nationalpost.com Open in urlscan Pro
34.111.249.109  Public Scan

53 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67

• https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=a64e3e75-56ca-4651-bcf4-04a0da765a39 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=a64e3e75-56ca-4651-bcf4-04a0da765a39&google_tc= HTTP 302
• https://googlesync.permutive.com/v2.0/px/sync?alias=CAESECodXaETuI-In2zuZX-qqaw&error=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=a64e3e75-56ca-4651-bcf4-04a0da765a39&google_cver=1

Request Chain 68

• https://gum.criteo.com/sid/json?origin=publishertag&domain=nationalpost.com&sn=ChromeSyncframe&so=0&topUrl=nationalpost.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
• https://mug.criteo.com/sid?cpp=EDLmM3wwZXEwR2kzZ2FWemxDakoxWHJsRzcvTW10UjI4VXE1MW5xM3cxTkNBM1JHSFk2ZmlEN21KYlQrUHZBQkpkbVV5czNuSUZ5RW9jRVE5Njc4SWdMS3VPOXpJcGRJTnlqQUhsamMreFBQVW9vOVB2bXFjM09PbFh6RFVxVmN4WVlSSTJCbkN3dlhzZUZRYzZLdFhUUGhxcmowMGpMUTlYY3V2dXAvelhlTDd1ZytYSFhCUWprbUFSTkQ1S2xaRzJqVVNMbXErdm9uVWRwbTJTOEdLcC9lOHdxR3c1ckJDQkVDMlBWN2FSKzZ4U0JlSURTbGVLRVRKYzlrS0Z1S0cwT25ROERpS1B1Z3RKanVYTDA2endkRlppUT09fA&cppv=2

Request Chain 98

• https://sb.scorecardresearch.com/c2/10276888/cs.js HTTP 302
• https://sb.scorecardresearch.com/internal-c2/default/cs.js

142 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	404	Primary Request rights-activists-skeptical-as-canadian-fashion-brands-carefully-deny-usingchina-forced-labour Show response nationalpost.com/news/canada/	344 KB 68 KB	1456ms 1264ms	Document text/html	34.111.249.109 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://nationalpost.com/news/canada/rights-activists-skeptical-as-canadian-fashion-brands-carefully-deny-usingchina-forced-labour Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.111.249.109 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 109.249.111.34.bc.googleusercontent.com Software nginx/1.14.2 / Resource Hash 0e41a09bb5716c56654a3fbf23623f9894c5ca2f9ea7c25557efdfa431b8fe1d Security Headers Name Value Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-dynamic' 'unsafe-inline' data: blob: X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding gzip content-security-policy default-src * 'unsafe-eval' 'unsafe-dynamic' 'unsafe-inline' data: blob: content-type text/html; charset=utf-8 date Sat, 29 Oct 2022 04:09:23 GMT permissions-policy autoplay=(*), camera=(*), display-capture=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), microphone=(*), payment=(*) referrer-policy strict-origin-when-cross-origin server nginx/1.14.2 vary Accept-Encoding Accept-Encoding via 1.1 google x-content-type-options nosniff x-frame-options SAMEORIGIN x-pmd-backend cheetah-nginx pmd-nginx-proxy-c7db8d578-fqhbb
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	80 KB 27 KB	160ms 50ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: nationalpost.com URL: https://nationalpost.com/news/canada/rights-activists-skeptical-as-canadian-fashion-brands-carefully-deny-usingchina-forced-labour Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 075f0b96d3f5faf88ceadde797d80b24f65331ed73b6787306aad4823b6c16b8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 04:09:23 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 27393 x-xss-protection 0 server sffe etag "1377 / 670 of 1000 / last-modified: 1666994710" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Sat, 29 Oct 2022 04:09:23 GMT
GET H2	200	184635-225789216445563.js Show response js-sec.indexww.com/ht/p/	180 KB 45 KB	67ms 23ms	Script text/javascript	104.18.12.76 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-sec.indexww.com/ht/p/184635-225789216445563.js Requested by Host: nationalpost.com URL: https://nationalpost.com/news/canada/rights-activists-skeptical-as-canadian-fashion-brands-carefully-deny-usingchina-forced-labour Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.12.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3c74ef042bfcf702752741a8c0fd1e1f8c691dc3b270a2c2f1739365596dc71c Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 04:09:23 GMT content-encoding gzip cf-cache-status HIT last-modified Sat, 29 Oct 2022 04:06:03 GMT server cloudflare age 164 etag W/"7635ed-2d156-5ec247e288cab" vary Accept-Encoding content-type text/javascript p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" edge-control cache-maxage=1h cache-control public, max-age=14400 cf-ray 76190e346bc79090-FRA expires Sat, 29 Oct 2022 08:09:23 GMT
GET H2	200	publishertag.js Show response static.criteo.net/js/ld/	121 KB 40 KB	61ms 19ms	Script text/javascript	2a02:2638::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.js Requested by Host: nationalpost.com URL: https://nationalpost.com/news/canada/rights-activists-skeptical-as-canadian-fashion-brands-carefully-deny-usingchina-forced-labour Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 87f31cded62015a1d11cce6be7a32b77405de2fb36f4b8a7c2c5a4ccabd6a403 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 04:09:23 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Mon, 24 Oct 2022 11:21:19 GMT server nginx etag W/"6356752f-1e444" content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Sun, 30 Oct 2022 04:09:23 GMT
GET H2	200	aax.js Show response c.aaxads.com/	396 KB 113 KB	97ms 45ms	Script text/javascript	96.16.146.231 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://c.aaxads.com/aax.js?pub=AAX24X4M7&hst=nationalpost.com&ver=1.2 Requested by Host: nationalpost.com URL: https://nationalpost.com/news/canada/rights-activists-skeptical-as-canadian-fashion-brands-carefully-deny-usingchina-forced-labour Protocol H2 Security TLS 1.3, , AES_256_GCM Server 96.16.146.231 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a96-16-146-231.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 937673cb4243a3222825e9a9b9da7132ee85d24c7c275e723a9d4f86b4426ea3 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers strict-transport-security max-age=604800 content-encoding gzip date Sat, 29 Oct 2022 04:09:23 GMT server Apache vary Accept-Encoding x-mnet-h E content-type text/javascript; charset=utf-8 cache-control max-age=1800 expires Sat, 29 Oct 2022 04:39:23 GMT
GET H2	200	apstag.js Show response c.amazon-adsystem.com/aax2/	177 KB 44 KB	102ms 20ms	Script application/javascript	65.9.97.56 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/aax2/apstag.js Requested by Host: nationalpost.com URL: https://nationalpost.com/news/canada/rights-activists-skeptical-as-canadian-fashion-brands-carefully-deny-usingchina-forced-labour Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.97.56 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-97-56.prg50.r.cloudfront.net Software AmazonS3 / Resource Hash 6952d75a2aaa80c38068102af0b81541c127ce80a62b183f9a6d4197a4c2e31f Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 03:18:07 GMT content-encoding gzip via 1.1 a49c26e403f2dac09629dceb6dac5740.cloudfront.net (CloudFront), 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront) last-modified Wed, 26 Oct 2022 19:24:52 GMT server AmazonS3 x-amz-cf-pop FRA60-P1, PRG50-C1 age 3077 x-amz-server-side-encryption AES256 etag W/"95738dd931cd70a132d12a456f44b79f" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control public, max-age=3600 x-amz-cf-id zJAqcr_OEc227euKjIv1Lxv-R9KHolleRQ8vaqNNN6uFyprPWnDRdA==
GET H/1.1	200 OK	iasPET.1.js Show response cdn.adsafeprotected.com/	22 KB 7 KB	109ms 25ms	Script application/javascript	65.9.95.26 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.adsafeprotected.com/iasPET.1.js Requested by Host: nationalpost.com URL: https://nationalpost.com/news/canada/rights-activists-skeptical-as-canadian-fashion-brands-carefully-deny-usingchina-forced-labour Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 65.9.95.26 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-95-26.prg50.r.cloudfront.net Software AmazonS3 / Resource Hash 2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9 Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Sun, 23 Oct 2022 10:50:46 GMT Content-Encoding gzip Via 1.1 97101640da3dcba7a2d4a3d67a31b114.cloudfront.net (CloudFront) Last-Modified Wed, 02 Jun 2021 17:38:57 GMT Server AmazonS3 X-Amz-Cf-Pop PRG50-C1 Age 494318 ETag W/"51636de3ce868a2172f9e6996c2934e0" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript X-Cache Hit from cloudfront Cache-Control max-age=604800 Connection keep-alive X-Amz-Cf-Id o0THZosABhipILQlIaV1sxJURrTTnnuMuCz_D0lOoKbrQBTGc2F5AQ==
GET H2	200	css fonts.googleapis.com/	8 KB 1 KB	159ms 55ms	Stylesheet text/css	2a00:1450:4001:830::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=PT+Sans:700%7CPT+Serif:400,700%7CRoboto:400,700&display=swap Requested by Host: nationalpost.com URL: https://nationalpost.com/news/canada/rights-activists-skeptical-as-canadian-fashion-brands-carefully-deny-usingchina-forced-labour Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f6188add36e8cf36585300840eade35fea02cbcd9a512cce7db22fe89f8e14eb Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 29 Oct 2022 04:09:23 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sat, 29 Oct 2022 02:56:07 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 29 Oct 2022 04:09:23 GMT
GET H2	200	LoginRadiusV2.js Show response auth.lrcontent.com/v2/js/	199 KB 46 KB	55ms 14ms	Script application/javascript	2606:4700:10::6816:49e8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://auth.lrcontent.com/v2/js/LoginRadiusV2.js Requested by Host: nationalpost.com URL: https://nationalpost.com/news/canada/rights-activists-skeptical-as-canadian-fashion-brands-carefully-deny-usingchina-forced-labour Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:49e8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 68a335c0d87dce935fee1811892070e78c514828d50bfe2ae21fde739ec1002c Security Headers Name Value Strict-Transport-Security max-age= 63072000; includeSubdomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 04:09:23 GMT strict-transport-security max-age= 63072000; includeSubdomains; preload via 1.1 823a9a919078d4b0125429d17ecbf27a.cloudfront.net (CloudFront) cf-cache-status HIT content-encoding gzip age 1815 x-amz-cf-pop HEL51-P2 cf-polished origSize=1238069 x-cache Hit from cloudfront cf-bgj minify last-modified Mon, 13 Dec 2021 05:19:58 GMT server cloudflare etag W/"ae3463c4a59ae100b160ed4dd5dbf4b8" vary Accept-Encoding content-type application/javascript cache-control max-age=14400 cf-ray 76190e346eb5bbf8-FRA x-amz-cf-id 0ThjkgWOGM06ufcrZsX29rj3zOj7BtZQXcqq998gIj3Iir0rm2cPRQ==
GET H2	200	spm.v1.min.js Show response ak.sail-horizon.com/spm/	124 KB 44 KB	108ms 24ms	Script application/javascript	65.9.95.46 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ak.sail-horizon.com/spm/spm.v1.min.js Requested by Host: nationalpost.com URL: https://nationalpost.com/news/canada/rights-activists-skeptical-as-canadian-fashion-brands-carefully-deny-usingchina-forced-labour Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.95.46 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-95-46.prg50.r.cloudfront.net Software AmazonS3 / Resource Hash a8236998816487aa6623e3626d7cd50f395e3deee0732c33b150bec3cb81f9a3 Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 04:06:15 GMT content-encoding gzip via 1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront) last-modified Thu, 15 Sep 2022 23:20:31 GMT server AmazonS3 x-amz-cf-pop PRG50-C1 age 193 etag W/"97dd801dd26ae0172c7875245d92f506" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=600; must-revalidate x-amz-cf-id wDmMh-r4KtxwcOlkOX6gXXwzQgehxzyWObp27w5CsHnEKhjWRo0oaQ==
GET H2	200	fem.js Show response fem.gprod.postmedia.digital/v68.2/	289 KB 290 KB	138ms 34ms	Script application/javascript	34.117.54.29 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://fem.gprod.postmedia.digital/v68.2/fem.js Requested by Host: nationalpost.com URL: https://nationalpost.com/news/canada/rights-activists-skeptical-as-canadian-fashion-brands-carefully-deny-usingchina-forced-labour Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 29.54.117.34.bc.googleusercontent.com Software UploadServer / Resource Hash cb551b3fa2346a645fcec13d4c6898a42275496fdfd545d28fa1e83a685fb42a Request headers Referer https://nationalpost.com/ Origin https://nationalpost.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 03:15:53 GMT x-goog-meta-goog-reserved-file-mtime 1664979227 age 3210 x-guploader-uploadid ADPycdt9ZcEmSckrp7pMsqQmZ1Y4N9eLbeG12V3v9PAbQY7mT3HKsmRBC63NpXQjmPX9WAnCrYCUs9bcTAwcX6eM1Juo5A x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 295834 last-modified Wed, 05 Oct 2022 14:14:45 GMT server UploadServer etag "fb4dc24283456286a771c9780fa76f1c" x-goog-generation 1664979285401257 x-goog-hash crc32c=A96kSw==, md5=+03CQoNFYoanccl4D6dvHA== access-control-allow-origin * access-control-expose-headers Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=3600 x-cache-hit hit x-goog-stored-content-length 295834 accept-ranges bytes content-type application/javascript expires Sat, 29 Oct 2022 04:15:53 GMT
GET H2	200	advertising.js Show response www.npttech.com/	6 KB 3 KB	71ms 29ms	Script application/javascript	2606:4700:3032::ac43:bf95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.npttech.com/advertising.js Requested by Host: nationalpost.com URL: https://nationalpost.com/news/canada/rights-activists-skeptical-as-canadian-fashion-brands-carefully-deny-usingchina-forced-labour Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:bf95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1 Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 04:09:24 GMT x-amz-version-id AqISHxpKTQvORh8RqBdMoHK.Vq6tURDV content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id 1HG54BW8DR2HBXY9 age 2005 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-id-2 CY9kwsUpX5KGnvjk7FXj94hsNEH4tsix9oj3SH3hUi/zjpZoKD3zcAqDJsWEtMoIh1L7xE0XVS0= last-modified Tue, 18 Oct 2022 13:20:01 GMT server cloudflare etag W/"df0e1827cd8f289a645f38d8fecaf6e0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BYkgftjN%2BM3Ik2M37KFDT%2BByZd653UzU0bYW2WaaIQ7pYMAMebKAYkRUHAyMDppxcks0xDVJf32AG4tSzySM5n0LDPe5UfNy1WMJOcyuJu6k52w1moSqBnkDAtK4URvxLHdVsW6LNbzfWp6NTdE%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=28800 cf-ray 76190e3568bfbbd9-FRA
GET H2	200	icon-soc-ig-mono-rev.svg dcs-static.gprod.postmedia.digital/12.1.4/websites/images/share-icons/	1 KB 2 KB	128ms 31ms	Image image/svg+xml	34.117.54.29 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://dcs-static.gprod.postmedia.digital/12.1.4/websites/images/share-icons/icon-soc-ig-mono-rev.svg Requested by Host: nationalpost.com URL: https://nationalpost.com/news/canada/rights-activists-skeptical-as-canadian-fashion-brands-carefully-deny-usingchina-forced-labour Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 29.54.117.34.bc.googleusercontent.com Software UploadServer / Resource Hash 71f27f30bcea1929b2e4fb409abe0baf4029759e1deb3ee316e21016463dff61 Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 03:53:29 GMT x-goog-meta-goog-reserved-file-mtime 1665672993 age 955 x-guploader-uploadid ADPycdv8fDGPwmU4ghM36LikcO_v8ug5nZ-op8wx_Dnre3Lc7PjTEQoy1Yx4cXb11qrn_AOYyhXyMH2V5X8uWQ1-2WosUg x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1353 last-modified Mon, 17 Oct 2022 17:02:05 GMT server UploadServer etag "b9c985784130791835a08cc12884a71e" x-goog-generation 1666026125986678 x-goog-hash crc32c=FM0Iow==, md5=ucmFeEEweRg1oIzBKISnHg== access-control-allow-origin * content-type image/svg+xml cache-control public, max-age=3600 x-cache-hit hit x-goog-stored-content-length 1353 accept-ranges bytes expires Sat, 29 Oct 2022 04:53:29 GMT
GET H2	200	icon-soc-fb-mono-rev.svg dcs-static.gprod.postmedia.digital/12.1.4/websites/images/share-icons/	335 B 588 B	129ms 33ms	Image image/svg+xml	34.117.54.29 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://dcs-static.gprod.postmedia.digital/12.1.4/websites/images/share-icons/icon-soc-fb-mono-rev.svg Requested by Host: nationalpost.com URL: https://nationalpost.com/news/canada/rights-activists-skeptical-as-canadian-fashion-brands-carefully-deny-usingchina-forced-labour Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 29.54.117.34.bc.googleusercontent.com Software UploadServer / Resource Hash b969062e9d8f77e55dfc37bb35728e3401c636595aaf97e4e68ce300bfa2b293 Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 03:28:18 GMT x-goog-meta-goog-reserved-file-mtime 1665672993 age 2466 x-guploader-uploadid ADPycdv377aNINAezYzMacDKKgTYE2WsAYC-BCXMfn0wlso4YuetajQCLUJ1-zfmiwa94MlmWSBSYC39i--0-hl849Qaaw x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 335 last-modified Mon, 17 Oct 2022 17:02:05 GMT server UploadServer etag "12b149c777edf566e286ab1d5090c085" x-goog-generation 1666026125900798 x-goog-hash crc32c=c3M8/A==, md5=ErFJx3ft9WbihqsdUJDAhQ== access-control-allow-origin * content-type image/svg+xml cache-control public, max-age=3600 x-cache-hit hit x-goog-stored-content-length 335 accept-ranges bytes expires Sat, 29 Oct 2022 04:28:18 GMT
