37690f2c26663c329737910163b122fed2c5766c9b95962
ab36bbc8f9e1c1ad1b24e177048da7ad90d708d14b0fe8389b7f23627717c8c7
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b39ab96645cc2d45836805757e2559d9782041a0ebd165afb4a6e0facfd9ab86
b42a5a1572709ad1266ca1096a4b8b96d8f25c3be2bf0959e610942b73f07466
bb8007225d94a099cddbade7ea904667c0dd0b68d5e30778e5c6257589ab94d1
d6b9cb032d1b63307d9fd9514153a94e7c2e207d1adb772ba6c162081e8c0655
d7ef969391222b77140bd0a54be9fd5f4522fd8dc1d947e19bed2d7c67c66d3a
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e01c0ad98f69c0c8fd4e3115c9e9535032cbf37b902a294948b79c3038a4dd27
ee4fa9595606f0ae1663e33ff728671f8a9059da4664697e0d597cb45c760f54
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0789a7e672c5ad424681e3500741375662a7b54cac83eee91e5385f55a4619a
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f619dac7a65a742377859042634f38d1ac996ee20c2897bc5e73befb52957743
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f92407968879dbd57c789f6e29f6774d13eaf9a48319be842ed5b6731d9201f7
fd3fad3e15262b0e096e7d7cc57efd2e684a679ccacb704d94542ba3d7d93d17

view.ceros.com Open in urlscan Pro 2606:4700:4400::6812:28fc Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

72 Requests

97 %HTTPS

71 %IPv6

12 Domains

17 Subdomains

17 IPs

2 Countries

1936 kBTransfer

6695 kBSize

6 Cookies

2 Outgoing links

Page URL History

Redirected requests

72 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

view.ceros.com Open in urlscan Pro
2606:4700:4400::6812:28fc Public Scan

Screenshot
Live screenshot

Full Image

72
Requests

97 %
HTTPS

71 %
IPv6

12
Domains

17
Subdomains

17
IPs

2
Countries

1936 kB
Transfer

6695 kB
Size

6
Cookies

72 HTTP transactions
1 data transactions