urlscan.io logo urlscan.io
SecurityTrails logo

theprovince.com Open in urlscan Pro
34.111.249.109  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://theprovince.com/news/Syria+crackdown+toll+rises+despite+Arab+peace+deal/5675895/story.html
Effective URL: https://theprovince.com/news/Syria+crackdown+toll+rises+despite+Arab+peace+deal/5675895/story.html
Submission: On August 01 via api from NL — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 45 IPs in 4 countries across 36 domains to perform 141 HTTP transactions. The main IP is 34.111.249.109, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is theprovince.com. The Cisco Umbrella rank of the primary domain is 944993.
TLS certificate: Issued by GTS CA 1D4 on July 5th 2023. Valid for: 3 months.
This is the only time theprovince.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 34.111.249.109 396982 (GOOGLE-CL...)
1 172.64.103.11 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 108.138.1.25 16509 (AMAZON-02)
2 23.56.202.187 16625 (AKAMAI-AS)
1 13.225.78.97 16509 (AMAZON-02)
1 18.66.112.103 16509 (AMAZON-02)
17 34.117.54.29 396982 (GOOGLE-CL...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 23.215.22.18 16625 (AKAMAI-AS)
1 35.241.9.51 15169 (GOOGLE)
1 185.89.211.12 29990 (ASN-APPNEX)
8 34.107.254.252 396982 (GOOGLE-CL...)
4 18.185.12.185 16509 (AMAZON-02)
2 2 172.217.16.194 15169 (GOOGLE)
5 34.149.157.221 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
5 2600:9000:223... 16509 (AMAZON-02)
9 2a00:1450:400... 15169 (GOOGLE)
2 5 13.32.99.23 16509 (AMAZON-02)
5 2a04:4e42::645 54113 (FASTLY)
3 2600:1f18:44f... 14618 (AMAZON-AES)
2 2a03:2880:f08... 32934 (FACEBOOK)
2 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 2606:4700::68... 13335 (CLOUDFLAR...)
6 2001:4860:480... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 172.67.159.162 13335 (CLOUDFLAR...)
1 65.9.66.19 16509 (AMAZON-02)
1 18.66.100.58 16509 (AMAZON-02)
3 2a03:2880:f17... 32934 (FACEBOOK)
3 2a04:4e42:600... 54113 (FASTLY)
2 18.66.112.32 16509 (AMAZON-02)
1 143.204.215.108 16509 (AMAZON-02)
1 52.17.99.225 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
3 167.235.124.60 24940 (HETZNER-AS)
1 116.202.150.116 24940 (HETZNER-AS)
1 52.22.86.57 14618 (AMAZON-AES)
141 45
3    34.111.249.109 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 109.249.111.34.bc.googleusercontent.com
theprovince.com
1    172.64.103.11 (United States)

ASN13335 (CLOUDFLARENET, US)
www.npttech.com
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net
c.amazon-adsystem.com
2    23.56.202.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-202-187.deploy.static.akamaitechnologies.com
micro.rubiconproject.com
ads.rubiconproject.com
1    13.225.78.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-97.fra2.r.cloudfront.net
cdn.adsafeprotected.com
1    18.66.112.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-103.fra56.r.cloudfront.net
ak.sail-horizon.com
17    34.117.54.29 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 29.54.117.34.bc.googleusercontent.com
fem.gprod.postmedia.digital
dcs-static.gprod.postmedia.digital
4    2606:4700::6812:4eb (United States)

ASN13335 (CLOUDFLARENET, US)
auth.lrcontent.com
config.lrcontent.com
4    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700::6812:1a98 (United States)

ASN13335 (CLOUDFLARENET, US)
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
1    23.215.22.18 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-22-18.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co
1    185.89.211.12 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
8    34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com
api.permutive.com
googlesync.permutive.com
4    18.185.12.185 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-12-185.eu-central-1.compute.amazonaws.com
postmedia.hub.loginradius.com
2    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net
cm.g.doubleclick.net
5    34.149.157.221 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 221.157.149.34.bc.googleusercontent.com
smartcdn.gprod.postmedia.digital
3    2606:4700::6811:b9b1 (United States)

ASN13335 (CLOUDFLARENET, US)
experience.tinypass.com
cdn.tinypass.com
buy.tinypass.com
5    2600:9000:223c:5600:8:2ae1:d740:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.viafoura.net
9    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    13.32.99.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-23.fra60.r.cloudfront.net
sb.scorecardresearch.com
5    2a04:4e42::645 (United States)

ASN54113 (FASTLY, US)
jssdkcdns.mparticle.com
identity.mparticle.com
3    2600:1f18:44f0:4851:3b4:7481:b1b9:f0b (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
api.viafoura.co
2    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2606:4700::6812:8fa (United States)

ASN13335 (CLOUDFLARENET, US)
assets.ribn.com
4    2a02:26f0:480:b94::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.cxense.com
1    2606:4700::6810:2a41 (United States)

ASN13335 (CLOUDFLARENET, US)
c2.piano.io
6    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
region1.google-analytics.com
4    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.nl
6    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    172.67.159.162 (United States)

ASN13335 (CLOUDFLARENET, US)
sdk.mrf.io
1    65.9.66.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-19.fra56.r.cloudfront.net
get.s-onetag.com
1    18.66.100.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-100-58.fra56.r.cloudfront.net
cdn.parsely.com
3    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    2a04:4e42:600::645 (United States)

ASN54113 (FASTLY, US)
jssdks.mparticle.com
2    18.66.112.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-32.fra56.r.cloudfront.net
onetag-geo.s-onetag.com
1    143.204.215.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-108.fra53.r.cloudfront.net
signal-beacon.s-onetag.com
1    52.17.99.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-99-225.eu-west-1.compute.amazonaws.com
p1.parsely.com
2    2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    167.235.124.60 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nue0038.cxense.com
p1cluster.cxense.com
comcluster.cxense.com
id.cxense.com
1    116.202.150.116 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: haproxy01.cl03.het.mrf.io
events.newsroom.bi
1    52.22.86.57 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-86-57.compute-1.amazonaws.com
i.viafoura.co
Apex Domain
Subdomains		 Transfer
22 postmedia.digital
fem.gprod.postmedia.digital — Cisco Umbrella Rank: 138959
dcs-static.gprod.postmedia.digital — Cisco Umbrella Rank: 113882
smartcdn.gprod.postmedia.digital — Cisco Umbrella Rank: 80285
286 KB
9 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 58
region1.google-analytics.com — Cisco Umbrella Rank: 1914
42 KB
9 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 73
643 KB
8 mparticle.com
jssdkcdns.mparticle.com — Cisco Umbrella Rank: 5656
identity.mparticle.com — Cisco Umbrella Rank: 2766
jssdks.mparticle.com — Cisco Umbrella Rank: 4892
60 KB
8 permutive.com
cdn.permutive.com Failed
api.permutive.com — Cisco Umbrella Rank: 1934
googlesync.permutive.com — Cisco Umbrella Rank: 8076
1017 B
8 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 204
cm.g.doubleclick.net — Cisco Umbrella Rank: 239
stats.g.doubleclick.net — Cisco Umbrella Rank: 114
152 KB
7 cxense.com
cdn.cxense.com — Cisco Umbrella Rank: 4517
p1cluster.cxense.com — Cisco Umbrella Rank: 8595
comcluster.cxense.com — Cisco Umbrella Rank: 4139
id.cxense.com — Cisco Umbrella Rank: 9075
78 KB
5 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2693
www.google.com — Cisco Umbrella Rank: 3
840 B
5 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 154
4 KB
5 viafoura.net
cdn.viafoura.net — Cisco Umbrella Rank: 10791
209 KB
4 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 4196
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 5541
signal-beacon.s-onetag.com — Cisco Umbrella Rank: 5843
21 KB
4 google.nl
www.google.nl — Cisco Umbrella Rank: 9020
641 B
4 viafoura.co
api.viafoura.co — Cisco Umbrella Rank: 11003
i.viafoura.co — Cisco Umbrella Rank: 10894
4 KB
4 loginradius.com
postmedia.hub.loginradius.com — Cisco Umbrella Rank: 141460
1 KB
4 gstatic.com
fonts.gstatic.com
60 KB
4 lrcontent.com
auth.lrcontent.com — Cisco Umbrella Rank: 59454
config.lrcontent.com — Cisco Umbrella Rank: 17603
96 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
265 B
3 tinypass.com
experience.tinypass.com — Cisco Umbrella Rank: 8028
cdn.tinypass.com — Cisco Umbrella Rank: 5315
buy.tinypass.com — Cisco Umbrella Rank: 6034
107 KB
3 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 354
64 KB
3 theprovince.com
theprovince.com — Cisco Umbrella Rank: 944993
80 KB
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 2835
p1.parsely.com — Cisco Umbrella Rank: 2098
26 KB
2 mrf.io
sdk.mrf.io — Cisco Umbrella Rank: 9840
45 KB
2 ribn.com
assets.ribn.com — Cisco Umbrella Rank: 134386
8 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 170
156 KB
2 rubiconproject.com
micro.rubiconproject.com — Cisco Umbrella Rank: 3083
ads.rubiconproject.com — Cisco Umbrella Rank: 2136
252 KB
1 newsroom.bi
events.newsroom.bi — Cisco Umbrella Rank: 8163
851 B
1 piano.io
c2.piano.io — Cisco Umbrella Rank: 4911
2 KB
1 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 245
571 B
1 prmutv.co
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co — Cisco Umbrella Rank: 177845
226 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1380
17 KB
1 permutive.app
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app — Cisco Umbrella Rank: 143016
131 KB
1 sail-horizon.com
ak.sail-horizon.com — Cisco Umbrella Rank: 3185
33 KB
1 adsafeprotected.com
cdn.adsafeprotected.com — Cisco Umbrella Rank: 3515
22 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 79
1 KB
1 npttech.com
www.npttech.com — Cisco Umbrella Rank: 7612
3 KB
0 jsdelivr.net Failed
cdn.jsdelivr.net Failed
141 36
Domain Requested by
13 dcs-static.gprod.postmedia.digital theprovince.com
dcs-static.gprod.postmedia.digital
9 www.googletagmanager.com fem.gprod.postmedia.digital
www.googletagmanager.com
jssdkcdns.mparticle.com
www.google-analytics.com
7 api.permutive.com 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
6 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
theprovince.com
5 sb.scorecardresearch.com 2 redirects fem.gprod.postmedia.digital
5 cdn.viafoura.net fem.gprod.postmedia.digital
cdn.viafoura.net
5 smartcdn.gprod.postmedia.digital
4 www.google.nl
4 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
4 cdn.cxense.com cdn.tinypass.com
cdn.cxense.com
4 identity.mparticle.com jssdkcdns.mparticle.com
4 postmedia.hub.loginradius.com fem.gprod.postmedia.digital
auth.lrcontent.com
4 fonts.gstatic.com fonts.googleapis.com
4 fem.gprod.postmedia.digital theprovince.com
fem.gprod.postmedia.digital
3 jssdks.mparticle.com jssdkcdns.mparticle.com
3 www.facebook.com
3 region1.google-analytics.com www.googletagmanager.com
3 region1.analytics.google.com www.googletagmanager.com
3 api.viafoura.co cdn.viafoura.net
3 c.amazon-adsystem.com theprovince.com
c.amazon-adsystem.com
3 theprovince.com 1 redirects dcs-static.gprod.postmedia.digital
2 config.lrcontent.com auth.lrcontent.com
2 www.google.com
2 onetag-geo.s-onetag.com get.s-onetag.com
signal-beacon.s-onetag.com
2 sdk.mrf.io theprovince.com
sdk.mrf.io
2 assets.ribn.com www.googletagmanager.com
theprovince.com
2 connect.facebook.net www.googletagmanager.com
connect.facebook.net
2 cm.g.doubleclick.net 2 redirects
2 auth.lrcontent.com theprovince.com
cdn.viafoura.net
2 securepubads.g.doubleclick.net theprovince.com
securepubads.g.doubleclick.net
1 buy.tinypass.com cdn.tinypass.com
1 i.viafoura.co cdn.viafoura.net
1 events.newsroom.bi sdk.mrf.io
1 id.cxense.com cdn.cxense.com
1 comcluster.cxense.com cdn.cxense.com
1 p1cluster.cxense.com cdn.cxense.com
1 p1.parsely.com
1 signal-beacon.s-onetag.com get.s-onetag.com
1 cdn.parsely.com www.googletagmanager.com
1 get.s-onetag.com www.googletagmanager.com
1 c2.piano.io cdn.tinypass.com
1 cdn.tinypass.com experience.tinypass.com
1 jssdkcdns.mparticle.com fem.gprod.postmedia.digital
1 experience.tinypass.com fem.gprod.postmedia.digital
1 googlesync.permutive.com
1 ib.adnxs.com 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
1 23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
1 secure.cdn.fastclick.net theprovince.com
1 ads.rubiconproject.com micro.rubiconproject.com
1 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app fem.gprod.postmedia.digital
1 ak.sail-horizon.com theprovince.com
1 cdn.adsafeprotected.com theprovince.com
1 micro.rubiconproject.com theprovince.com
1 fonts.googleapis.com theprovince.com
1 www.npttech.com theprovince.com
0 cdn.permutive.com Failed 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
0 cdn.jsdelivr.net Failed micro.rubiconproject.com
141 57
Subject Issuer Validity Valid
theprovince.com
GTS CA 1D4		 2023-07-05 -
2023-10-03		 3 months crt.sh
npttech.com
GTS CA 1P5		 2023-07-04 -
2023-10-02		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.adsafeprotected.com
Amazon RSA 2048 M01		 2023-05-22 -
2024-06-19		 a year crt.sh
ak.sail-horizon.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-01-16		 a year crt.sh
gprod.postmedia.digital
GTS CA 1D4		 2023-07-07 -
2023-10-05		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-29 -
2024-04-28		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
permutive.app
Cloudflare Inc ECC CA-3		 2023-07-09 -
2023-10-07		 3 months crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-02 -
2023-12-02		 a year crt.sh
*.prmutv.co
R3		 2023-06-06 -
2023-09-04		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
api.permutive.com
R3		 2023-06-17 -
2023-09-15		 3 months crt.sh
*.loginradius.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-29 -
2023-12-15		 a year crt.sh
viafoura.com
Amazon RSA 2048 M01		 2023-02-28 -
2023-10-06		 7 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-15 -
2023-12-28		 a year crt.sh
jssdkcdns.mparticle.com
Go Daddy Secure Certificate Authority - G2		 2023-05-02 -
2024-06-02		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-05-10 -
2023-08-08		 3 months crt.sh
identity.mparticle.com
Go Daddy Secure Certificate Authority - G2		 2023-05-08 -
2024-06-08		 a year crt.sh
*.cxense.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-13		 a year crt.sh
piano.io
Cloudflare Inc ECC CA-3		 2023-03-27 -
2024-03-26		 a year crt.sh
*.google.nl
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.s-onetag.com
Amazon RSA 2048 M01		 2023-02-23 -
2024-01-02		 10 months crt.sh
*.parsely.com
Amazon RSA 2048 M02		 2023-05-06 -
2024-06-03		 a year crt.sh
jssdks.mparticle.com
Go Daddy Secure Certificate Authority - G2		 2022-09-15 -
2023-10-17		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
ssl03.cert.cl03.k8s.mrf.io
R3		 2023-07-13 -
2023-10-11		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://theprovince.com/news/Syria+crackdown+toll+rises+despite+Arab+peace+deal/5675895/story.html
Frame ID: 5739CA083BF472EC9765881C1269AD30
Requests: 128 HTTP requests in this frame

Frame: https://fem.gprod.postmedia.digital/v84.1/xd.html
Frame ID: FC553F850C784F7A21E386993C4C624B
Requests: 2 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: 25D64112C6A4DAFC5CD8DF4E5D63D147
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: ACFF9ADB7F43574B595A0CDCC750D14F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The ProvinceThe ProvinceUser

Page URL History Show full URLs

  1. http://theprovince.com/news/Syria+crackdown+toll+rises+despite+Arab+peace+deal/5675895/story.html HTTP 308
    https://theprovince.com/news/Syria+crackdown+toll+rises+despite+Arab+peace+deal/5675895/story.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