GET H2	200	icon-soc-yt-mono-rev.svg dcs-static.gprod.postmedia.digital/12.1.4/websites/images/share-icons/	473 B 753 B	128ms 32ms	Image image/svg+xml	34.117.54.29 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://dcs-static.gprod.postmedia.digital/12.1.4/websites/images/share-icons/icon-soc-yt-mono-rev.svg Requested by Host: nationalpost.com URL: https://nationalpost.com/news/canada/rights-activists-skeptical-as-canadian-fashion-brands-carefully-deny-usingchina-forced-labour Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 29.54.117.34.bc.googleusercontent.com Software UploadServer / Resource Hash 8693aa2d6442bba7224236e021765c95fe40f7cfc6b6c9afd8c717c665f8a365 Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 03:42:14 GMT x-goog-meta-goog-reserved-file-mtime 1665672993 age 1630 x-guploader-uploadid ADPycduN4gAm4A86DialMs_uPB48S-FE5pMaYtlgcJrz0_WoQDLe_Lw5DMt2_2-qr2XrK7LY600NWXBmk9ZsuKHA1lqyv0m0PluC x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 473 last-modified Mon, 17 Oct 2022 17:02:06 GMT server UploadServer etag "3fabf226ea91f1c5450a49fad2d66448" x-goog-generation 1666026126207909 x-goog-hash crc32c=rjmEhA==, md5=P6vyJuqR8cVFCkn60tZkSA== access-control-allow-origin * content-type image/svg+xml cache-control public, max-age=3600 x-cache-hit hit x-goog-stored-content-length 473 accept-ranges bytes expires Sat, 29 Oct 2022 04:42:14 GMT
GET H2	200	icon-soc-tw-mono-rev.svg dcs-static.gprod.postmedia.digital/12.1.4/websites/images/share-icons/	898 B 1 KB	129ms 33ms	Image image/svg+xml	34.117.54.29 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://dcs-static.gprod.postmedia.digital/12.1.4/websites/images/share-icons/icon-soc-tw-mono-rev.svg Requested by Host: nationalpost.com URL: https://nationalpost.com/news/canada/rights-activists-skeptical-as-canadian-fashion-brands-carefully-deny-usingchina-forced-labour Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 29.54.117.34.bc.googleusercontent.com Software UploadServer / Resource Hash ca7bce9264a3918442d3e653b968361223ede24753232c713ead830aa5446722 Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 03:42:14 GMT x-goog-meta-goog-reserved-file-mtime 1665672993 age 1630 x-guploader-uploadid ADPycdv-ya5C4gyUdHsX5NdYcrQeVTnzWBXGlZwuVpMVhJjLE9f0fQJsYxcel51D9daOlz_Tg6QaZ1F7jhsbRZG_izV0nHhT293b x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 898 last-modified Mon, 17 Oct 2022 17:02:06 GMT server UploadServer etag "2a492f7362f1cb5f70d4561bc1e89353" x-goog-generation 1666026126093404 x-goog-hash crc32c=GNX3Cw==, md5=Kkkvc2Lxy19w1FYbweiTUw== access-control-allow-origin * content-type image/svg+xml cache-control public, max-age=3600 x-cache-hit hit x-goog-stored-content-length 898 accept-ranges bytes expires Sat, 29 Oct 2022 04:42:14 GMT
GET H2	200	shared.080e1ff83d5f.js Show response dcs-static.gprod.postmedia.digital/12.1.4/CACHE/js/	24 KB 24 KB	82ms 63ms	Script application/javascript	34.117.54.29 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://dcs-static.gprod.postmedia.digital/12.1.4/CACHE/js/shared.080e1ff83d5f.js Requested by Host: nationalpost.com URL: https://nationalpost.com/news/canada/rights-activists-skeptical-as-canadian-fashion-brands-carefully-deny-usingchina-forced-labour Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 29.54.117.34.bc.googleusercontent.com Software UploadServer / Resource Hash 588f30cce470d4b41e984dc80aba03763955e3f6e95326c5c2ab0140fd58eda8 Request headers Referer https://nationalpost.com/ Origin https://nationalpost.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 03:32:08 GMT x-goog-meta-goog-reserved-file-mtime 1665672990 age 2236 x-guploader-uploadid ADPycdtuhWi7L6d0h11cQPqiEKIL1aiUgiG6XWAtOTyzyU1J66zsF5gbBDveQfH4GZbqSz6-FuUAGr6BBzvq91XekxvdzulBCpWl x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24106 last-modified Mon, 17 Oct 2022 17:01:48 GMT server UploadServer etag "3382a760ef5a59dfcb67490fd2f25a13" x-goog-generation 1666026108830601 x-goog-hash crc32c=ejHkhQ==, md5=M4KnYO9aWd/LZ0kP0vJaEw== access-control-allow-origin * access-control-expose-headers Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=3600 x-cache-hit hit x-goog-stored-content-length 24106 accept-ranges bytes content-type application/javascript expires Sat, 29 Oct 2022 04:32:08 GMT
GET H2	200	main.ea896e2d9d40.js Show response dcs-static.gprod.postmedia.digital/12.1.4/CACHE/js/	107 KB 107 KB	87ms 69ms	Script application/javascript	34.117.54.29 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://dcs-static.gprod.postmedia.digital/12.1.4/CACHE/js/main.ea896e2d9d40.js Requested by Host: nationalpost.com URL: https://nationalpost.com/news/canada/rights-activists-skeptical-as-canadian-fashion-brands-carefully-deny-usingchina-forced-labour Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 29.54.117.34.bc.googleusercontent.com Software UploadServer / Resource Hash ea896e2d9d40ccdd7043192c7b1516e369a47df43f1863e3044f4e9aa73a6f31 Request headers Referer https://nationalpost.com/ Origin https://nationalpost.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 03:38:15 GMT x-goog-meta-goog-reserved-file-mtime 1665672990 age 1869 x-guploader-uploadid ADPycduJAYyPx8N6UCJgMgp1n7mgitdavhAC6sT-0-8euf1UBHur1W9JWN3uwiXZ6N8ItmyeXtri00Fi21_trSwUNmOmeUoKiEja x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 109204 last-modified Mon, 17 Oct 2022 17:01:48 GMT server UploadServer etag "1b312de25eaa475b77c7437f9aad2689" x-goog-generation 1666026108865837 x-goog-hash crc32c=zBB5gw==, md5=GzEt4l6qR1t3x0N/mq0miQ== access-control-allow-origin * access-control-expose-headers Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=3600 x-cache-hit hit x-goog-stored-content-length 109204 accept-ranges bytes content-type application/javascript expires Sat, 29 Oct 2022 04:38:15 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	125ms 35ms	Font font/woff2	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=PT+Sans:700%7CPT+Serif:400,700%7CRoboto:400,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://nationalpost.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Fri, 28 Oct 2022 13:14:53 GMT x-content-type-options nosniff age 53671 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 28 Oct 2023 13:14:53 GMT
GET H2	200	jizfRExUiTo99u79B_mh0O6tLQ.woff2 fonts.gstatic.com/s/ptsans/v17/	46 KB 46 KB	139ms 49ms	Font font/woff2	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=PT+Sans:700%7CPT+Serif:400,700%7CRoboto:400,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://nationalpost.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Fri, 28 Oct 2022 13:14:53 GMT x-content-type-options nosniff age 53671 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 47048 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:55:54 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 28 Oct 2023 13:14:53 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	213ms 123ms	Font font/woff2	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=PT+Sans:700%7CPT+Serif:400,700%7CRoboto:400,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://nationalpost.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Fri, 28 Oct 2022 05:09:29 GMT x-content-type-options nosniff age 82795 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15860 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 28 Oct 2023 05:09:29 GMT
GET H2	200	EJRVQgYoZZY2vCFuvAFWzr8.woff2 fonts.gstatic.com/s/ptserif/v17/	32 KB 32 KB	162ms 100ms	Font font/woff2	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/ptserif/v17/EJRVQgYoZZY2vCFuvAFWzr8.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=PT+Sans:700%7CPT+Serif:400,700%7CRoboto:400,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d355afb9705c3f8651f6a1f813b4670b758d59a17783830f534e7a8839c5b666 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://nationalpost.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Wed, 26 Oct 2022 19:33:36 GMT x-content-type-options nosniff age 203748 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 32900 x-xss-protection 0 last-modified Wed, 27 Apr 2022 15:44:11 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 26 Oct 2023 19:33:36 GMT
GET H2	200	postmedia-image-fallback.webp dcs-static.gprod.postmedia.digital/12.1.4/websites/images/	3 KB 3 KB	54ms 31ms	Image application/octet-stream	34.117.54.29 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://dcs-static.gprod.postmedia.digital/12.1.4/websites/images/postmedia-image-fallback.webp Requested by Host: nationalpost.com URL: https://nationalpost.com/news/canada/rights-activists-skeptical-as-canadian-fashion-brands-carefully-deny-usingchina-forced-labour Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 29.54.117.34.bc.googleusercontent.com Software UploadServer / Resource Hash 179c493864283938999b1e6cfb14839f78f9b25d1ec30faabbf9ea18216b23e5 Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 03:12:10 GMT x-goog-meta-goog-reserved-file-mtime 1665672992 age 3434 x-guploader-uploadid ADPycduIIhBzO0GiHyL4GNtI0vhq8wMSsOTJqAhNyGphs_8OSyx62Rde8QnWZ-CxTcIkQhZGLMKZXntOWLFM2_vBL-8zIVAh8_E8 x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2934 last-modified Mon, 17 Oct 2022 17:02:05 GMT server UploadServer etag "496f3aa3adffbf2280dd5f74fb6eef8f" x-goog-generation 1666026125746599 x-goog-hash crc32c=Qpf2ww==, md5=SW86o63/vyKA3V90+27vjw== access-control-allow-origin * content-type application/octet-stream cache-control public, max-age=3600 x-cache-hit hit x-goog-stored-content-length 2934 accept-ranges bytes expires Sat, 29 Oct 2022 04:12:10 GMT
GET H2	200	logo-footer-np.svg dcs-static.gprod.postmedia.digital/12.1.4/websites/images/np/	962 B 1 KB	426ms 403ms	Image image/svg+xml	34.117.54.29 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://dcs-static.gprod.postmedia.digital/12.1.4/websites/images/np/logo-footer-np.svg Requested by Host: nationalpost.com URL: https://nationalpost.com/news/canada/rights-activists-skeptical-as-canadian-fashion-brands-carefully-deny-usingchina-forced-labour Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 29.54.117.34.bc.googleusercontent.com Software UploadServer / Resource Hash 1b42dde75fd749c69f1c7605d64bce0e297a8995922e943a0d9fc788d11e6616 Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 04:09:24 GMT x-goog-meta-goog-reserved-file-mtime 1665672992 age 0 x-guploader-uploadid ADPycds6gE4G_fTCSJSdDfVIwyAim5WVK2lT5ZdR90tRpyVoWTEVLzD8P3OLl1umhosKbYJ_3LtPAikiZNvC9eDa72GIjw x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 962 last-modified Mon, 17 Oct 2022 17:02:04 GMT server UploadServer etag "afad061ee2fb0f354585cab75e040003" x-goog-generation 1666026124957617 x-goog-hash crc32c=IwBCgA==, md5=r60GHuL7DzVFhcq3XgQAAw== access-control-allow-origin * content-type image/svg+xml cache-control public, max-age=3600 x-cache-hit revalidated x-goog-stored-content-length 962 accept-ranges bytes expires Sat, 29 Oct 2022 05:09:24 GMT
GET H2	200	xd.html Show response fem.gprod.postmedia.digital/v68.2/ Frame 631F	165 B 467 B	37ms 30ms	Document text/html	34.117.54.29 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://fem.gprod.postmedia.digital/v68.2/xd.html Requested by Host: fem.gprod.postmedia.digital URL: https://fem.gprod.postmedia.digital/v68.2/fem.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 29.54.117.34.bc.googleusercontent.com Software UploadServer / Resource Hash ae99851c2155f70e14ca8a15656053501bda155abb120a0cdce1def653743a25 Request headers Referer https://nationalpost.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 1864 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=3600 content-length 165 content-type text/html date Sat, 29 Oct 2022 03:38:20 GMT etag "cbd63c00c44e595ab86471ef4675bdf5" expires Sat, 29 Oct 2022 04:38:20 GMT last-modified Wed, 05 Oct 2022 14:14:47 GMT server UploadServer x-cache-hit hit x-goog-generation 1664979287017626 x-goog-hash crc32c=lIaU5g== md5=y9Y8AMROWVq4ZHHvRnW99Q== x-goog-meta-goog-reserved-file-mtime 1664979227 x-goog-metageneration 1 x-goog-storage-class STANDARD x-goog-stored-content-encoding identity x-goog-stored-content-length 165 x-guploader-uploadid ADPycdvJhAqpjYnB81bHaswoh_yyOFtzBoT8VoKF5QC9c1sQHxPy2XO886fl9dd43c_tWCHTA8hRzON4-GvIOSrmMIvcrwTe7VNQ
OPTIONS H2	204	appInfo config.lrcontent.com/ciam/ Frame	0 0	121ms 44ms	Preflight	2606:4700:10::6816:48e8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://config.lrcontent.com/ciam/appInfo?apikey=1a9a7ccf-c3f1-4ec9-a65f-2c3e8d9510a5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:48e8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept */* Access-Control-Request-Headers x-requested-with Access-Control-Request-Method GET Origin https://nationalpost.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers access-control-allow-headers x-requested-with access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE access-control-allow-origin https://nationalpost.com allow GET, OPTIONS cf-cache-status DYNAMIC cf-ray 76190e36ccf45c85-FRA date Sat, 29 Oct 2022 04:09:24 GMT server cloudflare vary Origin
GET H2	200	23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js Show response 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/	350 KB 99 KB	67ms 35ms	Script application/javascript	2606:4700:4400::ac40:92f1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js Requested by Host: fem.gprod.postmedia.digital URL: https://fem.gprod.postmedia.digital/v68.2/fem.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:92f1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d42deaf7af54d64c35dae0e1de09f3f9e87a2dbdc6e0025f4e1ac180139ab5e7 Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 04:09:24 GMT content-encoding br cf-cache-status HIT x-goog-meta-oid 23dc09d6-b664-425a-a76e-0eed6a6cc102 age 2124 x-guploader-uploadid ADPycdv5v5J014OtYVop1PruwwUF-cC0y9rNqeOHqB27Rk_Kv4MZX7k25t-Ws1vSJGSvtN9EUIYqvwx1NiY3f6bvfA7h-Q x-goog-storage-class REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip last-modified Fri, 28 Oct 2022 19:28:08 GMT server cloudflare etag W/"a71d130da4e58d8c1096b6bc3503fea5" vary Accept-Encoding x-goog-generation 1666985288694572 content-type application/javascript x-goog-hash crc32c=Yb9p/A==, md5=px0TDaTljYwQlra8NQP+pQ== cache-control public, max-age=900 x-goog-stored-content-length 104703 cf-ray 76190e365a919bee-FRA expires Sat, 29 Oct 2022 04:24:24 GMT
GET H2	200	appInfo Show response config.lrcontent.com/ciam/	4 KB 1 KB	43ms 43ms	XHR application/json	2606:4700:10::6816:48e8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://config.lrcontent.com/ciam/appInfo?apikey=1a9a7ccf-c3f1-4ec9-a65f-2c3e8d9510a5 Requested by Host: auth.lrcontent.com URL: https://auth.lrcontent.com/v2/js/LoginRadiusV2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:48e8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bbe74c62945bca0d7d29f9784c7462326fb4f8100313f320468c67a947a267ad Request headers Referer https://nationalpost.com/ X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 04:09:24 GMT content-encoding gzip cf-cache-status DYNAMIC server cloudflare vary Origin access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE content-type application/json access-control-allow-origin https://nationalpost.com cache-control max-age=86400 cf-ray 76190e370d3f5c85-FRA
GET H2	200	9c9baa9c277a560b6ea0.js Show response fem.gprod.postmedia.digital/v68.2/chunks/	3 KB 3 KB	40ms 39ms	Script application/javascript	34.117.54.29 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://fem.gprod.postmedia.digital/v68.2/chunks/9c9baa9c277a560b6ea0.js Requested by Host: fem.gprod.postmedia.digital URL: https://fem.gprod.postmedia.digital/v68.2/fem.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 29.54.117.34.bc.googleusercontent.com Software UploadServer / Resource Hash 0c92a8a981ca46cfb88a56dd166b36bac275d9ae9ab5e3af1a2421b3603bc2a1 Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 03:44:26 GMT x-goog-meta-goog-reserved-file-mtime 1664979227 age 1498 x-guploader-uploadid ADPycdvI87rBxmar3rDj6dn5UjLuWAF-UVF6D8ZHClQUnzyj2Yp-5Nua0grfaPh0QGTZ-QM3RJ7P-CNaG6cG1-2ewvuMuA x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3199 last-modified Wed, 05 Oct 2022 14:14:44 GMT server UploadServer etag "8c26f3d8cc739eccd29c6c8cb09cc85b" x-goog-generation 1664979284605907 x-goog-hash crc32c=Rg/Ibw==, md5=jCbz2MxznszSnGyMsJzIWw== access-control-allow-origin * content-type application/javascript cache-control public, max-age=3600 x-cache-hit hit x-goog-stored-content-length 3199 accept-ranges bytes expires Sat, 29 Oct 2022 04:44:26 GMT
GET H2	200	pubads_impl_2022102501.js Show response securepubads.g.doubleclick.net/gpt/	378 KB 128 KB	39ms 38ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6e140393a5c564a0373f5af25fb31419454e956674534b4acee7822a5d1586b9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Fri, 28 Oct 2022 19:40:38 GMT content-encoding gzip x-content-type-options nosniff age 30526 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 130606 x-xss-protection 0 last-modified Tue, 25 Oct 2022 08:35:11 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Sat, 28 Oct 2023 19:40:38 GMT
GET H3	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	268 B 171 B	125ms 45ms	XHR application/json	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=nationalpost.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4a1d77b41d457c84fa6203df7050174f7860e5a1e81ca0c6a13cacf80935ac90 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 04:09:24 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 146 x-xss-protection 0 expires Sat, 29 Oct 2022 04:09:24 GMT
GET H2	200	rid Show response match.adsrvr.org/track/	63 B 390 B	113ms 32ms	XHR application/json	15.197.193.217 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=184635 Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/ht/p/184635-225789216445563.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 15.197.193.217 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a12b7a488abeaa9e4.awsglobalaccelerator.com Software / Resource Hash a94d01c701f94882605588c2253498c1cdaf93c4896c60ad233ab74f45910998 Request headers Referer https://nationalpost.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Sat, 29 Oct 2022 04:09:24 GMT x-aspnet-version 4.0.30319 vary Origin content-type application/json; charset=utf-8 access-control-allow-origin https://nationalpost.com cache-control private access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept content-length 63 expires Mon, 28 Nov 2022 04:09:24 GMT
