![](/screenshots/98396ba0-0dc3-4a18-ba8d-393208362780.png)
nationalpost.com
Open in
urlscan Pro
34.111.249.109
Public Scan
Submission: On October 29 via api from SG — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1D4 on October 24th 2022. Valid for: 3 months.
This is the only time nationalpost.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 109.249.111.34.bc.googleusercontent.com
nationalpost.com |
ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net |
ASN16625 (AKAMAI-AS, US)
PTR: a96-16-146-231.deploy.static.akamaitechnologies.com
c.aaxads.com | |
l3.aaxads.com |
ASN16509 (AMAZON-02, US)
PTR: server-65-9-97-56.prg50.r.cloudfront.net
c.amazon-adsystem.com |
ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-26.prg50.r.cloudfront.net
cdn.adsafeprotected.com |
ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-46.prg50.r.cloudfront.net
ak.sail-horizon.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 29.54.117.34.bc.googleusercontent.com
fem.gprod.postmedia.digital | |
dcs-static.gprod.postmedia.digital |
ASN13335 (CLOUDFLARENET, US)
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app |
ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com |
ASN16625 (AKAMAI-AS, US)
PTR: a96-16-152-37.deploy.static.akamaitechnologies.com
www.aaxdetect.com |
ASN16625 (AKAMAI-AS, US)
PTR: a23-206-210-112.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-85-30.eu-central-1.compute.amazonaws.com
postmedia.hub.loginradius.com |
ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co |
ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com
api.permutive.com | |
googlesync.permutive.com |
ASN13335 (CLOUDFLARENET, US)
experience.tinypass.com | |
cdn.tinypass.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-81.prg50.r.cloudfront.net
sb.scorecardresearch.com |
ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
cm.g.doubleclick.net |
ASN14618 (AMAZON-AES, US)
api.viafoura.co |
ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com
c21lg-d.media.net |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
region1.google-analytics.com | |
region1.analytics.google.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN16509 (AMAZON-02, US)
PTR: server-65-9-97-61.prg50.r.cloudfront.net
cdn.parsely.com |
ASN24940 (HETZNER-AS, DE)
PTR: haproxy03.cl03.k8s.mrf.io
events.newsroom.bi |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-99-225.eu-west-1.compute.amazonaws.com
p1.parsely.com |
ASN32934 (FACEBOOK, US)
www.facebook.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-25-9.compute-1.amazonaws.com
i.viafoura.co |
ASN15169 (GOOGLE, US)
PTR: 221.157.149.34.bc.googleusercontent.com
smartcdn.gprod.postmedia.digital |
Apex Domain Subdomains |
Transfer | |
---|---|---|
25 |
postmedia.digital
fem.gprod.postmedia.digital — Cisco Umbrella Rank: 129153 dcs-static.gprod.postmedia.digital — Cisco Umbrella Rank: 109440 smartcdn.gprod.postmedia.digital — Cisco Umbrella Rank: 101511 |
784 KB |
10 |
mparticle.com
jssdkcdns.mparticle.com — Cisco Umbrella Rank: 5765 identity.mparticle.com — Cisco Umbrella Rank: 2620 jssdks.mparticle.com — Cisco Umbrella Rank: 5103 |
56 KB |
10 |
permutive.com
cdn.permutive.com — Cisco Umbrella Rank: 2494 api.permutive.com — Cisco Umbrella Rank: 2001 googlesync.permutive.com — Cisco Umbrella Rank: 8250 |
18 KB |
8 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 51 |
499 KB |
8 |
doubleclick.net
2 redirects
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 182 cm.g.doubleclick.net — Cisco Umbrella Rank: 213 stats.g.doubleclick.net — Cisco Umbrella Rank: 76 |
156 KB |
7 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29 region1.google-analytics.com — Cisco Umbrella Rank: 2835 |
20 KB |
6 |
lrcontent.com
auth.lrcontent.com — Cisco Umbrella Rank: 45839 config.lrcontent.com — Cisco Umbrella Rank: 20002 |
96 KB |
5 |
viafoura.net
cdn.viafoura.net — Cisco Umbrella Rank: 11446 |
194 KB |
5 |
gstatic.com
fonts.gstatic.com |
139 KB |
4 |
google.com
region1.analytics.google.com — Cisco Umbrella Rank: 5362 www.google.com — Cisco Umbrella Rank: 2 |
679 B |
4 |
viafoura.co
api.viafoura.co — Cisco Umbrella Rank: 11753 i.viafoura.co — Cisco Umbrella Rank: 11618 |
4 KB |
4 |
scorecardresearch.com
1 redirects
sb.scorecardresearch.com — Cisco Umbrella Rank: 150 |
3 KB |
4 |
loginradius.com
postmedia.hub.loginradius.com — Cisco Umbrella Rank: 136091 |
1 KB |
4 |
aaxads.com
c.aaxads.com — Cisco Umbrella Rank: 2607 l3.aaxads.com — Cisco Umbrella Rank: 3441 |
122 KB |
3 |
google.de
www.google.de — Cisco Umbrella Rank: 6364 |
627 B |
3 |
mrf.io
sdk.mrf.io — Cisco Umbrella Rank: 15057 flowcards.mrf.io — Cisco Umbrella Rank: 15450 |
29 KB |
3 |
criteo.com
1 redirects
gum.criteo.com — Cisco Umbrella Rank: 408 mug.criteo.com — Cisco Umbrella Rank: 3300 |
7 KB |
3 |
amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 300 |
48 KB |
2 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 106 |
202 B |
2 |
parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 2771 p1.parsely.com — Cisco Umbrella Rank: 2137 |
26 KB |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 145 |
113 KB |
2 |
ribn.com
assets.ribn.com — Cisco Umbrella Rank: 137585 |
8 KB |
2 |
tinypass.com
experience.tinypass.com — Cisco Umbrella Rank: 7531 cdn.tinypass.com — Cisco Umbrella Rank: 5676 |
96 KB |
2 |
nationalpost.com
nationalpost.com — Cisco Umbrella Rank: 119018 |
80 KB |
1 |
newsroom.bi
events.newsroom.bi — Cisco Umbrella Rank: 11530 |
917 B |
1 |
media.net
c21lg-d.media.net — Cisco Umbrella Rank: 1700 |
329 B |
1 |
piano.io
c2.piano.io — Cisco Umbrella Rank: 4389 |
2 KB |
1 |
adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 210 |
706 B |
1 |
prmutv.co
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co — Cisco Umbrella Rank: 182949 |
393 B |
1 |
fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1214 |
17 KB |
1 |
aaxdetect.com