141
Requests

95 %
HTTPS

47 %
IPv6

36
Domains

57
Subdomains

45
IPs

4
Countries

2604 kB
Transfer

10096 kB
Size

47
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://theprovince.com/news/Syria+crackdown+toll+rises+despite+Arab+peace+deal/5675895/story.html HTTP 308
    https://theprovince.com/news/Syria+crackdown+toll+rises+despite+Arab+peace+deal/5675895/story.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46
  • https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=d4343939-c846-44df-9e54-d48a10f63377 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=d4343939-c846-44df-9e54-d48a10f63377&google_tc= HTTP 302
  • https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEM0Sig7c-J5HmK7SMLUhOVw&error=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=d4343939-c846-44df-9e54-d48a10f63377&google_cver=1
Request Chain 85
  • https://sb.scorecardresearch.com/b?c1=2&c2=10276888&ns__t=1690854901900&ns_c=UTF-8&c8=The%20Province&c7=https%3A%2F%2Ftheprovince.com%2Fnews%2FSyria%2Bcrackdown%2Btoll%2Brises%2Bdespite%2BArab%2Bpeace%2Bdeal%2F5675895%2Fstory.html&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=10276888&ns__t=1690854901900&ns_c=UTF-8&c8=The%20Province&c7=https%3A%2F%2Ftheprovince.com%2Fnews%2FSyria%2Bcrackdown%2Btoll%2Brises%2Bdespite%2BArab%2Bpeace%2Bdeal%2F5675895%2Fstory.html&c9=
Request Chain 86
  • https://sb.scorecardresearch.com/c2/10276888/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js

141 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request story.html
theprovince.com/news/Syria+crackdown+toll+rises+despite+Arab+peace+deal/5675895/
Redirect Chain
  • http://theprovince.com/news/Syria+crackdown+toll+rises+despite+Arab+peace+deal/5675895/story.html
  • https://theprovince.com/news/Syria+crackdown+toll+rises+despite+Arab+peace+deal/5675895/story.html
443 KB
60 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://theprovince.com/news/Syria+crackdown+toll+rises+despite+Arab+peace+deal/5675895/story.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.249.109 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
109.249.111.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
39f4451fd289b218f543a555b5579970831fd5f885dfb5b8ba0fa51bd768ba7b
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
content-type
text/html; charset=utf-8
date
Tue, 01 Aug 2023 01:54:51 GMT
permissions-policy
autoplay=(*), camera=(*), display-capture=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), microphone=(*), payment=(*)
referrer-policy
strict-origin-when-cross-origin
server
istio-envoy
vary
Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-envoy-decorator-operation
pmd-nginx-proxy.nginx-proxy.svc.cluster.local:80/*
x-envoy-upstream-service-time
82
x-frame-options
SAMEORIGIN
x-pmd-backend
pmd-nginx-proxy-58cfb9ff56-zr5pn

Redirect headers

Cache-Control
private
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Tue, 01 Aug 2023 01:54:51 GMT
Location
https://theprovince.com:443/news/Syria+crackdown+toll+rises+despite+Arab+peace+deal/5675895/story.html
advertising.js
www.npttech.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.npttech.com/advertising.js
Requested by
Host: theprovince.com
URL: https://theprovince.com/news/Syria+crackdown+toll+rises+despite+Arab+peace+deal/5675895/story.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.103.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 01:54:52 GMT
x-amz-version-id
AqISHxpKTQvORh8RqBdMoHK.Vq6tURDV
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
0XWZ7W6C089H61NR
age
6837
alt-svc
h3=":443"; ma=86400
x-amz-id-2
wISMUfV0UhnTWXIiGwqmy9Ok13779BLLhxQWe3EjBYqTO7fatDm+tjHEHfEpv1qrYSdTR9AEEi4=
last-modified
Tue, 18 Oct 2022 13:20:01 GMT
server
cloudflare
etag
W/"df0e1827cd8f289a645f38d8fecaf6e0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7QGBO2f1wFHSB%2BdLH6vGj2JWEBJhE5oeARZKjE17IchHzyG7hd2z9b%2FRceaaC1xjHi7tyJRZAojoUoTpUGmT6UwRI5a%2F%2BE9FdW%2BeqMqJw0YthnHc8prrm4p8n9ernFfXEWc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=28800
cf-ray
7efa74a33dfe0b42-AMS
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap
Requested by
Host: theprovince.com
URL: https://theprovince.com/news/Syria+crackdown+toll+rises+despite+Arab+peace+deal/5675895/story.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f1e535ab56859a481d06cf50b2827e766c87c58486192e3f75925d5e6364cdf8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 01 Aug 2023 01:54:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 01 Aug 2023 01:54:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 01 Aug 2023 01:54:51 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: theprovince.com
URL: https://theprovince.com/news/Syria+crackdown+toll+rises+despite+Arab+peace+deal/5675895/story.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6b9d3b56e061c53f4c4e948607116bcbaf9c5d8833a7be4f3b02423a5f62c769
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 01:54:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27780
x-xss-protection
0
server
cafe
etag
738 / 19570 / m202307270101 / config-hash: 4890317717347343770
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 01 Aug 2023 01:54:51 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		246 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: theprovince.com
URL: https://theprovince.com/news/Syria+crackdown+toll+rises+despite+Arab+peace+deal/5675895/story.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c7fe6da239be5e83a3d053138d413293ac50686169f09bade4ac60edf7f60120

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 01:43:23 GMT
content-encoding
gzip
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront), 1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront)
last-modified
Thu, 27 Jul 2023 19:49:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1, FRA56-P6
age
689
x-amz-server-side-encryption
AES256
etag
W/"a7247ead77dd201b1e56acf0e565194b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
_ee3SROiK0jkD0lOcsroUkmsEpbdaCpXmV9-Vd9lZ3x58xa9jGXLFg==
14648.js
micro.rubiconproject.com/prebid/dynamic/ 		2 MB
246 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://micro.rubiconproject.com/prebid/dynamic/14648.js
Requested by
Host: theprovince.com
URL: https://theprovince.com/news/Syria+crackdown+toll+rises+despite+Arab+peace+deal/5675895/story.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-202-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b834be186b1615767f718e578eb44ae918ae06fcb21016640020f89a21837376

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 01:54:51 GMT
content-encoding
gzip
server
Apache
vary
accept-encoding, referer
edge-cache-tag
prod-prebid-14648_postmedia_pbjs.js
content-type
text/javascript
cache-control
public, must-revalidate, max-age=14400
content-length
251616
expires
Tue, 01 Aug 2023 15:30:29 GMT
iasPET.1.js
cdn.adsafeprotected.com/ 		22 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: theprovince.com
URL: https://theprovince.com/news/Syria+crackdown+toll+rises+despite+Arab+peace+deal/5675895/story.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Wed, 26 Jul 2023 21:04:52 GMT
Via
1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Jun 2021 17:38:57 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA2-C2
Age
449400
ETag
"51636de3ce868a2172f9e6996c2934e0"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22521
X-Amz-Cf-Id
VYhgR6RViSY95rdRXmbzqk3vUpSU0-fCDZlVgzKFZumdnpppnwBXmg==
spm.v1.min.js
ak.sail-horizon.com/spm/ 		98 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by
Host: theprovince.com
URL: https://theprovince.com/news/Syria+crackdown+toll+rises+despite+Arab+peace+deal/5675895/story.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-103.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8c67d47496a8af1f4c99a350ababf131661cf111a02460c5e9f6d9539db481c3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 01:50:00 GMT
content-encoding
gzip
via
1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
last-modified
Wed, 28 Jun 2023 16:11:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
292
x-amz-server-side-encryption
AES256
etag
W/"6f6b3838a24066fc24338c58c675bb27"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=600; must-revalidate
x-amz-cf-id
I2KYYCNabb1fzO5EJZuws6HTEMPdkDzR7iD3x6boUQk6dqfb2eUJVg==
fem.js
fem.gprod.postmedia.digital/v84.1/ 		340 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v84.1/fem.js
Requested by
Host: theprovince.com
URL: https://theprovince.com/news/Syria+crackdown+toll+rises+despite+Arab+peace+deal/5675895/story.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
54646b611ba51f7ca95417fa210db504b7a89dc52eb16bfbab8b552e1561d844

Request headers

Referer
Origin
https://theprovince.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 06:15:28 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1686602878
age
243563
x-guploader-uploadid
ADPycdvJdDtj1SArrvZJsW9KkV1SA-2ZG1HjshlBcwLBlVVDfquGsEEvP2yZH2aFtmdQp0O5m01rYI_jk_4-EINw1_UWPWyC1yak
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98814
last-modified
Mon, 12 Jun 2023 20:49:40 GMT
server
UploadServer
etag
W/"9b0844924f588c8ccbae18bb645d32c0"
vary
Accept-Encoding
x-goog-generation
1686602980351292
x-goog-hash
crc32c=2BNYsw==, md5=mwhEkk9YjIzLrhi7ZF0ywA==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
348078
accept-ranges
none
content-type
application/javascript
LoginRadiusV2.js
auth.lrcontent.com/v2/js/ 		201 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.lrcontent.com/v2/js/LoginRadiusV2.js
Requested by
Host: theprovince.com
URL: https://theprovince.com/news/Syria+crackdown+toll+rises+despite+Arab+peace+deal/5675895/story.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3a3630df92e474e23cf4212e60eadd8cfc79863dafe578c02b5807ffbecb3fa
Security Headers
Name Value
Strict-Transport-Security max-age= 63072000; includeSubdomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 01:54:59 GMT
strict-transport-security
max-age= 63072000; includeSubdomains; preload
via
1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
gzip
age
1637
x-amz-cf-pop
FRA56-C1
cf-polished
origSize=1282139
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cf-bgj
minify
last-modified
Wed, 19 Jul 2023 05:17:23 GMT
server
cloudflare
etag
W/"0221ca3f6ee29fcc55e5b21144c2673d"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=14400
cf-ray
7efa74d20d195c9e-FRA
x-amz-cf-id
OSpeJFGzPTmCMkFansHi1A4wc0xFTMe9yWm3c44hgkOOuNNz8tWAvA==
expires
Tue, 01 Aug 2023 05:54:59 GMT
shared.04796506bbd8.js
dcs-static.gprod.postmedia.digital/14.0.2/CACHE/js/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.0.2/CACHE/js/shared.04796506bbd8.js
Requested by
Host: theprovince.com
URL: https://theprovince.com/news/Syria+crackdown+toll+rises+despite+Arab+peace+deal/5675895/story.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b66ed0bc577b9402b9c4f93ef1891f9583f8a98208e13d9eb4a02f4ec929e84e

Request headers

Referer
https://theprovince.com/
Origin
https://theprovince.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 20:02:25 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1689608542
age
539546
x-guploader-uploadid
ADPycdso4UKSgqS5rNMeuF-KWumXF9xxJTwr9DC4HGZyuCHFqm_RqODgAqKfL8DDQ4B7-vkdI2c1Pzv8s6u3gh7jef4224Bjf9Wt
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7421
last-modified
Tue, 18 Jul 2023 17:09:45 GMT
server
UploadServer
etag
W/"df2982e1fef764f8ba182a206661b604"
vary
Accept-Encoding
x-goog-generation
1689700185459943
x-goog-hash
crc32c=m+T9/A==, md5=3ymC4f73ZPi6GCogZmG2BA==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
20751
accept-ranges
none
content-type
application/javascript
main.5582edb38e05.js
dcs-static.gprod.postmedia.digital/14.0.2/CACHE/js/ 		92 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.0.2/CACHE/js/main.5582edb38e05.js
Requested by
Host: theprovince.com
URL: https://theprovince.com/news/Syria+crackdown+toll+rises+despite+Arab+peace+deal/5675895/story.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
5582edb38e051b9422550d8fee4de31bcb0dde52535947bd99ab646730fa4bc1

Request headers

Referer
https://theprovince.com/
Origin
https://theprovince.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 20:02:25 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1689608542
age
539546
x-guploader-uploadid
ADPycdvDM8ctXTm2FoS8hiDX9T4HguzmHT_ssI3E-YucsY4DSKdAulRysx80husHoGBcAEu-3Tuyz--FHybYtPhGlGonMNFFIeiY
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31981
last-modified
Tue, 18 Jul 2023 17:09:45 GMT
server
UploadServer
etag
W/"e3285f9a28c1a21c74543c3334923e8d"
vary
Accept-Encoding
x-goog-generation
1689700185445411
x-goog-hash
crc32c=afKWIQ==, md5=4yhfmijBohx0VDwzNJI+jQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
94374
accept-ranges
none
content-type
application/javascript
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://theprovince.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 17:49:54 GMT
x-content-type-options
nosniff
age
288297
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 Jul 2024 17:49:54 GMT
NGSpv5_NC0k9P_v6ZUCbLRAHxK1EbiusdUmm.woff2
fonts.gstatic.com/s/heebo/v21/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/heebo/v21/NGSpv5_NC0k9P_v6ZUCbLRAHxK1EbiusdUmm.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a02900c2dbce0e4436db42632097edb14b149edf0e58add290771afd965ec38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://theprovince.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 21:34:34 GMT
x-content-type-options
nosniff
age
188417
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10372
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:30:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Jul 2024 21:34:34 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://theprovince.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 11:08:17 GMT
x-content-type-options
nosniff
age
225994
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Jul 2024 11:08:17 GMT
postmedia-image-fallback.webp
dcs-static.gprod.postmedia.digital/14.0.2/websites/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/14.0.2/websites/images/postmedia-image-fallback.webp
Requested by
Host: theprovince.com
URL: https://theprovince.com/news/Syria+crackdown+toll+rises+despite+Arab+peace+deal/5675895/story.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
179c493864283938999b1e6cfb14839f78f9b25d1ec30faabbf9ea18216b23e5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 19:48:52 GMT
x-goog-meta-goog-reserved-file-mtime
1689608540
age
540359
x-guploader-uploadid
ADPycduYWlj2xtFTmRSucYv_52AhZe7AWKGsiFMpDXKSmdhaSH32pOLNjHkBSQfCub4On9dYFMgaMRux53kZ-I_kJYzl8SZbPGRv
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2934
last-modified
Tue, 18 Jul 2023 17:11:48 GMT
server
UploadServer
etag
"496f3aa3adffbf2280dd5f74fb6eef8f"
x-goog-generation
1689700308495636
x-goog-hash
crc32c=Qpf2ww==, md5=SW86o63/vyKA3V90+27vjw==
access-control-allow-origin
*
content-type
application/octet-stream
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
2934
accept-ranges
bytes
icon-soc-fb.svg
dcs-static.gprod.postmedia.digital/14.0.2/websites/images/share-icons/ 		775 B
1015 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/14.0.2/websites/images/share-icons/icon-soc-fb.svg
Requested by
Host: theprovince.com
URL: https://theprovince.com/news/Syria+crackdown+toll+rises+despite+Arab+peace+deal/5675895/story.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
40e562e806ce113ae7879d0dd76db82797b5c274794751c260381f2c8b283641

