urlscan.io logo urlscan.io
SecurityTrails logo

nwa.pressreader.com Open in urlscan Pro
208.181.59.253  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://nwa.pressreader.com/article/281968905995848
Effective URL: https://nwa.pressreader.com/article/281968905995848
Submission: On December 16 via manual from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 5 domains to perform 30 HTTP transactions. The main IP is 208.181.59.253, located in Zeballos, Canada and belongs to TELUS Communications, CA. The main domain is nwa.pressreader.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on June 24th 2020. Valid for: 2 years.
This is the only time nwa.pressreader.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 12 208.181.59.253 852 (TELUS Com...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
10 104.16.97.55 13335 (CLOUDFLAR...)
30 7
12    208.181.59.253 (Zeballos, Canada)

ASN852 (TELUS Communications, CA)
PTR: grafana.ca.pressreader.com
nwa.pressreader.com
1    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
4    2606:4700::6810:bcdd (United States)

ASN13335 (CLOUDFLARENET, US)
r.prcdn.co
s.prcdn.co
i.prcdn.co
1    2607:f8b0:4006:817::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2607:f8b0:4006:822::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
10    104.16.97.55 (None, )

ASN13335 (CLOUDFLARENET, US)
svc.pressreader.com
Domain Requested by
12 nwa.pressreader.com 1 redirects nwa.pressreader.com
r.prcdn.co
10 svc.pressreader.com r.prcdn.co
3 fonts.gstatic.com fonts.googleapis.com
2 r.prcdn.co nwa.pressreader.com
1 i.prcdn.co
1 s.prcdn.co r.prcdn.co
1 fonts.googleapis.com nwa.pressreader.com
1 cdnjs.cloudflare.com nwa.pressreader.com
30 8

This site contains no links.

Subject Issuer Validity Valid
*.pressreader.com
Go Daddy Secure Certificate Authority - G2		 2020-06-24 -
2022-07-29		 2 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://nwa.pressreader.com/article/281968905995848
Frame ID: 2F806BDDAF98AD1DA554B54EA342368A
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

NW Democrat-Gazette

Page URL History Show full URLs

  1. http://nwa.pressreader.com/article/281968905995848 HTTP 302
    https://nwa.pressreader.com/article/281968905995848 Page URL

Page Statistics

30
Requests

100 %
HTTPS

67 %
IPv6

5
Domains

8
Subdomains

7
IPs

3
Countries

1236 kB
Transfer

4477 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://nwa.pressreader.com/article/281968905995848 HTTP 302
    https://nwa.pressreader.com/article/281968905995848 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 281968905995848
nwa.pressreader.com/article/
Redirect Chain
  • http://nwa.pressreader.com/article/281968905995848
  • https://nwa.pressreader.com/article/281968905995848
13 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nwa.pressreader.com/article/281968905995848
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.181.59.253 Zeballos, Canada, ASN852 (TELUS Communications, CA),
Reverse DNS
grafana.ca.pressreader.com
Software
openresty/1.15.8.3 /
Resource Hash
777196a73d262fb4279211d16c6b75aebfa14f30ba3f6d00276aeb58cc9a8392

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

server
openresty/1.15.8.3
date
Thu, 16 Dec 2021 16:38:53 GMT
content-type
text/html; charset=utf-8
content-length
5411
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-encoding
gzip
expires
-1
ws
5

Redirect headers

Server
openresty/1.19.9.1
Date
Thu, 16 Dec 2021 16:38:53 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
no-cache
Pragma
no-cache
Expires
-1
Location
https://nwa.pressreader.com/article/281968905995848
ws
8
es6-shim.min.js
cdnjs.cloudflare.com/ajax/libs/es6-shim/0.35.6/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/es6-shim/0.35.6/es6-shim.min.js
Requested by
Host: nwa.pressreader.com
URL: https://nwa.pressreader.com/article/281968905995848
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba1f5a29f4374a0ea8e9b06cac1f49c85f336c74bcd269ad5873f46cac0b22b7
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://nwa.pressreader.com/article/281968905995848
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 16:38:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6043763
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
14690
timing-allow-origin
*
last-modified
Thu, 15 Oct 2020 06:57:27 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f87f2d7-e1e0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zBBM5w4oJEeAJX6hyqkIjXU1TEi78IQrAsUtiFpHvJUH4bpNMHWq2b%2Bhit40yv932J%2FpzPPdljj%2FBdLHlkFiAiyFA1zkNA6pYMUHIO%2BJZHgZe9IiFAYQp2socXFK4XphrV5xkTrRviiZZkZdrniBFRKa"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6be9583c2cdb7136-YUL
expires
Tue, 06 Dec 2022 16:38:54 GMT
viewer.libs.build.min.js
r.prcdn.co/scripts/se2sky/2.45.840/ 		708 KB
221 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://r.prcdn.co/scripts/se2sky/2.45.840/viewer.libs.build.min.js
Requested by
Host: nwa.pressreader.com
URL: https://nwa.pressreader.com/article/281968905995848
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:bcdd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
67c7067ab19ab3e71beddd58977ae7b4a552ce498ec1a5f10bde7663d8a2fd74