www.aaxdetect.com — Cisco Umbrella Rank: 4947 |
343 B |
1 |
rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 783 |
360 B |
1 |
adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353 |
390 B |
1 |
permutive.app
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app — Cisco Umbrella Rank: 144483 |
99 KB |
1 |
npttech.com
www.npttech.com — Cisco Umbrella Rank: 7828 |
3 KB |
1 |
sail-horizon.com
ak.sail-horizon.com — Cisco Umbrella Rank: 2838 |
44 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36 |
1 KB |
1 |
adsafeprotected.com
cdn.adsafeprotected.com — Cisco Umbrella Rank: 3345 |
7 KB |
1 |
criteo.net
static.criteo.net — Cisco Umbrella Rank: 658 |
40 KB |
1 |
indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 597 |
45 KB |
142 | 40 |
Domain | Requested by | |
---|---|---|
16 | dcs-static.gprod.postmedia.digital |
nationalpost.com
dcs-static.gprod.postmedia.digital |
8 | www.googletagmanager.com |
fem.gprod.postmedia.digital
jssdkcdns.mparticle.com www.googletagmanager.com |
8 | api.permutive.com |
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
|
6 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
5 | smartcdn.gprod.postmedia.digital | |
5 | jssdks.mparticle.com |
jssdkcdns.mparticle.com
|
5 | cdn.viafoura.net |
fem.gprod.postmedia.digital
cdn.viafoura.net |
5 | fonts.gstatic.com |
fonts.googleapis.com
|
4 | identity.mparticle.com |
jssdkcdns.mparticle.com
|
4 | sb.scorecardresearch.com |
1 redirects
fem.gprod.postmedia.digital
|
4 | postmedia.hub.loginradius.com |
fem.gprod.postmedia.digital
auth.lrcontent.com |
4 | config.lrcontent.com |
auth.lrcontent.com
|
4 | fem.gprod.postmedia.digital |
nationalpost.com
fem.gprod.postmedia.digital |
3 | www.google.de | |
3 | stats.g.doubleclick.net |
www.googletagmanager.com
www.google-analytics.com |
3 | api.viafoura.co |
cdn.viafoura.net
|
3 | c.amazon-adsystem.com |
nationalpost.com
c.amazon-adsystem.com |
3 | c.aaxads.com |
nationalpost.com
c.aaxads.com |
3 | securepubads.g.doubleclick.net |
nationalpost.com
securepubads.g.doubleclick.net |
2 | www.google.com | |
2 | www.facebook.com | |
2 | region1.analytics.google.com |
www.googletagmanager.com
|
2 | connect.facebook.net |
nationalpost.com
connect.facebook.net |
2 | sdk.mrf.io |
nationalpost.com
sdk.mrf.io |
2 | assets.ribn.com |
www.googletagmanager.com
nationalpost.com |
2 | cm.g.doubleclick.net | 2 redirects |
2 | gum.criteo.com |
1 redirects
static.criteo.net
|
2 | auth.lrcontent.com |
nationalpost.com
cdn.viafoura.net |
2 | nationalpost.com |
dcs-static.gprod.postmedia.digital
|
1 | i.viafoura.co |
cdn.viafoura.net
|
1 | p1.parsely.com | |
1 | flowcards.mrf.io | |
1 | events.newsroom.bi |
sdk.mrf.io
|
1 | cdn.parsely.com |
www.googletagmanager.com
|
1 | region1.google-analytics.com |
www.googletagmanager.com
|
1 | c21lg-d.media.net |
c.aaxads.com
|
1 | c2.piano.io |
cdn.tinypass.com
|
1 | cdn.tinypass.com |
experience.tinypass.com
|
1 | mug.criteo.com | |
1 | googlesync.permutive.com | |
1 | jssdkcdns.mparticle.com |
fem.gprod.postmedia.digital
|
1 | experience.tinypass.com |
fem.gprod.postmedia.digital
|
1 | cdn.permutive.com |
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
|
1 | ib.adnxs.com |
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
|
1 | 23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co |
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
|
1 | l3.aaxads.com |
nationalpost.com
|
1 | secure.cdn.fastclick.net |
nationalpost.com
|
1 | www.aaxdetect.com |
nationalpost.com
|
1 | api.rlcdn.com |
js-sec.indexww.com
|
1 | match.adsrvr.org |
js-sec.indexww.com
|
1 | 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app |
fem.gprod.postmedia.digital
|
1 | www.npttech.com |
nationalpost.com
|
1 | ak.sail-horizon.com |
nationalpost.com
|
1 | fonts.googleapis.com |
nationalpost.com
|
1 | cdn.adsafeprotected.com |
nationalpost.com
|
1 | static.criteo.net |
nationalpost.com
|
1 | js-sec.indexww.com |
nationalpost.com
|
142 | 57 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
nationalpost.com GTS CA 1D4 |
2022-10-24 - 2023-01-22 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2022-09-26 - 2022-12-19 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-10-06 - 2023-10-05 |
a year | crt.sh |
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-09-01 - 2022-11-30 |
3 months | crt.sh |
*.aaxads.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-03-11 - 2023-03-15 |
a year | crt.sh |
c.amazon-adsystem.com Amazon |
2022-05-09 - 2023-04-18 |
a year | crt.sh |
*.adsafeprotected.com Amazon |
2022-06-21 - 2023-07-20 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-09-26 - 2022-12-19 |
3 months | crt.sh |
ak.sail-horizon.com Amazon |
2022-01-06 - 2023-02-02 |
a year | crt.sh |
gprod.postmedia.digital GTS CA 1D4 |
2022-09-16 - 2022-12-15 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-09-26 - 2022-12-19 |
3 months | crt.sh |
permutive.app Cloudflare Inc ECC CA-3 |
2022-09-13 - 2022-12-12 |
3 months | crt.sh |
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020 |
2022-03-31 - 2023-05-02 |
a year | crt.sh |
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA |
2022-02-03 - 2023-02-25 |
a year | crt.sh |
*.aaxdetect.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-03-11 - 2023-03-15 |
a year | crt.sh |
secure.cdn.fastclick.net DigiCert SHA2 Secure Server CA |
2022-01-15 - 2023-01-17 |
a year | crt.sh |
*.loginradius.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-12-13 - 2022-12-13 |
a year | crt.sh |
*.prmutv.co R3 |
2022-09-28 - 2022-12-27 |
3 months | crt.sh |
*.adnxs.com GeoTrust ECC CA 2018 |
2022-02-11 - 2023-03-14 |
a year | crt.sh |
permutive.com Cloudflare Inc ECC CA-3 |
2022-02-26 - 2023-02-25 |
a year | crt.sh |
api.permutive.com R3 |
2022-10-18 - 2023-01-16 |
3 months | crt.sh |
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-08-27 - 2022-11-22 |