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 21:21:22 GMT
x-goog-meta-goog-reserved-file-mtime
1689608542
age
362009
x-guploader-uploadid
ADPycduEVP3Gb4gidrm4k4tKbZuKLh0NWjp1-BP31jGxV1rTrwGahTN3jJTfSFr5TwGlb26_yg_yZPhOeZP3RpkPVqerc7inDUb_
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
775
last-modified
Tue, 18 Jul 2023 17:11:49 GMT
server
UploadServer
etag
"993353c51244defcc16154eac23ff88d"
x-goog-generation
1689700309431106
x-goog-hash
crc32c=Z/aKUg==, md5=mTNTxRJE3vzBYVTqwj/4jQ==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
775
accept-ranges
bytes
icon-soc-tw.svg
dcs-static.gprod.postmedia.digital/14.0.2/websites/images/share-icons/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/14.0.2/websites/images/share-icons/icon-soc-tw.svg
Requested by
Host: theprovince.com
URL: https://theprovince.com/news/Syria+crackdown+toll+rises+despite+Arab+peace+deal/5675895/story.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
975a64dc9bbc5e1884ba8ca2e76d9b2791d16d5c9f3619bf30477cd21a8636d2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 05:53:37 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1689608542
age
244874
x-guploader-uploadid
ADPycdvzzoFptNhRu68ZeMMpQixAjDX2nymLOxclOUKuuRLMXUWZoyX-kqs3s0E9p2Y5TVjTDDSj3emcKa31A7mpfBnbFxVQ3Xdd
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
806
last-modified
Tue, 18 Jul 2023 17:11:50 GMT
server
UploadServer
etag
W/"df82c342c1176b84253c53e6e10eed05"
vary
Accept-Encoding
x-goog-generation
1689700310030672
x-goog-hash
crc32c=cbPk0w==, md5=34LDQsEXa4QlPFPm4Q7tBQ==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
1698
accept-ranges
none
icon-soc-yt.svg
dcs-static.gprod.postmedia.digital/14.0.2/websites/images/share-icons/ 		744 B
984 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/14.0.2/websites/images/share-icons/icon-soc-yt.svg
Requested by
Host: theprovince.com
URL: https://theprovince.com/news/Syria+crackdown+toll+rises+despite+Arab+peace+deal/5675895/story.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
99394b0f6e9f0aefd71dd6a9ad59129ff7852e7734905bead2f2cec5789e3436

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 21:14:10 GMT
x-goog-meta-goog-reserved-file-mtime
1689608542
age
362441
x-guploader-uploadid
ADPycds2KETWXp-WQor9gx7AnDBPAgvL97PGVvIYryeDUqXC-ScbgAbPrYULdHdbaZsAHIYKfhUdnQftTuGV2ZzHqCz3-8tk8iFz
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
744
last-modified
Tue, 18 Jul 2023 17:11:49 GMT
server
UploadServer
etag
"c7b3b346ada043e6e241bca3e7f698d0"
x-goog-generation
1689700309949536
x-goog-hash
crc32c=8iXYKg==, md5=x7OzRq2gQ+biQbyj5/aY0A==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
744
accept-ranges
bytes
icon-soc-ig.svg
dcs-static.gprod.postmedia.digital/14.0.2/websites/images/share-icons/ 		2 KB
979 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/14.0.2/websites/images/share-icons/icon-soc-ig.svg
Requested by
Host: theprovince.com
URL: https://theprovince.com/news/Syria+crackdown+toll+rises+despite+Arab+peace+deal/5675895/story.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
179f43e8abd5e7bd49d05571dc29d22c9f5044eb17ca8253a49e3e28e716af61

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 06:09:06 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1689608542
age
243945
x-guploader-uploadid
ADPycds-ivy0hV19n-t1vpWpAjWVGcW21A6KUJyYf--L09qGTPVoyNwb_zCe7gScXatKDgMtP-RoB4IEs9IZbA_iKcyVLg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
720
last-modified
Tue, 18 Jul 2023 17:11:49 GMT
server
UploadServer
etag
W/"cf38c08bd0b7e49f4550f048b7c4e2cf"
vary
Accept-Encoding
x-goog-generation
1689700309759560
x-goog-hash
crc32c=bCiZ9w==, md5=zzjAi9C35J9FUPBIt8Tizw==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
1898
accept-ranges
none
23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/ 		455 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v84.1/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9352fdb65cdcf9fcb8fadb6c01ee93a188c018c5b0f1f1526a96a425719055e8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 01:54:59 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
23dc09d6-b664-425a-a76e-0eed6a6cc102
age
0
x-guploader-uploadid
ADPycdt26FsrgkOfqtvKwQ96TvdL68ejdAGH7aCZdvwUU9uFoZbgJWo7KKjSNPEORk7NBrfw79C8Dtrv17ghkDGA0b18ZmBqviqX
x-goog-storage-class
REGIONAL
x-guploader-response-body-transformations
gunzipped
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
last-modified
Mon, 31 Jul 2023 21:40:17 GMT
server
cloudflare
etag
W/"0866901849a11548edf895125c73bfea"
vary
Accept-Encoding
x-goog-generation
1690839617661798
content-type
application/javascript
x-goog-hash
crc32c=sL3vlQ==, md5=CGaQGEmhFUjt+JUSXHO/6g==
cache-control
public, max-age=900
warning
214 UploadServer gunzipped
x-goog-stored-content-length
135787
timing-allow-origin
*
cf-ray
7efa74d20e1b1e4d-FRA
expires
Tue, 01 Aug 2023 02:09:59 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307270101/ 		387 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307270101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2ade4279c3b32472f61c35484d70ba1cec2deea85e6061832e6998dfad85e85c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 10:55:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
53985
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125684
x-xss-protection
0
server
cafe
etag
12611934720420487755
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 30 Jul 2024 10:55:06 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		353 B
712 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3528&u=https%3A%2F%2Ftheprovince.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
Server /
Resource Hash
d00b4c8953cdf25f549728ad667759e6f7650b5bf6146ecd3ec7c087bd3265b8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 21:38:14 GMT
via
1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
age
15397
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://theprovince.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
353
x-amz-cf-id
EG1hFIdjM4VKjCMlsRXkkzOIFx9ukXwEE_wq7iK2MM5fkneQF4iSBg==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id
rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding
gzip
via
1.1 57eb57a4c7d431365ab5b2e18c495bf4.cloudfront.net (CloudFront)
date
Mon, 31 Jul 2023 04:02:46 GMT
x-amz-cf-pop
FRA56-P6
age
78726
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sat, 24 Jun 2023 09:19:11 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
bjqSCz_frciVs2lbdkeYJEByDuUBDKQ4teChuJwI3_HiOmRHCxFJNA==
14648-pbjs-floors.json
ads.rubiconproject.com/floors/ 		65 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/floors/14648-pbjs-floors.json
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-202-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7cd18b47f483b3c39ae07f0131294dcd264f0a7d6950f8779481e6e80a22d294

Request headers

Referer
https://theprovince.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 01 Aug 2023 01:54:52 GMT
content-encoding
gzip
last-modified
Tue, 01 Aug 2023 00:40:46 GMT
server
Apache
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1500
access-control-allow-credentials
true
accept-ranges
bytes
content-length
5783
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		0
0
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: theprovince.com
URL: https://theprovince.com/news/Syria+crackdown+toll+rises+despite+Arab+peace+deal/5675895/story.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.215.22.18 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-22-18.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 01:54:52 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Tue, 01 Aug 2023 02:09:52 GMT
xd.html
fem.gprod.postmedia.digital/v84.1/ Frame FC55 		165 B
194 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v84.1/xd.html
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v84.1/fem.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
4fc88dab3ec5cc7ec01d8287b4e064fab1ef9ed0aa1068490ab3b80a0816515e

Request headers

Referer
https://theprovince.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
415663
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=31622400
content-length
165
content-type
text/html
date
Thu, 27 Jul 2023 06:27:16 GMT
etag
"4634c045016b17fde59349501c5f2181"
last-modified
Mon, 12 Jun 2023 20:49:42 GMT
server
UploadServer
x-cache-hit
hit
x-goog-generation
1686602982314383
x-goog-hash
crc32c=GozKtg== md5=RjTARQFrF/3lk0lQHF8hgQ==
x-goog-meta-goog-reserved-file-mtime
1686602878
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
165
x-guploader-uploadid
ADPycdsCKDS_ZG1ZLpTRH7daIozlFaX9cnPHE53YirNgZMqrnomS1vasPJgmgCEsy7US69OXExjpqFlPjhJKLXBtldOAstTWImFE
e6ef5ddfc47356cdddfe.js
fem.gprod.postmedia.digital/v84.1/chunks/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v84.1/chunks/e6ef5ddfc47356cdddfe.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v84.1/fem.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
c11ab006bc15870b18183fd4853f7950b96592d8206034c141ea4226a6a68452

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 19:11:57 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1686602878
age
369782
x-guploader-uploadid
ADPycdsxhFqh_X7jxckMz6scFvD6ifyJ4GYUIf-BZn_XaRGPwf2bBFAZIYEY6b6dBQlSPXZjSW6olsw3LrWwtpVB0bAs0tHMnW81
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1100
last-modified
Mon, 12 Jun 2023 20:49:39 GMT
server
UploadServer
etag
W/"15d92bca7be04b75ecfac92e74809b09"
vary
Accept-Encoding
x-goog-generation
1686602979265610
x-goog-hash
crc32c=l3/lag==, md5=FdkrynvgS3Xs+skudICbCQ==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
3197
accept-ranges
none
d29574067a0bb7d8c8bd3.js
dcs-static.gprod.postmedia.digital/14.0.2/websites/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.0.2/websites/js/d29574067a0bb7d8c8bd3.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.0.2/CACHE/js/shared.04796506bbd8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
69193c467efacbd943f4138e5b2b93dd1ded275d6e8233fd28b2a0f74765365b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 22:36:11 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1689608537
age
271128
x-guploader-uploadid
ADPycduS3Ik-7Ecnw9K0D0AGeIDL4yfhWJQRFlCFPmNNebJqD3UYMyrISVMD379KxUeckKJ6y78GCU6nd-EnUH8XRxWQcSk7HGt6
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3631
last-modified
Tue, 18 Jul 2023 17:12:02 GMT
server
UploadServer
etag
W/"233d9c59e0bd2b47b18fd5358ef0160f"
vary
Accept-Encoding
x-goog-generation
1689700322264587
x-goog-hash
crc32c=jLECtw==, md5=Iz2cWeC9K0exj9U1jvAWDw==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
11403
accept-ranges
none
8ae633f3387ab3d9f89616.js
dcs-static.gprod.postmedia.digital/14.0.2/websites/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.0.2/websites/js/8ae633f3387ab3d9f89616.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.0.2/CACHE/js/shared.04796506bbd8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
6029effcb1fb7327b832ce827a84f8ebe8c7a2154cb43f4186e5ea2bd6f9f49f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 14:34:32 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1689608536
age
472827
x-guploader-uploadid
ADPycduMacrxknVKRNjr6ddEHtZWiluOrKh5RBZ_r8P0H4M1VE1PiIIpwoFvs7k3yyGWjHvax1th2Ux_djlk-OEkGrddjFLHqvLk
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4426
last-modified
Tue, 18 Jul 2023 17:11:59 GMT
server
UploadServer
etag
W/"8c886839348e84eeb16a0f142757b307"
vary
Accept-Encoding
x-goog-generation
1689700319912559
x-goog-hash
crc32c=Jbp6BQ==, md5=jIhoOTSOhO6xag8UJ1ezBw==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
13988
accept-ranges
none
xd.js
fem.gprod.postmedia.digital/v84.1/ Frame FC55 		51 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v84.1/xd.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v84.1/xd.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e31a89083d03734589b1f635fd7b07a711ded6de7d923283c7a5a9380d0f6b09

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fem.gprod.postmedia.digital/v84.1/xd.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 06:50:25 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1686602878
age
414274
x-guploader-uploadid
ADPycdvRdpARBu-EIidOFk8zf2suf9aUbnOugVrZi63VCuBGKeyjhTm6EbJFK9F4e0wstK55zNMeuNoLx5VvRyeMJJHPk3RwE1wv
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17123
last-modified
Mon, 12 Jun 2023 20:49:42 GMT
server
UploadServer
etag
W/"c38deca7bc4712c75c973d25092ef919"
vary
Accept-Encoding
x-goog-generation
1686602982029051
x-goog-hash
crc32c=lq/k9Q==, md5=w43sp7xHEsdclz0lCS75GQ==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
51870
accept-ranges
none
7380f428297495c9787e0.js
dcs-static.gprod.postmedia.digital/14.0.2/websites/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.0.2/websites/js/7380f428297495c9787e0.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.0.2/CACHE/js/shared.04796506bbd8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8d3d191d44b6a042adb3ac86d403f8eaa0f7d28056ce74fb3ec3bc65aff5178f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 22:49:35 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1689608536
age
270324
x-guploader-uploadid
ADPycdtWTELo8DxdGmKf615ZdUmtyhUdrlVx13mlln8ktXB2Zh8qIhmsjQqy-oQvAoac29IHESlVcajXLnp8lzqYvmzPBzM4xJya
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2821
last-modified
Tue, 18 Jul 2023 17:11:59 GMT
server
UploadServer
etag
W/"16a345a6eb36c4391df09d45582d99e7"
vary
Accept-Encoding
x-goog-generation
1689700319427562
x-goog-hash
crc32c=eCv7Ug==, md5=FqNFpus2xDkd8J1FWC2Z5w==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
6981
accept-ranges
none
a1a3c4e9a4599fb112c623.js
dcs-static.gprod.postmedia.digital/14.0.2/websites/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.0.2/websites/js/a1a3c4e9a4599fb112c623.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.0.2/CACHE/js/shared.04796506bbd8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3a4af17aa57e3bf6dc59b3845a0bb9154cd89b84a4b0a695d97c36e1cf359b65

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 07:04:55 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1689608537
age
413404
x-guploader-uploadid
ADPycdtkWj-Q-n5VFqo71Utdqgp-U1WuUanEy7ynQSE58j239hunHNNqwJXQ39VK7g4C9r3t7VepkVtTqUSbrNLQOZQK2bvO7JfE
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2020
last-modified
Tue, 18 Jul 2023 17:12:00 GMT
server
UploadServer
etag
W/"8dc29bf3fb9907b6ce19370e11222e99"
vary
Accept-Encoding
x-goog-generation
1689700320718651
x-goog-hash
crc32c=Vw6IcA==, md5=jcKb8/uZB7bOGTcOESIumQ==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
5710
accept-ranges
none
f3098c18df3adcd356964.js
dcs-static.gprod.postmedia.digital/14.0.2/websites/js/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.0.2/websites/js/f3098c18df3adcd356964.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.0.2/CACHE/js/shared.04796506bbd8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
fac88c8cd5cdb3a87807de498e55491141401c74bbd51e92aa4bf123e8d1bf2d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 18:48:11 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1689608536
age
371208
x-guploader-uploadid
ADPycduWfwoqnZq8wyBG9DE4VsqveHlX03suA8yFo23FvRKg6z8--wJ4mT5s0r2Tp05oyF1QR7C7aSJDyKwa74oagiqM5NyCkGw5
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4394
last-modified
Tue, 18 Jul 2023 17:12:02 GMT
server
UploadServer
etag
W/"d2577cf761973a9bad2d3781430d763f"
vary
Accept-Encoding
x-goog-generation
1689700322642434
x-goog-hash
crc32c=JWkvYQ==, md5=0ld892GXOputLTeBQw12Pw==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
15551
accept-ranges
none
4e8720b61d861864435e36.js
dcs-static.gprod.postmedia.digital/14.0.2/websites/js/ 		224 B
261 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.0.2/websites/js/4e8720b61d861864435e36.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.0.2/CACHE/js/shared.04796506bbd8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
da9b18821986663ec3e5f926699020bfcd9ca73aec75fbed9006866022808e8a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 22:29:16 GMT
x-goog-meta-goog-reserved-file-mtime
1689608537
age
271543
x-guploader-uploadid
ADPycdtDoT_Zgv5jonsIlukiafDGwiaP5OtBsyT-s3YkQWZNGjfSQEgDio-dyUj7LFDG6G1G-XykOTsMEia835tGgUKU-yvcVYnS
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
224
last-modified
Tue, 18 Jul 2023 17:11:58 GMT
server
UploadServer
etag
"087008fa497bb67bcdf1a4c150537516"
x-goog-generation
1689700318438299
x-goog-hash
crc32c=UBw1Fg==, md5=CHAI+kl7tnvN8aTBUFN1Fg==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
224
accept-ranges
bytes
pxid
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/v2.0/ 		12 B
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/v2.0/pxid?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.9.241.35.bc.googleusercontent.com
Software
Permutive /
Resource Hash
481d77f5d1a9c24f102bb6af246ecbff595011e0d73e70b652c39d702565d47d