GET H2	451	identity Show response api.rlcdn.com/api/	44 B 360 B	117ms 40ms	XHR text/plain	34.120.133.55 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.rlcdn.com/api/identity?pid=2&rt=envelope Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/ht/p/184635-225789216445563.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 55.133.120.34.bc.googleusercontent.com Software / Resource Hash da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://nationalpost.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Sat, 29 Oct 2022 04:09:24 GMT via 1.1 google x-content-type-options nosniff access-control-allow-methods GET, OPTIONS content-type text/plain; charset=utf-8 access-control-allow-origin https://nationalpost.com access-control-allow-credentials true access-control-allow-headers Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With content-length 44 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H2	200	pxusr.gif c.aaxads.com/	43 B 205 B	7ms 7ms	Image image/gif	96.16.146.231 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://c.aaxads.com/pxusr.gif Requested by Host: nationalpost.com URL: https://nationalpost.com/news/canada/rights-activists-skeptical-as-canadian-fashion-brands-carefully-deny-usingchina-forced-labour Protocol H2 Security TLS 1.3, , AES_256_GCM Server 96.16.146.231 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a96-16-146-231.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 04:09:24 GMT strict-transport-security max-age=604800 last-modified Mon, 26 Feb 2018 13:29:58 GMT server Apache content-type image/gif cache-control max-age=243671 accept-ranges bytes content-length 43 expires Mon, 31 Oct 2022 23:50:35 GMT
GET H/1.1	200 OK	pxext.gif www.aaxdetect.com/	43 B 343 B	50ms 7ms	Image image/gif	96.16.152.37 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.aaxdetect.com/pxext.gif Requested by Host: nationalpost.com URL: https://nationalpost.com/news/canada/rights-activists-skeptical-as-canadian-fashion-brands-carefully-deny-usingchina-forced-labour Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 96.16.152.37 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a96-16-152-37.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Unused62 8096267 Date Sat, 29 Oct 2022 04:09:24 GMT Last-Modified Mon, 26 Feb 2018 13:29:58 GMT Server Apache Content-Type image/gif Cache-Control max-age=1161173 Connection keep-alive Accept-Ranges bytes Content-Length 43 Expires Fri, 11 Nov 2022 14:42:17 GMT
GET H2	200	config Show response c.amazon-adsystem.com/cdn/prod/	248 B 604 B	37ms 36ms	XHR application/json	65.9.97.56 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/cdn/prod/config?src=3528&u=https%3A%2F%2Fnationalpost.com Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.97.56 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-97-56.prg50.r.cloudfront.net Software Server / Resource Hash 7beb96ef759b267b4159270a64ca009646a2e9a725882896b3dd431198b92058 Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 01:36:21 GMT via 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront) server Server x-amz-cf-pop PRG50-C1 age 9182 x-cache Hit from cloudfront content-type application/json;charset=UTF-8 access-control-allow-origin https://nationalpost.com cache-control max-age=21550, s-maxage=21600 access-control-allow-credentials true content-length 248 x-amz-cf-id ske8JbdO-j7imCwwsXcl9JNVOWMlpSsgK05h1H6IgTjGkKiZ5-ZFIA==
GET H2	200	aps_csm.js Show response c.amazon-adsystem.com/bao-csm/aps-comm/	6 KB 3 KB	63ms 21ms	XHR application/javascript	65.9.97.56 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.97.56 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-97-56.prg50.r.cloudfront.net Software AmazonS3 / Resource Hash 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844 Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers x-amz-version-id GByBGE9Pk5QvO6waz.2OH5fe1oGEkMED content-encoding gzip via 1.1 2a5c925255bb252ff0ed65977311f74e.cloudfront.net (CloudFront) date Fri, 28 Oct 2022 20:01:44 GMT x-amz-cf-pop PRG50-C1 age 45080 x-cache Hit from cloudfront last-modified Fri, 21 Oct 2022 19:58:26 GMT server AmazonS3 etag W/"a4d296427fc806b21335359e398c025c" access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control public, max-age=86400 vary Accept-Encoding,Origin x-amz-cf-id 8taaOx55mHMTDjMt7_agN4bbTXU2fI4S2d3HzjKvcoy7CMSUZp0nPA==
GET H3	200	xd.js Show response fem.gprod.postmedia.digital/v68.2/ Frame 631F	51 KB 51 KB	31ms 30ms	Script application/javascript	34.117.54.29 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://fem.gprod.postmedia.digital/v68.2/xd.js Requested by Host: fem.gprod.postmedia.digital URL: https://fem.gprod.postmedia.digital/v68.2/xd.html Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 29.54.117.34.bc.googleusercontent.com Software UploadServer / Resource Hash f44091e689c0a3cc077f563375c572805cc30eb6bbf234022ec490488696010a Request headers accept-language de-DE,de;q=0.9 Referer https://fem.gprod.postmedia.digital/v68.2/xd.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 04:04:11 GMT x-goog-meta-goog-reserved-file-mtime 1664979227 age 313 x-guploader-uploadid ADPycdskad2LdINa7q_PRu9RQeCpyfXRdGtPGAXuNES3xzrFUYuqWg01VBDk8eBrjyMb7WVtHOp8gzYjswOdv7KQ0nTMM9rDK0kC x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 51818 last-modified Wed, 05 Oct 2022 14:14:47 GMT server UploadServer etag "5936294c776b1ebec67766e99fd4802c" x-goog-generation 1664979287085854 x-goog-hash crc32c=uzLZuQ==, md5=WTYpTHdrHr7Gd2bpn9SALA== access-control-allow-origin * content-type application/javascript cache-control public, max-age=3600 x-cache-hit hit x-goog-stored-content-length 51818 accept-ranges bytes expires Sat, 29 Oct 2022 05:04:11 GMT
GET H3	200	44fadb2e016752bbc2bd0.js Show response dcs-static.gprod.postmedia.digital/12.1.4/websites/js/	7 KB 7 KB	52ms 51ms	Script application/javascript	34.117.54.29 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://dcs-static.gprod.postmedia.digital/12.1.4/websites/js/44fadb2e016752bbc2bd0.js Requested by Host: dcs-static.gprod.postmedia.digital URL: https://dcs-static.gprod.postmedia.digital/12.1.4/CACHE/js/shared.080e1ff83d5f.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 29.54.117.34.bc.googleusercontent.com Software UploadServer / Resource Hash 8512a94c30dc7fda4931ae11fc195ee3f2cbad5dff1dc2567cf3725c33093b2d Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 03:27:36 GMT x-goog-meta-goog-reserved-file-mtime 1665672994 age 2508 x-guploader-uploadid ADPycdtveaa_17Z3AsEWaab-8kmWM8ksJyqyXlZzH8cZSBQw9JrF6rgHtEQezeVapN26BshZjD_cvYK1DVWtUtmvPPUtOg x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7123 last-modified Mon, 17 Oct 2022 17:02:11 GMT server UploadServer etag "17eaf306b1554c518adf25a681d7b0f2" x-goog-generation 1666026131851501 x-goog-hash crc32c=WGhHWA==, md5=F+rzBrFVTFGK3yWmgdew8g== access-control-allow-origin * content-type application/javascript cache-control public, max-age=3600 x-cache-hit hit x-goog-stored-content-length 7123 accept-ranges bytes expires Sat, 29 Oct 2022 04:27:36 GMT
GET H3	200	a2ab544ae6c48636370816.js Show response dcs-static.gprod.postmedia.digital/12.1.4/websites/js/	10 KB 10 KB	53ms 51ms	Script application/javascript	34.117.54.29 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://dcs-static.gprod.postmedia.digital/12.1.4/websites/js/a2ab544ae6c48636370816.js Requested by Host: dcs-static.gprod.postmedia.digital URL: https://dcs-static.gprod.postmedia.digital/12.1.4/CACHE/js/shared.080e1ff83d5f.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 29.54.117.34.bc.googleusercontent.com Software UploadServer / Resource Hash d47f317138ec8083450b63c742957db8398eb19bae70913819b81dda472b6283 Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 03:40:53 GMT x-goog-meta-goog-reserved-file-mtime 1665672993 age 1711 x-guploader-uploadid ADPycdtVQgoj-qg5lsoO__FqYZHmFSsnuD0L0YNagvyyweJJaC1ZkaiPSYcBQTAiGTkkBPsPBiHbxxTymHTooFc2QQeYBg x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 10244 last-modified Mon, 17 Oct 2022 17:02:15 GMT server UploadServer etag "865d805f405db9b3e24e2e196b221c77" x-goog-generation 1666026135546895 x-goog-hash crc32c=ghE54w==, md5=hl2AX0BdubPiTi4ZayIcdw== access-control-allow-origin * content-type application/javascript cache-control public, max-age=3600 x-cache-hit hit x-goog-stored-content-length 10244 accept-ranges bytes expires Sat, 29 Oct 2022 04:40:53 GMT
GET H3	200	7448bbfb433e588899f11.js Show response dcs-static.gprod.postmedia.digital/12.1.4/websites/js/	16 KB 16 KB	53ms 51ms	Script application/javascript	34.117.54.29 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://dcs-static.gprod.postmedia.digital/12.1.4/websites/js/7448bbfb433e588899f11.js Requested by Host: dcs-static.gprod.postmedia.digital URL: https://dcs-static.gprod.postmedia.digital/12.1.4/CACHE/js/shared.080e1ff83d5f.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 29.54.117.34.bc.googleusercontent.com Software UploadServer / Resource Hash 32df43a530d768d4483680f784fd97eb35f86cdc3086ea546f186254e99dac6c Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 03:58:21 GMT x-goog-meta-goog-reserved-file-mtime 1665672993 age 663 x-guploader-uploadid ADPycdtPLiQowqbYndkp60Eizqg0WB-_gj8I7oQdPQiZsxqSWMm-JAxKaxgqhlqwRw08I3pK2-UpFykXe87rIHRa8swBV4flNC-2 x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16335 last-modified Mon, 17 Oct 2022 17:02:13 GMT server UploadServer etag "844dce4c9dfa4a31e3114455b1956875" x-goog-generation 1666026133765470 x-goog-hash crc32c=qnB/Gw==, md5=hE3OTJ36SjHjEURVsZVodQ== access-control-allow-origin * content-type application/javascript cache-control public, max-age=3600 x-cache-hit hit x-goog-stored-content-length 16335 accept-ranges bytes expires Sat, 29 Oct 2022 04:58:21 GMT
GET H3	200	3925d2ee8908d985b3272.js Show response dcs-static.gprod.postmedia.digital/12.1.4/websites/js/	51 KB 51 KB	58ms 57ms	Script application/javascript	34.117.54.29 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://dcs-static.gprod.postmedia.digital/12.1.4/websites/js/3925d2ee8908d985b3272.js Requested by Host: dcs-static.gprod.postmedia.digital URL: https://dcs-static.gprod.postmedia.digital/12.1.4/CACHE/js/shared.080e1ff83d5f.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 29.54.117.34.bc.googleusercontent.com Software UploadServer / Resource Hash dae6f542fa2ee873b80e056bcd4c807f9d0a4fb86da790e74debb09c8a04cb93 Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 03:44:02 GMT x-goog-meta-goog-reserved-file-mtime 1665672994 age 1522 x-guploader-uploadid ADPycdu-qVBuNollxywErhVSs9CiIC4ZpstbZcJNt43KeUT8S-ghPEn5QKVBaphlszaQ5-qcwlYQLSR10-NyPlcEQxaYOg x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 52614 last-modified Mon, 17 Oct 2022 17:02:11 GMT server UploadServer etag "e6cf941211a6e40dfe1756d9dccad449" x-goog-generation 1666026131495525 x-goog-hash crc32c=Jcv5fA==, md5=5s+UEhGm5A3+F1bZ3MrUSQ== access-control-allow-origin * content-type application/javascript cache-control public, max-age=3600 x-cache-hit hit x-goog-stored-content-length 52614 accept-ranges bytes expires Sat, 29 Oct 2022 04:44:02 GMT
GET H3	200	5f54a515a11c045d21db9.js Show response dcs-static.gprod.postmedia.digital/12.1.4/websites/js/	12 KB 12 KB	53ms 52ms	Script application/javascript	34.117.54.29 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://dcs-static.gprod.postmedia.digital/12.1.4/websites/js/5f54a515a11c045d21db9.js Requested by Host: dcs-static.gprod.postmedia.digital URL: https://dcs-static.gprod.postmedia.digital/12.1.4/CACHE/js/shared.080e1ff83d5f.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 29.54.117.34.bc.googleusercontent.com Software UploadServer / Resource Hash 0b5bcd5e455fe140dfa582f1f66284a5af4f1de829a3341cca1720cc6b02d8ad Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 03:16:55 GMT x-goog-meta-goog-reserved-file-mtime 1665672994 age 3149 x-guploader-uploadid ADPycdvNocsmDPKnmQGRonZXympeXWyvXLKnpO4QWLyB_Vjj1A5ZieNlKBzBqS5qZAx8-p3yl5cdlDlWYvjkZursOg78mwl19-Py x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11948 last-modified Mon, 17 Oct 2022 17:02:12 GMT server UploadServer etag "573821eee93af18fd784db707425fab0" x-goog-generation 1666026132894633 x-goog-hash crc32c=Pbs9ng==, md5=Vzgh7uk68Y/XhNtwdCX6sA== access-control-allow-origin * content-type application/javascript cache-control public, max-age=3600 x-cache-hit hit x-goog-stored-content-length 11948 accept-ranges bytes expires Sat, 29 Oct 2022 04:16:55 GMT
GET H3	200	c2a48fed442a0877888932.js Show response dcs-static.gprod.postmedia.digital/12.1.4/websites/js/	5 KB 5 KB	75ms 74ms	Script application/javascript	34.117.54.29 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://dcs-static.gprod.postmedia.digital/12.1.4/websites/js/c2a48fed442a0877888932.js Requested by Host: dcs-static.gprod.postmedia.digital URL: https://dcs-static.gprod.postmedia.digital/12.1.4/CACHE/js/shared.080e1ff83d5f.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 29.54.117.34.bc.googleusercontent.com Software UploadServer / Resource Hash 6e3717c11e421a2267e1ab728461aeed493cbfdfe18e0448895effd0ec2454c2 Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 03:41:42 GMT x-goog-meta-goog-reserved-file-mtime 1665672994 age 1662 x-guploader-uploadid ADPycduSEw6MCCXHFmZ-8dnFnTuhTeFSNO8xqeph4hP6PXUIa1gOWashdv5wRzZ0pUD8uPuNw7VdBhLSw9SZBfdyiPj1CQ x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4731 last-modified Mon, 17 Oct 2022 17:02:16 GMT server UploadServer etag "dc3bc4a484961daf4f3c08f808b24994" x-goog-generation 1666026136368950 x-goog-hash crc32c=7fNu8A==, md5=3DvEpISWHa9PPAj4CLJJlA== access-control-allow-origin * content-type application/javascript cache-control public, max-age=3600 x-cache-hit hit x-goog-stored-content-length 4731 accept-ranges bytes expires Sat, 29 Oct 2022 04:41:42 GMT
GET H3	200	a7d51c8530302bc08dfa7.js Show response dcs-static.gprod.postmedia.digital/12.1.4/websites/js/	21 KB 21 KB	75ms 75ms	Script application/javascript	34.117.54.29 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://dcs-static.gprod.postmedia.digital/12.1.4/websites/js/a7d51c8530302bc08dfa7.js Requested by Host: dcs-static.gprod.postmedia.digital URL: https://dcs-static.gprod.postmedia.digital/12.1.4/CACHE/js/shared.080e1ff83d5f.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 29.54.117.34.bc.googleusercontent.com Software UploadServer / Resource Hash bf7b6275d2a54599893fded12ba1bd7f0c96495c01fe6cac2322bc0c2382b4ff Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 03:22:00 GMT x-goog-meta-goog-reserved-file-mtime 1665672994 age 2844 x-guploader-uploadid ADPycdtPZY2Sy3kkFgnKl_4Xou-Kgp2ubbtw1f2aRsIys7HisQV4xiI3Hy-R_hiCEneLEoq5st8diljUVHMWrgjvt0o8gA x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 21144 last-modified Mon, 17 Oct 2022 17:02:15 GMT server UploadServer etag "437ef1f44a5266e3593d674096452d11" x-goog-generation 1666026135628654 x-goog-hash crc32c=I99Qgg==, md5=Q37x9EpSZuNZPWdAlkUtEQ== access-control-allow-origin * content-type application/javascript cache-control public, max-age=3600 x-cache-hit hit x-goog-stored-content-length 21144 accept-ranges bytes expires Sat, 29 Oct 2022 04:22:00 GMT
GET H3	200	0b1154d774bfa95dd27717.js Show response dcs-static.gprod.postmedia.digital/12.1.4/websites/js/	53 KB 54 KB	75ms 75ms	Script application/javascript	34.117.54.29 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://dcs-static.gprod.postmedia.digital/12.1.4/websites/js/0b1154d774bfa95dd27717.js Requested by Host: dcs-static.gprod.postmedia.digital URL: https://dcs-static.gprod.postmedia.digital/12.1.4/CACHE/js/shared.080e1ff83d5f.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 29.54.117.34.bc.googleusercontent.com Software UploadServer / Resource Hash d0f488f1761405c4d104ab6afb960dd43df877df95c3d3efc1d14a42376645ca Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 03:13:04 GMT x-goog-meta-goog-reserved-file-mtime 1665672993 age 3380 x-guploader-uploadid ADPycdvXC6KLT4UBqIccbg_dmXSFn5bDExYDm4dMSv4_iCJjEq9iX-ZvwSJnnsbFBiPlZtgqBKZOp32MbNo9LTWDbNno4A x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 54763 last-modified Mon, 17 Oct 2022 17:02:07 GMT server UploadServer etag "fc1f183bbe7dddd0c8b5430ee8ed5e28" x-goog-generation 1666026127539333 x-goog-hash crc32c=Ru5y7g==, md5=/B8YO7593dDItUMO6O1eKA== access-control-allow-origin * content-type application/javascript cache-control public, max-age=3600 x-cache-hit hit x-goog-stored-content-length 54763 accept-ranges bytes expires Sat, 29 Oct 2022 04:13:04 GMT
GET H2	200	pubcid.min.js Show response secure.cdn.fastclick.net/js/pubcid/latest/	53 KB 17 KB	83ms 8ms	Script application/javascript	23.206.210.112 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js Requested by Host: nationalpost.com URL: https://nationalpost.com/news/canada/rights-activists-skeptical-as-canadian-fashion-brands-carefully-deny-usingchina-forced-labour Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.206.210.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-206-210-112.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 0767c070293f17944c5246f47d8c610131ee16556a032dc3b5820bdac5ec725f Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 04:09:24 GMT content-encoding gzip last-modified Thu, 13 Oct 2022 18:14:48 GMT server Apache etag "d4ed-5eaee7c12df48-gzip" vary Accept-Encoding content-type application/javascript cache-control max-age=900 accept-ranges bytes content-length 17131 expires Sat, 29 Oct 2022 04:24:24 GMT