3 months | crt.sh |
viafoura.com Amazon |
2022-09-07 - 2023-10-06 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-09-26 - 2022-12-19 |
3 months | crt.sh |
*.scorecardresearch.com Amazon |
2022-01-29 - 2023-02-27 |
a year | crt.sh |
jssdkcdns.mparticle.com R3 |
2022-10-23 - 2023-01-21 |
3 months | crt.sh |
identity.mparticle.com Go Daddy Secure Certificate Authority - G2 |
2022-07-09 - 2023-07-07 |
a year | crt.sh |
piano.io Cloudflare Inc ECC CA-3 |
2022-04-27 - 2023-04-26 |
a year | crt.sh |
jssdks.mparticle.com R3 |
2022-10-23 - 2023-01-21 |
3 months | crt.sh |
*.media.net DigiCert SHA2 Secure Server CA |
2022-02-20 - 2023-02-22 |
a year | crt.sh |
*.ribn.com Amazon |
2022-08-21 - 2023-09-19 |
a year | crt.sh |
sdk.mrf.io GlobalSign Atlas R3 DV TLS CA 2022 Q4 |
2022-10-23 - 2023-11-24 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2022-08-07 - 2022-11-05 |
3 months | crt.sh |
*.parsely.com Amazon |
2022-06-05 - 2023-07-04 |
a year | crt.sh |
www.google.de GTS CA 1C3 |
2022-09-26 - 2022-12-19 |
3 months | crt.sh |
ssl03.cert.cl03.k8s.mrf.io R3 |
2022-10-17 - 2023-01-15 |
3 months | crt.sh |
flowcards.mrf.io GlobalSign Atlas R3 DV TLS CA 2022 Q4 |
2022-10-23 - 2023-11-24 |
a year | crt.sh |
www.google.com GTS CA 1C3 |
2022-09-26 - 2022-12-19 |
3 months | crt.sh |
*.google.de GTS CA 1C3 |
2022-09-26 - 2022-12-19 |
3 months | crt.sh |
smartcdn.gprod.postmedia.digital GTS CA 1D4 |
2022-10-02 - 2022-12-31 |
3 months | crt.sh |
This page contains 5 frames:
Primary Page:
https://nationalpost.com/news/canada/rights-activists-skeptical-as-canadian-fashion-brands-carefully-deny-usingchina-forced-labour
Frame ID: A5184FA3E91D935A4CF2F9B7271F8DF7
Requests: 128 HTTP requests in this frame
Frame:
https://fem.gprod.postmedia.digital/v68.2/xd.html
Frame ID: 631F4C44B60D30C0047CDB1C99C43964
Requests: 2 HTTP requests in this frame
Frame:
https://c.aaxads.com/aacxs.php?flg=AAX24X4M7&fv=1&fy=37&ke=1&suylg=55%2C3012%2C295%2C271%2C282%2C141%2C203%2C368%2C172%2C195%2C51%2C267%2C274%2C159%2C222%2C3007%2C209%2C292%2C251%2C97%2C241%2C369%2C108%2C229%2C175%2C214%2C356%2C265%2C272%2C310&yvVbqf=1&uhiXuo=&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Frame ID: 59A88792C808D57219581FDCEFDF1F39
Requests: 2 HTTP requests in this frame
Frame:
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=nationalpost.com
Frame ID: A80905C8D58DB546BD48C7B25BDFDFE5
Requests: 2 HTTP requests in this frame
Frame:
https://www.facebook.com/tr/
Frame ID: 029EF0795BA3E0ECFB6B002CD0AAEC1D
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/98396ba0-0dc3-4a18-ba8d-393208362780.png)
Page Title
National PostNational PostUserFinancial PostDetected technologies
Detected patterns
- /wp-(?:content|includes)/
Detected patterns
- adnxs\.(?:net|com)
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
![](/vendor/wappa/icons/Google Font API.png)
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
![](/vendor/wappa/icons/comScore.png)
Detected patterns
- \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Page Statistics
53 Outgoing links
These are links going to different origins than the main page.
Title: EPAPER
Search URL Search Domain Scan URL
Title: PostPandemic
Search URL Search Domain Scan URL
Title: Posted Newsletter
Search URL Search Domain Scan URL
Title: Archives
Search URL Search Domain Scan URL
Title: Mortgages
Search URL Search Domain Scan URL
Title: Golf Videos
Search URL Search Domain Scan URL
Title: The GrowthOp
Search URL Search Domain Scan URL
Title: Remembering
Search URL Search Domain Scan URL
Title: Place an Obituary
Search URL Search Domain Scan URL
Title: Place an In Memoriam
Search URL Search Domain Scan URL
Title: Classifieds
Search URL Search Domain Scan URL
Title: Place an Ad
Search URL Search Domain Scan URL
Title: Celebrations
Search URL Search Domain Scan URL
Title: Shopping
Search URL Search Domain Scan URL
Title: Working
Search URL Search Domain Scan URL
Title: Financial Post
Search URL Search Domain Scan URL
Title: E-Paper
Search URL Search Domain Scan URL
Title: Edward Rogers' move to remake board with him as chair backed by longtime director Mother and sisters oppose move, calling it 'invalid', as both sides expect dispute to be settled in court
Search URL Search Domain Scan URL
Title: Advertise With Us
Search URL Search Domain Scan URL
Title: Appointment Notice
Search URL Search Domain Scan URL
Title: Content Works
Search URL Search Domain Scan URL
Title: Resources
Search URL Search Domain Scan URL
Title: Remembering
Search URL Search Domain Scan URL
Title: Celebrating
Search URL Search Domain Scan URL
Title: Careers
Search URL Search Domain Scan URL
Title: Post a Classified ad
Search URL Search Domain Scan URL
Title: Local Directory
Search URL Search Domain Scan URL
Title: About Us
Search URL Search Domain Scan URL
Title: Canada.com
Search URL Search Domain Scan URL
Title: Canoe.com
Search URL Search Domain Scan URL
Title: Driving.ca
Search URL Search Domain Scan URL
Title: Winnipeg Sun
Search URL Search Domain Scan URL
Title: The London Free Press
Search URL Search Domain Scan URL
Title: Regina Leader-Post
Search URL Search Domain Scan URL
Title: Saskatoon StarPhoenix
Search URL Search Domain Scan URL
Title: Windsor Star
Search URL Search Domain Scan URL
Title: Ottawa Citizen
Search URL Search Domain Scan URL
Title: The Province
Search URL Search Domain Scan URL
Title: Vancouver Sun
Search URL Search Domain Scan URL
Title: Edmonton Journal
Search URL Search Domain Scan URL
Title: Calgary Herald
Search URL Search Domain Scan URL
Title: Montreal Gazette
Search URL Search Domain Scan URL
Title: Toronto Sun
Search URL Search Domain Scan URL
Title: Ottawa Sun
Search URL Search Domain Scan URL
Title: Calgary Sun
Search URL Search Domain Scan URL
Title: Edmonton Sun
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Give us some feedback!