Request headers

Referer
https://theprovince.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 01 Aug 2023 01:55:00 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://theprovince.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32
getuidj
ib.adnxs.com/ 		11 B
571 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://theprovince.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 01 Aug 2023 01:55:00 GMT
an-x-request-uuid
4a64067e-379d-4f78-8eb3-ad22f83bf3ea
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://theprovince.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
37.48.94.19; 37.48.94.19; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
11
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
23dc09d6-b664-425a-a76e-0eed6a6cc102-models.bin
cdn.permutive.com/models/v2/ 		0
0
geoip
api.permutive.com/v2.0/ 		289 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
ff59b6bca1a70349fb547975c9bf5da7cc907551bffbba75b26f18ce9f9b8eb1

Request headers

Referer
https://theprovince.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 01 Aug 2023 01:54:59 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://theprovince.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
176
watson
api.permutive.com/v2.0/ 		2 B
87 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/watson?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://theprovince.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 01 Aug 2023 01:54:59 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://theprovince.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22
login
postmedia.hub.loginradius.com/ssologin/ 		38 B
549 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v84.1/fem.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.185.12.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-12-185.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://theprovince.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
content-type
application/json

Response headers

Date
Tue, 01 Aug 2023 01:55:01 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Server
nginx
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,OPTIONS, POST, GET, PUT, OPTIONS, DELETE
Content-Type
application/json
Access-Control-Allow-Origin
https://theprovince.com
X-LoginRadius-Server
Primary - IDX - AWS
Access-Control-Allow-Credentials
true
X-Server
ms_idx_primary
Connection
keep-alive
Content-Length
38
login
postmedia.hub.loginradius.com/ssologin/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.185.12.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-12-185.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://theprovince.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,OPTIONS POST, GET, PUT, OPTIONS, DELETE
Access-Control-Allow-Origin
https://theprovince.com
Connection
keep-alive
Date
Tue, 01 Aug 2023 01:55:01 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-LoginRadius-Server
Primary - IDX - AWS
X-Server
ms_idx_primary
afecd196-06e7-4be6-9dd4-44126722265f
https://theprovince.com/ 		176 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://theprovince.com/afecd196-06e7-4be6-9dd4-44126722265f
Requested by
Host: theprovince.com
URL: https://theprovince.com/news/Syria+crackdown+toll+rises+despite+Arab+peace+deal/5675895/story.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
288f88a7f61f065216ddca43615be8d89fd7c9369a3b7a5c577ceededd4708a1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Length
180295
Content-Type
78d898c4-67eb-44c6-8086-190694c8ba6b
https://theprovince.com/ 		176 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://theprovince.com/78d898c4-67eb-44c6-8086-190694c8ba6b
Requested by
Host: theprovince.com
URL: https://theprovince.com/news/Syria+crackdown+toll+rises+despite+Arab+peace+deal/5675895/story.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
288f88a7f61f065216ddca43615be8d89fd7c9369a3b7a5c577ceededd4708a1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Length
180295
Content-Type
/
theprovince.com/api-root/lists/cfcd8b1a-67f2-464e-a0d8-d51bbce4cec1/expanded/ 		173 KB
20 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://theprovince.com/api-root/lists/cfcd8b1a-67f2-464e-a0d8-d51bbce4cec1/expanded/?format=html&name=&from=0&type=category&load_origin_urls=false&is_sponsored=false&slugs_accepted=&slugs_excluded=&replace_video=false&template_name=feed-card-list
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.0.2/websites/js/d29574067a0bb7d8c8bd3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.249.109 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
109.249.111.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
b11ba6d751f39d905ab7c88c4ee752cadcb320cfcb82fafe8a87bf353be82fc5
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/news/Syria+crackdown+toll+rises+despite+Arab+peace+deal/5675895/story.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 01:55:01 GMT
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-content-type-options
nosniff
content-encoding
gzip
x-envoy-decorator-operation
pmd-nginx-proxy.nginx-proxy.svc.cluster.local:80/*
via
1.1 google
x-envoy-upstream-service-time
1458
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
referrer-policy
strict-origin-when-cross-origin
last-modified
Tuesday, 01-Aug-2023 01:55:01 GMT
server
istio-envoy
x-pmd-backend
pmd-nginx-proxy-58cfb9ff56-r4gmb
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,Accept, X_API_KEY, Cookie, Origin
content-type
text/html; charset=utf-8
allow
GET
cache-control
max-age=300,no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
permissions-policy
autoplay=(*), camera=(*), display-capture=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), microphone=(*), payment=(*)
expires
Tue, 01 Aug 2023 02:00:01 GMT
segment
api.permutive.com/adv/v2/ 		44 B
108 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/adv/v2/segment?new-session=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
406b6d79687c2601d33b029cf7867ab6cedc6c01ef13d669835b743f967d5d52

Request headers

Referer
https://theprovince.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Tue, 01 Aug 2023 01:54:59 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44
content-type
application/json
sync
googlesync.permutive.com/v2.0/px/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=d4343939-c846-44df-9e54-d48a10f63377
  • https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=d4343939-c846-44df-9e54-d48a10f63377&google_tc=
  • https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEM0Sig7c-J5HmK7SMLUhOVw&error=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=d4343939-c846-44df-9e54-d48a10f63377&google_cver=1
35 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEM0Sig7c-J5HmK7SMLUhOVw&error=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=d4343939-c846-44df-9e54-d48a10f63377&google_cver=1
Protocol
H2
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 01:55:00 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
vary
Origin
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 01 Aug 2023 01:54:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEM0Sig7c-J5HmK7SMLUhOVw&error=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=d4343939-c846-44df-9e54-d48a10f63377&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
404
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
api.permutive.com/v2.0/batch/ 		101 B
129 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
b5d3bcf3dc4815c4aadfc82822a7dd9aa83a936b1b25d5d382b3c06b7fd52d36

Request headers

Referer
https://theprovince.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 01 Aug 2023 01:55:00 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://theprovince.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
state
api.permutive.com/v1.0/ 		0
33 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v1.0/state?fetch_unseen=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://theprovince.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Tue, 01 Aug 2023 01:55:00 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
1247846259.jpg
smartcdn.gprod.postmedia.digital/theprovince/wp-content/uploads/2023/04/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/theprovince/wp-content/uploads/2023/04/1247846259.jpg?quality=90&strip=all&w=344&type=webp&sig=IM4uYtdvBszEmu_MIC-mkQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
922cd674c569df05a7e93d5c23d39299ed4116c4e2c1d8059511dab72145a0cc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-pmd-smartcdn-requester
theprovince
date
Tue, 01 Aug 2023 01:12:04 GMT
via
1.1 google
server
nginx/1.18.0
age
2577
etag
"17b32fae7e9860c55d8bffc3296180816203d984"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-5f7df9686c-qzbjt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14550
png0731nfatalcrash-01.jpg
smartcdn.gprod.postmedia.digital/theprovince/wp-content/uploads/2023/07/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/theprovince/wp-content/uploads/2023/07/png0731nfatalcrash-01.jpg?quality=90&strip=all&w=344&type=webp&sig=2_0AobTiUkYzYocELnHzew
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
15c42cf6227b5ced377775c28247c540ec70e360cb38bb8674409b7e6cc7ab81

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-pmd-smartcdn-requester
theprovince
date
Tue, 01 Aug 2023 01:55:01 GMT
via
1.1 google
server
nginx/1.18.0
etag
"87d8905a403f55e0a7495eac96e9a7faabd55c19"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
miss
x-pmd-smart-cdn-proxy
thumbor-proxy-5f7df9686c-zzfhp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39718
whistler-feat-1.jpg
smartcdn.gprod.postmedia.digital/theprovince/wp-content/uploads/2023/07/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/theprovince/wp-content/uploads/2023/07/whistler-feat-1.jpg?quality=90&strip=all&w=344&type=webp&sig=eWmBO2blDHWwGoU6aUI3kQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
4076bde0ca47d7963ce958952703f27d87b5d3c468af06fe3ae5c3a921375d9b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-pmd-smartcdn-requester
theprovince
date
Tue, 01 Aug 2023 01:03:22 GMT
via
1.1 google
server
nginx/1.18.0
age
3099
etag
"a5943ad3cf2e74224b525e4d4620b1e3783a4f45"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-5f7df9686c-qzbjt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26896
0622-sp-eips-1.SP_.jpg
smartcdn.gprod.postmedia.digital/theprovince/wp-content/uploads/2023/07/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/theprovince/wp-content/uploads/2023/07/0622-sp-eips-1.SP_.jpg?quality=90&strip=all&w=344&type=webp&sig=AVjfHzSESaMUKMPLdIObxw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
e1d9307ca83a0ea5a17812d4dd433e772dbdc100aeca947934e85b9d0bbc119c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-pmd-smartcdn-requester
theprovince
date
Tue, 01 Aug 2023 01:55:01 GMT
via
1.1 google
server
nginx/1.18.0
etag
"f4589cbdffaab8acacde5c00d20a38d9740fb614"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
miss
x-pmd-smart-cdn-proxy
thumbor-proxy-5f7df9686c-qzbjt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16836
bc-wildfire-20230731.jpg
smartcdn.gprod.postmedia.digital/theprovince/wp-content/uploads/2023/07/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/theprovince/wp-content/uploads/2023/07/bc-wildfire-20230731.jpg?quality=90&strip=all&w=344&type=webp&sig=mYRAwWyQl5PdVTCrppI09A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
c0ddc53fd392fc7828c6698a11bd23a1e0286698ffc34dff576ba42a104fd5d2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-pmd-smartcdn-requester
theprovince
date
Tue, 01 Aug 2023 01:55:03 GMT
via
1.1 google
server
nginx/1.18.0
etag
"913adb9617011383dbd84480406a5ac92fc1985a"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
miss
x-pmd-smart-cdn-proxy
thumbor-proxy-5f7df9686c-qzbjt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10956
PN_xRfK9oXHga0XdZsg_.woff2
fonts.gstatic.com/s/martel/v10/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/martel/v10/PN_xRfK9oXHga0XdZsg_.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b52af4f6849257bb609f2078d51dc45ad49c0f9b5ff217cf6f9c1c8afcb9a8df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://theprovince.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 06:08:42 GMT
x-content-type-options
nosniff
age
243979
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18860
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:03:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Jul 2024 06:08:42 GMT
load
experience.tinypass.com/xbuilder/experience/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://experience.tinypass.com/xbuilder/experience/load?aid=XFtUpaGGsj
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v84.1/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
828435b3668b663711786fbc9bf9ac938942d4108b78b097999ae65d5287703b
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
date
Tue, 01 Aug 2023 01:55:01 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 01 Aug 2023 01:47:54 GMT
server
cloudflare
age
427
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=1800
cf-ray
7efa74de2e2892b4-FRA
alt-svc
h3=":443"; ma=86400
x-request-id
yqa1qeklxx
expires
Tue, 01 Aug 2023 02:25:01 GMT
vf-v2.js
cdn.viafoura.net/ 		835 KB
195 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/vf-v2.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v84.1/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:5600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1b3bad45ad8983fbd28fbee0757cf049839a4e2c522a20c5dfa4ab8e508d3d66

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id
SOipwropxhIBjbR86x3zqq57Qyl4sWz.
content-encoding
br
via
1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
date
Tue, 01 Aug 2023 01:50:15 GMT
x-amz-cf-pop
FRA56-P2
age
287
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 27 Jul 2023 17:04:41 GMT
server
AmazonS3
etag
W/"3fef907e38d265c4e08d28b17451e830"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
x-amz-cf-id
tfzXVS3tWZ3GcQfgLPRdWYw8J4zn0pFMc2frIUe79sPg2xdt-b9vlQ==
gtm.js
www.googletagmanager.com/ 		396 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v84.1/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c168b8a4654084c974de53e371afb3aed4dde67c8fb3fa15939fc8dd22c9ae6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 01:55:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
109514
x-xss-protection
0
last-modified
Tue, 01 Aug 2023 00:45:36 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 01 Aug 2023 01:55:01 GMT
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v84.1/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-23.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 22:24:04 GMT
content-encoding
gzip
via
1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jul 2023 22:21:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
12657
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
pSHpIeN7j-O2v6dOJ9QnrGmvuL01essEmzIa49QjhOhpMMdIE-QKvA==
mparticle.js
jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/ 		222 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v84.1/fem.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
666ca2018b86e44574f963b268808f7d620bbc4f81c10436fca7ab689bbb244c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-served-by
cache-iad-kcgs7200117-IAD, cache-ams21036-AMS
date
Tue, 01 Aug 2023 01:55:01 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
server
Kestrel
age
261
x-timer
S1690854902.558813,VS0,VE1
x-origin-name
fastlyshield--shield_ssl_cache_iad_kcgs7200117_IAD
x-cache
HIT, HIT
content-type
application/javascript
vary
Accept, Accept-Encoding
cache-control
public, max-age=3600
accept-ranges
bytes
content-length
59950
x-cache-hits
44, 1
gtm.js
www.googletagmanager.com/ 		146 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v84.1/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
51e7230891018d2551ff8d645d8fd42e15e0b286e8b3954bedde7ccae8c166a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 01:55:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48173
x-xss-protection
0
last-modified
Tue, 01 Aug 2023 00:45:36 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 01 Aug 2023 01:55:01 GMT
tinypass.min.js
cdn.tinypass.com/api/ 		351 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tinypass.com/api/tinypass.min.js?version=2
Requested by
Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=XFtUpaGGsj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4105ba194558935f6cbb624e7561dcb0683dc544cd7f52c3eb9cd50a4fa230a3
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 01:55:01 GMT
x-amz-version-id
7ZIUpN2U6aX66J41ROzJGJRPnc_08J9P
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=86400; includeSubDomains
x-amz-request-id
E9CYY445HETA7TQ7
age
10561
x-amz-server-side-encryption
AES256
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
ezoERWUq5UrT69wWFELdyD7rU5oUhWvWw+vQDdud6IvLGtVgSC2w7e8jiujggNHdFXW/eOHfqAI=
last-modified
Fri, 28 Jul 2023 10:56:08 GMT
server
cloudflare
etag
W/"f583bc26fd7f5827d0018b49904bc572"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
7efa74de7e5692b4-FRA
expires
Tue, 01 Aug 2023 05:55:01 GMT
v2
api.viafoura.co/v2/theprovince.com/bootstrap/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/theprovince.com/bootstrap/v2
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4851:3b4:7481:b1b9:f0b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
adc90379a7b401a457b48080b774abb97647acf672bc5dee9a194bf8dd82d9b1

Request headers

Accept
application/json, text/plain, */*
Referer
https://theprovince.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

x-instance-id
i-0bdda7c1897d0c6ba
pragma
no-cache
date
Tue, 01 Aug 2023 01:55:02 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://theprovince.com
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Tue, 01 Aug 2023 01:55:02 GMT
v2
api.viafoura.co/v2/theprovince.com/bootstrap/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/theprovince.com/bootstrap/v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4851:3b4:7481:b1b9:f0b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://theprovince.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
access-control-allow-origin
https://theprovince.com
access-control-max-age
1728000
cache-control
max-age=0
date
Tue, 01 Aug 2023 01:55:02 GMT
expires
Tue, 01 Aug 2023 01:55:02 GMT
server
nginx/1.18.0 (Ubuntu)
gtm.js
www.googletagmanager.com/ 		106 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TPH8JN4&l=gtm_data_layer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7302785c17d2ed8ff80a79f0a2fbfdda633d6b4858854cf3c6a7ccecf50c31c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 01:55:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42206
x-xss-protection
0
last-modified
Tue, 01 Aug 2023 00:45:36 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 01 Aug 2023 01:55:01 GMT
gtm.js
www.googletagmanager.com/ 		292 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3527145ae12411b1cfa6a7ce64783307b206b642ef4e9f94f2574142fa04da36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 01:55:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
88922
x-xss-protection
0
last-modified
Tue, 01 Aug 2023 00:45:36 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 01 Aug 2023 01:55:01 GMT
fbevents.js
connect.facebook.net/en_US/ 		172 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c99ff58c3dc4deb821c87dc9c45aed4af66541ceb1b0f62ec208114ffc37dbf4
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 01 Aug 2023 01:55:01 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
47192
x-xss-protection
0
x-ua-compatible
IE=edge
pragma
private
x-fb-debug
NdXQYEQ7NbjbQB63GUIiNuckUwy8Vsd3AOE6HydN7FZoG01zL9t7f8vd2rD6XCARHrpYeTnuovPfkkijvC5E6A==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
private
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		250 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-72QH41ZTMR&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
edf708dd097e1a0741132443b05ca5f6b3097e858496dabab09e4f059931bc09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 01:55:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86567
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 01 Aug 2023 01:55:01 GMT
ribn.min.js
assets.ribn.com/production/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.ribn.com/production/ribn.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:8fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d22c2b457592d1f744afe93fdca6657e1985e47f0fade89674ae45ebce1d6428