GET H2	200	log l3.aaxads.com/	35 B 173 B	57ms 4ms	Image image/gif	96.16.146.231 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://l3.aaxads.com/log?___stu13p=aveoaamactga5dnnuee25ti2rm86bcrodqacb&lwbsh=AAX&wHos=150&dgw=desktop&flg=AAX24X4M7&fw=FRANKFURT&ff=DE&xjg=4&dss=0&skw=1200&slg=8PR6YK195&gq=nationalpost.com&vhuyqdph=ssp-serving-5bd848996d-k57tf&vyu=102809_469_102608_428_ssp&vf=HE&yhuvlrq=4&yk=1200&yz=1600&yvlg=&ylg=00001667016564305031177838081183&vvsDeExfnhw=CONTROL&oz=1&gdss=green&lwbshlg=6&vg=1&dgeg=0&qsd=0&jgsu_hqi=1&fvha=0&jgivwu=Y-N&jgsu=1&fvvwu=&wfi_fps=&wfi_vwdwxv=&wfi_sus=&vxf=0&wfi_dsl=0&xvs_hqi=1&xvs_vwdwxv=0&xvs_ogi=&xvs_vwulqj=&xifd=-1&frssd_vwdwxv=&frssd_dssolhg=&lg_ghwdlov=&dewh=SSP_CLIENT_gcp_w&deg=2&fdeg=0&gdeg=2&ghqg=148&fhqg=35&hqg=98&gvwduw=35&fvwduw=34&vwduw=35&uhtxuo=https%3A%2F%2Fnationalpost.com%2Fnews%2Fcanada%2Frights-activists-skeptical-as-canadian-fashion-brands-carefully-deny-usingchina-forced-labour&nzui= Requested by Host: nationalpost.com URL: https://nationalpost.com/news/canada/rights-activists-skeptical-as-canadian-fashion-brands-carefully-deny-usingchina-forced-labour Protocol H2 Security TLS 1.3, , AES_256_GCM Server 96.16.146.231 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a96-16-146-231.deploy.static.akamaitechnologies.com Software / Resource Hash 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90 Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers access-control-allow-origin * pragma no-cache date Sat, 29 Oct 2022 04:09:24 GMT cache-control max-age=0, no-cache, no-store expires Sat, 29 Oct 2022 04:09:24 GMT content-length 35 content-type image/gif
GET H/1.1	200 OK	login Show response postmedia.hub.loginradius.com/ssologin/	38 B 550 B	60ms 44ms	Fetch application/json	18.159.85.30 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://postmedia.hub.loginradius.com/ssologin/login Requested by Host: fem.gprod.postmedia.digital URL: https://fem.gprod.postmedia.digital/v68.2/fem.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 18.159.85.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-159-85-30.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://nationalpost.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 content-type application/json Response headers Date Sat, 29 Oct 2022 04:09:24 GMT Strict-Transport-Security max-age=31536000; includeSubDomains; preload Server nginx Access-Control-Allow-Methods HEAD,GET,POST,PUT,DELETE,OPTIONS, POST, GET, PUT, OPTIONS, DELETE Content-Type application/json Access-Control-Allow-Origin https://nationalpost.com X-LoginRadius-Server Primary - IDX - AWS Access-Control-Allow-Credentials true X-Server ms_idx_primary Connection keep-alive Content-Length 38
OPTIONS H/1.1	204 No Content	login postmedia.hub.loginradius.com/ssologin/ Frame	0 0	124ms 57ms	Preflight	18.159.85.30 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://postmedia.hub.loginradius.com/ssologin/login Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 18.159.85.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-159-85-30.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://nationalpost.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Access-Control-Allow-Credentials true Access-Control-Allow-Headers content-type Access-Control-Allow-Methods HEAD,GET,POST,PUT,DELETE,OPTIONS POST, GET, PUT, OPTIONS, DELETE Access-Control-Allow-Origin https://nationalpost.com Connection keep-alive Date Sat, 29 Oct 2022 04:09:24 GMT Server nginx Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-LoginRadius-Server Primary - IDX - AWS X-Server ms_idx_primary
GET H2	200	pxid Show response 23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/v2.0/	46 B 393 B	133ms 42ms	XHR application/json	35.241.9.51 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/v2.0/pxid?k=21ec23a2-b38a-456e-b801-e5877a041482 Requested by Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 51.9.241.35.bc.googleusercontent.com Software Permutive / Resource Hash 8f36561d2c92d2ece0636ca149bc78079b341c8cd25b0855676ceaee603156b9 Request headers Referer https://nationalpost.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 content-type text/plain Response headers date Sat, 29 Oct 2022 04:09:24 GMT content-encoding gzip via 1.1 google server Permutive vary Origin content-type application/json access-control-allow-origin https://nationalpost.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 66
GET H/1.1	200 OK	getuidj Show response ib.adnxs.com/	11 B 706 B	32ms 7ms	XHR application/json	37.252.173.27 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/getuidj Requested by Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.21.3 / Resource Hash 31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://nationalpost.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 content-type text/plain Response headers Pragma no-cache Date Sat, 29 Oct 2022 04:09:24 GMT AN-X-Request-Uuid 60d16bef-e096-4d1a-8f32-d18b6b6b238a Server nginx/1.21.3 Content-Type application/json; charset=utf-8 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://nationalpost.com Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive X-Proxy-Origin 185.213.155.176; 185.213.155.176; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com Content-Length 11 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	23dc09d6-b664-425a-a76e-0eed6a6cc102-models.bin Show response cdn.permutive.com/models/v2/	24 KB 17 KB	51ms 25ms	XHR application/x-binary	104.19.150.54 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.permutive.com/models/v2/23dc09d6-b664-425a-a76e-0eed6a6cc102-models.bin Requested by Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.150.54 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a9233c36f19a4270f93346ed6989ec40208369dd0e6207734f633d57e4a59c53 Request headers Referer https://nationalpost.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 content-type text/plain Response headers date Sat, 29 Oct 2022 04:09:24 GMT content-encoding gzip cf-cache-status HIT x-goog-meta-oid 23dc09d6-b664-425a-a76e-0eed6a6cc102 age 106 x-guploader-uploadid ADPycdtZAgp5uFDEgiXbH85AcbioOlX7_iN6-44duee8_fGSY5WAw7tYDnvg-lNbkmo3iXOpPQMG_f0I0gjfCBnaXka2OvqQ3nI8 x-goog-storage-class REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip content-length 16743 last-modified Fri, 28 Oct 2022 18:04:23 GMT server cloudflare etag "10ec0b843ef2aabfc49fff6980463242" vary Accept-Encoding x-goog-generation 1666980263809329 content-type application/x-binary access-control-allow-origin * x-goog-hash crc32c=as7kPg==, md5=EOwLhD7yqr/En/9pgEYyQg== access-control-expose-headers Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=900, no-transform x-goog-stored-content-length 16743 accept-ranges bytes cf-ray 76190e3828ae6951-FRA expires Sat, 29 Oct 2022 04:07:38 GMT
GET H2	200	geoip Show response api.permutive.com/v2.0/	261 B 369 B	106ms 39ms	XHR application/json	34.107.254.252 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=21ec23a2-b38a-456e-b801-e5877a041482 Requested by Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 252.254.107.34.bc.googleusercontent.com Software Permutive / Resource Hash 39c5031fa5e04352d50fff0f766f4c5f77f2e30a45fcf73d0470bd41cd041394 Request headers Referer https://nationalpost.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 content-type text/plain Response headers date Sat, 29 Oct 2022 04:09:24 GMT content-encoding gzip via 1.1 google server Permutive vary Origin content-type application/json access-control-allow-origin https://nationalpost.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 174
POST H2	200	watson Show response api.permutive.com/v2.0/	2 B 87 B	117ms 51ms	XHR application/json	34.107.254.252 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.permutive.com/v2.0/watson?k=21ec23a2-b38a-456e-b801-e5877a041482 Requested by Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 252.254.107.34.bc.googleusercontent.com Software Permutive / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers Referer https://nationalpost.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 content-type text/plain Response headers date Sat, 29 Oct 2022 04:09:24 GMT content-encoding gzip via 1.1 google server Permutive vary Origin content-type application/json access-control-allow-origin https://nationalpost.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 22
GET BLOB	200 OK	2a233235-47c4-4ed1-8e72-fd0fc2a35d42 https://nationalpost.com/	115 KB 0		Other text/plain
General Check archive.org Show headers Download Go to Full URL blob:https://nationalpost.com/2a233235-47c4-4ed1-8e72-fd0fc2a35d42 Requested by Host: nationalpost.com URL: https://nationalpost.com/news/canada/rights-activists-skeptical-as-canadian-fashion-brands-carefully-deny-usingchina-forced-labour Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 26fc9a39edbfd6ace0548738fe4dd0ebea7883686ae98e885b29b0987775c2e2 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Content-Length 117265
GET BLOB	200 OK	b0e1e3c5-48ac-4ce7-8fdf-1f6dc0779f5f https://nationalpost.com/	20 KB 0		Other text/plain
General Check archive.org Show headers Download Go to Full URL blob:https://nationalpost.com/b0e1e3c5-48ac-4ce7-8fdf-1f6dc0779f5f Requested by Host: nationalpost.com URL: https://nationalpost.com/news/canada/rights-activists-skeptical-as-canadian-fashion-brands-carefully-deny-usingchina-forced-labour Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 82040cde6910b66cfe6ee300ecfda8df801debcb81d0226b8cc8e62df7823f28 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Content-Length 20393
GET H2	200	aacxs.php Show response c.aaxads.com/ Frame 59A8	22 KB 9 KB	280ms 279ms	Document text/html	96.16.146.231 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://c.aaxads.com/aacxs.php?flg=AAX24X4M7&fv=1&fy=37&ke=1&suylg=55%2C3012%2C295%2C271%2C282%2C141%2C203%2C368%2C172%2C195%2C51%2C267%2C274%2C159%2C222%2C3007%2C209%2C292%2C251%2C97%2C241%2C369%2C108%2C229%2C175%2C214%2C356%2C265%2C272%2C310&yvVbqf=1&uhiXuo=&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&coppa=0 Requested by Host: c.aaxads.com URL: https://c.aaxads.com/aax.js?pub=AAX24X4M7&hst=nationalpost.com&ver=1.2 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 96.16.146.231 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a96-16-146-231.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 5cd29261e4f9243a4044d38b6f24a3582120421937063b562c8dec4406837a02 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers Referer https://nationalpost.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control max-age=172800 content-encoding gzip content-length 8776 content-type text/html; charset=UTF-8 date Sat, 29 Oct 2022 04:09:24 GMT expires Mon, 31 Oct 2022 04:09:24 GMT p3p CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA server Apache strict-transport-security max-age=604800 vary Accept-Encoding x-mnet-hl2 E
GET H2	200	syncframe Show response gum.criteo.com/ Frame A809	15 KB 6 KB	58ms 16ms	Document text/html	2a02:2638:1::13 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/syncframe?origin=publishertag&topUrl=nationalpost.com Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 639785aa0d683a5d24bcbe96629d8d07fd8eefd12499bd97606e65f9373a5112 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://nationalpost.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control private, max-age=3600 content-encoding gzip content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Sat, 29 Oct 2022 04:09:24 GMT server Kestrel server-processing-duration-in-ticks 675343 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H3	200	/ Show response nationalpost.com/api-root/lists/ec4980e1-9ef5-43cc-b1bb-6084163dd2c9/expanded/	121 KB 12 KB	1443ms 1346ms	Fetch text/html	34.111.249.109 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://nationalpost.com/api-root/lists/ec4980e1-9ef5-43cc-b1bb-6084163dd2c9/expanded/?format=html&name=&from=0&type=category&load_origin_urls=false&is_sponsored=false&slugs_accepted=&slugs_excluded=&replace_video=false&template_name=feed-card-list Requested by Host: dcs-static.gprod.postmedia.digital URL: https://dcs-static.gprod.postmedia.digital/12.1.4/websites/js/7448bbfb433e588899f11.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.111.249.109 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 109.249.111.34.bc.googleusercontent.com Software nginx/1.14.2 / Resource Hash 553afcfe65cda60eb0ff49695dddfd2bade57dbdbd81b17ef117a30f23429460 Security Headers Name Value Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-dynamic' 'unsafe-inline' data: blob: X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/news/canada/rights-activists-skeptical-as-canadian-fashion-brands-carefully-deny-usingchina-forced-labour User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 04:09:25 GMT content-security-policy default-src * 'unsafe-eval' 'unsafe-dynamic' 'unsafe-inline' data: blob: x-content-type-options nosniff content-encoding gzip via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 referrer-policy strict-origin-when-cross-origin last-modified Saturday, 29-Oct-2022 04:09:25 GMT server nginx/1.14.2 x-pmd-backend cheetah-nginx, pmd-nginx-proxy-c7db8d578-vgh72 x-frame-options SAMEORIGIN vary Accept-Encoding, Accept-Encoding, Accept, X_API_KEY, Cookie, Origin content-type text/html; charset=utf-8 allow GET cache-control max-age=300, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 permissions-policy autoplay=(*), camera=(*), display-capture=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), microphone=(*), payment=(*) expires Sat, 29 Oct 2022 04:14:25 GMT
POST H3	200	identify Show response api.permutive.com/v2.0/	50 B 88 B	134ms 48ms	XHR application/json	34.107.254.252 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.permutive.com/v2.0/identify?k=21ec23a2-b38a-456e-b801-e5877a041482 Requested by Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 252.254.107.34.bc.googleusercontent.com Software Permutive / Resource Hash 2803b590c53f57a6bc3d2f442fb66033bb529ec652daea0609b286a8ba42f216 Request headers Referer https://nationalpost.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 content-type text/plain Response headers date Sat, 29 Oct 2022 04:09:24 GMT content-encoding gzip via 1.1 google server Permutive vary Origin content-type application/json access-control-allow-origin https://nationalpost.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 70
GET H2	200	load Show response experience.tinypass.com/xbuilder/experience/	4 KB 2 KB	110ms 26ms	Script application/javascript	2606:4700::6811:bab1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://experience.tinypass.com/xbuilder/experience/load?aid=SE0WzqlbUG Requested by Host: fem.gprod.postmedia.digital URL: https://fem.gprod.postmedia.digital/v68.2/fem.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 574ee49322b85bbad4ad7717b04996355985fa03bb32fa98f3a6e15866a794ad Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 04:09:24 GMT strict-transport-security max-age=86400; includeSubDomains content-encoding br cf-cache-status HIT age 1320 p3p CP="NON DSP COR OUR IND" x-forwarded-https on alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-request-id M07xhkrDyEe pragma wn prod-dash-10-0-141-61 last-modified Sat, 29 Oct 2022 03:47:24 GMT server cloudflare vary accept-encoding content-type application/javascript;charset=utf-8 server-time 0.035 cache-control public, max-age=1800 cf-ray 76190e396c089193-FRA expires Sat, 29 Oct 2022 04:39:24 GMT
GET H2	200	vf-v2.js Show response cdn.viafoura.net/	762 KB 180 KB	108ms 24ms	Script application/javascript	2600:9000:2127:e600:8:2ae1:d740:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.viafoura.net/vf-v2.js Requested by Host: fem.gprod.postmedia.digital URL: https://fem.gprod.postmedia.digital/v68.2/fem.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2127:e600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f53d2b946d632342cb88f35d1cd810f991c7e80f7a363310464af73132235e77 Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers x-amz-version-id Ar9zYwFcbUMzinL.1_a4jMAz7htegq0w content-encoding br via 1.1 1f7383179aa19c47a962c46236696426.cloudfront.net (CloudFront) date Sat, 29 Oct 2022 04:09:03 GMT x-amz-cf-pop PRG50-C1 age 27 x-cache Hit from cloudfront x-amz-replication-status COMPLETED alt-svc h3=":443"; ma=86400 last-modified Thu, 27 Oct 2022 15:07:40 GMT server AmazonS3 etag W/"0f22a5b1318807bef2f9a45cc8e59e3d" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=300 x-amz-cf-id RUA1R3u_7h9MLmqoX0bAHxW_ZfwDiBV5bosnVziTRUHyl2lQV24gqw==
GET H2	200	gtm.js Show response www.googletagmanager.com/	324 KB 85 KB	145ms 46ms	Script application/javascript	2a00:1450:4001:80e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer Requested by Host: fem.gprod.postmedia.digital URL: https://fem.gprod.postmedia.digital/v68.2/fem.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash a82c20132883e813f0457eb3f90b0350b79898a74ac694b66d0bbc5c4b66e4ed Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 04:09:24 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 86655 x-xss-protection 0 last-modified Sat, 29 Oct 2022 03:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 29 Oct 2022 04:09:24 GMT
GET H2	200	beacon.js Show response sb.scorecardresearch.com/	4 KB 2 KB	102ms 21ms	Script application/javascript	65.9.95.81 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sb.scorecardresearch.com/beacon.js Requested by Host: fem.gprod.postmedia.digital URL: https://fem.gprod.postmedia.digital/v68.2/fem.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.95.81 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-95-81.prg50.r.cloudfront.net Software AmazonS3 / Resource Hash ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117 Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 04:05:49 GMT content-encoding gzip via 1.1 0803e66d64c794aaadfd4a88601bc68e.cloudfront.net (CloudFront) last-modified Tue, 28 Jun 2022 13:19:23 GMT server AmazonS3 x-amz-cf-pop PRG50-C1 age 15805 x-amz-server-side-encryption AES256 etag W/"eaf85c1c6758e84acfe134efd70e9373" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=86400 x-amz-cf-id nmuuwOWRFyUI_iD6nL3-rzMgoI3FAW9P-htlN6gAZKUFNzWoblz77g==