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Digital Ad Registry
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 67- https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=a64e3e75-56ca-4651-bcf4-04a0da765a39 HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=a64e3e75-56ca-4651-bcf4-04a0da765a39&google_tc= HTTP 302
- https://googlesync.permutive.com/v2.0/px/sync?alias=CAESECodXaETuI-In2zuZX-qqaw&error=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=a64e3e75-56ca-4651-bcf4-04a0da765a39&google_cver=1
- https://gum.criteo.com/sid/json?origin=publishertag&domain=nationalpost.com&sn=ChromeSyncframe&so=0&topUrl=nationalpost.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
- https://mug.criteo.com/sid?cpp=EDLmM3wwZXEwR2kzZ2FWemxDakoxWHJsRzcvTW10UjI4VXE1MW5xM3cxTkNBM1JHSFk2ZmlEN21KYlQrUHZBQkpkbVV5czNuSUZ5RW9jRVE5Njc4SWdMS3VPOXpJcGRJTnlqQUhsamMreFBQVW9vOVB2bXFjM09PbFh6RFVxVmN4WVlSSTJCbkN3dlhzZUZRYzZLdFhUUGhxcmowMGpMUTlYY3V2dXAvelhlTDd1ZytYSFhCUWprbUFSTkQ1S2xaRzJqVVNMbXErdm9uVWRwbTJTOEdLcC9lOHdxR3c1ckJDQkVDMlBWN2FSKzZ4U0JlSURTbGVLRVRKYzlrS0Z1S0cwT25ROERpS1B1Z3RKanVYTDA2endkRlppUT09fA&cppv=2
- https://sb.scorecardresearch.com/c2/10276888/cs.js HTTP 302
- https://sb.scorecardresearch.com/internal-c2/default/cs.js
142 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
rights-activists-skeptical-as-canadian-fashion-brands-carefully-deny-usingchina-forced-labour
nationalpost.com/news/canada/ |
344 KB 68 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gpt.js
securepubads.g.doubleclick.net/tag/js/ |
80 KB 27 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
184635-225789216445563.js
js-sec.indexww.com/ht/p/ |
180 KB 45 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
publishertag.js
static.criteo.net/js/ld/ |
121 KB 40 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aax.js
c.aaxads.com/ |
396 KB 113 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
apstag.js
c.amazon-adsystem.com/aax2/ |
177 KB 44 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iasPET.1.js
cdn.adsafeprotected.com/ |
22 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
8 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
LoginRadiusV2.js
auth.lrcontent.com/v2/js/ |
199 KB 46 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
spm.v1.min.js
ak.sail-horizon.com/spm/ |
124 KB 44 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fem.js
fem.gprod.postmedia.digital/v68.2/ |
289 KB 290 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
advertising.js
www.npttech.com/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-soc-ig-mono-rev.svg
dcs-static.gprod.postmedia.digital/12.1.4/websites/images/share-icons/ |
1 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-soc-fb-mono-rev.svg
dcs-static.gprod.postmedia.digital/12.1.4/websites/images/share-icons/ |
335 B 588 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-soc-yt-mono-rev.svg
dcs-static.gprod.postmedia.digital/12.1.4/websites/images/share-icons/ |
473 B 753 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-soc-tw-mono-rev.svg
dcs-static.gprod.postmedia.digital/12.1.4/websites/images/share-icons/ |
898 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shared.080e1ff83d5f.js
dcs-static.gprod.postmedia.digital/12.1.4/CACHE/js/ |
24 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.ea896e2d9d40.js
dcs-static.gprod.postmedia.digital/12.1.4/CACHE/js/ |
107 KB 107 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v17/ |
46 KB 46 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v17/ |
32 KB 32 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
postmedia-image-fallback.webp
dcs-static.gprod.postmedia.digital/12.1.4/websites/images/ |
3 KB 3 KB |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-footer-np.svg
dcs-static.gprod.postmedia.digital/12.1.4/websites/images/np/ |
962 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
xd.html
fem.gprod.postmedia.digital/v68.2/ Frame 631F |
165 B 467 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
appInfo
config.lrcontent.com/ciam/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/ |
350 KB 99 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
appInfo
config.lrcontent.com/ciam/ |
4 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9c9baa9c277a560b6ea0.js
fem.gprod.postmedia.digital/v68.2/chunks/ |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubads_impl_2022102501.js
securepubads.g.doubleclick.net/gpt/ |
378 KB 128 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ppub_config
securepubads.g.doubleclick.net/pagead/ |
268 B 171 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rid
match.adsrvr.org/track/ |
63 B 390 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
identity
api.rlcdn.com/api/ |
44 B 360 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxusr.gif
c.aaxads.com/ |
43 B 205 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pxext.gif
www.aaxdetect.com/ |
43 B 343 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
config
c.amazon-adsystem.com/cdn/prod/ |
248 B 604 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ |
6 KB 3 KB |
XHR
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
xd.js
fem.gprod.postmedia.digital/v68.2/ Frame 631F |
51 KB 51 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
44fadb2e016752bbc2bd0.js
dcs-static.gprod.postmedia.digital/12.1.4/websites/js/ |
7 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
a2ab544ae6c48636370816.js
dcs-static.gprod.postmedia.digital/12.1.4/websites/js/ |
10 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
7448bbfb433e588899f11.js
dcs-static.gprod.postmedia.digital/12.1.4/websites/js/ |
16 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
3925d2ee8908d985b3272.js
dcs-static.gprod.postmedia.digital/12.1.4/websites/js/ |
51 KB 51 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
5f54a515a11c045d21db9.js
dcs-static.gprod.postmedia.digital/12.1.4/websites/js/ |
12 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
c2a48fed442a0877888932.js
dcs-static.gprod.postmedia.digital/12.1.4/websites/js/ |
5 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
a7d51c8530302bc08dfa7.js
dcs-static.gprod.postmedia.digital/12.1.4/websites/js/ |
21 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
0b1154d774bfa95dd27717.js
dcs-static.gprod.postmedia.digital/12.1.4/websites/js/ |
53 KB 54 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ |
53 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
log
l3.aaxads.com/ |