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 01:55:02 GMT
content-encoding
gzip
via
1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA50-C1
age
2770
x-cache
Hit from cloudfront
last-modified
Wed, 28 Oct 2020 14:49:59 GMT
server
cloudflare
etag
W/"6b213f30955b664fd78dc9e388b17e54"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=14400
cf-ray
7efa74e18861bbdd-FRA
x-amz-cf-id
JgVE_lpkF7t8mBSqW-mEPTNB_7QQH3sb2RaMIKwXnZdrWmBMfhlO_g==
expires
Tue, 01 Aug 2023 05:55:02 GMT
ribn-postmedia.min.js
assets.ribn.com/v2/production/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.ribn.com/v2/production/ribn-postmedia.min.js
Requested by
Host: theprovince.com
URL: https://theprovince.com/news/Syria+crackdown+toll+rises+despite+Arab+peace+deal/5675895/story.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:8fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c81cab8c63d469329c0e0724770c6c8622f0d5d1fb8b6f919b6d7dddfadba190

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 01:55:02 GMT
content-encoding
gzip
via
1.1 009e5e3e32afcd1d135a7234c9da5520.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA50-C1
age
616
x-cache
Hit from cloudfront
last-modified
Wed, 01 Sep 2021 18:06:03 GMT
server
cloudflare
etag
W/"baaa6497dd2dea88d8fdb6d6cca08cf2"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=14400
cf-ray
7efa74e18862bbdd-FRA
x-amz-cf-id
JXGVuXW_7UpHQYfq6VIZEpR9ufVD0e6prgIceyv48lbqRR1Jk1gHOQ==
expires
Tue, 01 Aug 2023 05:55:02 GMT
identify
identity.mparticle.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-mp-key
Access-Control-Request-Method
POST
Origin
https://theprovince.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type,x-mp-key
access-control-allow-methods
POST
access-control-allow-origin
*
age
771
date
Tue, 01 Aug 2023 01:55:01 GMT
server
Kestrel
strict-transport-security
max-age=900
via
1.1 varnish
x-cache
HIT
x-cache-hits
35
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by
cache-ams21047-AMS
x-timer
S1690854902.848609,VS0,VE0
gtm.js
www.googletagmanager.com/ 		156 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5KMC8ND&l=dl_mparticle
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
852f44581b81aacc9076c7a25697bf631994ec215f8dc08c27ae09d6a0836350
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 01:55:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46464
x-xss-protection
0
last-modified
Tue, 01 Aug 2023 00:45:36 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 01 Aug 2023 01:55:01 GMT
identify
identity.mparticle.com/v1/ 		176 B
285 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
533ac18865d529a75e4bb9f9baf32c87e6785a5c4d586468181523eec77e1466
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

x-mp-key
us1-99b65fde89a1a145894d2d51d283cc83
Referer
https://theprovince.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
application/json

Response headers

x-served-by
cache-ams21047-AMS
date
Tue, 01 Aug 2023 01:55:01 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=900
server
Kestrel
x-timer
S1690854902.865776,VS0,VE104
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-cache
MISS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-cache-hits
0
cx.cce.js
cdn.cxense.com/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.cce.js
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js?version=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:b94::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
5b4c012c740d120a384871f05af3184799f6e2b607767a5d6229e2a82aac103b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Tue, 01 Aug 2023 01:55:01 GMT
Content-Encoding
gzip
Last-Modified
Fri, 07 Oct 2022 14:05:13 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5959
Expires
Tue, 01 Aug 2023 02:55:01 GMT
execute
c2.piano.io/xbuilder/experience/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2.piano.io/xbuilder/experience/execute?aid=XFtUpaGGsj
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js?version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7005b5743258fde5fccef1926277a4697903e34c9d3fe0aa3794b3f0b093ac9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://theprovince.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 01 Aug 2023 01:55:01 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400
x-request-id
gs3ru32xop
pragma
no-cache
server
cloudflare
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://theprovince.com
access-control-expose-headers
Composer-Request-Control-Policy
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
7efa74e05e8d199e-FRA
js
www.googletagmanager.com/gtag/ 		182 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XXXXX&l=dl_mparticle&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5KMC8ND&l=dl_mparticle
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
79e6349eb8e414f0a582cbcf2be01b3382858a58c46cf1a884105b844318a3da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 01:55:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69175
x-xss-protection
0
last-modified
Tue, 01 Aug 2023 00:45:36 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 01 Aug 2023 01:55:01 GMT
1685973801652415
connect.facebook.net/signals/config/ 		381 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1685973801652415?v=2.9.120&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ad14fb76c2b3d1e75c7bb8266b2904f2964d97adf58cad31cd1f42a6558f3d74
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 01 Aug 2023 01:55:01 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
111139
x-xss-protection
0
pragma
public
x-fb-debug
u85RUlP6naVFTnKVcm4WkTn/JH0LYdPO9o3pyGJauohhwmYDpcsf50Km040qj3uXdvz6AKynuHLiDtbZtdQocA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-72QH41ZTMR&gtm=45je37q0&_p=2067820607&_gaz=1&cid=31513974.1690854902&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1690854901&sct=1&seg=0&dl=https%3A%2F%2Ftheprovince.com%2Fnews%2FSyria%2Bcrackdown%2Btoll%2Brises%2Bdespite%2BArab%2Bpeace%2Bdeal%2F5675895%2Fstory.html&dt=The%20Province&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-72QH41ZTMR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Aug 2023 01:55:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://theprovince.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
245 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-72QH41ZTMR&cid=31513974.1690854902&gtm=45je37q0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-72QH41ZTMR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Aug 2023 01:55:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://theprovince.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.nl/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-72QH41ZTMR&cid=31513974.1690854902&gtm=45je37q0&aip=1&z=1981341977
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Aug 2023 01:55:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 01 Aug 2023 01:49:45 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
316
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 01 Aug 2023 03:49:45 GMT
marfeel-sdk.js
sdk.mrf.io/statics/ 		124 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Requested by
Host: theprovince.com
URL: https://theprovince.com/news/Syria+crackdown+toll+rises+despite+Arab+peace+deal/5675895/story.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.159.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f860c75507eac05de74dc42448a4ac70ffcbb88d0bb6b9f602142709092bc269

Request headers

Referer
https://theprovince.com/
Origin
https://theprovince.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-response-time
2ms
date
Tue, 01 Aug 2023 01:55:02 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Mon, 31 Jul 2023 21:28:11 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=1800
x-envoy-upstream-service-time
11
accept-ranges
bytes
cf-ray
7efa74e4af3ab8ba-AMS
alt-svc
h3=":443"; ma=86400
content-length
35108
tag.min.js
get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/ 		37 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/tag.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-19.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2a76292a2e3564ef61e7a900f9c998e83d78fb5f91547e704ab9168b5dca6c48

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id
LhWu_AMlaCmeK.6Ee04qRop66YKc4nhd
content-encoding
gzip
via
1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
date
Mon, 31 Jul 2023 02:38:35 GMT
last-modified
Thu, 20 Jul 2023 12:08:34 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
83787
x-amz-server-side-encryption
AES256
etag
W/"4b00b328a85d4cd9f81165354453f1e4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
zDcvd-IL2KPcUZ6wr_NkaOrzWYuioEhBZUHsjQSFoi_PQmRFhvDuSg==
js
www.googletagmanager.com/gtag/ 		250 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-H792QCFZPV&l=gtm_data_layer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b271885a4e246a3b1d045488262024882948302c4086ae711b30538b3c7d6bcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 01:55:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86460
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 01 Aug 2023 01:55:01 GMT
p.js
cdn.parsely.com/keys/theprovince.com/ 		74 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/theprovince.com/p.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.100.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-100-58.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
d9b8083629a77dd2d12e3cd5bb8a4de8d516272611c7f20ca975c797baa0889e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
public
date
Mon, 31 Jul 2023 02:10:02 GMT
content-encoding
gzip
via
1.1 e44e0b24e706487eaec6b9e01f2166dc.cloudfront.net (CloudFront)
last-modified
Wed, 14 Dec 2022 21:12:47 GMT
server
nginx
x-amz-cf-pop
FRA56-P2
age
85500
etag
W/"639a3c4f-12792"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
gKOxZJMdDNY37qmzHl_yQr9j_T5ZGLAeLCsa4h66Ilj-qTAtaluhRA==
expires
Tue, 01 Aug 2023 02:10:02 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=10276888&ns__t=1690854901900&ns_c=UTF-8&c8=The%20Province&c7=https%3A%2F%2Ftheprovince.com%2Fnews%2FSyria%2Bcrackdown%2Btoll%2Brises%2Bdespite%2BArab%2Bpe...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=10276888&ns__t=1690854901900&ns_c=UTF-8&c8=The%20Province&c7=https%3A%2F%2Ftheprovince.com%2Fnews%2FSyria%2Bcrackdown%2Btoll%2Brises%2Bdespite%2BArab%2Bp...
0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=10276888&ns__t=1690854901900&ns_c=UTF-8&c8=The%20Province&c7=https%3A%2F%2Ftheprovince.com%2Fnews%2FSyria%2Bcrackdown%2Btoll%2Brises%2Bdespite%2BArab%2Bpeace%2Bdeal%2F5675895%2Fstory.html&c9=
Protocol
H2
Server
13.32.99.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-23.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 01:55:02 GMT
via
1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
uW5Z-qckxBBnIQ1RmR1X3wfrInRPZI9JdaiQAArtakZG5lzBjB-nLA==
x-cache
Miss from cloudfront

Redirect headers

date
Tue, 01 Aug 2023 01:55:01 GMT
via
1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=10276888&ns__t=1690854901900&ns_c=UTF-8&c8=The%20Province&c7=https%3A%2F%2Ftheprovince.com%2Fnews%2FSyria%2Bcrackdown%2Btoll%2Brises%2Bdespite%2BArab%2Bpeace%2Bdeal%2F5675895%2Fstory.html&c9=
content-length
0
x-amz-cf-id
BfW-bMx-W1-Fua2-jINKHjby9j-dlUOjgWTxuFDuY5pjswKgFjSPFg==
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/10276888/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
382 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol
H2
Server
13.32.99.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-23.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 03:05:36 GMT
via
1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
last-modified
Mon, 03 Jul 2023 14:48:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
82207
x-amz-server-side-encryption
AES256
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
0
x-amz-cf-id
BdUcpbfmD3tczffrvKlePu8ARRIh0wcCmH5euulBWbCqDxSU2Jr_Dg==

Redirect headers

date
Tue, 01 Aug 2023 01:55:01 GMT
via
1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
location
/internal-c2/default/cs.js
content-length
0
x-amz-cf-id
QtbqAzmhNLGsdOmHeT-g1iKEiKdgbAroNgyEmc-Op4vCIg5Oy1BdVQ==
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-XXXXX&gtm=45je37q0&_p=2067820607&cid=31513974.1690854902&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1690854901&sct=1&seg=0&dl=https%3A%2F%2Ftheprovince.com%2Fnews%2FSyria%2Bcrackdown%2Btoll%2Brises%2Bdespite%2BArab%2Bpeace%2Bdeal%2F5675895%2Fstory.html&dt=The%20Province&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XXXXX&l=dl_mparticle&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Aug 2023 01:55:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://theprovince.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1685973801652415&ev=PageView&dl=https%3A%2F%2Ftheprovince.com%2Fnews%2FSyria%2Bcrackdown%2Btoll%2Brises%2Bdespite%2BArab%2Bpeace%2Bdeal%2F5675895%2Fstory.html&rl=&if=false&ts=1690854901973&sw=1600&sh=1200&v=2.9.120&r=stable&ec=0&o=30&fbp=fb.1.1690854901970.1099449152&cs_est=true&it=1690854901808&coo=false&tm=1&exp=a3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 01 Aug 2023 01:55:02 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1685973801652415&ev=PageView&dl=https%3A%2F%2Ftheprovince.com%2Fnews%2FSyria%2Bcrackdown%2Btoll%2Brises%2Bdespite%2BArab%2Bpeace%2Bdeal%2F5675895%2Fstory.html&rl=&if=false&ts=1690854901976&sw=1600&sh=1200&v=2.9.120&r=stable&ec=1&o=30&fbp=fb.1.1690854901970.1099449152&cs_est=true&it=1690854901808&coo=false&exp=a3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 01 Aug 2023 01:55:02 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
Forwarding
jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 		0
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/Forwarding
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://theprovince.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-ams21038-AMS
date
Tue, 01 Aug 2023 01:55:02 GMT
via
1.1 varnish
server
Kestrel
x-timer
S1690854902.222134,VS0,VE7
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
x-cache-hits
0
cx.js
cdn.cxense.com/ 		105 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.cce.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:b94::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
62f871dccfc2c1f8eb80fde33b06b91acc87700096afe3cd43b825b4fa5aecda

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Tue, 01 Aug 2023 01:55:02 GMT
Content-Encoding
gzip
Last-Modified
Mon, 26 Jun 2023 07:34:03 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
34884
Expires
Tue, 01 Aug 2023 02:55:02 GMT
collect
www.google-analytics.com/j/ 		4 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2067820607&t=pageview&_s=1&dl=https%3A%2F%2Ftheprovince.com%2Fnews%2FSyria%2Bcrackdown%2Btoll%2Brises%2Bdespite%2BArab%2Bpeace%2Bdeal%2F5675895%2Fstory.html&ul=en-us&de=UTF-8&dt=The%20Province&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACAABBAAAACAEK~&jid=2042600318&gjid=1242446199&cid=31513974.1690854902&tid=UA-213173459-5&_gid=71670163.1690854902&_r=1&_slc=1&gtm=45He37q0n81P3Q4QHW&cd2=2023-08-01T01%3A55%3A01.893%2B00%3A00&cd7=anonymous&cd17=0&cd23=The%20Province&cd24=Cheetah&cd25=14.0.2&cd26=v84.1&cd27=0&cd28=GTM-P3Q4QHW&cd29=51&cd31=index&cd52=index&cd65=false&cd1=31513974.1690854902&z=1192385826
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://theprovince.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 01 Aug 2023 01:55:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://theprovince.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		15 B
83 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2067820607&t=pageview&_s=1&dl=https%3A%2F%2Ftheprovince.com%2Fnews%2FSyria%2Bcrackdown%2Btoll%2Brises%2Bdespite%2BArab%2Bpeace%2Bdeal%2F5675895%2Fstory.html&ul=en-us&de=UTF-8&dt=The%20Province&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACAABBAAAACAEK~&jid=783415830&gjid=970659307&cid=31513974.1690854902&tid=UA-138335866-19&_gid=71670163.1690854902&_r=1&_slc=1&gtm=45He37q0n81P3Q4QHW&z=1668093622
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
358fb812a200324a709873502c2f25dcebab762886baca304a75fe6233f14d9b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://theprovince.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 01 Aug 2023 01:55:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://theprovince.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=2067820607&t=event&ni=1&_s=1&dl=https%3A%2F%2Ftheprovince.com%2Fnews%2FSyria%2Bcrackdown%2Btoll%2Brises%2Bdespite%2BArab%2Bpeace%2Bdeal%2F5675895%2Fstory.html&ul=en-us&de=UTF-8&dt=The%20Province&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=error&ea=404%20Error&el=&_u=YCDACAABBAAAACAEK~&jid=&gjid=&cid=31513974.1690854902&tid=UA-213173459-5&_gid=71670163.1690854902&gtm=45He37q0n81P3Q4QHW&cd2=2023-08-01T01%3A55%3A01.980%2B00%3A00&cd7=anonymous&cd17=0&cd23=The%20Province&cd24=Cheetah&cd25=14.0.2&cd26=v84.1&cd27=0&cd28=GTM-P3Q4QHW&cd29=51&cd31=index&cd52=index&cd65=false&cd1=31513974.1690854902&z=1843345660
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 21:43:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
15064
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-H792QCFZPV&gtm=45je37q0&_p=2067820607&_gaz=1&cid=31513974.1690854902&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&dl=https%3A%2F%2Ftheprovince.com%2Fnews%2FSyria%2Bcrackdown%2Btoll%2Brises%2Bdespite%2BArab%2Bpeace%2Bdeal%2F5675895%2Fstory.html&dr=&sid=1690854902&sct=1&seg=0&dt=The%20Province&en=error&_fv=1&_ss=1&ep.debug_mode=false&ep.gtm_version=51&ep.gtm_container_id=GTM-P3Q4QHW&ep.ad_blocker_enabled=false&ep.user_status=anonymous&ep.page_type=index&ep.platform=Cheetah&ep.platform_version=14.0.2&ep.fem_version=v84.1&ep.brand=The%20Province&ep.timestamp=2023-08-01T01%3A55%3A01.891%2B00%3A00&ep.error_type=404%20Error
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H792QCFZPV&l=gtm_data_layer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Aug 2023 01:55:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://theprovince.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-H792QCFZPV&cid=31513974.1690854902&gtm=45je37q0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H792QCFZPV&l=gtm_data_layer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Aug 2023 01:55:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://theprovince.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.nl/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-H792QCFZPV&cid=31513974.1690854902&gtm=45je37q0&aip=1&z=1245585876
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Aug 2023 01:55:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
identify
identity.mparticle.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-mp-key
Access-Control-Request-Method
POST
Origin
https://theprovince.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type,x-mp-key
access-control-allow-methods
POST
access-control-allow-origin
*
age
772
date
Tue, 01 Aug 2023 01:55:02 GMT
server
Kestrel
strict-transport-security
max-age=900
via
1.1 varnish
x-cache
HIT
x-cache-hits
36
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by
cache-ams21047-AMS
x-timer
S1690854902.082719,VS0,VE0
identify
identity.mparticle.com/v1/ 		176 B
230 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
d6161787a5199b10835a1d99b6ba7d0ba6c54d828b11723d41484518532984d0
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

x-mp-key
us1-99b65fde89a1a145894d2d51d283cc83
Referer
https://theprovince.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
application/json