GET H2	200	mparticle.js Show response jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/	225 KB 55 KB	52ms 20ms	Script application/javascript	2a04:4e42:200::645 FASTLY
General Check archive.org Show headers Download Go to Full URL https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js Requested by Host: fem.gprod.postmedia.digital URL: https://fem.gprod.postmedia.digital/v68.2/fem.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Kestrel / Resource Hash a55cd0a21664d030fde4e1da37a0240938ac8c080aeb21ab4d913c754b4100f7 Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers x-served-by cache-iad-kcgs7200117-IAD, cache-hhn4047-HHN date Sat, 29 Oct 2022 04:09:24 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish server Kestrel age 253 x-timer S1667016565.668045,VS0,VE1 x-origin-name fastlyshield--shield_ssl_cache_iad_kcgs7200117_IAD x-cache HIT, HIT content-type application/javascript vary Accept, Accept-Encoding cache-control public, max-age=3600 accept-ranges bytes content-length 55600 x-cache-hits 17, 1
GET H2	200	gtm.js Show response www.googletagmanager.com/	131 KB 41 KB	216ms 124ms	Script application/javascript	2a00:1450:4001:80e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer Requested by Host: fem.gprod.postmedia.digital URL: https://fem.gprod.postmedia.digital/v68.2/fem.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e41aab8e32e468f58291ceb24321bb234f540ff95fb1acba2b3dd914a8c7bdea Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 04:09:24 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42359 x-xss-protection 0 last-modified Sat, 29 Oct 2022 03:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 29 Oct 2022 04:09:24 GMT
POST H3	200	segment Show response api.permutive.com/adv/v2/	14 B 28 B	116ms 49ms	XHR application/json	34.107.254.252 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.permutive.com/adv/v2/segment?new-session=true&k=21ec23a2-b38a-456e-b801-e5877a041482 Requested by Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 252.254.107.34.bc.googleusercontent.com Software Permutive / Resource Hash e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d Request headers Referer https://nationalpost.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 content-type text/plain Response headers access-control-allow-origin * date Sat, 29 Oct 2022 04:09:24 GMT via 1.1 google server Permutive alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14 content-type application/json
GET H2	201	sync googlesync.permutive.com/v2.0/px/ Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=a64e3e75-56ca-4651-bcf4-04a0da765a39 https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=a64e3e75-56ca-4651-bcf4-04a0da765a39&google_tc= https://googlesync.permutive.com/v2.0/px/sync?alias=CAESECodXaETuI-In2zuZX-qqaw&error=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=a64e3e75-56ca-4651-bcf4-04a0da765a39&google_cver=1	35 B 176 B	112ms 37ms	Image image/gif	34.107.254.252 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://googlesync.permutive.com/v2.0/px/sync?alias=CAESECodXaETuI-In2zuZX-qqaw&error=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=a64e3e75-56ca-4651-bcf4-04a0da765a39&google_cver=1 Protocol H2 Server 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 252.254.107.34.bc.googleusercontent.com Software Permutive / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 04:09:25 GMT via 1.1 google server Permutive alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 vary Origin content-type image/gif Redirect headers pragma no-cache date Sat, 29 Oct 2022 04:09:24 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://googlesync.permutive.com/v2.0/px/sync?alias=CAESECodXaETuI-In2zuZX-qqaw&error=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=a64e3e75-56ca-4651-bcf4-04a0da765a39&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 404 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sid Show response mug.criteo.com/ Frame A809 Redirect Chain https://gum.criteo.com/sid/json?origin=publishertag&domain=nationalpost.com&sn=ChromeSyncframe&so=0&topUrl=nationalpost.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 https://mug.criteo.com/sid?cpp=EDLmM3wwZXEwR2kzZ2FWemxDakoxWHJsRzcvTW10UjI4VXE1MW5xM3cxTkNBM1JHSFk2ZmlEN21KYlQrUHZBQkpkbVV5czNuSUZ5RW9jRVE5Njc4SWdMS3VPOXpJcGRJTnlqQUhsamMreFBQVW9vOVB2bXFjM09PbFh6RF...	459 B 671 B	74ms 17ms	Fetch application/json	178.250.2.146 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=EDLmM3wwZXEwR2kzZ2FWemxDakoxWHJsRzcvTW10UjI4VXE1MW5xM3cxTkNBM1JHSFk2ZmlEN21KYlQrUHZBQkpkbVV5czNuSUZ5RW9jRVE5Njc4SWdMS3VPOXpJcGRJTnlqQUhsamMreFBQVW9vOVB2bXFjM09PbFh6RFVxVmN4WVlSSTJCbkN3dlhzZUZRYzZLdFhUUGhxcmowMGpMUTlYY3V2dXAvelhlTDd1ZytYSFhCUWprbUFSTkQ1S2xaRzJqVVNMbXErdm9uVWRwbTJTOEdLcC9lOHdxR3c1ckJDQkVDMlBWN2FSKzZ4U0JlSURTbGVLRVRKYzlrS0Z1S0cwT25ROERpS1B1Z3RKanVYTDA2endkRlppUT09fA&cppv=2 Protocol H2 Server 178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 037ff354f44e0c17e94862f2bdcb20dfc1e55ed7e61d70ba14071d9a46483c05 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://gum.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers pragma no-cache date Sat, 29 Oct 2022 04:09:24 GMT strict-transport-security max-age=31536000; preload; content-encoding gzip server Kestrel vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin https://gum.criteo.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 2395081 expires 0 Redirect headers pragma no-cache date Sat, 29 Oct 2022 04:09:23 GMT strict-transport-security max-age=31536000; preload; server Kestrel location https://mug.criteo.com/sid?cpp=EDLmM3wwZXEwR2kzZ2FWemxDakoxWHJsRzcvTW10UjI4VXE1MW5xM3cxTkNBM1JHSFk2ZmlEN21KYlQrUHZBQkpkbVV5czNuSUZ5RW9jRVE5Njc4SWdMS3VPOXpJcGRJTnlqQUhsamMreFBQVW9vOVB2bXFjM09PbFh6RFVxVmN4WVlSSTJCbkN3dlhzZUZRYzZLdFhUUGhxcmowMGpMUTlYY3V2dXAvelhlTDd1ZytYSFhCUWprbUFSTkQ1S2xaRzJqVVNMbXErdm9uVWRwbTJTOEdLcC9lOHdxR3c1ckJDQkVDMlBWN2FSKzZ4U0JlSURTbGVLRVRKYzlrS0Z1S0cwT25ROERpS1B1Z3RKanVYTDA2endkRlppUT09fA&cppv=2 cache-control no-cache, no-store, must-revalidate server-processing-duration-in-ticks 617958 content-length 0 expires 0
OPTIONS H2	204	identify identity.mparticle.com/v1/ Frame	0 0	46ms 8ms	Preflight	2a04:4e42::645 FASTLY
General Check archive.org Show headers Download Go to Full URL https://identity.mparticle.com/v1/identify Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42::645 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Kestrel / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=900 Request headers Accept */* Access-Control-Request-Headers content-type,x-mp-key Access-Control-Request-Method POST Origin https://nationalpost.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers accept-ranges bytes access-control-allow-headers content-type,x-mp-key access-control-allow-methods POST access-control-allow-origin * age 1942 date Sat, 29 Oct 2022 04:09:24 GMT server Kestrel strict-transport-security max-age=900 via 1.1 varnish x-cache HIT x-cache-hits 613 x-origin-name 4PrgpUXX9K0sNAH1JImfyI--F_us1_origin x-served-by cache-hhn4050-HHN x-timer S1667016565.783726,VS0,VE0
GET H2	200	gtm.js Show response www.googletagmanager.com/	138 KB 47 KB	148ms 147ms	Script application/javascript	2a00:1450:4001:80e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-TR7GVNJ&l=dl_mparticle Requested by Host: jssdkcdns.mparticle.com URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash c21598fa0de5058bf410d73d84f781c118f1d6307ef4fceeaf9fc314e52cf7a9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 04:09:24 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 48094 x-xss-protection 0 last-modified Sat, 29 Oct 2022 03:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 29 Oct 2022 04:09:24 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	146 KB 48 KB	133ms 133ms	Script application/javascript	2a00:1450:4001:80e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-MW2G74V&l=mp_data_layer Requested by Host: jssdkcdns.mparticle.com URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash c0b46f588f0bdb454ac7bbdd3745d6dfcaaae86f3a49984cdf42b25615f984be Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 04:09:24 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 48747 x-xss-protection 0 last-modified Sat, 29 Oct 2022 03:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 29 Oct 2022 04:09:24 GMT
POST H2	200	identify Show response identity.mparticle.com/v1/	176 B 270 B	117ms 117ms	XHR application/json	2a04:4e42::645 FASTLY
General Check archive.org Show headers Download Go to Full URL https://identity.mparticle.com/v1/identify Requested by Host: jssdkcdns.mparticle.com URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42::645 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Kestrel / Resource Hash 15be6f8faaa8ade01281eb58a675e4dfec497cdc9c2304ddeadc8943802f4acb Security Headers Name Value Strict-Transport-Security max-age=900 Request headers x-mp-key us1-99b65fde89a1a145894d2d51d283cc83 Referer https://nationalpost.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Content-Type application/json Response headers x-served-by cache-hhn4050-HHN date Sat, 29 Oct 2022 04:09:24 GMT content-encoding gzip via 1.1 varnish strict-transport-security max-age=900 server Kestrel x-timer S1667016565.793370,VS0,VE106 x-origin-name 4PrgpUXX9K0sNAH1JImfyI--F_us1_origin x-cache MISS content-type application/json; charset=utf-8 access-control-allow-origin * vary Accept-Encoding accept-ranges bytes x-cache-hits 0
GET H2	200	tinypass.min.js Show response cdn.tinypass.com/api/	324 KB 95 KB	42ms 33ms	Script application/javascript	2606:4700::6811:bab1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.tinypass.com/api/tinypass.min.js?version=2 Requested by Host: experience.tinypass.com URL: https://experience.tinypass.com/xbuilder/experience/load?aid=SE0WzqlbUG Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a72b598cb0253b63cc28bb8fe44e3c8db9985ef995fd7ea279f86549e16c7865 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 04:09:24 GMT x-amz-version-id 9YxbLCw9sRIUBqf6Q0edkQYemQWJDE38 content-encoding br cf-cache-status HIT strict-transport-security max-age=86400; includeSubDomains x-amz-request-id QNM5EFYQ99GZ93FP age 12553 x-amz-replication-status REPLICA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-id-2 v0g4sHPylbkINyskWXg49wMNGY3JlVe2AKBJ9ULT26mtpt5Ja63C/ftSAkdwenlmQFDCqp3YOqI= last-modified Thu, 27 Oct 2022 07:56:57 GMT server cloudflare etag W/"8f75a0b143d222abad8e558e5499e074" vary Accept-Encoding content-type application/javascript cache-control public, max-age=14400 cf-ray 76190e39ccaf9193-FRA expires Sat, 29 Oct 2022 08:09:24 GMT
POST H2	200	v2 Show response api.viafoura.co/v2/nationalpost.com/bootstrap/	7 KB 3 KB	332ms 117ms	XHR application/json	2600:1f18:44f0:4840:3207:97a9:fe28:637e AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api.viafoura.co/v2/nationalpost.com/bootstrap/v2 Requested by Host: cdn.viafoura.net URL: https://cdn.viafoura.net/vf-v2.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:44f0:4840:3207:97a9:fe28:637e Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash 39f186d05608f12fecbbf21b290815c754bcf046d45855c952f27ebc415a0917 Request headers Accept application/json, text/plain, */* Referer https://nationalpost.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Content-Type application/json;charset=UTF-8 Response headers x-instance-id i-0d4f3069eb775536e pragma no-cache date Sat, 29 Oct 2022 04:09:25 GMT content-encoding gzip server nginx/1.18.0 (Ubuntu) vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD content-type application/json;charset=UTF-8 access-control-allow-origin https://nationalpost.com cache-control max-age=0 access-control-allow-credentials true access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With expires Sat, 29 Oct 2022 04:09:25 GMT
OPTIONS H2	204	v2 api.viafoura.co/v2/nationalpost.com/bootstrap/ Frame	0 0	328ms 111ms	Preflight	2600:1f18:44f0:4840:3207:97a9:fe28:637e AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api.viafoura.co/v2/nationalpost.com/bootstrap/v2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:44f0:4840:3207:97a9:fe28:637e Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://nationalpost.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With access-control-allow-methods GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD access-control-allow-origin https://nationalpost.com access-control-max-age 1728000 cache-control max-age=0 date Sat, 29 Oct 2022 04:09:25 GMT expires Sat, 29 Oct 2022 04:09:25 GMT server nginx/1.18.0 (Ubuntu)
POST H2	200	execute Show response c2.piano.io/xbuilder/experience/	2 KB 2 KB	172ms 132ms	XHR application/json	2606:4700::6810:2a41 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c2.piano.io/xbuilder/experience/execute?aid=SE0WzqlbUG Requested by Host: cdn.tinypass.com URL: https://cdn.tinypass.com/api/tinypass.min.js?version=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 72a96a8e1449bee2cde9dc3c496036cfcbba49739cb62ef47a7b08d032c618bd Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains Request headers Accept application/json Referer https://nationalpost.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Sat, 29 Oct 2022 04:09:25 GMT strict-transport-security max-age=86400; includeSubDomains content-encoding br cf-cache-status DYNAMIC alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-request-id bffb63clom pragma no-cache server cloudflare vary Accept-Encoding, Origin access-control-allow-methods POST, GET, OPTIONS content-type application/json; charset=UTF-8 access-control-allow-origin https://nationalpost.com access-control-expose-headers Composer-Request-Control-Policy cache-control no-cache, no-store access-control-allow-credentials true cf-ray 76190e3afa01915f-FRA
POST H2	202	Forwarding Show response jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/	0 197 B	36ms 14ms	XHR text/plain	2a04:4e42:400::645 FASTLY
General Check archive.org Show headers Download Go to Full URL https://jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/Forwarding Requested by Host: jssdkcdns.mparticle.com URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Kestrel / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://nationalpost.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-served-by cache-hhn4075-HHN date Sat, 29 Oct 2022 04:09:24 GMT via 1.1 varnish server Kestrel x-timer S1667016565.966699,VS0,VE6 x-origin-name 7arPuRjnqGEhiMyprEtnLk--F_us1_origin x-cache MISS access-control-allow-origin * accept-ranges bytes content-length 0 x-cache-hits 0
POST H2	202	Forwarding Show response jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/	0 59 B	40ms 18ms	XHR text/plain	2a04:4e42:400::645 FASTLY
General Check archive.org Show headers Download Go to Full URL https://jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/Forwarding Requested by Host: jssdkcdns.mparticle.com URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Kestrel / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://nationalpost.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-served-by cache-hhn4075-HHN date Sat, 29 Oct 2022 04:09:24 GMT via 1.1 varnish server Kestrel x-timer S1667016565.966765,VS0,VE11 x-origin-name 7arPuRjnqGEhiMyprEtnLk--F_us1_origin x-cache MISS access-control-allow-origin * accept-ranges bytes content-length 0 x-cache-hits 0
GET H/1.1	200 OK	log c21lg-d.media.net/ Frame 59A8	35 B 329 B	216ms 170ms	Image image/gif	23.35.228.23 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://c21lg-d.media.net/log?___stu13p=5idgihgb3r73nr56xnl0ch00yxnzunr&gho=1&yvlg=3100181648398410000V10&ruljlq=1&iow=0&syjlg[]=028AAX&syjlg[]=041AAX&syjlg[]=054AAX&syjlg[]=345AAX&syjlg[]=076AAX&syjlg[]=080AAX&syjlg[]=097AAX&syjlg[]=109AAX Requested by Host: c.aaxads.com URL: https://c.aaxads.com/aacxs.php?flg=AAX24X4M7&fv=1&fy=37&ke=1&suylg=55%2C3012%2C295%2C271%2C282%2C141%2C203%2C368%2C172%2C195%2C51%2C267%2C274%2C159%2C222%2C3007%2C209%2C292%2C251%2C97%2C241%2C369%2C108%2C229%2C175%2C214%2C356%2C265%2C272%2C310&yvVbqf=1&uhiXuo=&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&coppa=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-35-228-23.deploy.static.akamaitechnologies.com Software Jetty(9.4.35.v20201120) / Resource Hash 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90 Request headers accept-language de-DE,de;q=0.9 Referer https://c.aaxads.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Pragma no-cache Date Sat, 29 Oct 2022 04:09:25 GMT Server Jetty(9.4.35.v20201120) Content-Type image/gif Access-Control-Allow-Origin * Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Length 35 Expires Sat, 29 Oct 2022 04:09:25 GMT
GET H2	200	ribn.min.js Show response assets.ribn.com/production/	10 KB 4 KB	103ms 21ms	Script application/javascript	2600:9000:2127:4800:7:75d4:e40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.ribn.com/production/ribn.min.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2127:4800:7:75d4:e40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash d22c2b457592d1f744afe93fdca6657e1985e47f0fade89674ae45ebce1d6428 Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 03:09:25 GMT content-encoding gzip via 1.1 1f7383179aa19c47a962c46236696426.cloudfront.net (CloudFront) last-modified Wed, 28 Oct 2020 14:49:59 GMT server AmazonS3 x-amz-cf-pop PRG50-C1 age 3652 etag W/"6b213f30955b664fd78dc9e388b17e54" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id mCOfexpoF1FRahJg9XFmEWqfXJpN1AqGSH-z9jDg5x6irrt8vKqupw==