35 B 173 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login
postmedia.hub.loginradius.com/ssologin/ |
38 B 550 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
login
postmedia.hub.loginradius.com/ssologin/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxid
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/v2.0/ |
46 B 393 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
getuidj
ib.adnxs.com/ |
11 B 706 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
23dc09d6-b664-425a-a76e-0eed6a6cc102-models.bin
cdn.permutive.com/models/v2/ |
24 KB 17 KB |
XHR
application/x-binary |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
geoip
api.permutive.com/v2.0/ |
261 B 369 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
watson
api.permutive.com/v2.0/ |
2 B 87 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
2a233235-47c4-4ed1-8e72-fd0fc2a35d42
https://nationalpost.com/ |
115 KB 0 |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
b0e1e3c5-48ac-4ce7-8fdf-1f6dc0779f5f
https://nationalpost.com/ |
20 KB 0 |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aacxs.php
c.aaxads.com/ Frame 59A8 |
22 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
syncframe
gum.criteo.com/ Frame A809 |
15 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
nationalpost.com/api-root/lists/ec4980e1-9ef5-43cc-b1bb-6084163dd2c9/expanded/ |
121 KB 12 KB |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
identify
api.permutive.com/v2.0/ |
50 B 88 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
load
experience.tinypass.com/xbuilder/experience/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vf-v2.js
cdn.viafoura.net/ |
762 KB 180 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
324 KB 85 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
beacon.js
sb.scorecardresearch.com/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mparticle.js
jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/ |
225 KB 55 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
131 KB 41 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
segment
api.permutive.com/adv/v2/ |
14 B 28 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync
googlesync.permutive.com/v2.0/px/ Redirect Chain
|
35 B 176 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sid
mug.criteo.com/ Frame A809 Redirect Chain
|
459 B 671 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
identify
identity.mparticle.com/v1/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
138 KB 47 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
146 KB 48 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
identify
identity.mparticle.com/v1/ |
176 B 270 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tinypass.min.js
cdn.tinypass.com/api/ |
324 KB 95 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
v2
api.viafoura.co/v2/nationalpost.com/bootstrap/ |
7 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
v2
api.viafoura.co/v2/nationalpost.com/bootstrap/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
execute
c2.piano.io/xbuilder/experience/ |
2 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
Forwarding
jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/ |
0 197 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
Forwarding
jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/ |
0 59 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
log
c21lg-d.media.net/ Frame 59A8 |
35 B 329 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ribn.min.js
assets.ribn.com/production/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ribn-postmedia.min.js
assets.ribn.com/v2/production/ |
13 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gtm.js
www.googletagmanager.com/ |
132 KB 47 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gtm.js
www.googletagmanager.com/ |
272 KB 81 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
identify
identity.mparticle.com/v1/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
identify
identity.mparticle.com/v1/ |
176 B 220 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
Forwarding
jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/ |
0 82 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
213 KB 75 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
Forwarding
jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/ |
0 58 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
events
jssdks.mparticle.com/v3/JS/us1-99b65fde89a1a145894d2d51d283cc83/ |
42 B 157 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
events
api.permutive.com/v2.0/batch/ |
101 B 130 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 347 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
marfeel-sdk.js
sdk.mrf.io/statics/ |
86 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
103 KB 28 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
217 KB 76 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p.js
cdn.parsely.com/keys/nationalpost.com/ |
74 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b
sb.scorecardresearch.com/ |
0 191 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cs.js
sb.scorecardresearch.com/internal-c2/default/ Redirect Chain
|
0 359 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.analytics.google.com/g/ |
0 54 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 338 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
1685973801652415
connect.facebook.net/signals/config/ |
296 KB 85 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
ingest.php
events.newsroom.bi/ |
50 B 917 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2ab9e41f637117411f01.js
sdk.mrf.io/statics/ |
16 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
active
flowcards.mrf.io/json/ |
16 B 376 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
p1.parsely.com/plogger/ |
43 B 259 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/j/ |
2 B 22 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/j/ |
1 B 21 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/j/ |
2 B 22 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/j/ |
1 B 21 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
collect
www.google-analytics.com/ |
35 B 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
thirdpartycookie
api.viafoura.co/v2/nationalpost.com/ |
45 B 650 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 185 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
state
api.permutive.com/v1.0/ |
0 34 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