Response headers

x-served-by
cache-ams21047-AMS
date
Tue, 01 Aug 2023 01:55:02 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=900
server
Kestrel
x-timer
S1690854902.097318,VS0,VE110
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-cache
MISS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-cache-hits
0
identify
api.permutive.com/v2.0/ 		50 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
dd92756f99a900f58118aaa97a2304db3ed2d8c44df1dede9cb6d338d81f440c

Request headers

Referer
https://theprovince.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 01 Aug 2023 01:55:02 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://theprovince.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
Forwarding
jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/Forwarding
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://theprovince.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-ams21038-AMS
date
Tue, 01 Aug 2023 01:55:02 GMT
via
1.1 varnish
server
Kestrel
x-timer
S1690854902.222331,VS0,VE20
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
x-cache-hits
0
collect
stats.g.doubleclick.net/j/ 		4 B
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-213173459-5&cid=31513974.1690854902&jid=2042600318&gjid=1242446199&_gid=71670163.1690854902&_u=YCDACAAABAAAACAEK~&z=1197079332
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://theprovince.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 01 Aug 2023 01:55:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://theprovince.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		219 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FR32VJT83H&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
baf8606df6f36837e8098330ee49d30422fc882bd0e540880a5da455ec70a036
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 01:55:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79496
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 01 Aug 2023 01:55:02 GMT
/
onetag-geo.s-onetag.com/ 		555 B
971 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-32.fra56.r.cloudfront.net
Software
/
Resource Hash
c5df855bb7f3551f87eef4460c632047936ad10699f9c1bc5b4495a8751ae9ae

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 08:28:30 GMT
via
1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront), 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6, FRA56-P5
age
62792
x-amzn-requestid
8e4f95ff-160f-4a4a-ab6f-4361bd656ecd
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
I66LWHCRCYcFcTw=
content-length
555
x-amz-cf-id
fc_TeWKDqvjn4ihigc-7npcQuFgup2Cj4ckfsp8z_NLKBCtww1fROw==
beacon.min.js
signal-beacon.s-onetag.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signal-beacon.s-onetag.com/beacon.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-108.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b0a16378462c7afcb27d8e14cf50e2cd3a8980af2895d20622640b096920719e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id
bto3eb0o1YxjKQVMPWidTjdqvOBrBN1F
content-encoding
gzip
via
1.1 2d1e1e8dc0f3eb7773ec9d89a7d50ce2.cloudfront.net (CloudFront)
date
Tue, 01 Aug 2023 01:33:46 GMT
last-modified
Tue, 13 Jun 2023 14:58:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
1277
x-amz-server-side-encryption
AES256
etag
W/"565eb88b90415391668a5cb7cfb4557a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
8hzgjA7ZjKUfvxObbmWW524abW3db75q6n0cNs6rBpu_600wClCDPA==
/
p1.parsely.com/plogger/ 		43 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1690854902141&plid=8417d354-2d4b-4826-be2f-db7a2a2d4c76&idsite=theprovince.com&url=https%3A%2F%2Ftheprovince.com%2Fnews%2FSyria%2Bcrackdown%2Btoll%2Brises%2Bdespite%2BArab%2Bpeace%2Bdeal%2F5675895%2Fstory.html&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22login_status%22%3A%22anonymous%22%7D&sid=1&surl=https%3A%2F%2Ftheprovince.com%2Fnews%2FSyria%2Bcrackdown%2Btoll%2Brises%2Bdespite%2BArab%2Bpeace%2Bdeal%2F5675895%2Fstory.html&sref=&sts=1690854902135&slts=0&title=The+Province&date=Tue+Aug+01+2023+01%3A55%3A02+GMT%2B0000+(GMT)&action=pageview&pvid=134c811a-7e1e-43f2-8b47-6aca10eb4180&u=pid%3D89a2274d-96de-4cf6-a992-e2c0e69ded17
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.99.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-99-225.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Tue, 01 Aug 2023 01:55:02 GMT
Cache-Control
no-cache
Last-Modified
Tuesday, 01-Aug-2023 01:55:02 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-213173459-5&cid=31513974.1690854902&jid=2042600318&_u=YCDACAAABAAAACAEK~&z=1658814934
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Aug 2023 01:55:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.nl/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-213173459-5&cid=31513974.1690854902&jid=2042600318&_u=YCDACAAABAAAACAEK~&z=1658814934
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Aug 2023 01:55:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
audiences
api.permutive.com/audience-matching/v1/id/d4343939-c846-44df-9e54-d48a10f63377/ 		12 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/audience-matching/v1/id/d4343939-c846-44df-9e54-d48a10f63377/audiences?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
/
Resource Hash
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78

Request headers

Referer
https://theprovince.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 01 Aug 2023 01:55:02 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12
content-type
application/json
sp1.html
cdn.cxense.com/ Frame 25D6 		684 B
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/sp1.html
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:b94::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
535be4b8bedf82433d210152dfb19dd4eaf5796c4e61c2be1c2ed356827b5580

Request headers

Referer
https://theprovince.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Cache-Control
max-age=864000
Connection
keep-alive
Content-Encoding
gzip
Content-Length
379
Content-Type
text/html
Date
Tue, 01 Aug 2023 01:55:02 GMT
Expires
Fri, 11 Aug 2023 01:55:02 GMT
Last-Modified
Tue, 11 Jan 2022 07:21:04 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-FR32VJT83H&gtm=45je37q0&_p=2067820607&ul=en-us&sr=1600x1200&cid=31513974.1690854902&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Ftheprovince.com%2Fnews%2FSyria%2Bcrackdown%2Btoll%2Brises%2Bdespite%2BArab%2Bpeace%2Bdeal%2F5675895%2Fstory.html&dt=The%20Province&sid=1690854902&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FR32VJT83H&cx=c&_slc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Aug 2023 01:55:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://theprovince.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cx.js
cdn.cxense.com/ Frame 25D6 		105 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:b94::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
fd2e7ee65bfc8f7e198644bea2a28ce7a7377e4ec22b5622517e90a329366f6f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cdn.cxense.com/sp1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Tue, 01 Aug 2023 01:55:02 GMT
Content-Encoding
gzip
Last-Modified
Mon, 26 Jun 2023 07:34:03 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
34884
Expires
Tue, 01 Aug 2023 02:55:02 GMT
events
jssdks.mparticle.com/v3/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 		42 B
158 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v3/JS/us1-99b65fde89a1a145894d2d51d283cc83/events
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
c62993a2a8b22d23cddf9cb97c42cbb34c3e7760b5857d56f13ac8c2d2023228

Request headers

Accept
text/plain;charset=UTF-8
Referer
https://theprovince.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-ams21038-AMS
date
Tue, 01 Aug 2023 01:55:02 GMT
content-encoding
gzip
via
1.1 varnish
server
Kestrel
x-timer
S1690854902.233477,VS0,VE30
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-cache-hits
0
p1.js
p1cluster.cxense.com/ Frame 25D6 		47 B
636 B 		Script
General
Check archive.org
Download Go to
Full URL
https://p1cluster.cxense.com/p1.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.235.124.60 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nue0038.cxense.com
Software
Jetty(9.4.28.v20200408) /
Resource Hash
6bade95b7690ad36d709404fb16d50f16501d75216a2a0b18a9df2f1a28c199f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cdn.cxense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 01:55:02 GMT
last-modified
Wed, 01 Feb 2023 01:55:02 GMT
server
Jetty(9.4.28.v20200408)
etag
39fcdr6wordef10fuziyb905yk
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
text/javascript;charset=utf-8
cache-control
private, proxy-revalidate
content-length
47
expires
Thu, 01 Aug 2024 01:55:02 GMT
/
onetag-geo.s-onetag.com/ 		555 B
971 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-32.fra56.r.cloudfront.net
Software
/
Resource Hash
c5df855bb7f3551f87eef4460c632047936ad10699f9c1bc5b4495a8751ae9ae

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 08:28:30 GMT
via
1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront), 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6, FRA56-P5
age
62792
x-amzn-requestid
8e4f95ff-160f-4a4a-ab6f-4361bd656ecd
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
I66LWHCRCYcFcTw=
content-length
555
x-amz-cf-id
YFH-5O80qSpB-NhFqZnxI9T0QuSAbT9Q41kUajzJsas-ynlqR3quMQ==
rep.gif
comcluster.cxense.com/Repo/ Frame 25D6 		43 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comcluster.cxense.com/Repo/rep.gif?ver=2.8.27&typ=pgv&rnd=lkrnco2oz7crs9mx&sid=1141974193387717455&loc=https%3A%2F%2Ftheprovince.com%2Fnews%2FSyria%2Bcrackdown%2Btoll%2Brises%2Bdespite%2BArab%2Bpeace%2Bdeal%2F5675895%2Fstory.html&new=1&arf=0&ltm=1690854902126&ref=&tzo=0&wsz=1600x1200&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=lkrncoeiut4czonl&ckp=lkrnco2ogvsqox5t&glb=&cp_userState=anon&cst=39fcdr6wordef10fuziyb905yk
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.235.124.60 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nue0038.cxense.com
Software
Jetty(9.4.28.v20200408) /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cdn.cxense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date
Tue, 01 Aug 2023 01:55:02 GMT
server
Jetty(9.4.28.v20200408)
content-length
43
content-type
image/gif
id
id.cxense.com/public/user/ 		101 B
672 B 		Script
General
Check archive.org
Download Go to
Full URL
https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22lkrnco2ogvsqox5t%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%2239fcdr6wordef10fuziyb905yk%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%2239fcdr6wordef10fuziyb905yk%22%7D%5D%2C%22siteId%22%3A%221141974193387717455%22%2C%22location%22%3A%22https%3A%2F%2Ftheprovince.com%2Fnews%2FSyria%2Bcrackdown%2Btoll%2Brises%2Bdespite%2BArab%2Bpeace%2Bdeal%2F5675895%2Fstory.html%22%7D&callback=cXJsonpCB1
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.235.124.60 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nue0038.cxense.com
Software
Jetty(9.4.28.v20200408) /
Resource Hash
494e3aa28e40a547c9ebd8e126b45f8143918045332e46873477a186d9fbfcf7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Aug 2023 01:55:02 GMT
x-content-type-options
nosniff
server
Jetty(9.4.28.v20200408)
content-type
text/javascript;charset=utf-8
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-store, no-cache, must-revalidate
content-length
101
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
www.facebook.com/tr/ Frame ACFF 		0
49 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://theprovince.com
Referer
https://theprovince.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://theprovince.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Tue, 01 Aug 2023 01:55:02 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
5c169ba25b6215d80072.js
sdk.mrf.io/statics/ 		39 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.mrf.io/statics/5c169ba25b6215d80072.js
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.159.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06cee8a130277b3634273c3866e17bb64d5fc5163e5419d5b6c7b42dfe7347d8

Request headers

Referer
https://theprovince.com/
Origin
https://theprovince.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 01:55:02 GMT
content-encoding
gzip
via
1.1 4d3c039385e1d4ab0e1d024dacb2fd62.cloudfront.net (CloudFront)
cf-cache-status
REVALIDATED
x-amz-cf-pop
CDG53-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
78
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 14 Jul 2023 13:13:31 GMT
server
cloudflare
etag
W/"f38e6161c92e3f5f2dd25be8f3ae8fdd"
access-control-max-age
3600
access-control-allow-methods
GET
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
vary
Accept-Encoding
timing-allow-origin
*
cf-ray
7efa74e56fc2b8ba-AMS
x-amz-cf-id
vJn8GuFFeexsWRjYMpUeTOauJbnHf1glPyLLMtB3RXxz7L0Rb4SqUQ==
ingest.php
events.newsroom.bi/ 		50 B
851 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.150.116 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy01.cl03.het.mrf.io
Software
istio-envoy /
Resource Hash
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63

Request headers

Referer
https://theprovince.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 01 Aug 2023 01:55:02 GMT
content-encoding
gzip
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://theprovince.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
6
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
66
thirdpartycookie
api.viafoura.co/v2/theprovince.com/ 		45 B
649 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/theprovince.com/thirdpartycookie?section=
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4851:3b4:7481:b1b9:f0b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356

Request headers

Accept
application/json, text/plain, */*
Referer
https://theprovince.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-instance-id
i-06462c3034deec0b5
pragma
no-cache
date
Tue, 01 Aug 2023 01:55:02 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://theprovince.com
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Tue, 01 Aug 2023 01:55:02 GMT
intl-messageformat.401c18c9757b51332b6a.js
cdn.viafoura.net/chunks/defaultVendors~languages/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/defaultVendors~languages/intl-messageformat.401c18c9757b51332b6a.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:5600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
09517c4c41c1744e90cd9c856434b0301f7164f855e848882d0f3a6a6f896662

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 17:04:54 GMT
x-amz-version-id
Z9I9EdQb2u84KrmguT9DIs0Ax8B4H04D
content-encoding
br
via
1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
377409
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 27 Jul 2023 17:04:09 GMT
server
AmazonS3
etag
W/"78ffac5f5ecfb6cdb701539b4effd77f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
vXrNF8yY5wHqpvg9v2KjN2gqpqyoYBHoALsTOeMxZUXrELG3K9l8CA==
intl-messageformat.ae28c82cbab9f4f192db.js
cdn.viafoura.net/chunks/languages/ 		135 B
618 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/intl-messageformat.ae28c82cbab9f4f192db.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:5600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a68facae97d9ba4aad337e58159f1e5da5f2fe6331a513928d570edaac63e984