GET H2	200	ribn-postmedia.min.js Show response assets.ribn.com/v2/production/	13 KB 4 KB	103ms 22ms	Script application/javascript	2600:9000:2127:4800:7:75d4:e40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.ribn.com/v2/production/ribn-postmedia.min.js Requested by Host: nationalpost.com URL: https://nationalpost.com/news/canada/rights-activists-skeptical-as-canadian-fashion-brands-carefully-deny-usingchina-forced-labour Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2127:4800:7:75d4:e40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash c81cab8c63d469329c0e0724770c6c8622f0d5d1fb8b6f919b6d7dddfadba190 Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 03:47:06 GMT content-encoding gzip via 1.1 1f7383179aa19c47a962c46236696426.cloudfront.net (CloudFront) last-modified Wed, 01 Sep 2021 18:06:03 GMT server AmazonS3 x-amz-cf-pop PRG50-C1 age 83461 etag W/"baaa6497dd2dea88d8fdb6d6cca08cf2" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id BvaFXYwoOd8XR-h5C85u8gLgB5nZtVbh3CCqvYMMN48TwYcDeiWpnQ==
GET H3	200	gtm.js Show response www.googletagmanager.com/	132 KB 47 KB	182ms 100ms	Script application/javascript	2a00:1450:4001:80e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-NFGNKKG&l=gtm_data_layer Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 109fb6d4b67eeba209f89f20f21e0b2d8152859ab98800abd920d1bc20a95be9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 04:09:25 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 48072 x-xss-protection 0 last-modified Sat, 29 Oct 2022 03:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 29 Oct 2022 04:09:25 GMT
GET H3	200	gtm.js Show response www.googletagmanager.com/	272 KB 81 KB	204ms 128ms	Script application/javascript	2a00:1450:4001:80e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 1a89df9b70c4f11f36e9d7a6c9516a567474c7b3bce368335477ed1b564382ae Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 04:09:25 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 82625 x-xss-protection 0 last-modified Sat, 29 Oct 2022 03:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 29 Oct 2022 04:09:25 GMT
OPTIONS H2	204	identify identity.mparticle.com/v1/ Frame	0 0	7ms 7ms	Preflight	2a04:4e42::645 FASTLY
General Check archive.org Show headers Download Go to Full URL https://identity.mparticle.com/v1/identify Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42::645 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Kestrel / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=900 Request headers Accept */* Access-Control-Request-Headers content-type,x-mp-key Access-Control-Request-Method POST Origin https://nationalpost.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers accept-ranges bytes access-control-allow-headers content-type,x-mp-key access-control-allow-methods POST access-control-allow-origin * age 1942 date Sat, 29 Oct 2022 04:09:25 GMT server Kestrel strict-transport-security max-age=900 via 1.1 varnish x-cache HIT x-cache-hits 614 x-origin-name 4PrgpUXX9K0sNAH1JImfyI--F_us1_origin x-served-by cache-hhn4050-HHN x-timer S1667016565.017233,VS0,VE0
POST H2	200	identify Show response identity.mparticle.com/v1/	176 B 220 B	148ms 147ms	XHR application/json	2a04:4e42::645 FASTLY
General Check archive.org Show headers Download Go to Full URL https://identity.mparticle.com/v1/identify Requested by Host: jssdkcdns.mparticle.com URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42::645 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Kestrel / Resource Hash fb167c52566cd0fffc579d4256eb7c3201adcb0fee0be92d254a62c966c25b88 Security Headers Name Value Strict-Transport-Security max-age=900 Request headers x-mp-key us1-99b65fde89a1a145894d2d51d283cc83 Referer https://nationalpost.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Content-Type application/json Response headers x-served-by cache-hhn4050-HHN date Sat, 29 Oct 2022 04:09:25 GMT content-encoding gzip via 1.1 varnish strict-transport-security max-age=900 server Kestrel x-timer S1667016565.025514,VS0,VE115 x-origin-name 4PrgpUXX9K0sNAH1JImfyI--F_us1_origin x-cache MISS content-type application/json; charset=utf-8 access-control-allow-origin * vary Accept-Encoding accept-ranges bytes x-cache-hits 0
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	385ms 47ms	Script text/javascript	2a00:1450:4001:82f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-TR7GVNJ&l=dl_mparticle Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Sat, 29 Oct 2022 03:01:58 GMT last-modified Tue, 27 Sep 2022 22:01:05 GMT server Golfe2 age 4047 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20039 expires Sat, 29 Oct 2022 05:01:58 GMT
POST H2	202	Forwarding Show response jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/	0 82 B	12ms 12ms	XHR text/plain	2a04:4e42:400::645 FASTLY
General Check archive.org Show headers Download Go to Full URL https://jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/Forwarding Requested by Host: jssdkcdns.mparticle.com URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Kestrel / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://nationalpost.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-served-by cache-hhn4075-HHN date Sat, 29 Oct 2022 04:09:25 GMT via 1.1 varnish server Kestrel x-timer S1667016565.032487,VS0,VE6 x-origin-name 7arPuRjnqGEhiMyprEtnLk--F_us1_origin x-cache MISS access-control-allow-origin * accept-ranges bytes content-length 0 x-cache-hits 0
GET H3	200	js Show response www.googletagmanager.com/gtag/	213 KB 75 KB	146ms 105ms	Script application/javascript	2a00:1450:4001:80e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-7GC5VRWDF9&l=mp_data_layer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MW2G74V&l=mp_data_layer Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 107bddd9242c08c563553e440213df2d3d61e30b693e187862d1e4013e9d41af Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 04:09:25 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 76405 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Sat, 29 Oct 2022 04:09:25 GMT
POST H2	202	Forwarding Show response jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/	0 58 B	8ms 8ms	XHR text/plain	2a04:4e42:400::645 FASTLY
General Check archive.org Show headers Download Go to Full URL https://jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/Forwarding Requested by Host: jssdkcdns.mparticle.com URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Kestrel / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://nationalpost.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-served-by cache-hhn4075-HHN date Sat, 29 Oct 2022 04:09:25 GMT via 1.1 varnish server Kestrel x-timer S1667016565.043077,VS0,VE2 x-origin-name 7arPuRjnqGEhiMyprEtnLk--F_us1_origin x-cache MISS access-control-allow-origin * accept-ranges bytes content-length 0 x-cache-hits 0
POST H2	202	events Show response jssdks.mparticle.com/v3/JS/us1-99b65fde89a1a145894d2d51d283cc83/	42 B 157 B	9ms 9ms	Fetch application/json	2a04:4e42:400::645 FASTLY
General Check archive.org Show headers Download Go to Full URL https://jssdks.mparticle.com/v3/JS/us1-99b65fde89a1a145894d2d51d283cc83/events Requested by Host: jssdkcdns.mparticle.com URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Kestrel / Resource Hash 14751924af553816bbf191e49daf5d1d47c0fdd89cea1c68ce1e2d6c07890046 Request headers Accept text/plain;charset=UTF-8 Referer https://nationalpost.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-served-by cache-hhn4075-HHN date Sat, 29 Oct 2022 04:09:25 GMT content-encoding gzip via 1.1 varnish server Kestrel x-timer S1667016565.226149,VS0,VE2 x-origin-name 7arPuRjnqGEhiMyprEtnLk--F_us1_origin x-cache MISS content-type application/json access-control-allow-origin * vary Accept-Encoding accept-ranges bytes x-cache-hits 0
POST H3	200	events Show response api.permutive.com/v2.0/batch/	101 B 130 B	43ms 42ms	XHR application/json	34.107.254.252 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=21ec23a2-b38a-456e-b801-e5877a041482 Requested by Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 252.254.107.34.bc.googleusercontent.com Software Permutive / Resource Hash b99153c3ede6735965c35170a80792310c3ed771bf89ea368ed9241edbcfb0a5 Request headers Referer https://nationalpost.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 content-type text/plain Response headers date Sat, 29 Oct 2022 04:09:25 GMT content-encoding gzip via 1.1 google server Permutive vary Origin content-type application/json access-control-allow-origin https://nationalpost.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 112
POST H2	204	collect region1.google-analytics.com/g/	0 347 B	152ms 52ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-7GC5VRWDF9&gtm=2oeaq0&_p=1927040385&cid=177905991.1667016565&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1667016565&sct=1&seg=0&dl=https%3A%2F%2Fnationalpost.com%2Fnews%2Fcanada%2Frights-activists-skeptical-as-canadian-fashion-brands-carefully-deny-usingchina-forced-labour&dt=National%20Post&en=page_view&_fv=1&_nsi=1&_ss=1&ep.mp_ca_adblocker_enabled=false&ep.mp_ca_brand=National%20Post&ep.mp_ca_browser=Chrome&ep.mp_ca_browser_language=en-US&ep.mp_ca_device_type=desktop&ep.mp_ca_division=np&ep.mp_ca_domain=nationalpost.com&ep.mp_ca_fem_version=v68.2&ep.mp_ca_page_type=index&ep.mp_ca_page_url=https%3A%2F%2Fnationalpost.com%2Fnews%2Fcanada%2Frights-activists-skeptical-as-canadian-fashion-brands-carefully-deny-usingchina-forced-labour&ep.mp_ca_platform=Cheetah&ep.mp_ca_platform_version=12.1.4&ep.mp_ca_view_type=HTML&ep.mp_ca_user_status=anonymous&ep.mp_screen_view_main_category=index&ep.mp_screen_view_metered_content=false Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-7GC5VRWDF9&l=mp_data_layer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers pragma no-cache date Sat, 29 Oct 2022 04:09:25 GMT server Golfe2 content-type text/plain access-control-allow-origin https://nationalpost.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	marfeel-sdk.js Show response sdk.mrf.io/statics/	86 KB 24 KB	72ms 11ms	Script application/javascript	151.101.2.207 FASTLY
General Check archive.org Show headers Download Go to Full URL https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528 Requested by Host: nationalpost.com URL: https://nationalpost.com/news/canada/rights-activists-skeptical-as-canadian-fashion-brands-carefully-deny-usingchina-forced-labour Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.2.207 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash cd3eac7c38648a29a4263676ee60b4857de3341389b992b3c2ababad540d8cc6 Request headers Referer https://nationalpost.com/ Origin https://nationalpost.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 04:09:25 GMT content-encoding br x-b3-traceid b6e7b18c33274bac896587782a8e309d x-amz-cf-pop FRA2-C2 x-cache Hit from cloudfront, HIT mrf-cache-status H x-b3-traceid-primal 385f2a131f4d49e698b8b16091986a66 content-length 23741 x-served-by cache-hhn4065-HHN last-modified Tue, 25 Oct 2022 16:13:48 GMT server AmazonS3 x-timer S1667016565.396794,VS0,VE0 etag W/"854f52b94085c3a4754ff879aac99ecc" access-control-max-age 3600 access-control-allow-methods GET content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=3600 vary Accept-Encoding accept-ranges bytes x-amz-cf-id mV1FVFcv4yssSFryiVkfEuRoMiL8SeHY9vo98f8e_6MMmw4lp16sWQ== x-cache-hits 3
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	103 KB 28 KB	73ms 12ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: nationalpost.com URL: https://nationalpost.com/news/canada/rights-activists-skeptical-as-canadian-fashion-brands-carefully-deny-usingchina-forced-labour Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sat, 29 Oct 2022 04:09:25 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 27337 x-fb-rlafr 0 x-xss-protection 0 pragma public x-fb-debug 0jgq/0poVc/Jw9fbjH1H44s242Wkz5DqKPvgpLEN9rWpO3ECS5MumliFT2PFUi0HXI2jedKc3+OvYsMZGAwZbg== x-fb-trip-id 686109401 cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 cache-control public, max-age=1200 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	217 KB 76 KB	58ms 58ms	Script application/javascript	2a00:1450:4001:80e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-72QH41ZTMR&l=gtm_data_layer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 8add0c66bfb095b44e7c448864fd4be9cad85012e851d7ea49fd42e99257a8ec Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 04:09:25 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 77375 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Sat, 29 Oct 2022 04:09:25 GMT
GET H2	200	p.js Show response cdn.parsely.com/keys/nationalpost.com/	74 KB 26 KB	84ms 25ms	Script application/javascript	65.9.97.61 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.parsely.com/keys/nationalpost.com/p.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.97.61 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-97-61.prg50.r.cloudfront.net Software nginx / Resource Hash 949351f0f70680ff7c4a6dcc3131299ffc00ec0310356eeb120b680df87ee4f4 Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers pragma public date Fri, 28 Oct 2022 04:29:42 GMT content-encoding gzip via 1.1 79ba346413d83ce62db11c8d0b05c22c.cloudfront.net (CloudFront) last-modified Thu, 06 Oct 2022 13:09:26 GMT server nginx x-amz-cf-pop PRG50-C1 age 85183 etag W/"633ed386-12795" x-cache Hit from cloudfront content-type application/javascript cache-control max-age=86400, public x-amz-cf-id Ssd7XhF_SnH9NOl6OxWCNfzbNAfzG7XxPUi7w4xw1DHIW8FyUyum2Q== expires Sat, 29 Oct 2022 04:29:42 GMT
GET H2	204	b sb.scorecardresearch.com/	0 191 B	42ms 41ms	Image text/plain	65.9.95.81 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sb.scorecardresearch.com/b?c1=2&c2=10276888&ns__t=1667016565328&ns_c=UTF-8&c8=National%20Post&c7=https%3A%2F%2Fnationalpost.com%2Fnews%2Fcanada%2Frights-activists-skeptical-as-canadian-fashion-brands-carefully-deny-usingchina-forced-labour&c9= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.95.81 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-95-81.prg50.r.cloudfront.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 04:09:25 GMT via 1.1 0803e66d64c794aaadfd4a88601bc68e.cloudfront.net (CloudFront) x-amz-cf-pop PRG50-C1 x-amz-cf-id ZIhQ8vjgXXT6t1V5G7iClO_xPRHDLeGnAzgyGd2UMHQeS0AE4CM4iQ== x-cache Miss from cloudfront
GET H2	200	cs.js Show response sb.scorecardresearch.com/internal-c2/default/ Redirect Chain https://sb.scorecardresearch.com/c2/10276888/cs.js https://sb.scorecardresearch.com/internal-c2/default/cs.js	0 359 B	34ms 23ms	Script application/javascript	65.9.95.81 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sb.scorecardresearch.com/internal-c2/default/cs.js Protocol H2 Server 65.9.95.81 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-95-81.prg50.r.cloudfront.net Software AmazonS3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 03:48:12 GMT via 1.1 0803e66d64c794aaadfd4a88601bc68e.cloudfront.net (CloudFront) last-modified Mon, 01 Mar 2021 20:42:20 GMT server AmazonS3 x-amz-cf-pop PRG50-C1 age 1274 x-amz-server-side-encryption AES256 etag "d41d8cd98f00b204e9800998ecf8427e" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript accept-ranges bytes content-length 0 x-amz-cf-id 9cnJIS7s4ChXRYU7jw8bC4elJvYr_PSrKblZzhIbnl6h4oiW3Sf1WA== Redirect headers location /internal-c2/default/cs.js date Sat, 29 Oct 2022 04:09:25 GMT via 1.1 0803e66d64c794aaadfd4a88601bc68e.cloudfront.net (CloudFront) x-amz-cf-pop PRG50-C1 content-length 0 x-amz-cf-id _pi-7qb_XVJQTyBHdJrb2pmq_5KFrRDXJHvpTqg4yzUTI6RLQiGZkA== x-cache Miss from cloudfront
POST H2	204	collect region1.analytics.google.com/g/	0 54 B	73ms 39ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-72QH41ZTMR&gtm=2oeaq0&_p=1927040385&_gaz=1&cid=177905991.1667016565&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&dl=https%3A%2F%2Fnationalpost.com%2Fnews%2Fcanada%2Frights-activists-skeptical-as-canadian-fashion-brands-carefully-deny-usingchina-forced-labour&dr=&sid=1667016565&sct=1&seg=0&dt=National%20Post&en=error&_fv=1&_ss=1&ep.debug_mode=false&ep.gtm_version=41&ep.gtm_container_id=GTM-P3Q4QHW&ep.ad_blocker_enabled=false&ep.user_status=anonymous&ep.page_type=index&ep.platform=Cheetah&ep.platform_version=12.1.4&ep.fem_version=v68.2&ep.brand=National%20Post&ep.timestamp=2022-10-29T04%3A09%3A25.315%2B00%3A00&ep.error_type=404%20Error Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-72QH41ZTMR&l=gtm_data_layer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers pragma no-cache date Sat, 29 Oct 2022 04:09:25 GMT server Golfe2 content-type text/plain access-control-allow-origin https://nationalpost.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 338 B	89ms 19ms	Ping text/plain	2a00:1450:400c:c0a::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-72QH41ZTMR&cid=177905991.1667016565&gtm=2oeaq0&aip=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-72QH41ZTMR&l=gtm_data_layer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers pragma no-cache date Sat, 29 Oct 2022 04:09:25 GMT server Golfe2 content-type text/plain access-control-allow-origin https://nationalpost.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 501 B	157ms 47ms	Image image/gif	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-72QH41ZTMR&cid=177905991.1667016565&gtm=2oeaq0&aip=1&z=983035681 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers pragma no-cache date Sat, 29 Oct 2022 04:09:25 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	1685973801652415 Show response connect.facebook.net/signals/config/	296 KB 85 KB	29ms 13ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1685973801652415?v=2.9.89&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash e1b8b3648535fc5409d72af736f65af9b2762dfef992344009e9e82954597656 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sat, 29 Oct 2022 04:09:25 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 87068 x-fb-rlafr 0 x-xss-protection 0 pragma public x-fb-debug YkB153S3jh4PUw9CWV13rdLWnoVD7/9oW6dMr4gGG16mW82imD5rT6kfQjlp2SdhOR/fgJFECv0itzPCLlVDSw== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 cache-control public, max-age=1200 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