stats.g.doubleclick.net/j/ |
4 B 25 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
stats.g.doubleclick.net/j/ |
4 B 25 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
intl-messageformat.cabf9fcc20db4368f619.js
cdn.viafoura.net/chunks/vendors~languages/ |
17 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
intl-messageformat.74777b3c5cd469365abc.js
cdn.viafoura.net/chunks/languages/ |
135 B 522 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
en-us-base-json.39c96c8731ba19b47976.js
cdn.viafoura.net/chunks/languages/ |
19 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
identify
api.permutive.com/v2.0/ |
50 B 88 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ga-audiences
www.google.de/ads/ |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ga-audiences
www.google.de/ads/ |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
LoginRadiusV2.js
auth.lrcontent.com/v2/ |
199 KB 46 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
ingest
i.viafoura.co/v3/nationalpost.com/ |
67 B 392 B |
Ping
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
audiences
api.permutive.com/audience-matching/v1/id/a64e3e75-56ca-4651-bcf4-04a0da765a39/ |
12 B 25 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ROGERS-TURMOIL.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2021/10/ |
31 KB 31 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bullet-pudding.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2020/04/ |
42 KB 42 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
covidartifacts_tp_w.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2020/04/ |
11 KB 12 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
covidartifacts_sanitizer_w.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2020/03/ |
14 KB 14 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
brian-levy-1.png
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2020/04/ |
27 KB 27 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
fonts.gstatic.com/s/ptserif/v17/ |
29 KB 29 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
svod-module-js.b1d6e753dcecd8620da4.js
cdn.viafoura.net/chunks/vuex_store/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
appInfo
config.lrcontent.com/ciam/ |
4 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
appInfo
config.lrcontent.com/ciam/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
/
www.facebook.com/tr/ Frame 029E |
0 17 B |
Document
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login
postmedia.hub.loginradius.com/ssologin/ |
38 B 550 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
login
postmedia.hub.loginradius.com/ssologin/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
region1.analytics.google.com/g/ |
0 17 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
115 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| setNptTechAdblockerCookie object| script object| LRNameSpace object| LoginRadiusDefaults function| LoginRadiusUtility function| LoginRadiusApiFramework function| setLoginRadiusDefaultSchema function| setLoginRadiusModuleFunctions function| LoginRadiusHooksModel function| SetLoginRadiusCommonFunctions function| LoginRadiusControllers function| LoginRadiusV2 function| FormValidator object| hash object| modern_script_elem object| legacy_script_elem object| ytAdTargetingLoadEvent function| script_onload string| locSrc object| ytVideoAdTargetingConfig object| BlockAdBlock object| blockAdBlock object| webpackJsonpFrontEndModules object| tp object| FrontEndModules object| googletag object| aax object| permutive object| apstag object| ggeac object| google_tag_data object| google_js_reporting_queue object| headertag object| Criteo function| headertag_render object| pbjs function| sovrn_render boolean| apstagLOADED object| webpackChunkdjango_content_services object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_132 object| Criteo_132 object| __permutive undefined| google_measure_js_timing object| PublisherCommonId object| vf object| vfQ object| dataLayer object| mParticle object| gtm_data_layer object| mpOneTrustKit object| GoogleTagManagerKit function| OptanonWrapper object| dl_mparticle object| mp_data_layer object| COMSCORE function| udm_ object| _comscore object| _vfP boolean| vfLoaded function| setImmediate function| clearImmediate object| viafoura function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| _typeof boolean| pnFullTPVersion number| pnInitPerformance boolean| pnHasPolyfilled object| pn string| __tpVersion object| SWG function| ___tp object| google_tag_manager function| postscribe object| google_tag_manager_external function| onYouTubeIframeAPIReady object| Ribn string| GoogleAnalyticsObject function| ga object| PianoESPConfig object| gaGlobal function| e function| t object| marfeel function| fbq function| _fbq object| PARSELY function| autotrack function| gtag object| dataLayerPropertiesToFlush object| previousPartialEvents function| getPreviousPartialEvents object| gtm undefined| eventIndex undefined| prop object| webpackChunk_marfeel_marfeel_sdk object| __mrfCompass object| gaplugins object| gaData function| _ga_originalSendHitTask45 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
nationalpost.com/ | Name: aasd Value: 1%7C1667016564306 |
|
nationalpost.com/ | Name: __aaxsc Value: 2 |
|
.nationalpost.com/ | Name: permutive-id Value: a64e3e75-56ca-4651-bcf4-04a0da765a39 |
|
nationalpost.com/ | Name: __adblocker Value: false |
|
nationalpost.com/ | Name: political-ad-opt-out Value: {"data":false,"exp":604800000,"ts":1667016564607,"mac":11101470} |
|
.23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/ | Name: pxid Value: 0671cc1c-bbef-43be-ab94-f1b8b4014050 |
|
nationalpost.com/ | Name: x-id Value: {"data":{"adLight":false,"id":"9jjzdbyf1zd97xocukxkrnx2z7ndep8h","updated":1667016564631},"exp":604800000,"ts":1667016564631,"mac":-1180924750} |
|
fem.gprod.postmedia.digital/ | Name: x-id Value: {"data":{"adLight":false,"id":"9jjzdbyf1zd97xocukxkrnx2z7ndep8h","updated":1667016564631},"exp":604800000,"ts":1667016564645,"mac":-1180923665} |
|
.criteo.com/ | Name: uid Value: f50a1cd4-091f-45b8-948a-ae7c129da94f |
|
.aaxads.com/ | Name: aax-vsid Value: 3100181648398410000V10 |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUm1LIK107j96FrHqzBApcOdvnU7BRRjAXvzN8tFuG-5Vy532bvtihaFMuQOa30 |
|
.nationalpost.com/ | Name: _pcid Value: %7B%22browserId%22%3A%22l9temdnp7ebnhzoj%22%7D |
|
nationalpost.com/ | Name: __pnahc Value: 0 |
|