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://nwa.pressreader.com/article/281968905995848
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 16:38:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Dec 2021 20:37:15 GMT
server
cloudflare
age
72094
x-powered-by
ASP.NET
etag
W/"1d7f1f38b7381f8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
ws
5
content-type
application/javascript
cache-control
public,max-age=31536000
cf-ray
6be9583cbb8a4bd0-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
viewer.nolibs.build.min.js
r.prcdn.co/scripts/se2sky/2.45.840/ 		2 MB
475 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://r.prcdn.co/scripts/se2sky/2.45.840/viewer.nolibs.build.min.js
Requested by
Host: nwa.pressreader.com
URL: https://nwa.pressreader.com/article/281968905995848
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:bcdd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
23ef99e0d985db6f9a4e784e4c81cb60c7a7ab1a6760e62f44cd6360e8adee38

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://nwa.pressreader.com/article/281968905995848
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 16:38:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Dec 2021 20:37:16 GMT
server
cloudflare
age
72094
x-powered-by
ASP.NET
etag
W/"1d7f1f38c0ca31d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
ws
8
content-type
application/javascript
cache-control
public,max-age=31536000
cf-ray
6be9583cbb914bd0-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
WebResource.ashx
nwa.pressreader.com/res/en-us/g23353/t377139739/2/ 		647 KB
115 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nwa.pressreader.com/res/en-us/g23353/t377139739/2/WebResource.ashx?style=style-core.css$nd-core.css$style-pageview.css$style-textview.css$style-radio.css$datepicker.css$style-se-core.css$style-se-branding.scss$homepage.css$overlay.css$style-core-override.css$se-style.css$zeropage.css&caching=1&v=20211216034531277
Requested by
Host: nwa.pressreader.com
URL: https://nwa.pressreader.com/article/281968905995848
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.181.59.253 Zeballos, Canada, ASN852 (TELUS Communications, CA),
Reverse DNS
grafana.ca.pressreader.com
Software
openresty/1.15.8.3 /
Resource Hash
8a23bc1c610fb868e1b7eaad54733cb06880f7516f3c5e2ad1742fb36d4f2f51

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://nwa.pressreader.com/article/281968905995848
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 16:38:54 GMT
content-encoding
deflate
last-modified
Thu, 16 Dec 2021 14:29:51 GMT
server
openresty/1.15.8.3
ws
7, 7
content-type
text/css; charset=utf-8
cache-control
public
content-length
117876
expires
Wed, 16 Mar 2022 13:39:51 GMT
Resolve
nwa.pressreader.com/PlatformResolver/ 		0
75 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nwa.pressreader.com/PlatformResolver/Resolve?screenHeight=1200&screenWidth=1600&hasTouchSupport=false&_=1639672734427
Requested by
Host: r.prcdn.co
URL: https://r.prcdn.co/scripts/se2sky/2.45.840/viewer.libs.build.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.181.59.253 Zeballos, Canada, ASN852 (TELUS Communications, CA),
Reverse DNS
grafana.ca.pressreader.com
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://nwa.pressreader.com/article/281968905995848
X-Requested-With
XMLHttpRequest
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 16:38:54 GMT
cache-control
private
server
openresty/1.15.8.3
content-length
0
ws
5
ConfirmCookies
nwa.pressreader.com/Authentication/ 		125 B
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nwa.pressreader.com/Authentication/ConfirmCookies?_=1639672734428
Requested by
Host: r.prcdn.co
URL: https://r.prcdn.co/scripts/se2sky/2.45.840/viewer.libs.build.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.181.59.253 Zeballos, Canada, ASN852 (TELUS Communications, CA),
Reverse DNS
grafana.ca.pressreader.com
Software
openresty/1.15.8.3 /
Resource Hash
22f34712b7179a22c8c1eec5c7d1568c9125525f9fc0cdc81ed0bf959f7fae3f

Request headers

Accept
*/*
Referer
https://nwa.pressreader.com/article/281968905995848
X-Requested-With
XMLHttpRequest
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 16:38:54 GMT
cache-control
private
server
openresty/1.15.8.3
content-encoding
gzip
content-length
141
ws
5
content-type
application/json; charset=utf-8
worker.build.min.js
nwa.pressreader.com/scripts/ 		93 KB
30 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://nwa.pressreader.com/scripts/worker.build.min.js?v=1639672734520
Requested by
Host: nwa.pressreader.com
URL: https://nwa.pressreader.com/article/281968905995848
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.181.59.253 Zeballos, Canada, ASN852 (TELUS Communications, CA),
Reverse DNS
grafana.ca.pressreader.com
Software
openresty/1.15.8.3 /
Resource Hash
e7424b43a8243c8953ac94d2787db06c161f8a10f21126bd492dc5bf3684a65e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://nwa.pressreader.com/article/281968905995848
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 16:38:54 GMT
content-encoding
gzip
last-modified
Wed, 15 Dec 2021 20:37:15 GMT
server
openresty/1.15.8.3
etag
"f7b5f38bf3f1d71:0"
vary
Accept-Encoding
ws
5
content-type
application/x-javascript
cache-control
public, max-age=31104000
accept-ranges
bytes
content-length
30419
worker.build.min.js
nwa.pressreader.com/scripts/ 		93 KB
30 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://nwa.pressreader.com/scripts/worker.build.min.js?v=1639672734520
Requested by
Host: nwa.pressreader.com
URL: https://nwa.pressreader.com/article/281968905995848
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.181.59.253 Zeballos, Canada, ASN852 (TELUS Communications, CA),
Reverse DNS
grafana.ca.pressreader.com
Software
openresty/1.15.8.3 /
Resource Hash
e7424b43a8243c8953ac94d2787db06c161f8a10f21126bd492dc5bf3684a65e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://nwa.pressreader.com/article/281968905995848
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 16:38:54 GMT
content-encoding
gzip
last-modified
Wed, 15 Dec 2021 20:37:29 GMT
server
openresty/1.15.8.3
etag
"84ffff93f3f1d71:0"
vary
Accept-Encoding
ws
6
content-type
application/x-javascript
cache-control
public, max-age=31104000
accept-ranges
bytes
content-length
30419
worker.build.min.js
nwa.pressreader.com/scripts/ 		93 KB
30 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://nwa.pressreader.com/scripts/worker.build.min.js?v=1639672734520
Requested by
Host: nwa.pressreader.com
URL: https://nwa.pressreader.com/article/281968905995848
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.181.59.253 Zeballos, Canada, ASN852 (TELUS Communications, CA),
Reverse DNS
grafana.ca.pressreader.com
Software
openresty/1.15.8.3 /
Resource Hash
e7424b43a8243c8953ac94d2787db06c161f8a10f21126bd492dc5bf3684a65e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://nwa.pressreader.com/article/281968905995848
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 16:38:54 GMT
content-encoding
gzip
last-modified
Wed, 15 Dec 2021 20:37:16 GMT
server
openresty/1.15.8.3
etag
"22b508cf3f1d71:0"
vary
Accept-Encoding
ws
8
content-type
application/x-javascript
cache-control
public, max-age=31104000
accept-ranges
bytes
content-length
30419
worker.build.min.js
nwa.pressreader.com/scripts/ 		93 KB
30 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://nwa.pressreader.com/scripts/worker.build.min.js?v=1639672734520
Requested by
Host: nwa.pressreader.com
URL: https://nwa.pressreader.com/article/281968905995848
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.181.59.253 Zeballos, Canada, ASN852 (TELUS Communications, CA),
Reverse DNS
grafana.ca.pressreader.com
Software
openresty/1.15.8.3 /
Resource Hash
e7424b43a8243c8953ac94d2787db06c161f8a10f21126bd492dc5bf3684a65e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://nwa.pressreader.com/article/281968905995848
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 16:38:54 GMT
content-encoding
gzip
last-modified
Wed, 15 Dec 2021 20:37:15 GMT
server
openresty/1.15.8.3
etag
"f6aeb78bf3f1d71:0"
vary
Accept-Encoding
ws
7
content-type
application/x-javascript
cache-control
public, max-age=31104000
accept-ranges
bytes
content-length
30419
css
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Merriweather:400,400i,700|Roboto:400,700|Poppins:400,600&display=swap&subset=cyrillic,latin-ext
Requested by
Host: nwa.pressreader.com
URL: https://nwa.pressreader.com/res/en-us/g23353/t377139739/2/WebResource.ashx?style=style-core.css$nd-core.css$style-pageview.css$style-textview.css$style-radio.css$datepicker.css$style-se-core.css$style-se-branding.scss$homepage.css$overlay.css$style-core-override.css$se-style.css$zeropage.css&caching=1&v=20211216034531277
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2c415c5a86b8a3e6a0ee231ba937e31cb4d63f2a129f255af23436bb193463d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://nwa.pressreader.com/res/en-us/g23353/t377139739/2/WebResource.ashx?style=style-core.css$nd-core.css$style-pageview.css$style-textview.css$style-radio.css$datepicker.css$style-se-core.css$style-se-branding.scss$homepage.css$overlay.css$style-core-override.css$se-style.css$zeropage.css&caching=1&v=20211216034531277
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 16 Dec 2021 16:28:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 16 Dec 2021 16:38:54 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 16 Dec 2021 16:38:54 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700|Roboto:400,700|Poppins:400,600&display=swap&subset=cyrillic,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nwa.pressreader.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 16:23:56 GMT
x-content-type-options
nosniff
age
173698
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 14 Dec 2022 16:23:56 GMT
preload
svc.pressreader.com/se2skyservices/ 		29 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://svc.pressreader.com/se2skyservices/preload?accessToken=UY2Pb76sBz-Hql4MgV4DuuAr4YvF35kPydcxnbqIWA4ttNOYjggxDhP1bAzkQvBCfn1YQ8QIxgDSyDDr55tZqQ!!&_=1639672734429
Requested by
Host: r.prcdn.co
URL: https://r.prcdn.co/scripts/se2sky/2.45.840/viewer.libs.build.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.97.55 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2684a412516a2e1c497237da93bc3947fdc7b3aff42a3d776b9168819357db97
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept
*/*
Referer
https://nwa.pressreader.com/article/281968905995848
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 16:38:55 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
strict-transport-security
max-age=2592000
cf-ray
6be9584139d4ecee-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
request-context
appId=cid-v1:a004fdef-045a-4dc8-98ae-8dc0d994cc80
u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v27/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v27/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700|Roboto:400,700|Poppins:400,600&display=swap&subset=cyrillic,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d526a614dd31fabed89c605d7ddcb6adb1a9e2e45f3644ecbaabacf892bf038
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nwa.pressreader.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 21:21:20 GMT
x-content-type-options
nosniff
age
155855
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20024
x-xss-protection
0
last-modified
Tue, 30 Nov 2021 20:49:38 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 14 Dec 2022 21:21:20 GMT
truncated
/ 		73 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
11b9c95a68e295dddd0ea924647536578ce285b2c8469a223c01df1ff3166af1

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
pr-ui-icons.woff
nwa.pressreader.com/res/en-us/g23353/t377139739/2/images/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://nwa.pressreader.com/res/en-us/g23353/t377139739/2/images/pr-ui-icons.woff
Requested by
Host: nwa.pressreader.com
URL: https://nwa.pressreader.com/res/en-us/g23353/t377139739/2/WebResource.ashx?style=style-core.css$nd-core.css$style-pageview.css$style-textview.css$style-radio.css$datepicker.css$style-se-core.css$style-se-branding.scss$homepage.css$overlay.css$style-core-override.css$se-style.css$zeropage.css&caching=1&v=20211216034531277
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.181.59.253 Zeballos, Canada, ASN852 (TELUS Communications, CA),
Reverse DNS
grafana.ca.pressreader.com
Software
openresty/1.15.8.3 /
Resource Hash
dfa3c716c89f775d4a0aaac9b051fe9d112a360d87f389687aecd3e3eefde66f

Request headers

Referer
https://nwa.pressreader.com/res/en-us/g23353/t377139739/2/WebResource.ashx?style=style-core.css$nd-core.css$style-pageview.css$style-textview.css$style-radio.css$datepicker.css$style-se-core.css$style-se-branding.scss$homepage.css$overlay.css$style-core-override.css$se-style.css$zeropage.css&caching=1&v=20211216034531277
Origin
https://nwa.pressreader.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 16:38:55 GMT
last-modified
Thu, 02 Sep 2021 22:06:43 GMT
server
openresty/1.15.8.3
ws
7, 7
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public
content-length
47636
expires
Wed, 16 Mar 2022 16:38:55 GMT
/
svc.pressreader.com/se2skyservices/catalogs/metadata/ 		109 B
603 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://svc.pressreader.com/se2skyservices/catalogs/metadata/?accessToken=UY2Pb76sBz-Hql4MgV4DuuAr4YvF35kPydcxnbqIWA4ttNOYjggxDhP1bAzkQvBCfn1YQ8QIxgDSyDDr55tZqQ!!
Requested by
Host: r.prcdn.co
URL: https://r.prcdn.co/scripts/se2sky/2.45.840/viewer.libs.build.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.97.55 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa14b735ec1b9f67b28337f247d941c7154e5a1a6f3b54a95cbd88058ba285f6
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://nwa.pressreader.com/article/281968905995848
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 16:38:55 GMT
content-encoding
br
cf-cache-status
DYNAMIC
cf-ray
6be95842bf18ecfe-YUL
ws
6
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
request-context
appId=cid-v1:a004fdef-045a-4dc8-98ae-8dc0d994cc80
pragma
no-cache
server
cloudflare
svc
6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000
ndstate
{"Sponsor":null,"Catalog":{"Hash":"YkNgY2QXUUdapu3nx5jttw=="},"Ts":637752695351518882}
access-control-allow-origin
*
access-control-expose-headers
ndstate,X-PD-AProfile,X-PD-Profile,X-PD-Ticket,X-PD-Auth,X-PD-PAuth,X-PD-Token
cache-control
no-cache
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
expires
-1
/
svc.pressreader.com/se2skyservices/v1/subscriptions/current/ 		4 B
514 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://svc.pressreader.com/se2skyservices/v1/subscriptions/current/?accessToken=UY2Pb76sBz-Hql4MgV4DuuAr4YvF35kPydcxnbqIWA4ttNOYjggxDhP1bAzkQvBCfn1YQ8QIxgDSyDDr55tZqQ!!
Requested by
Host: r.prcdn.co
URL: https://r.prcdn.co/scripts/se2sky/2.45.840/viewer.libs.build.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.97.55 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://nwa.pressreader.com/article/281968905995848
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 16:38:55 GMT
content-encoding
br
cf-cache-status
DYNAMIC
cf-ray
6be95842bf1aecfe-YUL
ws
5
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
request-context
appId=cid-v1:a004fdef-045a-4dc8-98ae-8dc0d994cc80
pragma
no-cache
server
cloudflare
svc
5
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000
ndstate
{"Sponsor":null,"Catalog":{"Hash":"YkNgY2QXUUdapu3nx5jttw=="},"Ts":637752695351477872}
access-control-allow-origin
*
access-control-expose-headers
ndstate,X-PD-AProfile,X-PD-Profile,X-PD-Ticket,X-PD-Auth,X-PD-PAuth,X-PD-Token
cache-control
no-cache
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
expires
-1
/
svc.pressreader.com/se2skyservices/mynewspapers/GetNewspaperAlerts/ 		1 KB
924 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://svc.pressreader.com/se2skyservices/mynewspapers/GetNewspaperAlerts/?accessToken=UY2Pb76sBz-Hql4MgV4DuuAr4YvF35kPydcxnbqIWA4ttNOYjggxDhP1bAzkQvBCfn1YQ8QIxgDSyDDr55tZqQ!!
Requested by
Host: r.prcdn.co
URL: https://r.prcdn.co/scripts/se2sky/2.45.840/viewer.libs.build.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.97.55 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93d788c4039723fe1429a6a052c86797784e83adfdb9c049d571a65b79998331
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://nwa.pressreader.com/article/281968905995848
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 16:38:55 GMT
content-encoding
br
cf-cache-status
DYNAMIC
cf-ray
6be95842bf17ecfe-YUL
ws
5
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
request-context
appId=cid-v1:a004fdef-045a-4dc8-98ae-8dc0d994cc80
pragma
no-cache
server
cloudflare
svc
5
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000
ndstate
{"Sponsor":null,"Catalog":{"Hash":"YkNgY2QXUUdapu3nx5jttw=="},"Ts":637752695351447887}
access-control-allow-origin
*
access-control-expose-headers
ndstate,X-PD-AProfile,X-PD-Profile,X-PD-Ticket,X-PD-Auth,X-PD-PAuth,X-PD-Token
cache-control
no-cache
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
expires
-1
/
svc.pressreader.com/se2skyservices/featuredtitles/GetFeaturedTitlesCids/ 		15 B
525 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://svc.pressreader.com/se2skyservices/featuredtitles/GetFeaturedTitlesCids/?accessToken=UY2Pb76sBz-Hql4MgV4DuuAr4YvF35kPydcxnbqIWA4ttNOYjggxDhP1bAzkQvBCfn1YQ8QIxgDSyDDr55tZqQ!!
Requested by
Host: r.prcdn.co
URL: https://r.prcdn.co/scripts/se2sky/2.45.840/viewer.libs.build.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.97.55 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4286c5e35d2fa404ab6326723d5c30a74a18f604a6d3dc3d96f6d11c4f27b664
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://nwa.pressreader.com/article/281968905995848
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 16:38:55 GMT
content-encoding
br
cf-cache-status
DYNAMIC
cf-ray
6be95842bf19ecfe-YUL
ws
7
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
request-context
appId=cid-v1:a004fdef-045a-4dc8-98ae-8dc0d994cc80
pragma
no-cache
server
cloudflare
svc
7
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000
ndstate
{"Sponsor":null,"Catalog":{"Hash":"YkNgY2QXUUdapu3nx5jttw=="},"Ts":637752695351584407}
access-control-allow-origin
*
access-control-expose-headers
ndstate,X-PD-AProfile,X-PD-Profile,X-PD-Ticket,X-PD-Auth,X-PD-PAuth,X-PD-Token
cache-control
no-cache
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
expires
-1
/
s.prcdn.co/se2skyservices/res/ 		588 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.prcdn.co/se2skyservices/res/?callback=resCallback&id=23353&locale=en-US&ts=5249438138383017904&version=2
Requested by
Host: r.prcdn.co
URL: https://r.prcdn.co/scripts/se2sky/2.45.840/viewer.libs.build.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:bcdd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80c2fddf8fb5132a284037a2327beece39b1c47f95226a811a02fc75ae7db487
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://nwa.pressreader.com/article/281968905995848
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 16:38:55 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
ws
8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
request-context
appId=cid-v1:a004fdef-045a-4dc8-98ae-8dc0d994cc80
last-modified
Thu, 16 Dec 2021 13:50:42 GMT
server
cloudflare
svc
8
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31104000
access-control-allow-credentials
true
cf-ray
6be95842aa2f4bd0-YUL
/
svc.pressreader.com/se2skyservices/TemplateAdvertisements/GetTemplates/ 		2 B
512 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://svc.pressreader.com/se2skyservices/TemplateAdvertisements/GetTemplates/?accessToken=UY2Pb76sBz-Hql4MgV4DuuAr4YvF35kPydcxnbqIWA4ttNOYjggxDhP1bAzkQvBCfn1YQ8QIxgDSyDDr55tZqQ!!&appGroupId=23353
Requested by
Host: r.prcdn.co
URL: https://r.prcdn.co/scripts/se2sky/2.45.840/viewer.libs.build.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.97.55 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://nwa.pressreader.com/article/281968905995848
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 16:38:55 GMT
content-encoding
br
cf-cache-status
DYNAMIC
cf-ray
6be95842bf1cecfe-YUL
ws
7
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
request-context
appId=cid-v1:a004fdef-045a-4dc8-98ae-8dc0d994cc80
pragma
no-cache
server
cloudflare
svc
7
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000
ndstate
{"Sponsor":null,"Catalog":{"Hash":"YkNgY2QXUUdapu3nx5jttw=="},"Ts":637752695351574414}
access-control-allow-origin
*
access-control-expose-headers
ndstate,X-PD-AProfile,X-PD-Profile,X-PD-Ticket,X-PD-Auth,X-PD-PAuth,X-PD-Token
cache-control
no-cache
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
expires
-1
/
svc.pressreader.com/se2skyservices/catalog/v1/routes/publication/ 		0
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://svc.pressreader.com/se2skyservices/catalog/v1/routes/publication/?accessToken=UY2Pb76sBz-Hql4MgV4DuuAr4YvF35kPydcxnbqIWA4ttNOYjggxDhP1bAzkQvBCfn1YQ8QIxgDSyDDr55tZqQ!!&publication=article
Requested by
Host: r.prcdn.co
URL: https://r.prcdn.co/scripts/se2sky/2.45.840/viewer.libs.build.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.97.55 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://nwa.pressreader.com/article/281968905995848
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 16:38:55 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
6be95842bf1becfe-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0
request-context
appId=cid-v1:d8da05a7-c9e0-4794-b205-b85bc6ad5ab6
u-440qyriQwlOrhSvowK_l5-eCZMZ-Y.woff2
fonts.gstatic.com/s/merriweather/v27/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v27/u-440qyriQwlOrhSvowK_l5-eCZMZ-Y.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700|Roboto:400,700|Poppins:400,600&display=swap&subset=cyrillic,latin-ext
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
812e078865dc0095e48d4167010be6509771184fd4fb377f9cdcfcc9a2512d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nwa.pressreader.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 11 Dec 2021 20:28:13 GMT
x-content-type-options
nosniff
age
418242
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15292
x-xss-protection
0
last-modified
Tue, 30 Nov 2021 20:49:39 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sun, 11 Dec 2022 20:28:13 GMT
i-more.png
nwa.pressreader.com/images/ 		293 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nwa.pressreader.com/images/i-more.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.181.59.253 Zeballos, Canada, ASN852 (TELUS Communications, CA),
Reverse DNS
grafana.ca.pressreader.com
Software
openresty/1.15.8.3 /
Resource Hash
543a483970745f2226845b4a36ca6f0fd36e6776147e9810b6cd0550327de683

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://nwa.pressreader.com/article/281968905995848
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 16:38:55 GMT
last-modified
Wed, 05 Jun 2013 21:54:11 GMT
server
openresty/1.15.8.3
ws
5
content-type
image/png
access-control-allow-origin
*
cache-control
public
content-length
293
expires
Wed, 16 Mar 2022 16:38:55 GMT
toolbar-logo.png
nwa.pressreader.com/res/en-us/g23353/t377139739/2/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nwa.pressreader.com/res/en-us/g23353/t377139739/2/images/toolbar-logo.png
Requested by
Host: nwa.pressreader.com
URL: https://nwa.pressreader.com/res/en-us/g23353/t377139739/2/WebResource.ashx?style=style-core.css$nd-core.css$style-pageview.css$style-textview.css$style-radio.css$datepicker.css$style-se-core.css$style-se-branding.scss$homepage.css$overlay.css$style-core-override.css$se-style.css$zeropage.css&caching=1&v=20211216034531277
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.181.59.253 Zeballos, Canada, ASN852 (TELUS Communications, CA),
Reverse DNS
grafana.ca.pressreader.com
Software
openresty/1.15.8.3 /
Resource Hash
5f6fcdc1e04ad896f48e38f45550fc57f0f8af8f668f3cae32f69babf4ce71a0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://nwa.pressreader.com/res/en-us/g23353/t377139739/2/WebResource.ashx?style=style-core.css$nd-core.css$style-pageview.css$style-textview.css$style-radio.css$datepicker.css$style-se-core.css$style-se-branding.scss$homepage.css$overlay.css$style-core-override.css$se-style.css$zeropage.css&caching=1&v=20211216034531277
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 16:38:55 GMT
last-modified
Tue, 04 May 2021 09:50:46 GMT
server
openresty/1.15.8.3
ws
8, 8
content-type
image/png
access-control-allow-origin
*
cache-control
public
content-length
1412
expires
Wed, 16 Mar 2022 16:38:55 GMT
/
svc.pressreader.com/se2skyservices/articles/GetItems/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://svc.pressreader.com/se2skyservices/articles/GetItems/?accessToken=UY2Pb76sBz-Hql4MgV4DuuAr4YvF35kPydcxnbqIWA4ttNOYjggxDhP1bAzkQvBCfn1YQ8QIxgDSyDDr55tZqQ!!&articles=281968905995848&pages=&socialInfoArticles=&comment=LatestByAll&options=1&viewType=article
Requested by
Host: r.prcdn.co
URL: https://r.prcdn.co/scripts/se2sky/2.45.840/viewer.libs.build.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.97.55 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24e98dd7381941343bd9e735602d99b33102839689a0abb0efb8f45bcefbf6ac
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://nwa.pressreader.com/article/281968905995848
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 16:38:55 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
strict-transport-security
max-age=2592000
cf-ray
6be95844f966ecfe-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
request-context
appId=cid-v1:a004fdef-045a-4dc8-98ae-8dc0d994cc80
img
i.prcdn.co/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.prcdn.co/img?file=84752021121600000000001001&page=1&width=240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:bcdd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc0a9e47113af97d3267ffa9653961385ab58fee905993c5e7777165deccc05d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://nwa.pressreader.com/article/281968905995848
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 16:38:55 GMT
cf-cache-status
MISS
last-modified
Thu, 16 Dec 2021 16:38:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, no-transform
content-length
59476
accept-ranges
bytes
cf-ray
6be95846ffe84bd0-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
wc
d5
expires
Sat, 15 Jan 2022 16:38:55 GMT
/
svc.pressreader.com/se2skyservices/contentRestrictions/ 		1 KB
906 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://svc.pressreader.com/se2skyservices/contentRestrictions/?accessToken=UY2Pb76sBz-Hql4MgV4DuuAr4YvF35kPydcxnbqIWA4ttNOYjggxDhP1bAzkQvBCfn1YQ8QIxgDSyDDr55tZqQ!!
Requested by
Host: r.prcdn.co
URL: https://r.prcdn.co/scripts/se2sky/2.45.840/viewer.libs.build.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.97.55 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e9ecab30c4048083ab052945239cba223018d4ca6043c38b77d8fbd20e34b85
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://nwa.pressreader.com/article/281968905995848
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 16:38:55 GMT
content-encoding
br
cf-cache-status
DYNAMIC
cf-ray
6be95846eb71ecfe-YUL
ws
6
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
request-context
appId=cid-v1:a004fdef-045a-4dc8-98ae-8dc0d994cc80
pragma
no-cache
server
cloudflare
svc
6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000
ndstate
{"Sponsor":null,"Catalog":{"Hash":"YkNgY2QXUUdapu3nx5jttw=="},"Ts":637752695358155973}
access-control-allow-origin
*
access-control-expose-headers
ndstate,X-PD-AProfile,X-PD-Profile,X-PD-Ticket,X-PD-Auth,X-PD-PAuth,X-PD-Token
cache-control
no-cache
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
expires
-1
/
svc.pressreader.com/se2skyservices/contentRestrictions/issues/ 		374 B
710 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://svc.pressreader.com/se2skyservices/contentRestrictions/issues/?accessToken=UY2Pb76sBz-Hql4MgV4DuuAr4YvF35kPydcxnbqIWA4ttNOYjggxDhP1bAzkQvBCfn1YQ8QIxgDSyDDr55tZqQ!!&issues=84752021121600000000001001
Requested by
Host: r.prcdn.co
URL: https://r.prcdn.co/scripts/se2sky/2.45.840/viewer.libs.build.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.97.55 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70392be152dc2577d04d6cdb83a9a2ed894302df7739d374f4dc0f4b286c1dfe
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://nwa.pressreader.com/article/281968905995848
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 16:38:56 GMT
content-encoding
br
cf-cache-status
DYNAMIC
cf-ray
6be95847ac41ecfe-YUL
ws
6
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
request-context
appId=cid-v1:a004fdef-045a-4dc8-98ae-8dc0d994cc80
pragma
no-cache
server
cloudflare
svc
6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000
ndstate
{"Sponsor":null,"Catalog":{"Hash":"YkNgY2QXUUdapu3nx5jttw=="},"Ts":637752695359375432}
access-control-allow-origin
*
access-control-expose-headers
ndstate,X-PD-AProfile,X-PD-Profile,X-PD-Ticket,X-PD-Auth,X-PD-PAuth,X-PD-Token
cache-control
no-cache
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
expires
-1

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| basePath string| serviceUrl string| scriptBaseUrl string| currentHostName object| returnExports function| NDLoader object| preset boolean| mobileViewSupported boolean| mobileViewForced object| webpackChunkse2skyclient object| __core-js_shared__ object| core function| jQuery function| $ object| ko function| _ function| setImmediate function| clearImmediate function| getResources object| ResourceManager object| JSTemplatesManager object| html5 object| Modernizr object| __scrollbar object| spinjs object| __dialogs function| define function| require boolean| showLog string| widthClasses object| layoutStats object| ndGlobal object| _preload

3 Cookies

Domain/Path Name / Value
nwa.pressreader.com/ Name: lng
Value: en-us
nwa.pressreader.com/ Name: AProfile
Value: UV+aOAeMKwpfMaOTSLOStFpVw0Hn5mxSMQAAAAAAAF08xtI=
.prcdn.co/ Name: __cfruid
Value: c80215358e3c99dc5a220af7458812b61a93cf5b-1639672735

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
i.prcdn.co
nwa.pressreader.com
r.prcdn.co
s.prcdn.co
svc.pressreader.com
104.16.97.55
208.181.59.253
2606:4700::6810:125e
2606:4700::6810:bcdd
2607:f8b0:4006:817::200a
2607:f8b0:4006:822::2003
11b9c95a68e295dddd0ea924647536578ce285b2c8469a223c01df1ff3166af1
22f34712b7179a22c8c1eec5c7d1568c9125525f9fc0cdc81ed0bf959f7fae3f
23ef99e0d985db6f9a4e784e4c81cb60c7a7ab1a6760e62f44cd6360e8adee38
24e98dd7381941343bd9e735602d99b33102839689a0abb0efb8f45bcefbf6ac
2684a412516a2e1c497237da93bc3947fdc7b3aff42a3d776b9168819357db97
2c415c5a86b8a3e6a0ee231ba937e31cb4d63f2a129f255af23436bb193463d1
4286c5e35d2fa404ab6326723d5c30a74a18f604a6d3dc3d96f6d11c4f27b664
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
543a483970745f2226845b4a36ca6f0fd36e6776147e9810b6cd0550327de683
5f6fcdc1e04ad896f48e38f45550fc57f0f8af8f668f3cae32f69babf4ce71a0
67c7067ab19ab3e71beddd58977ae7b4a552ce498ec1a5f10bde7663d8a2fd74
6e9ecab30c4048083ab052945239cba223018d4ca6043c38b77d8fbd20e34b85
70392be152dc2577d04d6cdb83a9a2ed894302df7739d374f4dc0f4b286c1dfe
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
777196a73d262fb4279211d16c6b75aebfa14f30ba3f6d00276aeb58cc9a8392
80c2fddf8fb5132a284037a2327beece39b1c47f95226a811a02fc75ae7db487
812e078865dc0095e48d4167010be6509771184fd4fb377f9cdcfcc9a2512d2e
8a23bc1c610fb868e1b7eaad54733cb06880f7516f3c5e2ad1742fb36d4f2f51
8d526a614dd31fabed89c605d7ddcb6adb1a9e2e45f3644ecbaabacf892bf038
93d788c4039723fe1429a6a052c86797784e83adfdb9c049d571a65b79998331
aa14b735ec1b9f67b28337f247d941c7154e5a1a6f3b54a95cbd88058ba285f6
ba1f5a29f4374a0ea8e9b06cac1f49c85f336c74bcd269ad5873f46cac0b22b7
cc0a9e47113af97d3267ffa9653961385ab58fee905993c5e7777165deccc05d
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
dfa3c716c89f775d4a0aaac9b051fe9d112a360d87f389687aecd3e3eefde66f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7424b43a8243c8953ac94d2787db06c161f8a10f21126bd492dc5bf3684a65e