POST H/1.1	200 OK	ingest.php Show response events.newsroom.bi/	50 B 917 B	75ms 18ms	XHR application/json	188.40.92.124 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://events.newsroom.bi/ingest.php Requested by Host: sdk.mrf.io URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 188.40.92.124 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS haproxy03.cl03.k8s.mrf.io Software istio-envoy / Resource Hash 29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63 Request headers Referer https://nationalpost.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Content-Type multipart/form-data; boundary=----WebKitFormBoundary15AbIyzTBmHCibRU Response headers date Sat, 29 Oct 2022 04:09:25 GMT content-encoding gzip server istio-envoy access-control-allow-methods GET, POST, OPTIONS content-type application/json access-control-allow-origin https://nationalpost.com access-control-expose-headers Content-Length,Content-Range cache-control private,no-store access-control-allow-credentials true x-envoy-upstream-service-time 1 access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range content-length 66
GET H2	200	2ab9e41f637117411f01.js Show response sdk.mrf.io/statics/	16 KB 5 KB	17ms 14ms	Script application/javascript	151.101.2.207 FASTLY
General Check archive.org Show headers Download Go to Full URL https://sdk.mrf.io/statics/2ab9e41f637117411f01.js Requested by Host: sdk.mrf.io URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.2.207 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 9dc58b9d5dce9d8376aad3a8e76e00a6bd0cae6ce73eb761ebcffaca48b3b553 Request headers Referer https://nationalpost.com/ Origin https://nationalpost.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 04:09:25 GMT content-encoding gzip x-b3-traceid 674ffb5bc9a244439cf2da2d58bf4ecd x-amz-cf-pop FRA6-C1 x-cache RefreshHit from cloudfront, HIT mrf-cache-status H x-b3-traceid-primal 27bba55539664e00a823ff8745cc9f96 content-length 5331 x-served-by cache-hhn4065-HHN last-modified Tue, 25 Oct 2022 16:13:48 GMT server AmazonS3 x-timer S1667016566.572663,VS0,VE0 etag W/"f6213a58ec85f8a87858e0aea4b6c729" access-control-max-age 3600 access-control-allow-methods GET content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=3600 vary Accept-Encoding accept-ranges bytes x-amz-cf-id ytSHcJkk2NGl40s6JMKzzLxpB0heV_HHNuHrWhnNZ2qR2hyLfC-XyA== x-cache-hits 7
GET H2	200	active Show response flowcards.mrf.io/json/	16 B 376 B	48ms 16ms	Fetch application/json	151.101.130.207 FASTLY
General Check archive.org Show headers Download Go to Full URL https://flowcards.mrf.io/json/active?site_id=1528&page_technology=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.130.207 , United States, ASN54113 (FASTLY, US), Reverse DNS Software istio-envoy / Resource Hash 78b558bd2357fbe7ad52804fb3af1b8664b23db096b1deb22d215dde25b152bf Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 04:09:25 GMT content-encoding gzip x-b3-traceid 02407078765849fcbab1cb4887f45bcf x-cache MISS mrf-cache-status M x-envoy-upstream-service-time 0 x-b3-traceid-primal 02407078765849fcbab1cb4887f45bcf content-length 42 x-served-by cache-hhn4050-HHN server istio-envoy x-timer S1667016566.593795,VS0,VE7 vary origin x-req-backend F_origin_1_croupier access-control-allow-origin * content-type application/json; charset=utf-8 cache-control max-age=300 accept-ranges bytes x-cache-hits 0
GET H/1.1	200 OK	/ p1.parsely.com/plogger/	43 B 259 B	143ms 37ms	Image image/gif	52.17.99.225 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://p1.parsely.com/plogger/?rand=1667016565594&plid=043de067-d271-48b1-ab02-48ca6c2f8e6d&idsite=nationalpost.com&url=https%3A%2F%2Fnationalpost.com%2Fnews%2Fcanada%2Frights-activists-skeptical-as-canadian-fashion-brands-carefully-deny-usingchina-forced-labour&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22login_status%22%3A%22anonymous%22%7D&sid=1&surl=https%3A%2F%2Fnationalpost.com%2Fnews%2Fcanada%2Frights-activists-skeptical-as-canadian-fashion-brands-carefully-deny-usingchina-forced-labour&sref=&sts=1667016565580&slts=0&title=National+Post&date=Sat+Oct+29+2022+04%3A09%3A25+GMT%2B0000+(GMT)&action=pageview&pvid=d2212a49-dc05-451f-82c2-1e5ae0cf3c2b&u=pid%3D8a1c0ebb-0018-48d9-8131-0eb014b924f0 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.17.99.225 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-17-99-225.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Sat, 29 Oct 2022 04:09:25 GMT Cache-Control no-cache Last-Modified Saturday, 29-Oct-2022 04:09:25 GMT Server nginx Connection keep-alive Content-Length 43 Content-Type image/gif
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	146ms 67ms	XHR text/plain	2a00:1450:4001:82f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1927040385&t=pageview&_s=1&dl=https%3A%2F%2Fnationalpost.com%2Fnews%2Fcanada%2Frights-activists-skeptical-as-canadian-fashion-brands-carefully-deny-usingchina-forced-labour&ul=en-us&de=UTF-8&dt=National%20Post&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=788133985&gjid=1679650055&cid=177905991.1667016565&tid=UA-238413164-9&_gid=1234006925.1667016566&_r=1&gtm=2wgaq0TR7GVNJ&cd1=National%20Post&cd2=https%3A%2F%2Fnationalpost.com%2Fnews%2Fcanada%2Frights-activists-skeptical-as-canadian-fashion-brands-carefully-deny-usingchina-forced-labour&cd3=false&cd4=Chrome&cd5=en-US&cd6=desktop&cd7=np&cd8=nationalpost.com&cd9=v68.2&cd10=index&cd11=Cheetah&cd12=12.1.4&cd13=anonymous&cd14=HTML&cd22=index&cd23=false&cd80=8436453F-C732-4098-8A8A-083CDC93765E&cd81=-3808312320361200937&cd82=GTM-TR7GVNJ&cd83=4&z=1797177105 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://nationalpost.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 29 Oct 2022 04:09:25 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://nationalpost.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	1 B 21 B	139ms 68ms	XHR text/plain	2a00:1450:4001:82f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1927040385&t=pageview&_s=1&dl=https%3A%2F%2Fnationalpost.com%2Fnews%2Fcanada%2Frights-activists-skeptical-as-canadian-fashion-brands-carefully-deny-usingchina-forced-labour&ul=en-us&de=UTF-8&dt=National%20Post&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1666579086&gjid=1256319156&cid=177905991.1667016565&tid=UA-138335866-30&_gid=1234006925.1667016566&_r=1&gtm=2wgaq0MW2G74V&cd1=National%20Post&cd2=https%3A%2F%2Fnationalpost.com%2Fnews%2Fcanada%2Frights-activists-skeptical-as-canadian-fashion-brands-carefully-deny-usingchina-forced-labour&cd3=false&cd4=Chrome&cd5=en-US&cd6=desktop&cd7=np&cd8=nationalpost.com&cd9=v68.2&cd10=index&cd11=Cheetah&cd12=12.1.4&cd13=anonymous&cd14=HTML&cd23=index&cd24=false&cd83=-3808312320361200937&cd84=8436453F-C732-4098-8A8A-083CDC93765E&z=588012845 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://nationalpost.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 29 Oct 2022 04:09:25 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://nationalpost.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	125ms 67ms	XHR text/plain	2a00:1450:4001:82f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1927040385&t=pageview&_s=1&dl=https%3A%2F%2Fnationalpost.com%2Fnews%2Fcanada%2Frights-activists-skeptical-as-canadian-fashion-brands-carefully-deny-usingchina-forced-labour&ul=en-us&de=UTF-8&dt=National%20Post&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAEK~&jid=938879686&gjid=1005627768&cid=177905991.1667016565&tid=UA-213173459-3&_gid=1234006925.1667016566&_r=1&gtm=2wgaq0P3Q4QHW&cd1=177905991.1667016565&cd2=2022-10-29T04%3A09%3A25.318%2B00%3A00&cd7=anonymous&cd17=0&cd23=National%20Post&cd24=Cheetah&cd25=12.1.4&cd26=v68.2&cd27=0&cd28=GTM-P3Q4QHW&cd29=41&cd31=index&cd52=index&cd65=false&z=1837314810 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://nationalpost.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 29 Oct 2022 04:09:25 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://nationalpost.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	1 B 21 B	116ms 67ms	XHR text/plain	2a00:1450:4001:82f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1927040385&t=pageview&_s=1&dl=https%3A%2F%2Fnationalpost.com%2Fnews%2Fcanada%2Frights-activists-skeptical-as-canadian-fashion-brands-carefully-deny-usingchina-forced-labour&ul=en-us&de=UTF-8&dt=National%20Post&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAEK~&jid=467476777&gjid=745873274&cid=177905991.1667016565&tid=UA-138335866-2&_gid=1234006925.1667016566&_r=1&gtm=2wgaq0P3Q4QHW&z=1028816902 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://nationalpost.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 29 Oct 2022 04:09:25 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://nationalpost.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	108ms 65ms	Image image/gif	2a00:1450:4001:82f::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j98&a=1927040385&t=event&ni=1&_s=1&dl=https%3A%2F%2Fnationalpost.com%2Fnews%2Fcanada%2Frights-activists-skeptical-as-canadian-fashion-brands-carefully-deny-usingchina-forced-labour&ul=en-us&de=UTF-8&dt=National%20Post&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=error&ea=404%20Error&el=&_u=YCDACEABBAAAACAEK~&jid=&gjid=&cid=177905991.1667016565&tid=UA-213173459-3&_gid=1234006925.1667016566&gtm=2wgaq0P3Q4QHW&cd1=177905991.1667016565&cd2=2022-10-29T04%3A09%3A25.391%2B00%3A00&cd3=8436453F-C732-4098-8A8A-083CDC93765E&cd4=-3808312320361200937&cd5=-3808312320361200937&cd7=anonymous&cd17=0&cd23=National%20Post&cd24=Cheetah&cd25=12.1.4&cd26=v68.2&cd27=0&cd28=GTM-P3Q4QHW&cd29=41&cd31=index&cd52=index&cd65=false&z=950154392 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers pragma no-cache date Fri, 28 Oct 2022 06:30:48 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 77917 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	thirdpartycookie Show response api.viafoura.co/v2/nationalpost.com/	45 B 650 B	109ms 109ms	XHR application/json	2600:1f18:44f0:4840:3207:97a9:fe28:637e AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api.viafoura.co/v2/nationalpost.com/thirdpartycookie?section= Requested by Host: cdn.viafoura.net URL: https://cdn.viafoura.net/vf-v2.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:44f0:4840:3207:97a9:fe28:637e Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash 61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356 Request headers Accept application/json, text/plain, */* Referer https://nationalpost.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers x-instance-id i-0a68143946b65bf57 pragma no-cache date Sat, 29 Oct 2022 04:09:25 GMT content-encoding gzip server nginx/1.18.0 (Ubuntu) vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD content-type application/json;charset=UTF-8 access-control-allow-origin https://nationalpost.com cache-control max-age=0 access-control-allow-credentials true access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With expires Sat, 29 Oct 2022 04:09:25 GMT
GET H2	200	/ www.facebook.com/tr/	0 185 B	81ms 0ms	Image text/plain	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1685973801652415&ev=PageView&dl=https%3A%2F%2Fnationalpost.com%2Fnews%2Fcanada%2Frights-activists-skeptical-as-canadian-fashion-brands-carefully-deny-usingchina-forced-labour&rl=&if=false&ts=1667016565724&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22514537319740368%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22CAD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22503487844400487%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22CAD%22%7D%7D%7D&par[2]=%7B%22extractorID%22%3A%221042784969583558%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22CAD%22%7D%7D%7D&par[3]=%7B%22extractorID%22%3A%22858678751523779%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[4]=%7B%22extractorID%22%3A%221127243281129742%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[5]=%7B%22extractorID%22%3A%22497819211464386%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1667016565721.1129678933&it=1667016565537&coo=false&rqm=GET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Sat, 29 Oct 2022 04:09:25 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
POST H3	200	state Show response api.permutive.com/v1.0/	0 34 B	114ms 113ms	XHR text/plain	34.107.254.252 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.permutive.com/v1.0/state?fetch_unseen=true&k=21ec23a2-b38a-456e-b801-e5877a041482 Requested by Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 252.254.107.34.bc.googleusercontent.com Software Permutive / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://nationalpost.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 content-type text/plain Response headers access-control-allow-origin * date Sat, 29 Oct 2022 04:09:25 GMT content-encoding gzip via 1.1 google server Permutive alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20
POST H3	200	collect Show response stats.g.doubleclick.net/j/	4 B 25 B	60ms 20ms	XHR text/plain	2a00:1450:400c:c0a::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-238413164-9&cid=177905991.1667016565&jid=788133985&gjid=1679650055&_gid=1234006925.1667016566&_u=YADAAEAAAAAAACAAI~&z=1471134010 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://nationalpost.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Sat, 29 Oct 2022 04:09:25 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://nationalpost.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	collect Show response stats.g.doubleclick.net/j/	4 B 25 B	54ms 21ms	XHR text/plain	2a00:1450:400c:c0a::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-213173459-3&cid=177905991.1667016565&jid=938879686&gjid=1005627768&_gid=1234006925.1667016566&_u=YCDACEABBAAAACAEK~&z=98250772 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://nationalpost.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Sat, 29 Oct 2022 04:09:25 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://nationalpost.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	intl-messageformat.cabf9fcc20db4368f619.js Show response cdn.viafoura.net/chunks/vendors~languages/	17 KB 5 KB	55ms 24ms	Script application/javascript	2600:9000:2127:e600:8:2ae1:d740:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.viafoura.net/chunks/vendors~languages/intl-messageformat.cabf9fcc20db4368f619.js Requested by Host: cdn.viafoura.net URL: https://cdn.viafoura.net/vf-v2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2600:9000:2127:e600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 47c463c69b819f261745d592cb09fd9e802a14d13aca70062094f1c990a15cdf Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Thu, 27 Oct 2022 15:08:08 GMT x-amz-version-id wuC2t91WOK88mQOxEVITNR0.VTgrEif2 content-encoding br via 1.1 7cfba11baf6016eafce83142b99c8ff8.cloudfront.net (CloudFront) age 133278 x-amz-cf-pop PRG50-C1 x-cache Hit from cloudfront x-amz-replication-status COMPLETED alt-svc h3=":443"; ma=86400 last-modified Thu, 27 Oct 2022 15:07:22 GMT server AmazonS3 etag W/"49c15b7ab9400549191c502b7a46857a" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=31536000 x-amz-cf-id vBV8rXX2r_N2r4jhJgmNr1zLrzZuZ71q3yTWXM3nWkpdMc7DWokC-w==
GET H3	200	intl-messageformat.74777b3c5cd469365abc.js Show response cdn.viafoura.net/chunks/languages/	135 B 522 B	56ms 25ms	Script application/javascript	2600:9000:2127:e600:8:2ae1:d740:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.viafoura.net/chunks/languages/intl-messageformat.74777b3c5cd469365abc.js Requested by Host: cdn.viafoura.net URL: https://cdn.viafoura.net/vf-v2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2600:9000:2127:e600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 79af2a4f83ffb4de287d2dc876bcd08865dbed6d0e70a9bd52f45a421c23e555 Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Thu, 27 Oct 2022 15:08:08 GMT x-amz-version-id Pcgzgwz3VFhbE.D3izzRxDv62dByjvgQ via 1.1 7cfba11baf6016eafce83142b99c8ff8.cloudfront.net (CloudFront) age 133278 x-amz-cf-pop PRG50-C1 x-cache Hit from cloudfront x-amz-replication-status COMPLETED alt-svc h3=":443"; ma=86400 content-length 135 last-modified Thu, 27 Oct 2022 15:07:15 GMT server AmazonS3 etag "cf6dc2d27fc9d53050baaa3092085166" content-type application/javascript; charset=utf-8 cache-control max-age=31536000 accept-ranges bytes x-amz-cf-id uru6_mAs4rCGlPChtBwfrRriXZHgYG68QkXy5VtfuzdafpLEBpxwMQ==
GET H3	200	en-us-base-json.39c96c8731ba19b47976.js Show response cdn.viafoura.net/chunks/languages/	19 KB 5 KB	55ms 25ms	Script application/javascript	2600:9000:2127:e600:8:2ae1:d740:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.viafoura.net/chunks/languages/en-us-base-json.39c96c8731ba19b47976.js Requested by Host: cdn.viafoura.net URL: https://cdn.viafoura.net/vf-v2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2600:9000:2127:e600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e4e144d0f7e3340b6b86f7a78d2ff3e271e62ef5367ebf3d62e364a2e1d8a095 Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Thu, 27 Oct 2022 15:08:08 GMT x-amz-version-id sVQ.7ESj9RpTcVNnY2IwQgE4L1.KXzr8 content-encoding br via 1.1 7cfba11baf6016eafce83142b99c8ff8.cloudfront.net (CloudFront) age 133278 x-amz-cf-pop PRG50-C1 x-cache Hit from cloudfront x-amz-replication-status COMPLETED alt-svc h3=":443"; ma=86400 last-modified Thu, 27 Oct 2022 15:07:15 GMT server AmazonS3 etag W/"08c341ce7db2241e4dc86292fc4119d7" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=31536000 x-amz-cf-id d1l77BUN7TIND0ap2aBc51HkurJHNt-Q7Pl8lCtvnEGPeUyo5dJjyA==