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 17:04:54 GMT
x-amz-version-id
i4vbIL4QBSmkZwQaSsH3OeBBN_4Pn6f7
via
1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
377409
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
135
last-modified
Thu, 27 Jul 2023 17:04:15 GMT
server
AmazonS3
etag
"73d7f8bfdaa57b2f8bd9c91892a82603"
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
D0NGe5lKUdIl4Utl0OXgQvrmXbqr2PU0mHidUxflP2RJZj6J1TjaRg==
en-us-base-json.0decd3d525f8cf6a6798.js
cdn.viafoura.net/chunks/languages/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/en-us-base-json.0decd3d525f8cf6a6798.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:5600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
24b6d5c61c96dbd20a707b4e6ab0eb1256ae3fded2f6b54b44477d399881cfef

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 17:04:55 GMT
x-amz-version-id
79sWfl2MPUgGztyQRZ_qnPH4bqTnO6c5
content-encoding
br
via
1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
377408
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 27 Jul 2023 17:04:13 GMT
server
AmazonS3
etag
W/"6ba7265e0b8b22d5fa41b4f4c07be32a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
KlGcR0stBvUDzs5nXfaDY9OV5hfqGRsI5YkMXTpH_WdzfdOgqJdgRw==
LoginRadiusV2.js
auth.lrcontent.com/v2/ 		201 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.lrcontent.com/v2/LoginRadiusV2.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3a3630df92e474e23cf4212e60eadd8cfc79863dafe578c02b5807ffbecb3fa
Security Headers
Name Value
Strict-Transport-Security max-age= 63072000; includeSubdomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 01:55:02 GMT
strict-transport-security
max-age= 63072000; includeSubdomains; preload
via
1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
gzip
age
480
x-amz-cf-pop
FRA56-C1
cf-polished
origSize=1282139
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cf-bgj
minify
last-modified
Wed, 19 Jul 2023 05:17:22 GMT
server
cloudflare
etag
W/"0221ca3f6ee29fcc55e5b21144c2673d"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=14400
cf-ray
7efa74e6cca15c9e-FRA
x-amz-cf-id
6WdaAQWqQ90DcQ8o_orH--pJHZhK7FMq20GAvX7nc10daGmEpSiLVQ==
expires
Tue, 01 Aug 2023 05:55:02 GMT
ingest
i.viafoura.co/v3/theprovince.com/ 		67 B
392 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://i.viafoura.co/v3/theprovince.com/ingest
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.86.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-86-57.compute-1.amazonaws.com
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://theprovince.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://theprovince.com
date
Tue, 01 Aug 2023 01:55:03 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/png
content-length
67
expires
Fri, 01 Jan 1990 00:00:00 GMT
svod-module-js.0afd399e705ef46a33ca.js
cdn.viafoura.net/chunks/vuex_store/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vuex_store/svod-module-js.0afd399e705ef46a33ca.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:5600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e34e26ff8e940c5a518051df2c481545a8850d8ee1547402fa773ef9563be515

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 17:04:54 GMT
x-amz-version-id
4WvbDY9f7dcJyAVTgD6Cg0iopk7A73h1
content-encoding
br
via
1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
age
377409
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 27 Jul 2023 17:04:23 GMT
server
AmazonS3
etag
W/"8bfa5eea773c1c874c9a24bc9b66879e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
UQWXmb-4dWOJilF3BsgeYcdGQc52QvkodiwYUYcTNvRjD_AFfLNitw==
appInfo
config.lrcontent.com/ciam/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://config.lrcontent.com/ciam/appInfo?apikey=1a9a7ccf-c3f1-4ec9-a65f-2c3e8d9510a5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
https://theprovince.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-headers
x-requested-with
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://theprovince.com
allow
GET, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7efa74e87b229954-FRA
date
Tue, 01 Aug 2023 01:55:03 GMT
server
cloudflare
vary
Origin
appInfo
config.lrcontent.com/ciam/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://config.lrcontent.com/ciam/appInfo?apikey=1a9a7ccf-c3f1-4ec9-a65f-2c3e8d9510a5
Requested by
Host: auth.lrcontent.com
URL: https://auth.lrcontent.com/v2/LoginRadiusV2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1d82b2f7c752ef9d32865cbe234a0ca0b0d5822c5508627b317705ffd23ef2e

Request headers

Referer
https://theprovince.com/
X-Requested-With
XMLHttpRequest
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 01:55:03 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json
access-control-allow-origin
https://theprovince.com
cache-control
max-age=86400
cf-ray
7efa74e8cb489954-FRA
login
postmedia.hub.loginradius.com/ssologin/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.185.12.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-12-185.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
https://theprovince.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
x-requested-with
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,OPTIONS POST, GET, PUT, OPTIONS, DELETE
Access-Control-Allow-Origin
https://theprovince.com
Connection
keep-alive
Date
Tue, 01 Aug 2023 01:55:03 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-LoginRadius-Server
Primary - IDX - AWS
X-Server
ms_idx_primary
login
postmedia.hub.loginradius.com/ssologin/ 		38 B
549 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Requested by
Host: auth.lrcontent.com
URL: https://auth.lrcontent.com/v2/LoginRadiusV2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.185.12.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-12-185.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://theprovince.com/
X-Requested-With
XMLHttpRequest
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Tue, 01 Aug 2023 01:55:03 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Server
nginx
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,OPTIONS, POST, GET, PUT, OPTIONS, DELETE
Content-Type
application/json
Access-Control-Allow-Origin
https://theprovince.com
X-LoginRadius-Server
Primary - IDX - AWS
Access-Control-Allow-Credentials
true
X-Server
ms_idx_primary
Connection
keep-alive
Content-Length
38
gaAccount
buy.tinypass.com/api/v3/anon/assets/ 		77 B
321 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/assets/gaAccount?aid=XFtUpaGGsj&tbc=%7Bkpex%7DTXpZPLf9CE6WDNInopLtPXOdcvd6Jaav-gGuAy1qNhgDWEeBhDiTb51wiZ1rM3ZV&user_provider=piano_id_lite&user_token=&callApiJsonp=true&callback=jsonp1360
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js?version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f9f18ac4862ddcd88cd75cf4b4f4e72f643f1953bd7ae59a43592daccc32b3d
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 01:55:05 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
MISS
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
x-request-id
MtzvoyrFasU
wn
prod-dash-10-0-127-173
last-modified
Tue, 01 Aug 2023 01:55:05 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
server-time
0.003
cache-control
public, max-age=86400
cf-ray
7efa74f45fe592b4-FRA
expires
Wed, 02 Aug 2023 01:55:05 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: theprovince.com
URL: https://theprovince.com/news/Syria+crackdown+toll+rises+despite+Arab+peace+deal/5675895/story.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 01 Aug 2023 01:49:45 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
320
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 01 Aug 2023 03:49:45 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2067820607&t=event&ni=1&_s=1&dl=https%3A%2F%2Ftheprovince.com%2Fnews%2FSyria%2Bcrackdown%2Btoll%2Brises%2Bdespite%2BArab%2Bpeace%2Bdeal%2F5675895%2Fstory.html&ul=en-us&de=UTF-8&dt=The%20Province&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=experienceExecute&el=Experience%20execute&_u=6CDACEABBAAAACAEK~&jid=1795803337&gjid=379827507&cid=31513974.1690854902&tid=UA-46077098-2&_gid=71670163.1690854902&_r=1&_slc=1&z=316883447
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://theprovince.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 01 Aug 2023 01:55:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://theprovince.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-46077098-2&cid=31513974.1690854902&jid=1795803337&gjid=379827507&_gid=71670163.1690854902&_u=6CDACEABBAAAACAEK~&z=1946346514
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://theprovince.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 01 Aug 2023 01:55:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://theprovince.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-46077098-2&cid=31513974.1690854902&jid=1795803337&_u=6CDACEABBAAAACAEK~&z=1209317461
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Aug 2023 01:55:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.nl/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-46077098-2&cid=31513974.1690854902&jid=1795803337&_u=6CDACEABBAAAACAEK~&z=1209317461
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Aug 2023 01:55:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-XXXXX&gtm=45je37q0&_p=2067820607&cid=31513974.1690854902&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1690854901&sct=1&seg=1&dl=https%3A%2F%2Ftheprovince.com%2Fnews%2FSyria%2Bcrackdown%2Btoll%2Brises%2Bdespite%2BArab%2Bpeace%2Bdeal%2F5675895%2Fstory.html&dt=The%20Province&en=page_view&ep.main_category=index&ep.metered_content=false&ep.ad_blocker_enabled=false&ep.browser=Chrome&ep.browser_language=en-US&ep.brand=The%20Province&ep.device_type=desktop&ep.division=provinceprovince&ep.domain=theprovince.com&ep.fem_version=v84.1&ep.page_url=https%3A%2F%2Ftheprovince.com%2Fnews%2FSyria%2Bcrackdown%2Btoll%2Brises%2Bdespite%2BArab%2Bpeace%2Bdeal%2F5675895%2Fstory.html&ep.page_type=index&ep.platform=Cheetah&ep.platform_version=14.0.2&ep.user_status=anonymous&ep.view_type=HTML&_et=123&up.mpid=-6081591533221480065
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XXXXX&l=dl_mparticle&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Aug 2023 01:55:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://theprovince.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-H792QCFZPV&gtm=45je37q0&_p=2067820607&cid=31513974.1690854902&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=2&dl=https%3A%2F%2Ftheprovince.com%2Fnews%2FSyria%2Bcrackdown%2Btoll%2Brises%2Bdespite%2BArab%2Bpeace%2Bdeal%2F5675895%2Fstory.html&sid=1690854902&sct=1&seg=1&dt=The%20Province&en=page_view&ep.debug_mode=false&ep.gtm_version=51&ep.gtm_container_id=GTM-P3Q4QHW&ep.ad_blocker_enabled=false&ep.user_status=anonymous&ep.page_type=index&ep.session_uuid=4151DF5E-F5C1-4BF1-7980-F156E494028A&ep.platform=Cheetah&ep.platform_version=14.0.2&ep.fem_version=v84.1&ep.mp_id=-6081591533221480065&ep.brand=The%20Province&ep.timestamp=2023-08-01T01%3A55%3A02.098%2B00%3A00&ep.ga_client_id=31513974.1690854902&ep.main_category=index&ep.metered_content=false&_et=30&up.mp_id=-6081591533221480065&up.client_id=31513974.1690854902
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H792QCFZPV&l=gtm_data_layer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://theprovince.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Aug 2023 01:55:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://theprovince.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.jsdelivr.net
URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230801
Domain
cdn.permutive.com
URL
https://cdn.permutive.com/models/v2/23dc09d6-b664-425a-a76e-0eed6a6cc102-models.bin

Verdicts & Comments Add Verdict or Comment

106 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| setNptTechAdblockerCookie object| script object| modern_script_elem object| legacy_script_elem object| ytAdTargetingLoadEvent function| script_onload string| locSrc object| ytVideoAdTargetingConfig object| webpackJsonpFrontEndModules object| tp object| __iasPET object| FrontEndModules object| googletag object| permutive object| apstag object| pbjs object| diagPixSentCodes object| __iasAdRefreshConfig object| ggeac object| google_tag_data object| google_js_reporting_queue object| _aps boolean| apstagLOADED object| apscustom object| pbjsChunk object| _pbjsGlobals object| BlockAdBlock object| blockAdBlock undefined| google_measure_js_timing object| PublisherCommonId object| LRNameSpace object| LoginRadiusDefaults function| LoginRadiusUtility function| LoginRadiusApiFramework function| setLoginRadiusDefaultSchema function| setLoginRadiusModuleFunctions function| LoginRadiusHooksModel function| SetLoginRadiusCommonFunctions function| LoginRadiusControllers function| LoginRadiusV2 function| FormValidator object| hash object| webpackChunkdjango_content_services object| __permutive object| vf object| vfQ object| dataLayer object| mParticle object| gtm_data_layer boolean| femCePnIdReadyTriggered object| _vfP boolean| vfLoaded function| setImmediate function| clearImmediate object| viafoura object| google_tag_manager function| postscribe object| google_tag_manager_external function| fbq function| _fbq object| _fbq_gtm_ids function| onYouTubeIframeAPIReady object| Ribn object| mpOneTrustKit object| GoogleTagManagerKit function| OptanonWrapper object| dl_mparticle function| _typeof boolean| pnFullTPVersion number| pnInitPerformance boolean| pnHasPolyfilled object| pn string| __tpVersion object| SWG function| ___tp object| gaGlobal string| GoogleAnalyticsObject function| ga function| e function| t object| marfeel object| PARSELY function| autotrack function| gtag object| dataLayerPropertiesToFlush object| previousPartialEvents function| getPreviousPartialEvents object| gtm undefined| eventIndex undefined| prop object| PianoESPConfig object| cX object| COMSCORE object| _comscore function| cxCCE_callQueueExecute object| cxTest object| gaplugins object| gaData function| _ga_originalSendHitTask object| __connect object| ari undefined| cXJsonpCB1 object| webpackChunk_marfeel_marfeel_sdk object| __mrfCompass

47 Cookies

Domain/Path Name / Value
theprovince.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.theprovince.com/ Name: pbjs_sharedId
Value: 982b9284-2385-4e54-9aad-2e6c53786ac7
theprovince.com/ Name: __adblocker
Value: false
.theprovince.com/ Name: permutive-id
Value: d4343939-c846-44df-9e54-d48a10f63377
theprovince.com/ Name: political-ad-opt-out
Value: {"data":false,"exp":604800000,"ts":1690854899693,"mac":-852480092}
.doubleclick.net/ Name: IDE
Value: AHWqTUkrdFB5bPigbd85-vtffRVF7_9mJ1VCIXnEh95F_f5QZonc_FHryPf3bgbhQmc
theprovince.com/ Name: x-id
Value: {"data":{"adLight":false,"id":"ftrr0kel719z1zgrvgmpvgmr03e2b0mqn","updated":1690854901413,"printSubscriber":false},"exp":604800000,"ts":1690854901413,"mac":-45715443}
fem.gprod.postmedia.digital/ Name: x-id
Value: {"data":{"adLight":false,"id":"ftrr0kel719z1zgrvgmpvgmr03e2b0mqn","updated":1690854901413,"printSubscriber":false},"exp":604800000,"ts":1690854901422,"mac":-45714513}
.theprovince.com/ Name: _pctx
Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAEzIEYOAWDgTgDsvPgGYRADgECOQgKyyQAXyA
.theprovince.com/ Name: _pcid
Value: %7B%22browserId%22%3A%22lkrnco2ogvsqox5t%22%7D
.theprovince.com/ Name: _pcus
Value: eyJ1c2VyU2VnbWVudHMiOm51bGx9
theprovince.com/ Name: __pnahc
Value: 0
.theprovince.com/ Name: _ga_72QH41ZTMR
Value: GS1.1.1690854901.1.0.1690854901.60.0.0
.piano.io/ Name: __cf_bm
Value: U98it6LKQdJFi4So0r1ROO6.H_pVTKJD4TCf.lYPZNE-1690854901-0-AaaTlT5p/9VZVGjDCYaDMiURvBtC5ZYIRy7IRvFHEejMmYynDSrHfCMP/XMPqVFpNCjU3R1A2Tmend0+p3rc87s=
.scorecardresearch.com/ Name: UID
Value: 187bf08b658018f2a2872741690854901
.theprovince.com/ Name: _fbp
Value: fb.1.1690854901970.1099449152
.theprovince.com/ Name: __tbc
Value: %7Bkpex%7DTXpZPLf9CE6WDNInopLtPXOdcvd6Jaav-gGuAy1qNhgDWEeBhDiTb51wiZ1rM3ZV
.theprovince.com/ Name: __pat
Value: -14400000
.theprovince.com/ Name: __pvi
Value: eyJpZCI6InYtbGtybmNvMnlmc2tsYzVmZiIsImRvbWFpbiI6Ii50aGVwcm92aW5jZS5jb20iLCJ0aW1lIjoxNjkwODU0OTAxOTkwfQ%3D%3D
.theprovince.com/ Name: xbc
Value: %7Bkpex%7DWs3L8pODOyGAYTInp0bbyk-B2Uhmgg8RgWcbWU-eQUj65QDWuo6Lj0M0wlJAYORg7pRpbL6bwGGH5Czz2-rV3Q
.theprovince.com/ Name: _gid
Value: GA1.2.71670163.1690854902
.theprovince.com/ Name: _gat_UA-213173459-5
Value: 1
.theprovince.com/ Name: _gat_UA-138335866-19
Value: 1
.theprovince.com/ Name: _ga_XXXXX
Value: GS1.1.1690854901.1.1.1690854902.0.0.0
.theprovince.com/ Name: _ga_H792QCFZPV
Value: GS1.1.1690854902.1.1.1690854902.60.0.0
.theprovince.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://theprovince.com/news/Syria+crackdown+toll+rises+despite+Arab+peace+deal/5675895/story.html%22%2C%22sref%22:%22%22%2C%22sts%22:1690854902135%2C%22slts%22:0}
.theprovince.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=89a2274d-96de-4cf6-a992-e2c0e69ded17%22%2C%22session_count%22:1%2C%22last_session_ts%22:1690854902135}
.theprovince.com/ Name: cX_P
Value: lkrnco2ogvsqox5t
.theprovince.com/ Name: _ga_FR32VJT83H
Value: GS1.2.1690854902.1.0.1690854902.0.0.0
.theprovince.com/ Name: mprtcl-v4_4662F03F
Value: {'gs':{'ie':1|'dt':'us1-99b65fde89a1a145894d2d51d283cc83'|'av':'1.0.0'|'cgid':'f56374d5-2321-479f-c773-459e31af2ddc'|'das':'9c0ce2a2-5070-4a17-732c-b92ff85b9db2'|'csm':'WyItNjA4MTU5MTUzMzIyMTQ4MDA2NSJd'|'sid':'4151DF5E-F5C1-4BF1-7980-F156E494028A'|'les':1690854902223|'ssd':1690854901704}|'l':1|'-6081591533221480065':{'fst':1690854901996|'ui':'eyIwIjoiZnRycjBrZWw3MTl6MXpncnZnbXB2Z21yMDNlMmIwbXFuIn0='}|'cu':'-6081591533221480065'}
.cxense.com/ Name: gckp
Value: 1g1qoiq5lcn46ohsj98lau9g
.theprovince.com/ Name: cX_G
Value: cx%3A2zggosbticabiv8xlkexwlkoy%3A3wt87ikipbpo
.theprovince.com/ Name: ___nrbic
Value: %7B%22previousVisit%22%3A1690854902%2C%22currentVisitStarted%22%3A1690854902%2C%22sessionId%22%3A%2228729733-29df-4f14-b485-9cf2975abbf9%22%2C%22sessionVars%22%3A%5B%5D%2C%22visitedInThisSession%22%3Atrue%2C%22pagesViewed%22%3A1%2C%22landingPage%22%3A%22https%3A//theprovince.com/news/Syria+crackdown+toll+rises+despite+Arab+peace+deal/5675895/story.html%22%2C%22referrer%22%3A%22%22%7D
.theprovince.com/ Name: ___nrbi
Value: %7B%22firstVisit%22%3A1690854902%2C%22userId%22%3A%221f4d4f61-0f57-41c5-82da-80ed5380dfa7%22%2C%22userVars%22%3A%5B%5D%2C%22futurePreviousVisit%22%3A1690854902%2C%22timesVisited%22%3A1%7D
.theprovince.com/ Name: compass_uid
Value: 1f4d4f61-0f57-41c5-82da-80ed5380dfa7
.viafoura.co/ Name: VfSess
Value: 8nr7gal58bugjovqqn9cn50ki0
.viafoura.co/ Name: vfThirdpartyCookiesEnabled
Value: true
events.newsroom.bi/ Name: 1528_u
Value: 1f4d4f61-0f57-41c5-82da-80ed5380dfa7
events.newsroom.bi/ Name: 1528_s
Value: 28729733-29df-4f14-b485-9cf2975abbf9
events.newsroom.bi/ Name: 1528_lv
Value: null
events.newsroom.bi/ Name: 1528_ut
Value: 0
theprovince.com/ Name: _vfz
Value: theprovince%2Ecom.00000000-0000-4000-8000-f7bdc7fb554a.1690854903.1.medium=direct|source=|sharer_uuid=|terms=
.theprovince.com/ Name: _vfa
Value: theprovince%2Ecom.00000000-0000-4000-8000-f7bdc7fb554a.7320519c-4acc-4524-9871-fb99ddf18bbb.1690854903.1690854903.1690854903.1
.theprovince.com/ Name: _vfb
Value: theprovince%2Ecom.00000000-0000-4000-8000-f7bdc7fb554a.2..1690854903....
.viafoura.co/ Name: vfDeviceId
Value: b1e37858-fe5e-4549-9dc1-e84a488f190d
.theprovince.com/ Name: _ga
Value: GA1.2.31513974.1690854902
.theprovince.com/ Name: _gat_pianoTracker
Value: 1

1 Console Messages

Source Level URL
Text
network error URL: https://theprovince.com/news/Syria+crackdown+toll+rises+despite+Arab+peace+deal/5675895/story.html
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co
ads.rubiconproject.com
ak.sail-horizon.com
api.permutive.com
api.viafoura.co
assets.ribn.com
auth.lrcontent.com
buy.tinypass.com
c.amazon-adsystem.com
c2.piano.io
cdn.adsafeprotected.com
cdn.cxense.com
cdn.jsdelivr.net
cdn.parsely.com
cdn.permutive.com
cdn.tinypass.com
cdn.viafoura.net
cm.g.doubleclick.net
comcluster.cxense.com
config.lrcontent.com
connect.facebook.net
dcs-static.gprod.postmedia.digital
events.newsroom.bi
experience.tinypass.com
fem.gprod.postmedia.digital
fonts.googleapis.com
fonts.gstatic.com
get.s-onetag.com
googlesync.permutive.com
i.viafoura.co
ib.adnxs.com
id.cxense.com
identity.mparticle.com
jssdkcdns.mparticle.com
jssdks.mparticle.com
micro.rubiconproject.com
onetag-geo.s-onetag.com
p1.parsely.com
p1cluster.cxense.com
postmedia.hub.loginradius.com
region1.analytics.google.com
region1.google-analytics.com
sb.scorecardresearch.com
sdk.mrf.io
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
signal-beacon.s-onetag.com
smartcdn.gprod.postmedia.digital
stats.g.doubleclick.net
theprovince.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.nl
www.googletagmanager.com
www.npttech.com
cdn.jsdelivr.net
cdn.permutive.com
108.138.1.25
116.202.150.116
13.225.78.97
13.32.99.23
143.204.215.108
167.235.124.60
172.217.16.194
172.64.103.11
172.67.159.162
18.185.12.185
18.66.100.58
18.66.112.103
18.66.112.32
185.89.211.12
2001:4860:4802:34::36
23.215.22.18
23.56.202.187
2600:1f18:44f0:4851:3b4:7481:b1b9:f0b
2600:9000:223c:5600:8:2ae1:d740:93a1
2606:4700::6810:2a41
2606:4700::6811:b9b1
2606:4700::6812:1a98
2606:4700::6812:4eb
2606:4700::6812:8fa
2a00:1450:4001:803::2004
2a00:1450:4001:806::2008
2a00:1450:4001:80b::2003
2a00:1450:4001:827::2002
2a00:1450:4001:827::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:830::200e
2a00:1450:400c:c00::9d
2a02:26f0:480:b94::268b
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:600::645
2a04:4e42::645
34.107.254.252
34.111.249.109
34.117.54.29
34.149.157.221
35.241.9.51
52.17.99.225
52.22.86.57
65.9.66.19
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06cee8a130277b3634273c3866e17bb64d5fc5163e5419d5b6c7b42dfe7347d8
09517c4c41c1744e90cd9c856434b0301f7164f855e848882d0f3a6a6f896662
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
15c42cf6227b5ced377775c28247c540ec70e360cb38bb8674409b7e6cc7ab81
179c493864283938999b1e6cfb14839f78f9b25d1ec30faabbf9ea18216b23e5
179f43e8abd5e7bd49d05571dc29d22c9f5044eb17ca8253a49e3e28e716af61
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1b3bad45ad8983fbd28fbee0757cf049839a4e2c522a20c5dfa4ab8e508d3d66
24b6d5c61c96dbd20a707b4e6ab0eb1256ae3fded2f6b54b44477d399881cfef
288f88a7f61f065216ddca43615be8d89fd7c9369a3b7a5c577ceededd4708a1
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63
2a76292a2e3564ef61e7a900f9c998e83d78fb5f91547e704ab9168b5dca6c48
2ade4279c3b32472f61c35484d70ba1cec2deea85e6061832e6998dfad85e85c
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
3527145ae12411b1cfa6a7ce64783307b206b642ef4e9f94f2574142fa04da36
358fb812a200324a709873502c2f25dcebab762886baca304a75fe6233f14d9b
39f4451fd289b218f543a555b5579970831fd5f885dfb5b8ba0fa51bd768ba7b
3a4af17aa57e3bf6dc59b3845a0bb9154cd89b84a4b0a695d97c36e1cf359b65
406b6d79687c2601d33b029cf7867ab6cedc6c01ef13d669835b743f967d5d52
4076bde0ca47d7963ce958952703f27d87b5d3c468af06fe3ae5c3a921375d9b
40e562e806ce113ae7879d0dd76db82797b5c274794751c260381f2c8b283641
4105ba194558935f6cbb624e7561dcb0683dc544cd7f52c3eb9cd50a4fa230a3
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
481d77f5d1a9c24f102bb6af246ecbff595011e0d73e70b652c39d702565d47d
494e3aa28e40a547c9ebd8e126b45f8143918045332e46873477a186d9fbfcf7
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fc88dab3ec5cc7ec01d8287b4e064fab1ef9ed0aa1068490ab3b80a0816515e
51e7230891018d2551ff8d645d8fd42e15e0b286e8b3954bedde7ccae8c166a1
533ac18865d529a75e4bb9f9baf32c87e6785a5c4d586468181523eec77e1466
535be4b8bedf82433d210152dfb19dd4eaf5796c4e61c2be1c2ed356827b5580
54646b611ba51f7ca95417fa210db504b7a89dc52eb16bfbab8b552e1561d844
5582edb38e051b9422550d8fee4de31bcb0dde52535947bd99ab646730fa4bc1
5a02900c2dbce0e4436db42632097edb14b149edf0e58add290771afd965ec38
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1
5b4c012c740d120a384871f05af3184799f6e2b607767a5d6229e2a82aac103b
6029effcb1fb7327b832ce827a84f8ebe8c7a2154cb43f4186e5ea2bd6f9f49f
61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356
62f871dccfc2c1f8eb80fde33b06b91acc87700096afe3cd43b825b4fa5aecda
666ca2018b86e44574f963b268808f7d620bbc4f81c10436fca7ab689bbb244c
69193c467efacbd943f4138e5b2b93dd1ded275d6e8233fd28b2a0f74765365b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b9d3b56e061c53f4c4e948607116bcbaf9c5d8833a7be4f3b02423a5f62c769
6bade95b7690ad36d709404fb16d50f16501d75216a2a0b18a9df2f1a28c199f
7302785c17d2ed8ff80a79f0a2fbfdda633d6b4858854cf3c6a7ccecf50c31c7
79e6349eb8e414f0a582cbcf2be01b3382858a58c46cf1a884105b844318a3da
7cd18b47f483b3c39ae07f0131294dcd264f0a7d6950f8779481e6e80a22d294
7f9f18ac4862ddcd88cd75cf4b4f4e72f643f1953bd7ae59a43592daccc32b3d
828435b3668b663711786fbc9bf9ac938942d4108b78b097999ae65d5287703b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
852f44581b81aacc9076c7a25697bf631994ec215f8dc08c27ae09d6a0836350
8c67d47496a8af1f4c99a350ababf131661cf111a02460c5e9f6d9539db481c3
8d3d191d44b6a042adb3ac86d403f8eaa0f7d28056ce74fb3ec3bc65aff5178f
922cd674c569df05a7e93d5c23d39299ed4116c4e2c1d8059511dab72145a0cc
9352fdb65cdcf9fcb8fadb6c01ee93a188c018c5b0f1f1526a96a425719055e8
975a64dc9bbc5e1884ba8ca2e76d9b2791d16d5c9f3619bf30477cd21a8636d2
99394b0f6e9f0aefd71dd6a9ad59129ff7852e7734905bead2f2cec5789e3436
a68facae97d9ba4aad337e58159f1e5da5f2fe6331a513928d570edaac63e984
ad14fb76c2b3d1e75c7bb8266b2904f2964d97adf58cad31cd1f42a6558f3d74
adc90379a7b401a457b48080b774abb97647acf672bc5dee9a194bf8dd82d9b1
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0a16378462c7afcb27d8e14cf50e2cd3a8980af2895d20622640b096920719e
b11ba6d751f39d905ab7c88c4ee752cadcb320cfcb82fafe8a87bf353be82fc5
b271885a4e246a3b1d045488262024882948302c4086ae711b30538b3c7d6bcf
b52af4f6849257bb609f2078d51dc45ad49c0f9b5ff217cf6f9c1c8afcb9a8df
b5d3bcf3dc4815c4aadfc82822a7dd9aa83a936b1b25d5d382b3c06b7fd52d36
b66ed0bc577b9402b9c4f93ef1891f9583f8a98208e13d9eb4a02f4ec929e84e
b834be186b1615767f718e578eb44ae918ae06fcb21016640020f89a21837376
baf8606df6f36837e8098330ee49d30422fc882bd0e540880a5da455ec70a036
c0ddc53fd392fc7828c6698a11bd23a1e0286698ffc34dff576ba42a104fd5d2
c11ab006bc15870b18183fd4853f7950b96592d8206034c141ea4226a6a68452
c168b8a4654084c974de53e371afb3aed4dde67c8fb3fa15939fc8dd22c9ae6a
c1d82b2f7c752ef9d32865cbe234a0ca0b0d5822c5508627b317705ffd23ef2e
c3a3630df92e474e23cf4212e60eadd8cfc79863dafe578c02b5807ffbecb3fa
c5df855bb7f3551f87eef4460c632047936ad10699f9c1bc5b4495a8751ae9ae
c62993a2a8b22d23cddf9cb97c42cbb34c3e7760b5857d56f13ac8c2d2023228
c7fe6da239be5e83a3d053138d413293ac50686169f09bade4ac60edf7f60120
c81cab8c63d469329c0e0724770c6c8622f0d5d1fb8b6f919b6d7dddfadba190
c99ff58c3dc4deb821c87dc9c45aed4af66541ceb1b0f62ec208114ffc37dbf4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d00b4c8953cdf25f549728ad667759e6f7650b5bf6146ecd3ec7c087bd3265b8
d22c2b457592d1f744afe93fdca6657e1985e47f0fade89674ae45ebce1d6428
d6161787a5199b10835a1d99b6ba7d0ba6c54d828b11723d41484518532984d0
d7005b5743258fde5fccef1926277a4697903e34c9d3fe0aa3794b3f0b093ac9
d9b8083629a77dd2d12e3cd5bb8a4de8d516272611c7f20ca975c797baa0889e
da9b18821986663ec3e5f926699020bfcd9ca73aec75fbed9006866022808e8a
dd92756f99a900f58118aaa97a2304db3ed2d8c44df1dede9cb6d338d81f440c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1d9307ca83a0ea5a17812d4dd433e772dbdc100aeca947934e85b9d0bbc119c
e31a89083d03734589b1f635fd7b07a711ded6de7d923283c7a5a9380d0f6b09
e34e26ff8e940c5a518051df2c481545a8850d8ee1547402fa773ef9563be515
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
edf708dd097e1a0741132443b05ca5f6b3097e858496dabab09e4f059931bc09
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1e535ab56859a481d06cf50b2827e766c87c58486192e3f75925d5e6364cdf8
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9
f860c75507eac05de74dc42448a4ac70ffcbb88d0bb6b9f602142709092bc269
fac88c8cd5cdb3a87807de498e55491141401c74bbd51e92aa4bf123e8d1bf2d
fd2e7ee65bfc8f7e198644bea2a28ce7a7377e4ec22b5622517e90a329366f6f
ff59b6bca1a70349fb547975c9bf5da7cc907551bffbba75b26f18ce9f9b8eb1