.nationalpost.com/ | Name: cto_bundle Value: FTY53F9LSmwlMkJCTGtjN2VFMnBwUHQ3MVVXRk9HQ1dhaEd0NVFLdkNmbWFoQVl0dTlya1NHbEd4JTJGV0MlMkJGeGVieGgzanBBbG5FbUxTWlVhV1d5bWVNZ3hIUnJTbVAwNVMlMkYwWlpCUSUyQkVUd2pCb0RtMkRtYmR3T2NZbkpuU3FNaTZRVDcwV0ZyOUVvUllRcWo5dFhEa0pqWjBtaXdrV0VVM2lZamtSbjExdDJ1TlJFU29BJTNE |
|
.piano.io/ | Name: __cf_bm Value: ZnPD00MPICRAM32BMKI4Erpjh2jzQBIcLLwIuJzsshc-1667016565-0-AXru/f+So2WMHlNiZpTS3UzlYH2qLJWjw9IBJT3NKdM69/cIdG6skKy6gtyMuRgIDXzaKYaXxpZjakDR0iXASpY= |
|
.nationalpost.com/ | Name: __tbc Value: %7Bkpex%7DSxawBL32KHrYJf2GsMelEolqUomP53_FxtAj0_UvhD1jeGlnmsfCiFVX7ZOHfHjL |
|
.nationalpost.com/ | Name: __pat Value: -14400000 |
|
.nationalpost.com/ | Name: __pvi Value: eyJpZCI6InYtMjAyMi0xMC0yOS0wNC0wOS0yNC05MDctYU1Kb3I4cFQ5cjZxa05BZy02ZmI5YWNmYjZhZWY5NTFiMmU2MGZlZWFhYmRiNTA1NyIsImRvbWFpbiI6Ii5uYXRpb25hbHBvc3QuY29tIiwidGltZSI6MTY2NzAxNjU2NTA5OH0%3D |
|
.nationalpost.com/ | Name: _pctx Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAE0RXQF8g |
|
.nationalpost.com/ | Name: xbc Value: %7Bkpex%7DPPLGcrqhrq1fHeeDL13rsVeSwE8HxToPH7KMuiIWm8AZIv2M-ckJJXEfF7yD0ueAsnsK5HVhU5RVCJycB27y7w |
|
.nationalpost.com/ | Name: mprtcl-v4_4662F03F Value: {'gs':{'ie':1|'dt':'us1-99b65fde89a1a145894d2d51d283cc83'|'av':'1.0.0'|'cgid':'f996b9bf-d443-4ed8-a951-b633254544e0'|'das':'d9fc928c-f002-4f82-a2b7-0592a9d872e5'|'csm':'WyItMzgwODMxMjMyMDM2MTIwMDkzNyJd'|'sid':'8436453F-C732-4098-8A8A-083CDC93765E'|'les':1667016565219|'ssd':1667016564742}|'l':1|'-3808312320361200937':{'fst':1667016564932|'ui':'eyIwIjoiOWpqemRieWYxemQ5N3hvY3VreGtybngyejduZGVwOGgifQ=='}|'cu':'-3808312320361200937'} |
|
.nationalpost.com/ | Name: _gcl_au Value: 1.1.1524629190.1667016565 |
|
.nationalpost.com/ | Name: _ga_7GC5VRWDF9 Value: GS1.1.1667016565.1.0.1667016565.0.0.0 |
|
.nationalpost.com/ | Name: _ga_72QH41ZTMR Value: GS1.1.1667016565.1.1.1667016565.60.0.0 |
|
.viafoura.co/ | Name: VfSess Value: j5j2fr9uu7lmhgjpn0mfa94qhr |
|
.viafoura.co/ | Name: vfThirdpartyCookiesEnabled Value: true |
|
.nationalpost.com/ | Name: ___nrbic Value: %7B%22previousVisit%22%3A1667016565%2C%22currentVisitStarted%22%3A1667016565%2C%22sessionId%22%3A%2293889f4e-1254-4b73-ac0c-90498d611344%22%2C%22sessionVars%22%3A%5B%5D%2C%22visitedInThisSession%22%3Atrue%2C%22pagesViewed%22%3A1%2C%22landingPage%22%3A%22https%3A//nationalpost.com/news/canada/rights-activists-skeptical-as-canadian-fashion-brands-carefully-deny-usingchina-forced-labour%22%2C%22referrer%22%3A%22%22%7D |
|
.nationalpost.com/ | Name: ___nrbi Value: %7B%22firstVisit%22%3A1667016565%2C%22userId%22%3A%226cb8e26e-cf52-48d9-b3aa-87f46523939e%22%2C%22userVars%22%3A%5B%5D%2C%22futurePreviousVisit%22%3A1667016565%2C%22timesVisited%22%3A1%7D |
|
.nationalpost.com/ | Name: compass_uid Value: 6cb8e26e-cf52-48d9-b3aa-87f46523939e |
|
.nationalpost.com/ | Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://nationalpost.com/news/canada/rights-activists-skeptical-as-canadian-fashion-brands-carefully-deny-usingchina-forced-labour%22%2C%22sref%22:%22%22%2C%22sts%22:1667016565580%2C%22slts%22:0} |
|
.nationalpost.com/ | Name: _parsely_visitor Value: {%22id%22:%22pid=8a1c0ebb-0018-48d9-8131-0eb014b924f0%22%2C%22session_count%22:1%2C%22last_session_ts%22:1667016565580} |
|
.nationalpost.com/ | Name: _ga Value: GA1.2.177905991.1667016565 |
|
.nationalpost.com/ | Name: _gid Value: GA1.2.1234006925.1667016566 |
|
events.newsroom.bi/ | Name: 1528_u Value: 6cb8e26e-cf52-48d9-b3aa-87f46523939e |
|
events.newsroom.bi/ | Name: 1528_s Value: 93889f4e-1254-4b73-ac0c-90498d611344 |
|
events.newsroom.bi/ | Name: 1528_lv Value: null |
|
.nationalpost.com/ | Name: _gat_UA-238413164-9 Value: 1 |
|
.nationalpost.com/ | Name: _gat_UA-138335866-30 Value: 1 |
|
.nationalpost.com/ | Name: _gat_UA-213173459-3 Value: 1 |
|
.nationalpost.com/ | Name: _gat_UA-138335866-2 Value: 1 |
|
.nationalpost.com/ | Name: _fbp Value: fb.1.1667016565721.1129678933 |
|
nationalpost.com/ | Name: _vfz Value: nationalpost%2Ecom.00000000-0000-4000-8000-05d38950df07.1667016566.1.medium=direct|source=|sharer_uuid=|terms= |
|
.nationalpost.com/ | Name: _vfa Value: nationalpost%2Ecom.00000000-0000-4000-8000-05d38950df07.21403fa7-9dde-433f-bfa9-00c5d1c6adb3.1667016566.1667016566.1667016566.1 |
|
.nationalpost.com/ | Name: _vfb Value: nationalpost%2Ecom.00000000-0000-4000-8000-05d38950df07.2..1667016566.... |
|
.viafoura.co/ | Name: vfDeviceId Value: 78a2a483-1295-4399-8ad7-2373e1d1b6c3 |
12 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src * 'unsafe-eval' 'unsafe-dynamic' 'unsafe-inline' data: blob: |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co
ak.sail-horizon.com
api.permutive.com
api.rlcdn.com
api.viafoura.co
assets.ribn.com
auth.lrcontent.com
c.aaxads.com
c.amazon-adsystem.com
c2.piano.io
c21lg-d.media.net
cdn.adsafeprotected.com
cdn.parsely.com
cdn.permutive.com
cdn.tinypass.com
cdn.viafoura.net
cm.g.doubleclick.net
config.lrcontent.com
connect.facebook.net
dcs-static.gprod.postmedia.digital
events.newsroom.bi
experience.tinypass.com
fem.gprod.postmedia.digital
flowcards.mrf.io
fonts.googleapis.com
fonts.gstatic.com
googlesync.permutive.com
gum.criteo.com
i.viafoura.co
ib.adnxs.com
identity.mparticle.com
js-sec.indexww.com
jssdkcdns.mparticle.com
jssdks.mparticle.com
l3.aaxads.com
match.adsrvr.org
mug.criteo.com
nationalpost.com
p1.parsely.com
postmedia.hub.loginradius.com
region1.analytics.google.com
region1.google-analytics.com
sb.scorecardresearch.com
sdk.mrf.io
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
smartcdn.gprod.postmedia.digital
static.criteo.net
stats.g.doubleclick.net
www.aaxdetect.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.npttech.com
104.18.12.76
104.19.150.54
142.250.186.98
15.197.193.217
151.101.130.207
151.101.2.207
178.250.2.146
18.159.85.30
188.40.92.124
2001:4860:4802:32::36
23.206.210.112
23.35.228.23
2600:1f18:44f0:4840:3207:97a9:fe28:637e
2600:9000:2127:4800:7:75d4:e40:93a1
2600:9000:2127:e600:8:2ae1:d740:93a1
2606:4700:10::6816:48e8
2606:4700:10::6816:49e8
2606:4700:3032::ac43:bf95
2606:4700:4400::ac40:92f1
2606:4700::6810:2a41
2606:4700::6811:bab1
2a00:1450:4001:809::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2008
2a00:1450:4001:829::2003
2a00:1450:4001:82f::2004
2a00:1450:4001:82f::200e
2a00:1450:4001:830::200a
2a00:1450:400c:c0a::9c
2a02:2638:1::13
2a02:2638::3
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:200::645
2a04:4e42:400::645
2a04:4e42::645
34.107.254.252
34.111.249.109
34.117.54.29
34.120.133.55
34.149.157.221
35.241.9.51
37.252.173.27
52.17.99.225
52.202.25.9
65.9.95.26
65.9.95.46
65.9.95.81
65.9.97.56
65.9.97.61
96.16.146.231
96.16.152.37
037ff354f44e0c17e94862f2bdcb20dfc1e55ed7e61d70ba14071d9a46483c05
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
075f0b96d3f5faf88ceadde797d80b24f65331ed73b6787306aad4823b6c16b8
0767c070293f17944c5246f47d8c610131ee16556a032dc3b5820bdac5ec725f
0b5bcd5e455fe140dfa582f1f66284a5af4f1de829a3341cca1720cc6b02d8ad
0c92a8a981ca46cfb88a56dd166b36bac275d9ae9ab5e3af1a2421b3603bc2a1
0e41a09bb5716c56654a3fbf23623f9894c5ca2f9ea7c25557efdfa431b8fe1d
107bddd9242c08c563553e440213df2d3d61e30b693e187862d1e4013e9d41af
109fb6d4b67eeba209f89f20f21e0b2d8152859ab98800abd920d1bc20a95be9
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
14751924af553816bbf191e49daf5d1d47c0fdd89cea1c68ce1e2d6c07890046
15be6f8faaa8ade01281eb58a675e4dfec497cdc9c2304ddeadc8943802f4acb
1720e4a10738cf9443bdb97d6f57851e83991ec035bc0e68648773796e9585df
179c493864283938999b1e6cfb14839f78f9b25d1ec30faabbf9ea18216b23e5
1a89df9b70c4f11f36e9d7a6c9516a567474c7b3bce368335477ed1b564382ae
1b42dde75fd749c69f1c7605d64bce0e297a8995922e943a0d9fc788d11e6616
26fc9a39edbfd6ace0548738fe4dd0ebea7883686ae98e885b29b0987775c2e2
2803b590c53f57a6bc3d2f442fb66033bb529ec652daea0609b286a8ba42f216
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78
31827a58b3db79b5803ea68a0c0b22b7cab343549140ccc89c0124c55498f939
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
32df43a530d768d4483680f784fd97eb35f86cdc3086ea546f186254e99dac6c
39c5031fa5e04352d50fff0f766f4c5f77f2e30a45fcf73d0470bd41cd041394
39f186d05608f12fecbbf21b290815c754bcf046d45855c952f27ebc415a0917
3c74ef042bfcf702752741a8c0fd1e1f8c691dc3b270a2c2f1739365596dc71c
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
479dea047329410df0dcfe5f8e68613399afda1b984cb30b014e4b0ea9f280cb
47c463c69b819f261745d592cb09fd9e802a14d13aca70062094f1c990a15cdf
4a1d77b41d457c84fa6203df7050174f7860e5a1e81ca0c6a13cacf80935ac90
553afcfe65cda60eb0ff49695dddfd2bade57dbdbd81b17ef117a30f23429460
574ee49322b85bbad4ad7717b04996355985fa03bb32fa98f3a6e15866a794ad
588f30cce470d4b41e984dc80aba03763955e3f6e95326c5c2ab0140fd58eda8
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1
5cd29261e4f9243a4044d38b6f24a3582120421937063b562c8dec4406837a02
61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356
639785aa0d683a5d24bcbe96629d8d07fd8eefd12499bd97606e65f9373a5112
68a335c0d87dce935fee1811892070e78c514828d50bfe2ae21fde739ec1002c
6952d75a2aaa80c38068102af0b81541c127ce80a62b183f9a6d4197a4c2e31f
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e140393a5c564a0373f5af25fb31419454e956674534b4acee7822a5d1586b9
6e3717c11e421a2267e1ab728461aeed493cbfdfe18e0448895effd0ec2454c2
71f27f30bcea1929b2e4fb409abe0baf4029759e1deb3ee316e21016463dff61
72a96a8e1449bee2cde9dc3c496036cfcbba49739cb62ef47a7b08d032c618bd
78b558bd2357fbe7ad52804fb3af1b8664b23db096b1deb22d215dde25b152bf
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
79af2a4f83ffb4de287d2dc876bcd08865dbed6d0e70a9bd52f45a421c23e555
7a4a8d57f9651337395136c57dcec6bfa302423923f0bd00fcef3292043debc5
7beb96ef759b267b4159270a64ca009646a2e9a725882896b3dd431198b92058
7f9694a5641741d04e1c98eb1011059826aa5feb34e47d2b2f95bdb47cb0c2f5
82040cde6910b66cfe6ee300ecfda8df801debcb81d0226b8cc8e62df7823f28
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8512a94c30dc7fda4931ae11fc195ee3f2cbad5dff1dc2567cf3725c33093b2d
8693aa2d6442bba7224236e021765c95fe40f7cfc6b6c9afd8c717c665f8a365
87f31cded62015a1d11cce6be7a32b77405de2fb36f4b8a7c2c5a4ccabd6a403
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde
8add0c66bfb095b44e7c448864fd4be9cad85012e851d7ea49fd42e99257a8ec
8f36561d2c92d2ece0636ca149bc78079b341c8cd25b0855676ceaee603156b9
937673cb4243a3222825e9a9b9da7132ee85d24c7c275e723a9d4f86b4426ea3
949351f0f70680ff7c4a6dcc3131299ffc00ec0310356eeb120b680df87ee4f4
9dc58b9d5dce9d8376aad3a8e76e00a6bd0cae6ce73eb761ebcffaca48b3b553
a55cd0a21664d030fde4e1da37a0240938ac8c080aeb21ab4d913c754b4100f7
a72b598cb0253b63cc28bb8fe44e3c8db9985ef995fd7ea279f86549e16c7865
a8236998816487aa6623e3626d7cd50f395e3deee0732c33b150bec3cb81f9a3
a82c20132883e813f0457eb3f90b0350b79898a74ac694b66d0bbc5c4b66e4ed
a9233c36f19a4270f93346ed6989ec40208369dd0e6207734f633d57e4a59c53
a94d01c701f94882605588c2253498c1cdaf93c4896c60ad233ab74f45910998
ae99851c2155f70e14ca8a15656053501bda155abb120a0cdce1def653743a25
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b969062e9d8f77e55dfc37bb35728e3401c636595aaf97e4e68ce300bfa2b293
b99153c3ede6735965c35170a80792310c3ed771bf89ea368ed9241edbcfb0a5
bbe74c62945bca0d7d29f9784c7462326fb4f8100313f320468c67a947a267ad
bf7b6275d2a54599893fded12ba1bd7f0c96495c01fe6cac2322bc0c2382b4ff
c0b46f588f0bdb454ac7bbdd3745d6dfcaaae86f3a49984cdf42b25615f984be
c13a6f37e183be813793d5df549434374d71adf3fedad7bc897dfaf0fe88cbd2
c21598fa0de5058bf410d73d84f781c118f1d6307ef4fceeaf9fc314e52cf7a9
c81cab8c63d469329c0e0724770c6c8622f0d5d1fb8b6f919b6d7dddfadba190
ca7bce9264a3918442d3e653b968361223ede24753232c713ead830aa5446722
cae36f72df646943f35c369196157a804d0b6c0b9792ee13d6cdff4b4e41e8be
cb551b3fa2346a645fcec13d4c6898a42275496fdfd545d28fa1e83a685fb42a
cd3eac7c38648a29a4263676ee60b4857de3341389b992b3c2ababad540d8cc6
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0f488f1761405c4d104ab6afb960dd43df877df95c3d3efc1d14a42376645ca
d22c2b457592d1f744afe93fdca6657e1985e47f0fade89674ae45ebce1d6428
d355afb9705c3f8651f6a1f813b4670b758d59a17783830f534e7a8839c5b666
d42deaf7af54d64c35dae0e1de09f3f9e87a2dbdc6e0025f4e1ac180139ab5e7
d47f317138ec8083450b63c742957db8398eb19bae70913819b81dda472b6283
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dae6f542fa2ee873b80e056bcd4c807f9d0a4fb86da790e74debb09c8a04cb93
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e1b8b3648535fc5409d72af736f65af9b2762dfef992344009e9e82954597656
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41aab8e32e468f58291ceb24321bb234f540ff95fb1acba2b3dd914a8c7bdea
e4e144d0f7e3340b6b86f7a78d2ff3e271e62ef5367ebf3d62e364a2e1d8a095
ea896e2d9d40ccdd7043192c7b1516e369a47df43f1863e3044f4e9aa73a6f31
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f44091e689c0a3cc077f563375c572805cc30eb6bbf234022ec490488696010a
f53d2b946d632342cb88f35d1cd810f991c7e80f7a363310464af73132235e77
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6188add36e8cf36585300840eade35fea02cbcd9a512cce7db22fe89f8e14eb
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9
f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143
fb167c52566cd0fffc579d4256eb7c3201adcb0fee0be92d254a62c966c25b88