POST H3	200	identify Show response api.permutive.com/v2.0/	50 B 88 B	59ms 58ms	XHR application/json	34.107.254.252 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.permutive.com/v2.0/identify?k=21ec23a2-b38a-456e-b801-e5877a041482 Requested by Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 252.254.107.34.bc.googleusercontent.com Software Permutive / Resource Hash 2803b590c53f57a6bc3d2f442fb66033bb529ec652daea0609b286a8ba42f216 Request headers Referer https://nationalpost.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 content-type text/plain Response headers date Sat, 29 Oct 2022 04:09:25 GMT content-encoding gzip via 1.1 google server Permutive vary Origin content-type application/json access-control-allow-origin https://nationalpost.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 70
GET H2	200	ga-audiences www.google.com/ads/	42 B 501 B	294ms 56ms	Image image/gif	2a00:1450:4001:82f::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-238413164-9&cid=177905991.1667016565&jid=788133985&_u=YADAAEAAAAAAACAAI~&z=1938802560 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers pragma no-cache date Sat, 29 Oct 2022 04:09:26 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.de/ads/	42 B 63 B	314ms 73ms	Image image/gif	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-238413164-9&cid=177905991.1667016565&jid=788133985&_u=YADAAEAAAAAAACAAI~&z=1938802560 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers pragma no-cache date Sat, 29 Oct 2022 04:09:26 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 107 B	291ms 57ms	Image image/gif	2a00:1450:4001:82f::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-213173459-3&cid=177905991.1667016565&jid=938879686&_u=YCDACEABBAAAACAEK~&z=177904489 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers pragma no-cache date Sat, 29 Oct 2022 04:09:26 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.de/ads/	42 B 63 B	325ms 86ms	Image image/gif	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-213173459-3&cid=177905991.1667016565&jid=938879686&_u=YCDACEABBAAAACAEK~&z=177904489 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers pragma no-cache date Sat, 29 Oct 2022 04:09:26 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	LoginRadiusV2.js Show response auth.lrcontent.com/v2/	199 KB 46 KB	27ms 14ms	Script application/javascript	2606:4700:10::6816:49e8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://auth.lrcontent.com/v2/LoginRadiusV2.js Requested by Host: cdn.viafoura.net URL: https://cdn.viafoura.net/vf-v2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:49e8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 68a335c0d87dce935fee1811892070e78c514828d50bfe2ae21fde739ec1002c Security Headers Name Value Strict-Transport-Security max-age= 63072000; includeSubdomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 04:09:25 GMT strict-transport-security max-age= 63072000; includeSubdomains; preload via 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront) cf-cache-status HIT content-encoding gzip age 5572 x-amz-cf-pop FRA56-C1 cf-polished origSize=1238069 x-cache Hit from cloudfront cf-bgj minify last-modified Mon, 13 Dec 2021 05:19:58 GMT server cloudflare etag W/"ae3463c4a59ae100b160ed4dd5dbf4b8" vary Accept-Encoding content-type application/javascript cache-control max-age=14400 cf-ray 76190e411ecdbbf8-FRA x-amz-cf-id 2984hp_FM8fI9Tzl0nIT4y-TB-sM1MpZnvsqGGPkK9dw2_OKgzoKRg==
POST H2	200	ingest i.viafoura.co/v3/nationalpost.com/	67 B 392 B	323ms 103ms	Ping image/png	52.202.25.9 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://i.viafoura.co/v3/nationalpost.com/ingest Requested by Host: cdn.viafoura.net URL: https://cdn.viafoura.net/vf-v2.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.202.25.9 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-202-25-9.compute-1.amazonaws.com Software / Resource Hash ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a Request headers Referer https://nationalpost.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://nationalpost.com date Sat, 29 Oct 2022 04:09:26 GMT cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true content-type image/png content-length 67 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	audiences Show response api.permutive.com/audience-matching/v1/id/a64e3e75-56ca-4651-bcf4-04a0da765a39/	12 B 25 B	48ms 48ms	XHR application/json	34.107.254.252 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.permutive.com/audience-matching/v1/id/a64e3e75-56ca-4651-bcf4-04a0da765a39/audiences?k=21ec23a2-b38a-456e-b801-e5877a041482 Requested by Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 252.254.107.34.bc.googleusercontent.com Software / Resource Hash 2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78 Request headers Referer https://nationalpost.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * date Sat, 29 Oct 2022 04:09:25 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12 content-type application/json
GET H2	200	ROGERS-TURMOIL.jpg smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2021/10/	31 KB 31 KB	202ms 145ms	Image image/webp	34.149.157.221 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2021/10/ROGERS-TURMOIL.jpg?quality=90&strip=all&w=344&type=webp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 221.157.149.34.bc.googleusercontent.com Software nginx/1.19.10 / Resource Hash 479dea047329410df0dcfe5f8e68613399afda1b984cb30b014e4b0ea9f280cb Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers x-pmd-smartcdn-requester nationalpost date Sat, 29 Oct 2022 04:09:26 GMT via 1.1 google server nginx/1.19.10 etag "f90d9f9ee49c0b7e3c8b7fb2767c08e3d1d3548f" vary Accept content-type image/webp cache-control max-age=2592000,public x-cache-hit miss x-pmd-smart-cdn-proxy thumbor-proxy-6564f6b646-hdrbl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31268
GET H2	200	bullet-pudding.jpg smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2020/04/	42 KB 42 KB	597ms 542ms	Image image/webp	34.149.157.221 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2020/04/bullet-pudding.jpg?quality=90&strip=all&w=344&type=webp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 221.157.149.34.bc.googleusercontent.com Software nginx/1.19.10 / Resource Hash cae36f72df646943f35c369196157a804d0b6c0b9792ee13d6cdff4b4e41e8be Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers x-pmd-smartcdn-requester nationalpost date Sat, 29 Oct 2022 04:09:26 GMT via 1.1 google server nginx/1.19.10 etag "5a7b0bee4b2a0f548de03e4e2cd022dc22b89d30" vary Accept content-type image/webp cache-control max-age=2592000,public x-cache-hit miss x-pmd-smart-cdn-proxy thumbor-proxy-6564f6b646-krj4s alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42634
GET H2	200	covidartifacts_tp_w.jpg smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2020/04/	11 KB 12 KB	192ms 137ms	Image image/webp	34.149.157.221 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2020/04/covidartifacts_tp_w.jpg?quality=90&strip=all&w=344&type=webp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 221.157.149.34.bc.googleusercontent.com Software nginx/1.19.10 / Resource Hash 7a4a8d57f9651337395136c57dcec6bfa302423923f0bd00fcef3292043debc5 Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers x-pmd-smartcdn-requester nationalpost date Sat, 29 Oct 2022 04:09:26 GMT via 1.1 google server nginx/1.19.10 etag "df7728c07d8486c7f6c3ed5667b2be56cad051a5" vary Accept content-type image/webp cache-control max-age=2592000,public x-cache-hit miss x-pmd-smart-cdn-proxy thumbor-proxy-6564f6b646-fw4xj alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11668
GET H2	200	covidartifacts_sanitizer_w.jpg smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2020/03/	14 KB 14 KB	191ms 135ms	Image image/webp	34.149.157.221 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2020/03/covidartifacts_sanitizer_w.jpg?quality=90&strip=all&w=344&type=webp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 221.157.149.34.bc.googleusercontent.com Software nginx/1.19.10 / Resource Hash c13a6f37e183be813793d5df549434374d71adf3fedad7bc897dfaf0fe88cbd2 Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers x-pmd-smartcdn-requester nationalpost date Sat, 29 Oct 2022 04:09:26 GMT via 1.1 google server nginx/1.19.10 etag "154c32eccbe52290f79d8d4ca79be838ec9091d1" vary Accept content-type image/webp cache-control max-age=2592000,public x-cache-hit miss x-pmd-smart-cdn-proxy thumbor-proxy-6564f6b646-krj4s alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13878
GET H2	200	brian-levy-1.png smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2020/04/	27 KB 27 KB	1217ms 1161ms	Image image/webp	34.149.157.221 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2020/04/brian-levy-1.png?quality=90&strip=all&w=344&type=webp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 221.157.149.34.bc.googleusercontent.com Software nginx/1.19.10 / Resource Hash 31827a58b3db79b5803ea68a0c0b22b7cab343549140ccc89c0124c55498f939 Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers x-pmd-smartcdn-requester nationalpost date Sat, 29 Oct 2022 04:09:27 GMT via 1.1 google server nginx/1.19.10 etag "effa6e02b95be18e790c5b1a6b30e5b40cf4eea4" vary Accept content-type image/webp cache-control max-age=2592000,public x-cache-hit miss x-pmd-smart-cdn-proxy thumbor-proxy-6564f6b646-fw4xj alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 27818
GET H3	200	EJRSQgYoZZY2vCFuvAnt66qSVys.woff2 fonts.gstatic.com/s/ptserif/v17/	29 KB 29 KB	160ms 40ms	Font font/woff2	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/ptserif/v17/EJRSQgYoZZY2vCFuvAnt66qSVys.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=PT+Sans:700%7CPT+Serif:400,700%7CRoboto:400,700&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7f9694a5641741d04e1c98eb1011059826aa5feb34e47d2b2f95bdb47cb0c2f5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://nationalpost.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Wed, 26 Oct 2022 08:45:24 GMT x-content-type-options nosniff age 242642 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 29492 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:29:15 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 26 Oct 2023 08:45:24 GMT
GET H3	200	svod-module-js.b1d6e753dcecd8620da4.js Show response cdn.viafoura.net/chunks/vuex_store/	6 KB 3 KB	25ms 25ms	Script application/javascript	2600:9000:2127:e600:8:2ae1:d740:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.viafoura.net/chunks/vuex_store/svod-module-js.b1d6e753dcecd8620da4.js Requested by Host: cdn.viafoura.net URL: https://cdn.viafoura.net/vf-v2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2600:9000:2127:e600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 1720e4a10738cf9443bdb97d6f57851e83991ec035bc0e68648773796e9585df Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Thu, 27 Oct 2022 15:08:10 GMT x-amz-version-id LCJ5yyHukeJPbv8xXAZzeYcA_JlNcGoj content-encoding br via 1.1 7cfba11baf6016eafce83142b99c8ff8.cloudfront.net (CloudFront) age 133277 x-amz-cf-pop PRG50-C1 x-cache Hit from cloudfront x-amz-replication-status COMPLETED alt-svc h3=":443"; ma=86400 last-modified Thu, 27 Oct 2022 15:07:21 GMT server AmazonS3 etag W/"141c8429d5be9fa90c1dc764166f5f74" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=31536000 x-amz-cf-id a6lIQ1rA9vqNh6Lqh4uof0btMgLEfYR0j5MkmmJh9zAmUCALQ9dUow==
GET H2	200	appInfo Show response config.lrcontent.com/ciam/	4 KB 1 KB	52ms 42ms	XHR application/json	2606:4700:10::6816:48e8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://config.lrcontent.com/ciam/appInfo?apikey=1a9a7ccf-c3f1-4ec9-a65f-2c3e8d9510a5 Requested by Host: auth.lrcontent.com URL: https://auth.lrcontent.com/v2/LoginRadiusV2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:48e8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bbe74c62945bca0d7d29f9784c7462326fb4f8100313f320468c67a947a267ad Request headers Referer https://nationalpost.com/ X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 04:09:26 GMT content-encoding gzip cf-cache-status DYNAMIC server cloudflare vary Origin access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE content-type application/json access-control-allow-origin https://nationalpost.com cache-control max-age=86400 cf-ray 76190e42ca7e5c85-FRA
OPTIONS H2	204	appInfo config.lrcontent.com/ciam/ Frame	0 0	49ms 48ms	Preflight	2606:4700:10::6816:48e8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://config.lrcontent.com/ciam/appInfo?apikey=1a9a7ccf-c3f1-4ec9-a65f-2c3e8d9510a5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:48e8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept */* Access-Control-Request-Headers x-requested-with Access-Control-Request-Method GET Origin https://nationalpost.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers access-control-allow-headers x-requested-with access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE access-control-allow-origin https://nationalpost.com allow GET, OPTIONS cf-cache-status DYNAMIC cf-ray 76190e426a195c85-FRA date Sat, 29 Oct 2022 04:09:26 GMT server cloudflare vary Origin
POST H3	200	/ Show response www.facebook.com/tr/ Frame 029E	0 17 B	20ms 7ms	Document text/plain	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/tr/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Content-Type application/x-www-form-urlencoded Origin https://nationalpost.com Referer https://nationalpost.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-credentials true access-control-allow-origin https://nationalpost.com alt-svc h3=":443"; ma=86400 content-length 0 content-type text/plain cross-origin-resource-policy cross-origin date Sat, 29 Oct 2022 04:09:26 GMT priority u=0 server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains
GET H/1.1	200 OK	login Show response postmedia.hub.loginradius.com/ssologin/	38 B 550 B	44ms 44ms	XHR application/json	18.159.85.30 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://postmedia.hub.loginradius.com/ssologin/login Requested by Host: auth.lrcontent.com URL: https://auth.lrcontent.com/v2/LoginRadiusV2.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 18.159.85.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-159-85-30.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://nationalpost.com/ X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Sat, 29 Oct 2022 04:09:26 GMT Strict-Transport-Security max-age=31536000; includeSubDomains; preload Server nginx Access-Control-Allow-Methods HEAD,GET,POST,PUT,DELETE,OPTIONS, POST, GET, PUT, OPTIONS, DELETE Content-Type application/json Access-Control-Allow-Origin https://nationalpost.com X-LoginRadius-Server Primary - IDX - AWS Access-Control-Allow-Credentials true X-Server ms_idx_primary Connection keep-alive Content-Length 38
OPTIONS H/1.1	204 No Content	login postmedia.hub.loginradius.com/ssologin/ Frame	0 0	50ms 47ms	Preflight	18.159.85.30 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://postmedia.hub.loginradius.com/ssologin/login Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 18.159.85.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-159-85-30.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept */* Access-Control-Request-Headers x-requested-with Access-Control-Request-Method GET Origin https://nationalpost.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Access-Control-Allow-Credentials true Access-Control-Allow-Headers x-requested-with Access-Control-Allow-Methods HEAD,GET,POST,PUT,DELETE,OPTIONS POST, GET, PUT, OPTIONS, DELETE Access-Control-Allow-Origin https://nationalpost.com Connection keep-alive Date Sat, 29 Oct 2022 04:09:26 GMT Server nginx Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-LoginRadius-Server Primary - IDX - AWS X-Server ms_idx_primary
POST H3	204	collect region1.analytics.google.com/g/	0 17 B	109ms 39ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-72QH41ZTMR&gtm=2oeaq0&_p=1927040385&cid=177905991.1667016565&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=2&dl=https%3A%2F%2Fnationalpost.com%2Fnews%2Fcanada%2Frights-activists-skeptical-as-canadian-fashion-brands-carefully-deny-usingchina-forced-labour&sid=1667016565&sct=1&seg=1&dt=National%20Post&en=page_view&ep.debug_mode=false&ep.gtm_version=41&ep.gtm_container_id=GTM-P3Q4QHW&ep.ad_blocker_enabled=false&ep.user_status=anonymous&ep.page_type=index&ep.session_uuid=8436453F-C732-4098-8A8A-083CDC93765E&ep.platform=Cheetah&ep.platform_version=12.1.4&ep.fem_version=v68.2&ep.mp_id=-3808312320361200937&ep.brand=National%20Post&ep.timestamp=2022-10-29T04%3A09%3A25.504%2B00%3A00&ep.ga_client_id=177905991.1667016565&ep.main_category=index&ep.metered_content=false&_et=35&up.mp_id=-3808312320361200937&up.client_id=177905991.1667016565 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-72QH41ZTMR&l=gtm_data_layer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://nationalpost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers pragma no-cache date Sat, 29 Oct 2022 04:09:30 GMT server Golfe2 content-type text/plain access-control-allow-origin https://nationalpost.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT