newsletters.financialpost.com Open in urlscan Pro
151.101.130.51 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://newsletters.financialpost.com/
Submission: On September 04 via automatic, source certstream-suspicious (September 4th 2023, 9:42:25 pm UTC) — Scanned from DE

Summary HTTP 63 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 17 IPs in 2 countries across 12 domains to perform 63 HTTP transactions. The main IP is 151.101.130.51, located in United States and belongs to FASTLY, US. The main domain is newsletters.financialpost.com.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2023 Q3 on July 27th 2023. Valid for: a year.

This is the only time newsletters.financialpost.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	151.101.130.51 151.101.130.51	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
3	2606:4700:440... 2606:4700:4400::6812:21be	13335 (CLOUDFLAR...) (CLOUDFLARENET)
27	2606:4700:440... 2606:4700:4400::ac40:9be3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	3.222.82.214 3.222.82.214	14618 (AMAZON-AES) (AMAZON-AES)
2	13.32.99.60 13.32.99.60	16509 (AMAZON-02) (AMAZON-02)
1	18.66.112.45 18.66.112.45	16509 (AMAZON-02) (AMAZON-02)
6	52.217.165.216 52.217.165.216	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
2	99.83.154.140 99.83.154.140	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
63	17

6 151.101.130.51 (United States)

ASN54113 (FASTLY, US)

newsletters.financialpost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::6812:21be (United States)

ASN13335 (CLOUDFLARENET, US)

assets-s3-us-east-1.ceros.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2606:4700:4400::ac40:9be3 (United States)

ASN13335 (CLOUDFLARENET, US)

media-s3-us-east-1.ceros.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.222.82.214 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-82-214.compute-1.amazonaws.com

link.calgaryherald.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.99.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-60.fra60.r.cloudfront.net

api.ceros.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-45.fra56.r.cloudfront.net

ak.sail-horizon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.217.165.216 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.83.154.140 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa7557bb34ea5624b.awsglobalaccelerator.com

api.sail-personalize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	ceros.com assets-s3-us-east-1.ceros.com — Cisco Umbrella Rank: 41187 media-s3-us-east-1.ceros.com — Cisco Umbrella Rank: 38396 api.ceros.com — Cisco Umbrella Rank: 39653	915 KB
6	amazonaws.com s3.amazonaws.com
6	financialpost.com newsletters.financialpost.com	94 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 47	185 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 368 fonts.googleapis.com — Cisco Umbrella Rank: 41	61 KB
2	sail-personalize.com api.sail-personalize.com — Cisco Umbrella Rank: 3302	474 B
2	gstatic.com fonts.gstatic.com www.gstatic.com	199 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	21 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	sail-horizon.com ak.sail-horizon.com — Cisco Umbrella Rank: 3401	33 KB
1	calgaryherald.com link.calgaryherald.com	6 KB
1	doubleclick.net pubads.g.doubleclick.net — Cisco Umbrella Rank: 421	542 B
63	12

	Domain	Requested by
27	media-s3-us-east-1.ceros.com	ajax.googleapis.com newsletters.financialpost.com media-s3-us-east-1.ceros.com
6	s3.amazonaws.com	link.calgaryherald.com
6	newsletters.financialpost.com	newsletters.financialpost.com
3	assets-s3-us-east-1.ceros.com	newsletters.financialpost.com
3	www.googletagmanager.com	newsletters.financialpost.com www.googletagmanager.com
2	api.sail-personalize.com	ak.sail-horizon.com
2	api.ceros.com	ajax.googleapis.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	ajax.googleapis.com	newsletters.financialpost.com link.calgaryherald.com
1	www.gstatic.com	www.google.com
1	www.google.com	link.calgaryherald.com
1	ak.sail-horizon.com	link.calgaryherald.com
1	link.calgaryherald.com	ajax.googleapis.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	newsletters.financialpost.com
1	pubads.g.doubleclick.net	newsletters.financialpost.com
63	16

This site contains links to these domains. Also see Links.

Domain
www.linkedin.com
www.instagram.com
www.facebook.com
twitter.com
financialpost.com
www.postmedia.com
pages.postmedia.com
nationalpost.com
www.postmediaadvertising.com
www.canada.com
driving.ca
montrealgazette.com
www3.ceros.com

Subject Issuer	Validity	Valid
*.exp.gumgum.com GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-07-27` - `2024-08-27`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
assets-s3-us-east-1.ceros.com E1	`2023-07-21` - `2023-10-19`	3 months	crt.sh
media-s3-us-east-1.ceros.com E1	`2023-07-27` - `2023-10-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
link.calgaryherald.com R3	`2023-08-24` - `2023-11-22`	3 months	crt.sh
*.ceros.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-14` - `2024-04-13`	a year	crt.sh
ak.sail-horizon.com Amazon RSA 2048 M01	`2023-02-28` - `2024-01-16`	a year	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2023-07-10` - `2024-06-21`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
api.sail-personalize.com Amazon RSA 2048 M01	`2023-04-25` - `2024-05-23`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://newsletters.financialpost.com/
Frame ID: 3D53951746435FA9AD6C7EBE49D10D25
Requests: 49 HTTP requests in this frame

Frame: https://link.calgaryherald.com/join/5r6/fp-newsletters-ceros
Frame ID: F1037152ACBC06F83412D00C10B3E866
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Financial Post - Sign Up for Our Newslettersfp on facebookfp on twitterlinkedin linkinstagram-logofp logoarrowed!!!

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

63
Requests

95 %
HTTPS

63 %
IPv6

12
Domains

16
Subdomains

17
IPs

2
Countries

1515 kB
Transfer

4741 kB
Size

4
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://www.linkedin.com/shareArticle?url=https%3A%2F%2Fnewsletters.financialpost.com%2Fp%2F1&mini=true&title=Sign%20Up%20for%20the%20Financial%20Post's%20Newsletter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/nationalpost/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https%3A%2F%2Fnewsletters.financialpost.com%2Fp%2F1

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Sign%20Up%20for%20the%20Financial%20Post's%20Newsletters&url=https%3A%2F%2Fnewsletters.financialpost.com%2Fp%2F1

Search URL Search Domain Scan URL

URL: https://financialpost.com/

Search URL Search Domain Scan URL

URL: http://www.postmedia.com/

Search URL Search Domain Scan URL

URL: https://pages.postmedia.com/privacy-statement/

Search URL Search Domain Scan URL

URL: https://nationalpost.com/copyright/

Search URL Search Domain Scan URL

URL: https://nationalpost.com/sitemap/

Search URL Search Domain Scan URL

URL: https://nationalpost.com/contact/

Search URL Search Domain Scan URL

URL: https://www.postmediaadvertising.com/privacy-statement/
Title: Privacy

Search URL Search Domain Scan URL

URL: http://www.canada.com/aboutus/copyright.html
Title: Copyright

Search URL Search Domain Scan URL

URL: https://driving.ca/contact
Title: Site Map

Search URL Search Domain Scan URL

URL: https://montrealgazette.com/contact
Title: Contact Us

Search URL Search Domain Scan URL

URL: http://www3.ceros.com/poweredbyceros?utm_source=M-W-CerosPower&account=postmedia-network&experience=fp-newsletter-signup
Title: Powered by Ceros

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

63 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
newsletters.financialpost.com/ 26 KB
7 KB 1540ms
19ms Document
text/html 151.101.130.51
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://newsletters.financialpost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.51 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

60aa097f72d8f1596e36ce38612dfe62b576344e1432fb6fc971809b845dd1f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 432530
cache-control: no-store
content-encoding: gzip
content-length: 6723
content-type: text/html; charset=utf-8
date: Mon, 04 Sep 2023 21:42:18 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 66ms
15ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: newsletters.financialpost.com
URL: https://newsletters.financialpost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsletters.financialpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:17:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5095
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Sep 2024 20:17:23 GMT

GET
H2 200 webfont-1.6.3.js Show response
newsletters.financialpost.com/ 11 KB
5 KB 107ms
106ms Script
text/javascript 151.101.130.51
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://newsletters.financialpost.com/webfont-1.6.3.js

Requested by

Host: newsletters.financialpost.com
URL: https://newsletters.financialpost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.51 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2c32949b380a8e2de4d20de669d0573ba34d27f172a459886d434512fa2781cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsletters.financialpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 21:42:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 10 Aug 2023 21:50:56 GMT
age: 427605
etag: "e5efb8110abda03656884f299395aad2"
content-type: text/javascript
cache-control: max-age=0
accept-ranges: bytes
content-length: 4615
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 107 KB
42 KB 73ms
37ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js

Requested by

Host: newsletters.financialpost.com
URL: https://newsletters.financialpost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

445774832a1d99562eab24db80d2afb901d8377184cc4b6d6e504a23536eaca3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsletters.financialpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 21:42:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42698
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 04 Sep 2023 21:42:19 GMT

GET
H2 200 require-min.js Show response
assets-s3-us-east-1.ceros.com/8.10.6/view.ceros.com/default/assets/player/shared/libs/require/ 15 KB
6 KB 210ms
143ms Script
application/x-javascript 2606:4700:4400::6812:21be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-s3-us-east-1.ceros.com/8.10.6/view.ceros.com/default/assets/player/shared/libs/require/require-min.js

Requested by

Host: newsletters.financialpost.com
URL: https://newsletters.financialpost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:21be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b0a585ef0d7a06ed38fd133e0fdcf28cd5c2f9f2ac40114580f1dce13498123

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://newsletters.financialpost.com/
Origin: https://newsletters.financialpost.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 21:42:19 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 30 Aug 2023 21:16:03 GMT
server: cloudflare
etag: W/"b03b66057d7df9b2cc9aa9c4c18aa569"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/x-javascript
access-control-max-age: 3000
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
x-frame-options: DENY
cf-ray: 801966d0dc339250-FRA

GET
H2 200 bootstrap-optimized.js Show response
assets-s3-us-east-1.ceros.com/8.10.6/view.ceros.com/default/assets/player/applications/html5-player/ 3 MB
733 KB 195ms
195ms Script
application/x-javascript 2606:4700:4400::6812:21be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-s3-us-east-1.ceros.com/8.10.6/view.ceros.com/default/assets/player/applications/html5-player/bootstrap-optimized.js

Requested by

Host: newsletters.financialpost.com
URL: https://newsletters.financialpost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:21be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6e326c73f85fac22d5b5a8d3254f5b135d3f3f9cb15f76ebfa58d4584bbb61c

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://newsletters.financialpost.com/
Origin: https://newsletters.financialpost.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 21:42:19 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 30 Aug 2023 21:15:47 GMT
server: cloudflare
etag: W/"1abbbfbc5ec634533bdd0f97faaeeed4"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/x-javascript
access-control-max-age: 3000
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
x-frame-options: DENY
cf-ray: 801966d1bcbb9250-FRA

GET
H2 200 html5-player.css
assets-s3-us-east-1.ceros.com/8.10.6/view.ceros.com/default/assets/player/applications/html5-player/css/ 91 KB
19 KB 107ms
41ms Stylesheet
text/css 2606:4700:4400::6812:21be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-s3-us-east-1.ceros.com/8.10.6/view.ceros.com/default/assets/player/applications/html5-player/css/html5-player.css

Requested by

Host: newsletters.financialpost.com
URL: https://newsletters.financialpost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:21be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6bbb93d7bacea35536f71b3106fa79a7b96ee07c2c61529706ae7b714366e5b

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsletters.financialpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 21:42:19 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
age: 432452
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 30 Aug 2023 21:15:48 GMT
server: cloudflare
etag: W/"add24733bdc1f7796d3237fb7cc28718"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
cf-ray: 801966d0df35695b-FRA

GET
H2 200 experience-version-61f819b42715e.js Show response
media-s3-us-east-1.ceros.com/postmedia-network/doc-version-json/v11/ 130 KB
12 KB 289ms
220ms Script
application/javascript 2606:4700:4400::ac40:9be3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media-s3-us-east-1.ceros.com/postmedia-network/doc-version-json/v11/experience-version-61f819b42715e.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9be3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

123a98ae8318ec39326ff07fcb9a62481e1c243351166ff1e3501b7b8b59239c

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsletters.financialpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 21:42:19 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 31 Jan 2022 17:17:41 GMT
server: cloudflare
etag: W/"4f537560aba8db39b840335e31024979"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
cf-ray: 801966d22c6a2c4e-FRA

GET
H2 200 activity;xsp=4778358;ord=4633615924618.307
pubads.g.doubleclick.net/ 42 B
542 B 158ms
66ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;xsp=4778358;ord=4633615924618.307?

Requested by

Host: newsletters.financialpost.com
URL: https://newsletters.financialpost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsletters.financialpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 21:42:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 180 KB
65 KB 44ms
44ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-149272255-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

de73451dea3f528ae3400d11bb012175ab3497b4addf477a755b336550bc2425

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsletters.financialpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 21:42:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66678
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 04 Sep 2023 21:42:19 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 218 KB
77 KB 28ms
27ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FKDH4C0E3B&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-149272255-1&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

be0f07da08f09ac06a583fc1998713463647ebabfa2efa6d6c3049cbecc27645

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsletters.financialpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 21:42:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79070
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 04 Sep 2023 21:42:19 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 92ms
51ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-149272255-1&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsletters.financialpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 04 Sep 2023 19:44:23 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 7076
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 04 Sep 2023 21:44:23 GMT

GET
BLOB 200
OK 491bfa86-20fd-4a2d-bf6c-a0ab020060fc
https://newsletters.financialpost.com/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://newsletters.financialpost.com/491bfa86-20fd-4a2d-bf6c-a0ab020060fc
Requested by: Host: newsletters.financialpost.com
URL: https://newsletters.financialpost.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H2 200 ceros-fonts-2023-01-26.css
newsletters.financialpost.com/ 407 B
323 B 120ms
119ms Stylesheet
text/css 151.101.130.51
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://newsletters.financialpost.com/ceros-fonts-2023-01-26.css

Requested by

Host: newsletters.financialpost.com
URL: https://newsletters.financialpost.com/webfont-1.6.3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.51 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0b82466a6fe31e0baf68cee789f451980ffd808f9425e045e8f205abc574e683

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsletters.financialpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 21:42:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 02 Aug 2023 22:20:38 GMT
age: 422005
etag: "206ef34c0d1bd67a404b0b733c6350b1"
content-type: text/css
cache-control: max-age=0
accept-ranges: bytes
content-length: 227
x-xss-protection: 0

GET
H2 200 avenir-next-lt.css
newsletters.financialpost.com/ 3 KB
440 B 120ms
120ms Stylesheet
text/css 151.101.130.51
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://newsletters.financialpost.com/avenir-next-lt.css

Requested by

Host: newsletters.financialpost.com
URL: https://newsletters.financialpost.com/webfont-1.6.3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.51 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f619dac7a65a742377859042634f38d1ac996ee20c2897bc5e73befb52957743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsletters.financialpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 21:42:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 10 Aug 2023 21:50:55 GMT
age: 422005
etag: "2de96d67a05f8ff4db4685ab78cdde91"
content-type: text/css
cache-control: max-age=0
accept-ranges: bytes
content-length: 355
x-xss-protection: 0

GET
H2 200 processed-svg-linkedin-icon.svg Show response
media-s3-us-east-1.ceros.com/postmedia-network/images/2022/01/31/f635803e834a3777fa6e60737af99d1b/ 3 KB
1 KB 168ms
131ms XHR
image/svg+xml 2606:4700:4400::ac40:9be3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media-s3-us-east-1.ceros.com/postmedia-network/images/2022/01/31/f635803e834a3777fa6e60737af99d1b/processed-svg-linkedin-icon.svg

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9be3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5490c8318336c4efbb6d3b00aa77d18008cc0081206c83c685f70b7f53f5a7f7

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://newsletters.financialpost.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 21:42:20 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 31 Jan 2022 17:17:34 GMT
server: cloudflare
etag: W/"fcd4a122b20a1ff61a74df09fc6d8dd2"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, PUT, POST, HEAD
content-type: image/svg+xml
access-control-max-age: 3000
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
x-frame-options: DENY
cf-ray: 801966d6685103b0-FRA

GET
H2 200 processed-svg-twittericon.svg Show response
media-s3-us-east-1.ceros.com/postmedia-network/images/2022/01/31/500f34ed53139b972d2c48d751fbce11/ 3 KB
2 KB 164ms
128ms XHR
image/svg+xml 2606:4700:4400::ac40:9be3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media-s3-us-east-1.ceros.com/postmedia-network/images/2022/01/31/500f34ed53139b972d2c48d751fbce11/processed-svg-twittericon.svg

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9be3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e975d777dc3368e5cae372330555d75fa503b6f4b1b9e19c9933d706f649fdf

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://newsletters.financialpost.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 21:42:20 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 31 Jan 2022 17:17:33 GMT
server: cloudflare
etag: W/"d9cad8e9f4c3362d1e6e33fb23eb7caf"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, PUT, POST, HEAD
content-type: image/svg+xml
access-control-max-age: 3000
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
x-frame-options: DENY
cf-ray: 801966d6685303b0-FRA

GET
H2 200 processed-svg-facebookicon.svg Show response
media-s3-us-east-1.ceros.com/postmedia-network/images/2022/01/31/9b24162c30b6304141d6282837375930/ 2 KB
1 KB 165ms
130ms XHR
image/svg+xml 2606:4700:4400::ac40:9be3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media-s3-us-east-1.ceros.com/postmedia-network/images/2022/01/31/9b24162c30b6304141d6282837375930/processed-svg-facebookicon.svg

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9be3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

263f18d14718efc84c245dd0e6408e539ce475abc6604dcdcf38019745444d53

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://newsletters.financialpost.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 21:42:20 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 31 Jan 2022 17:17:32 GMT
server: cloudflare
etag: W/"18ae31e13ae6c47bc145d67fbc33e5d6"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, PUT, POST, HEAD
content-type: image/svg+xml
access-control-max-age: 3000
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
x-frame-options: DENY
cf-ray: 801966d6685603b0-FRA

GET
H2 200 processed-svg-instagram.svg Show response
media-s3-us-east-1.ceros.com/postmedia-network/images/2022/01/31/8c6bc8652923a132452dedcf2ae3d06a/ 1 KB
759 B 357ms
324ms XHR
image/svg+xml 2606:4700:4400::ac40:9be3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media-s3-us-east-1.ceros.com/postmedia-network/images/2022/01/31/8c6bc8652923a132452dedcf2ae3d06a/processed-svg-instagram.svg

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9be3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a256a62dbad30e6b29a64b4242bf123f0e9c3d90e2637bd3056a060b7b5373a1

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://newsletters.financialpost.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 21:42:20 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 31 Jan 2022 17:17:34 GMT
server: cloudflare
etag: W/"9543b0b3f6c714343303ebe795a36527"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, PUT, POST, HEAD
content-type: image/svg+xml
access-control-max-age: 3000
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
x-frame-options: DENY
cf-ray: 801966d6685203b0-FRA

GET
H2 200 processed-svg-image.svg Show response
media-s3-us-east-1.ceros.com/postmedia-network/images/2022/01/31/77ff062ec700216ba5f97fbcf51575e0/ 5 KB
2 KB 406ms
374ms XHR
image/svg+xml 2606:4700:4400::ac40:9be3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media-s3-us-east-1.ceros.com/postmedia-network/images/2022/01/31/77ff062ec700216ba5f97fbcf51575e0/processed-svg-image.svg

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9be3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bdc36e577bc83412c5caa3bed15343eabec4bf9e941465a1bd0830ea8799772

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://newsletters.financialpost.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 21:42:20 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 31 Jan 2022 17:17:35 GMT
server: cloudflare
etag: W/"d6a6893fe81d57eb143c6fd820da6a81"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, PUT, POST, HEAD
content-type: image/svg+xml
access-control-max-age: 3000
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
x-frame-options: DENY
cf-ray: 801966d6685903b0-FRA

GET
H2 200 millerdisplay-light.css
media-s3-us-east-1.ceros.com/postmedia-network/fonts/2019/07/16/c6acfc14-7780-469e-a2bf-e03211660b01/ 293 B
399 B 145ms
145ms Stylesheet
text/css 2606:4700:4400::ac40:9be3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media-s3-us-east-1.ceros.com/postmedia-network/fonts/2019/07/16/c6acfc14-7780-469e-a2bf-e03211660b01/millerdisplay-light.css

Requested by

Host: newsletters.financialpost.com
URL: https://newsletters.financialpost.com/webfont-1.6.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9be3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ef0dbcf386692d1526b6b870818651c6abb502339a9a6990b67213c314a1cbb

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsletters.financialpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 21:42:20 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 16 Jul 2019 19:33:21 GMT
server: cloudflare
etag: W/"069085da28d1cc25b7a487d59acf2004"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
cf-ray: 801966d638ee2c4e-FRA

GET
H2 200 millerdisplay-semibolditalic.css
media-s3-us-east-1.ceros.com/postmedia-network/fonts/2020/01/06/0369042e-de56-4a66-af62-d30db9199aa7/ 302 B
386 B 143ms
143ms Stylesheet
text/css 2606:4700:4400::ac40:9be3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media-s3-us-east-1.ceros.com/postmedia-network/fonts/2020/01/06/0369042e-de56-4a66-af62-d30db9199aa7/millerdisplay-semibolditalic.css

Requested by

Host: newsletters.financialpost.com
URL: https://newsletters.financialpost.com/webfont-1.6.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9be3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

891e37d3a7de903a3c542379369560fe476c97e0336e2cf944ee193c9a559249

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsletters.financialpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 21:42:19 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 06 Jan 2020 15:59:34 GMT
server: cloudflare
etag: W/"8e69ffe488fb1e6be91cdb73d0c70da9"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
cf-ray: 801966d638f12c4e-FRA

GET
H2 200 postsans-medium.css
media-s3-us-east-1.ceros.com/postmedia-network/fonts/2018/10/01/506f4933-e637-450d-904a-d4021d515bba/ 289 B
376 B 143ms
143ms Stylesheet
text/css 2606:4700:4400::ac40:9be3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media-s3-us-east-1.ceros.com/postmedia-network/fonts/2018/10/01/506f4933-e637-450d-904a-d4021d515bba/postsans-medium.css

Requested by

Host: newsletters.financialpost.com
URL: https://newsletters.financialpost.com/webfont-1.6.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9be3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e42d2b578122b295f5ff5f05b5858be93433136f09921d6f3a71027009ede5ee

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsletters.financialpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 21:42:19 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 01 Oct 2018 16:27:00 GMT
server: cloudflare
etag: W/"7f955389266a09b90a575e0b02d992e1"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
cf-ray: 801966d638f32c4e-FRA

GET
H2 200 postsans-bold.css
media-s3-us-east-1.ceros.com/postmedia-network/fonts/2018/10/01/cf50b541-362b-4131-9d20-3771dad97a55/ 285 B
374 B 145ms
145ms Stylesheet
text/css 2606:4700:4400::ac40:9be3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media-s3-us-east-1.ceros.com/postmedia-network/fonts/2018/10/01/cf50b541-362b-4131-9d20-3771dad97a55/postsans-bold.css

Requested by

Host: newsletters.financialpost.com
URL: https://newsletters.financialpost.com/webfont-1.6.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9be3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e1728d98b6a97d592fc8bcd79d1e255d2ff699df581b8dd7531b054dc853804

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsletters.financialpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 21:42:20 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 01 Oct 2018 16:26:57 GMT
server: cloudflare
etag: W/"f5ffe2746a203b02e9f099c1acde99ae"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
cf-ray: 801966d638f42c4e-FRA

GET
H2 200 processed-svg-arrow-icon.svg Show response
media-s3-us-east-1.ceros.com/postmedia-network/images/2022/01/31/22efad92cb5eb853e0f3ca0ae54e9cca/ 7 KB
2 KB 313ms
286ms XHR
image/svg+xml 2606:4700:4400::ac40:9be3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media-s3-us-east-1.ceros.com/postmedia-network/images/2022/01/31/22efad92cb5eb853e0f3ca0ae54e9cca/processed-svg-arrow-icon.svg

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9be3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6e1cea01fe1a1e8ccccb0659a6edf025d77a8c1e97f938430be8618aabda31f

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://newsletters.financialpost.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 21:42:20 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 31 Jan 2022 17:17:36 GMT
server: cloudflare
etag: W/"16e5354c927f0c669a2f027900791570"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, PUT, POST, HEAD
content-type: image/svg+xml
access-control-max-age: 3000
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
x-frame-options: DENY
cf-ray: 801966d6685803b0-FRA

GET
H2 200 css
fonts.googleapis.com/ 2 KB
979 B 73ms
23ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:regular

Requested by

Host: newsletters.financialpost.com
URL: https://newsletters.financialpost.com/webfont-1.6.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsletters.financialpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 04 Sep 2023 21:42:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 20:13:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Sep 2023 21:42:19 GMT

GET
H2 200 logo-postmedia.png
media-s3-us-east-1.ceros.com/postmedia-network/images/2018/09/15/62ac74803cf35bf8d41427733ee5ce59/ 2 KB
2 KB 210ms
210ms Image
image/avif 2606:4700:4400::ac40:9be3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-s3-us-east-1.ceros.com/postmedia-network/images/2018/09/15/62ac74803cf35bf8d41427733ee5ce59/logo-postmedia.png?imageOpt=1&fit=bounds&width=167

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9be3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

166fd5b52f7a4f6a734857db3d0956fb95342ebde1de8175e744973936929766

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsletters.financialpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 21:42:20 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
content-length: 1711
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 15 Sep 2018 15:43:46 GMT
server: cloudflare
etag: "cfCjOJWHw7YV3fmLvDddRzNBVDrG8NjYeU93f1bYbRDQ:dcfc6562e2b7c8cb17a8168691cd8493"
vary: Accept, Accept-Encoding
x-frame-options: DENY
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
cf-ray: 801966d72a862c4e-FRA

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 83ms
30ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:regular

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://newsletters.financialpost.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 22:08:16 GMT
x-content-type-options: nosniff
age: 430444
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Aug 2024 22:08:16 GMT

GET
H2 200 CerosIcons-Regular-2023-01-26.woff
newsletters.financialpost.com/ 47 KB
47 KB 140ms
138ms Font
application/x-font-woff 151.101.130.51
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://newsletters.financialpost.com/CerosIcons-Regular-2023-01-26.woff

Requested by

Host: newsletters.financialpost.com
URL: https://newsletters.financialpost.com/ceros-fonts-2023-01-26.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.51 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2dea4035f77031a35f930dd5ffd12db5f5cab458f69272c07d8968e1d289a247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsletters.financialpost.com/ceros-fonts-2023-01-26.css
Origin: https://newsletters.financialpost.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 21:42:20 GMT
x-content-type-options: nosniff
last-modified: Wed, 23 Aug 2023 21:35:53 GMT
age: 422005
etag: "7814c91459be51eb8fbdc05c65db6b46"
content-type: application/x-font-woff
cache-control: max-age=0
accept-ranges: bytes
content-length: 47628
x-xss-protection: 0

GET
H2 200 Avenir%20Next%20LT%20W05%20Regular.woff2
newsletters.financialpost.com/ 35 KB
35 KB 118ms
116ms Font
application/octet-stream 151.101.130.51
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://newsletters.financialpost.com/Avenir%20Next%20LT%20W05%20Regular.woff2

Requested by

Host: newsletters.financialpost.com
URL: https://newsletters.financialpost.com/avenir-next-lt.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.51 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6e3fd3c3fedec9fded5a9493a3d261dc1e140e2bf77ba10b8f07242414a03bad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsletters.financialpost.com/avenir-next-lt.css
Origin: https://newsletters.financialpost.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 21:42:20 GMT
x-content-type-options: nosniff
last-modified: Thu, 17 Aug 2023 22:30:58 GMT
age: 422005
etag: "07382a6efc7520ca9dd45e6d0c2f862a"
content-type: application/octet-stream
cache-control: max-age=0
accept-ranges: bytes
content-length: 36040
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 124 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5c11a0405bfcca07e1a05baa52631f30ac97b8dba84e6fc2e92dfda853303291

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 millerdisplay-light.woff
media-s3-us-east-1.ceros.com/postmedia-network/fonts/2019/07/16/cdfffc7d-8a79-4ad3-b170-552499df6046/ 25 KB
25 KB 141ms
141ms Font
application/font-woff 2606:4700:4400::ac40:9be3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media-s3-us-east-1.ceros.com/postmedia-network/fonts/2019/07/16/cdfffc7d-8a79-4ad3-b170-552499df6046/millerdisplay-light.woff

Requested by

Host: media-s3-us-east-1.ceros.com
URL: https://media-s3-us-east-1.ceros.com/postmedia-network/fonts/2019/07/16/c6acfc14-7780-469e-a2bf-e03211660b01/millerdisplay-light.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9be3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcff38652ab4b3832242a2543c49e36fc47290ead95fc5670d5075013adc5cdd

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://media-s3-us-east-1.ceros.com/postmedia-network/fonts/2019/07/16/c6acfc14-7780-469e-a2bf-e03211660b01/millerdisplay-light.css
Origin: https://newsletters.financialpost.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 21:42:20 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
content-length: 25180
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 16 Jul 2019 19:33:21 GMT
server: cloudflare
etag: "e7088612b9745019cf1e147d3234f4a3"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, PUT, POST, HEAD
content-type: application/font-woff
access-control-max-age: 3000
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
x-frame-options: DENY
accept-ranges: bytes
cf-ray: 801966d7393103b0-FRA

GET
H2 200 millerdisplay-semibolditalic.woff
media-s3-us-east-1.ceros.com/postmedia-network/fonts/2020/01/06/8a317394-c3a7-4177-a8c5-c86cbdb1f049/ 24 KB
24 KB 507ms
507ms Font
application/font-woff 2606:4700:4400::ac40:9be3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media-s3-us-east-1.ceros.com/postmedia-network/fonts/2020/01/06/8a317394-c3a7-4177-a8c5-c86cbdb1f049/millerdisplay-semibolditalic.woff

Requested by

Host: media-s3-us-east-1.ceros.com
URL: https://media-s3-us-east-1.ceros.com/postmedia-network/fonts/2020/01/06/0369042e-de56-4a66-af62-d30db9199aa7/millerdisplay-semibolditalic.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9be3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11532358b63cb89c5c90eb4786fe01c5fc332e33141cd62cecc9a5db6c82f3b2

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://media-s3-us-east-1.ceros.com/postmedia-network/fonts/2020/01/06/0369042e-de56-4a66-af62-d30db9199aa7/millerdisplay-semibolditalic.css
Origin: https://newsletters.financialpost.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 21:42:20 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
content-length: 24392
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 06 Jan 2020 15:59:34 GMT
server: cloudflare
etag: "f732856c2487136d24a155fb4ebdfff2"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, PUT, POST, HEAD
content-type: application/font-woff
access-control-max-age: 3000
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
x-frame-options: DENY
accept-ranges: bytes
cf-ray: 801966d7393503b0-FRA

GET
H2 200 postsans-medium.woff
media-s3-us-east-1.ceros.com/postmedia-network/fonts/2018/10/01/5f53a2aa-cf08-4c07-8207-da7a7b973e17/ 17 KB
17 KB 142ms
142ms Font
application/font-woff 2606:4700:4400::ac40:9be3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media-s3-us-east-1.ceros.com/postmedia-network/fonts/2018/10/01/5f53a2aa-cf08-4c07-8207-da7a7b973e17/postsans-medium.woff

Requested by

Host: media-s3-us-east-1.ceros.com
URL: https://media-s3-us-east-1.ceros.com/postmedia-network/fonts/2018/10/01/506f4933-e637-450d-904a-d4021d515bba/postsans-medium.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9be3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ce49482f0b1022309f0f145692e9cc295d45fdd7d41c393ebb8960793cecff4

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://media-s3-us-east-1.ceros.com/postmedia-network/fonts/2018/10/01/506f4933-e637-450d-904a-d4021d515bba/postsans-medium.css
Origin: https://newsletters.financialpost.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 21:42:20 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
content-length: 17016
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 01 Oct 2018 16:27:00 GMT
server: cloudflare
etag: "2768e269967d9af73c5564877480cc35"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, PUT, POST, HEAD
content-type: application/font-woff
access-control-max-age: 3000
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
x-frame-options: DENY
accept-ranges: bytes
cf-ray: 801966d7393603b0-FRA

GET
H2 200 postsans-bold.woff
media-s3-us-east-1.ceros.com/postmedia-network/fonts/2018/10/01/3748cf60-3991-484b-8e71-24ba61273ed0/ 17 KB
17 KB 144ms
143ms Font
application/font-woff 2606:4700:4400::ac40:9be3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media-s3-us-east-1.ceros.com/postmedia-network/fonts/2018/10/01/3748cf60-3991-484b-8e71-24ba61273ed0/postsans-bold.woff

Requested by

Host: media-s3-us-east-1.ceros.com
URL: https://media-s3-us-east-1.ceros.com/postmedia-network/fonts/2018/10/01/cf50b541-362b-4131-9d20-3771dad97a55/postsans-bold.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9be3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f746df5705e59e0d6985f5ca1296e2636740b97c6070ac726d27f04c37f38f9

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://media-s3-us-east-1.ceros.com/postmedia-network/fonts/2018/10/01/cf50b541-362b-4131-9d20-3771dad97a55/postsans-bold.css
Origin: https://newsletters.financialpost.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 21:42:20 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
content-length: 17216
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 01 Oct 2018 16:26:57 GMT
server: cloudflare
etag: "bcfd80bf2186655d74cfbda4dcccb158"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, PUT, POST, HEAD
content-type: application/font-woff
access-control-max-age: 3000
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
x-frame-options: DENY
accept-ranges: bytes
cf-ray: 801966d7393803b0-FRA

GET
H2 200 logo-postmedia.png
media-s3-us-east-1.ceros.com/postmedia-network/images/2018/09/15/62ac74803cf35bf8d41427733ee5ce59/ 2 KB
2 KB 38ms
38ms Image
image/avif 2606:4700:4400::ac40:9be3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-s3-us-east-1.ceros.com/postmedia-network/images/2018/09/15/62ac74803cf35bf8d41427733ee5ce59/logo-postmedia.png?imageOpt=1&fit=bounds&width=167

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9be3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

166fd5b52f7a4f6a734857db3d0956fb95342ebde1de8175e744973936929766

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsletters.financialpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 21:42:20 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
content-length: 1711
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 15 Sep 2018 15:43:46 GMT
server: cloudflare
etag: "cfCjOJWHw7YV3fmLvDddRzNBVDrG8NjYeU93f1bYbRDQ:dcfc6562e2b7c8cb17a8168691cd8493"
vary: Accept, Accept-Encoding
x-frame-options: DENY
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
cf-ray: 801966d87c472c4e-FRA

GET
H2 200 linkedin-icon.svg Show response
media-s3-us-east-1.ceros.com/postmedia-network/images/2018/10/04/fe622c900b94c63237ab445214918b70/ 3 KB
1 KB 489ms
489ms XHR
image/svg+xml 2606:4700:4400::ac40:9be3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media-s3-us-east-1.ceros.com/postmedia-network/images/2018/10/04/fe622c900b94c63237ab445214918b70/linkedin-icon.svg

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9be3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18d7be25bdb6402cb9ccc2e5a38f761f9029012328ab2b45af6fc30e38734051

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://newsletters.financialpost.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 21:42:20 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 04 Oct 2018 20:31:11 GMT
server: cloudflare
etag: W/"e491454257f4f28eaf60f37405c41466"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, PUT, POST, HEAD
content-type: image/svg+xml
access-control-max-age: 3000
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
x-frame-options: DENY
cf-ray: 801966d8caf403b0-FRA

GET
H2 200 twittericon.svg Show response
media-s3-us-east-1.ceros.com/postmedia-network/images/2018/10/02/fb934bad964f30b2c5c48f742f4c6be5/ 3 KB
2 KB 135ms
135ms XHR
image/svg+xml 2606:4700:4400::ac40:9be3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media-s3-us-east-1.ceros.com/postmedia-network/images/2018/10/02/fb934bad964f30b2c5c48f742f4c6be5/twittericon.svg

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9be3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1d1d70196b76b4e3e72981b51394465edbb2a26cd4826616b6ef1ff31759bbb

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://newsletters.financialpost.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 21:42:20 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 03 Oct 2018 01:56:05 GMT
server: cloudflare
etag: W/"a60aa168ace6645abe254c026d5a76c3"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, PUT, POST, HEAD
content-type: image/svg+xml
access-control-max-age: 3000
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
x-frame-options: DENY
cf-ray: 801966daacd103b0-FRA

GET
H2 200 logo-postmedia.png
media-s3-us-east-1.ceros.com/postmedia-network/images/2018/09/15/62ac74803cf35bf8d41427733ee5ce59/ 2 KB
2 KB 34ms
34ms Image
image/avif 2606:4700:4400::ac40:9be3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-s3-us-east-1.ceros.com/postmedia-network/images/2018/09/15/62ac74803cf35bf8d41427733ee5ce59/logo-postmedia.png?imageOpt=1&fit=bounds&width=167

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9be3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

166fd5b52f7a4f6a734857db3d0956fb95342ebde1de8175e744973936929766

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsletters.financialpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 21:42:20 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
content-length: 1711
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 15 Sep 2018 15:43:46 GMT
server: cloudflare
etag: "cfCjOJWHw7YV3fmLvDddRzNBVDrG8NjYeU93f1bYbRDQ:dcfc6562e2b7c8cb17a8168691cd8493"
vary: Accept, Accept-Encoding
x-frame-options: DENY
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
cf-ray: 801966daee8d2c4e-FRA

GET
H/1.1 200
OK fp-newsletters-ceros Show response
link.calgaryherald.com/join/5r6/ Frame F103 22 KB
6 KB 500ms
124ms Document
text/html 3.222.82.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://link.calgaryherald.com/join/5r6/fp-newsletters-ceros

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.222.82.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-222-82-214.compute-1.amazonaws.com

Software

Sailthru /

Resource Hash

4dccf797c03a514ecde9b44b1f643ce11c56361785e3ac0cfd9399c99679c2d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newsletters.financialpost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

connection: close
content-encoding: gzip
content-length: 5521
content-type: text/html; charset=UTF-8
date: Mon, 04 Sep 2023 21:42:21 GMT
server: Sailthru
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK a Show response
api.ceros.com/ 18 B
557 B 379ms
329ms XHR
application/json 13.32.99.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ceros.com/a?data=eyJjb21tb24iOnsiYWNjb3VudF9zbHVnIjoicG9zdG1lZGlhLW5ldHdvcmsiLCJjbGllbnRfdmVyc2lvbiI6MTEsInVzZXJfdG9rZW4iOiIxOGE2MjI1ODE4NjViYi0wM2FiODg5MTg2ZjZlNy02MDNiNTI1Yi0xZDRjMDAtMThhNjIyNTgxODdmYzAiLCJ2aXNpdF9zbHVnIjoiMThhNjIyNTgxODljNS0wYmY0NjdkMDczMzYzNC02MDNiNTI1Yi0xZDRjMDAtMThhNjIyNTgxOGFjNzEiLCJ1c2VyX2NvbnNlbnQiOnRydWUsImV4cGVyaWVuY2VfYWxpYXMiOiJmcC1uZXdzbGV0dGVyLXNpZ251cCIsImV4cGVyaWVuY2Vfc2x1ZyI6ImV4cGVyaWVuY2UtNjA1MGY0YzZhMjQ5YyIsImV4cGVyaWVuY2VfdmVyc2lvbl9zbHVnIjoiZXhwZXJpZW5jZS12ZXJzaW9uLTYxZjgxOWI0MjcxNWUiLCJwcm9qZWN0X3NsdWciOiJmcC1wb3N0aGFzdGUiLCJjdXJyZW50X2xheW91dCI6ImRlc2t0b3AifSwiZXh0ZW5kZWRfY29tbW9uIjp7ImJyb3dzZXIiOiJDaHJvbWUiLCJ0cmlhbCI6ZmFsc2UsImJyb3dzZXJfdmVyc2lvbiI6IjExNiIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE2LjAuNTg0NS4xNDAgU2FmYXJpLzUzNy4zNiIsImRldmljZV90eXBlIjoiZGVza3RvcCIsInBsYXllcl90eXBlIjoiaHRtbDUiLCJpbml0aWFsX29yaWVudGF0aW9uIjoibGFuZHNjYXBlIiwiY29va2llc19lbmFibGVkIjp0cnVlLCJlbWJlZGRlZCI6ZmFsc2UsImh0dHBzIjp0cnVlLCJkZXZpY2VfcGl4ZWxfcmF0aW8iOjEsIm9zIjoiV2luZG93cyIsIm9zX3ZlcnNpb24iOiIxMC4wIiwic2NyZWVuX3dpZHRoIjoxNjAwLCJzY3JlZW5faGVpZ2h0IjoxMjAwLCJpbml0aWFsX3NjYWxlIjoxLjI1LCJzY2FsZSI6MS4yNSwidGltZXpvbmUiOi0yfSwiZXZlbnRzIjpbeyJldmVudF9zbHVnIjoiMThhNjIyNTg0ZTQxNTgtMGViMDMyZTEzNTMwZmYtNjAzYjUyNWItMWQ0YzAwLTE4YTYyMjU4NGU1ZjJhIiwibG9hZF90aW1lIjoxLjU4MiwicGFnZV9zbHVnIjoicGFnZS02MWY4MTliNDI3MTg0IiwicGFnZV9udW0iOjEsImdyYWNlX3BlcmlvZF9leHBpcmVkIjpmYWxzZSwiZXZlbnRfbmFtZSI6InBsYXllci5leHBlcmllbmNlLm9wZW4iLCJjbGllbnRfdGltZXN0YW1wIjoxNjkzODYzNzQwNjQ2fSx7ImV2ZW50X3NsdWciOiIxOGE2MjI1ODE4ZTI3Mi0wODc3YTRjMDUwOWY1OS02MDNiNTI1Yi0xZDRjMDAtMThhNjIyNTgxOGZjZjAiLCJwZXJmb3JtYW5jZV9tYXJrZXJfbmFtZSI6InN0YXJ0LXRyYWNraW5nIiwicGVyZm9ybWFuY2VfbWFya2VyX3RpbWUiOjAsImV2ZW50X25hbWUiOiJwbGF5ZXIucGVyZm9ybWFuY2UubWFya2VyIiwiY2xpZW50X3RpbWVzdGFtcCI6MTY5Mzg2MzczOTc5Mn0seyJldmVudF9zbHVnIjoiMThhNjIyNTgxOTAyMmEtMDZjYjI2MGE5MWM5YjItNjAzYjUyNWItMWQ0YzAwLTE4YTYyMjU4MTkxZGY0IiwicGVyZm9ybWFuY2VfbWFya2VyX25hbWUiOiJydW4tc3RhcnQiLCJwZXJmb3JtYW5jZV9tYXJrZXJfdGltZSI6NzMwLCJldmVudF9uYW1lIjoicGxheWVyLnBlcmZvcm1hbmNlLm1hcmtlciIsImNsaWVudF90aW1lc3RhbXAiOjE2OTM4NjM3Mzk3OTR9LHsiZXZlbnRfc2x1ZyI6IjE4YTYyMjU4MTk3Yzk3LTA4NTYwNzZkZDUwNWYxLTYwM2I1MjViLTFkNGMwMC0xOGE2MjI1ODE5OGM2ZCIsInBlcmZvcm1hbmNlX21hcmtlcl9uYW1lIjoiZG9tLXJlYWR5IiwicGVyZm9ybWFuY2VfbWFya2VyX3RpbWUiOjczNiwiZXZlbnRfbmFtZSI6InBsYXllci5wZXJmb3JtYW5jZS5tYXJrZXIiLCJjbGllbnRfdGltZXN0YW1wIjoxNjkzODYzNzM5ODAxfSx7ImV2ZW50X3NsdWciOiIxOGE2MjI1ODFhMDYwNy0wNTNmMGUxNzQ0NTA3OS02MDNiNTI1Yi0xZDRjMDAtMThhNjIyNTgxYTFjODgiLCJwZXJmb3JtYW5jZV9tYXJrZXJfbmFtZSI6InNwaW5uZXItc2hvd24iLCJwZXJmb3JtYW5jZV9tYXJrZXJfdGltZSI6NzQ2LCJldmVudF9uYW1lIjoicGxheWVyLnBlcmZvcm1hbmNlLm1hcmtlciIsImNsaWVudF90aW1lc3RhbXAiOjE2OTM4NjM3Mzk4MTB9LHsiZXZlbnRfc2x1ZyI6IjE4YTYyMjU4MWI0YjMyLTAyYWVlYjFmOGZjOWExLTYwM2I1MjViLTFkNGMwMC0xOGE2MjI1ODFiNWFkOCIsInBlcmZvcm1hbmNlX21hcmtlcl9uYW1lIjoiZG9jLXZlcnNpb24tbG9hZGVkIiwicGVyZm9ybWFuY2VfbWFya2VyX3RpbWUiOjc2NSwiZXZlbnRfbmFtZSI6InBsYXllci5wZXJmb3JtYW5jZS5tYXJrZXIiLCJjbGllbnRfdGltZXN0YW1wIjoxNjkzODYzNzM5ODMwfV19&_=1693863739051
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-60.fra60.r.cloudfront.net
Software: /
Resource Hash: 80d04a9018987b4cc89c281142cba5e7ef9f8771d90a1d9631fe03cc536f8cce

Request headers

Accept: */*
Referer: https://newsletters.financialpost.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Mon, 04 Sep 2023 21:42:20 GMT
Via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P3
X-Amzn-Trace-Id: Root=1-64f64f3c-2cff97256cec138d21d71595;Sampled=0;lineage=694441d6:0
x-amzn-RequestId: 675aefb3-29c2-441e-8942-921f1f36987b
X-Cache: Miss from cloudfront
Content-Type: application/json
Access-Control-Allow-Origin: *
Connection: keep-alive
x-amz-apigw-id: KwFRkFTLoAMF_ZA=
Content-Length: 18
X-Amz-Cf-Id: aak4hTv0guGQHxQYMlk5a3xqLRiG9p_PuP2Hdl-jW3JxjOnoYI1Z1w==

GET
H/1.1 200
OK a Show response
api.ceros.com/ 18 B
557 B 366ms
319ms XHR
application/json 13.32.99.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ceros.com/a?data=eyJjb21tb24iOnsiYWNjb3VudF9zbHVnIjoicG9zdG1lZGlhLW5ldHdvcmsiLCJjbGllbnRfdmVyc2lvbiI6MTEsInVzZXJfdG9rZW4iOiIxOGE2MjI1ODE4NjViYi0wM2FiODg5MTg2ZjZlNy02MDNiNTI1Yi0xZDRjMDAtMThhNjIyNTgxODdmYzAiLCJ2aXNpdF9zbHVnIjoiMThhNjIyNTgxODljNS0wYmY0NjdkMDczMzYzNC02MDNiNTI1Yi0xZDRjMDAtMThhNjIyNTgxOGFjNzEiLCJ1c2VyX2NvbnNlbnQiOnRydWUsImV4cGVyaWVuY2VfYWxpYXMiOiJmcC1uZXdzbGV0dGVyLXNpZ251cCIsImV4cGVyaWVuY2Vfc2x1ZyI6ImV4cGVyaWVuY2UtNjA1MGY0YzZhMjQ5YyIsImV4cGVyaWVuY2VfdmVyc2lvbl9zbHVnIjoiZXhwZXJpZW5jZS12ZXJzaW9uLTYxZjgxOWI0MjcxNWUiLCJwcm9qZWN0X3NsdWciOiJmcC1wb3N0aGFzdGUiLCJjdXJyZW50X2xheW91dCI6ImRlc2t0b3AifSwiZXh0ZW5kZWRfY29tbW9uIjp7ImJyb3dzZXIiOiJDaHJvbWUiLCJ0cmlhbCI6ZmFsc2UsImJyb3dzZXJfdmVyc2lvbiI6IjExNiIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE2LjAuNTg0NS4xNDAgU2FmYXJpLzUzNy4zNiIsImRldmljZV90eXBlIjoiZGVza3RvcCIsInBsYXllcl90eXBlIjoiaHRtbDUiLCJpbml0aWFsX29yaWVudGF0aW9uIjoibGFuZHNjYXBlIiwiY29va2llc19lbmFibGVkIjp0cnVlLCJlbWJlZGRlZCI6ZmFsc2UsImh0dHBzIjp0cnVlLCJkZXZpY2VfcGl4ZWxfcmF0aW8iOjEsIm9zIjoiV2luZG93cyIsIm9zX3ZlcnNpb24iOiIxMC4wIiwic2NyZWVuX3dpZHRoIjoxNjAwLCJzY3JlZW5faGVpZ2h0IjoxMjAwLCJpbml0aWFsX3NjYWxlIjoxLjI1LCJzY2FsZSI6MS4yNSwidGltZXpvbmUiOi0yfSwiZXZlbnRzIjpbeyJldmVudF9zbHVnIjoiMThhNjIyNTg0ZThjMmEtMGMyYmNiMGI2MDY1ZmMtNjAzYjUyNWItMWQ0YzAwLTE4YTYyMjU4NGU5Y2FhIiwicGFnZV9zbHVnIjoicGFnZS02MWY4MTliNDI3MTg0IiwicGFnZV9udW0iOjEsImV2ZW50X25hbWUiOiJwbGF5ZXIucGFnZS52aWV3IiwiY2xpZW50X3RpbWVzdGFtcCI6MTY5Mzg2Mzc0MDY1MH0seyJldmVudF9zbHVnIjoiMThhNjIyNTgxY2Y1ODYtMDA5YTgyMTAzOGViOWMtNjAzYjUyNWItMWQ0YzAwLTE4YTYyMjU4MWQwYTVhIiwicGVyZm9ybWFuY2VfbWFya2VyX25hbWUiOiJoaWdoLXByaW9yaXR5LWltYWdlcy1zdGFydC1sb2FkaW5nIiwicGVyZm9ybWFuY2VfbWFya2VyX3RpbWUiOjc5MywiZXZlbnRfbmFtZSI6InBsYXllci5wZXJmb3JtYW5jZS5tYXJrZXIiLCJjbGllbnRfdGltZXN0YW1wIjoxNjkzODYzNzM5ODU3fSx7ImV2ZW50X3NsdWciOiIxOGE2MjI1ODFkMTM5NC0wNGJiZmMzZDhlMDdjZi02MDNiNTI1Yi0xZDRjMDAtMThhNjIyNTgxZDJhYWEiLCJwZXJmb3JtYW5jZV9tYXJrZXJfbmFtZSI6InByaW9yaXR5LXF1ZXVlLWVtcHRpZWQiLCJwZXJmb3JtYW5jZV9tYXJrZXJfdGltZSI6Nzk1LCJldmVudF9uYW1lIjoicGxheWVyLnBlcmZvcm1hbmNlLm1hcmtlciIsImNsaWVudF90aW1lc3RhbXAiOjE2OTM4NjM3Mzk4NTl9LHsiZXZlbnRfc2x1ZyI6IjE4YTYyMjU4MWUzNjkyLTBkNGY3YThiYjY2YzJiLTYwM2I1MjViLTFkNGMwMC0xOGE2MjI1ODFlNDY3MiIsInBlcmZvcm1hbmNlX21hcmtlcl9uYW1lIjoibG93LXByaW9yaXR5LWltYWdlcy1zdGFydC1sb2FkaW5nIiwicGVyZm9ybWFuY2VfbWFya2VyX3RpbWUiOjgxMywiZXZlbnRfbmFtZSI6InBsYXllci5wZXJmb3JtYW5jZS5tYXJrZXIiLCJjbGllbnRfdGltZXN0YW1wIjoxNjkzODYzNzM5ODc3fSx7ImV2ZW50X3NsdWciOiIxOGE2MjI1ODIwNWJkNS0wMTZiNTQ5MTM1OWUyOS02MDNiNTI1Yi0xZDRjMDAtMThhNjIyNTgyMDZiMjMiLCJwZXJmb3JtYW5jZV9tYXJrZXJfbmFtZSI6ImJlZ2luLXByZXJlbmRlcmluZy1wYWdlcyIsInBlcmZvcm1hbmNlX21hcmtlcl90aW1lIjo4NDcsImV2ZW50X25hbWUiOiJwbGF5ZXIucGVyZm9ybWFuY2UubWFya2VyIiwiY2xpZW50X3RpbWVzdGFtcCI6MTY5Mzg2MzczOTkxMX0seyJldmVudF9zbHVnIjoiMThhNjIyNTgyNDA3ZmEtMDNhNjA3MjI2ODZmMjYtNjAzYjUyNWItMWQ0YzAwLTE4YTYyMjU4MjQxMTJkNSIsInBlcmZvcm1hbmNlX21hcmtlcl9uYW1lIjoiYWxsLXBhZ2VzLXByZXJlbmRlcmVkIiwicGVyZm9ybWFuY2VfbWFya2VyX3RpbWUiOjkwNiwiZXZlbnRfbmFtZSI6InBsYXllci5wZXJmb3JtYW5jZS5tYXJrZXIiLCJjbGllbnRfdGltZXN0YW1wIjoxNjkzODYzNzM5OTcwfV19&_=1693863739052
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-60.fra60.r.cloudfront.net
Software: /
Resource Hash: 80d04a9018987b4cc89c281142cba5e7ef9f8771d90a1d9631fe03cc536f8cce

Request headers

Accept: */*
Referer: https://newsletters.financialpost.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Mon, 04 Sep 2023 21:42:20 GMT
Via: 1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P3
X-Amzn-Trace-Id: Root=1-64f64f3c-564f715d1206b85c1efcf1c5;Sampled=0;lineage=694441d6:0
x-amzn-RequestId: 6b424900-17db-485e-b237-03e88e4fb231
X-Cache: Miss from cloudfront
Content-Type: application/json
Access-Control-Allow-Origin: *
Connection: keep-alive
x-amz-apigw-id: KwFRkG1rIAMFfKw=
Content-Length: 18
X-Amz-Cf-Id: NT1PGOrNola2mvtD-ye5bVtTOaEnRKVScR_vAfe3hyFym4Xb28Sqsg==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
215 B 34ms
34ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1539663538&t=pageview&_s=1&dl=https%3A%2F%2Fnewsletters.financialpost.com%2Fp%2F1&dp=%2Fp%2F1&ul=en-us&de=UTF-8&dt=Financial%20Post%20-%20Sign%20Up%20for%20Our%20Newsletters&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUABAAAAACAAI~&jid=1901920187&gjid=1756637169&cid=486766236.1693863739&tid=UA-149272255-1&_gid=524583222.1693863739&_r=1&gtm=457e38u0&gcs=G1-1&jsscut=1&z=1729258827

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://newsletters.financialpost.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 21:42:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://newsletters.financialpost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 facebookicon.svg Show response
media-s3-us-east-1.ceros.com/postmedia-network/images/2018/10/02/03fa2c0f0bfdae94327d1b9d1d47b350/ 2 KB
958 B 139ms
139ms XHR
image/svg+xml 2606:4700:4400::ac40:9be3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media-s3-us-east-1.ceros.com/postmedia-network/images/2018/10/02/03fa2c0f0bfdae94327d1b9d1d47b350/facebookicon.svg

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9be3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e61b865322f87d77619b9b47d8bf776f863de6e09b2bc8d34152a3fabb7c04a

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://newsletters.financialpost.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 21:42:20 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 03 Oct 2018 01:55:55 GMT
server: cloudflare
etag: W/"c93e875983089d7d760e51cb1910ac84"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, PUT, POST, HEAD
content-type: image/svg+xml
access-control-max-age: 3000
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
x-frame-options: DENY
cf-ray: 801966db8dbc03b0-FRA

GET
H2 200 image-7.svg Show response
media-s3-us-east-1.ceros.com/postmedia-network/images/2020/03/10/a4f9ce70f061e30cbd4895ad0cea8193/ 935 B
638 B 285ms
285ms XHR
image/svg+xml 2606:4700:4400::ac40:9be3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media-s3-us-east-1.ceros.com/postmedia-network/images/2020/03/10/a4f9ce70f061e30cbd4895ad0cea8193/image-7.svg

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9be3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac6e8a79f24eb8dff1fc5e20cf56b6bf1a456c86917a6df92abc7031bb23d9af

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://newsletters.financialpost.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 21:42:21 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 10 Mar 2020 19:12:20 GMT
server: cloudflare
etag: W/"1928d53e179272c762ccb43977504774"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, PUT, POST, HEAD
content-type: image/svg+xml
access-control-max-age: 3000
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
x-frame-options: DENY
cf-ray: 801966dbddfb03b0-FRA

GET
H2 200 image.svg Show response
media-s3-us-east-1.ceros.com/postmedia-network/images/2021/03/16/2d21cb8207338eebe152fa9497e84f86/ 4 KB
2 KB 283ms
283ms XHR
image/svg+xml 2606:4700:4400::ac40:9be3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media-s3-us-east-1.ceros.com/postmedia-network/images/2021/03/16/2d21cb8207338eebe152fa9497e84f86/image.svg

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9be3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3ca40a4b1eb4788226dba2c2781828dc27f97d610f365fbdfc1f1bdc5d9205b

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://newsletters.financialpost.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 21:42:21 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 16 Mar 2021 18:47:39 GMT
server: cloudflare
etag: W/"0b7876c8b7b8973aaa696c884269f1d3"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, PUT, POST, HEAD
content-type: image/svg+xml
access-control-max-age: 3000
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
x-frame-options: DENY
cf-ray: 801966dc7ead03b0-FRA

GET
H2 200 bentonsans-bookitalic.css
media-s3-us-east-1.ceros.com/postmedia-network/fonts/2020/06/24/e6fb37af-0597-443b-805f-e68a83693dd5/ 295 B
401 B 1401ms
1400ms Stylesheet
text/css 2606:4700:4400::ac40:9be3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media-s3-us-east-1.ceros.com/postmedia-network/fonts/2020/06/24/e6fb37af-0597-443b-805f-e68a83693dd5/bentonsans-bookitalic.css

Requested by

Host: newsletters.financialpost.com
URL: https://newsletters.financialpost.com/webfont-1.6.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9be3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45d9f48e80bc98065852ef96c21c3f4c8f1776cfa766bdf32cdb6f637d02076c

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsletters.financialpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 21:42:22 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 24 Jun 2020 22:23:00 GMT
server: cloudflare
etag: W/"7d4616ad1b5f973e1e86c0809cb7d22b"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
cf-ray: 801966dda92c2c4e-FRA

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ Frame F103 82 KB
29 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js

Requested by

Host: link.calgaryherald.com
URL: https://link.calgaryherald.com/join/5r6/fp-newsletters-ceros

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link.calgaryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:18:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19412
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29671
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Sep 2024 16:18:49 GMT

GET
H2 200 spm.v1.min.js Show response
ak.sail-horizon.com/spm/ Frame F103 98 KB
33 KB 119ms
20ms Script
application/javascript 18.66.112.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by: Host: link.calgaryherald.com
URL: https://link.calgaryherald.com/join/5r6/fp-newsletters-ceros
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-45.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8ed1c626af66981552aac1e9cd693fb3bbf73411f1af5ad340723545258fab7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link.calgaryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 21:42:04 GMT
content-encoding: gzip
via: 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
last-modified: Tue, 29 Aug 2023 21:44:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 18
x-amz-server-side-encryption: AES256
etag: W/"edee28fbd3a5c9f3c17e0333554b5646"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=600; must-revalidate
x-amz-cf-id: hjLmbTB-r6wZet1d1ghginbXL3DID9iR9bYMHkpjsdwvgO6BbfWJng==

GET
H/1.1 404
Not Found fp-economy.svg
s3.amazonaws.com/asset-nationalpost-pub/test-assets/sailthru/ Frame F103 0
0 320ms
103ms Image
application/xml 52.217.165.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/asset-nationalpost-pub/test-assets/sailthru/fp-economy.svg
Requested by: Host: link.calgaryherald.com
URL: https://link.calgaryherald.com/join/5r6/fp-newsletters-ceros
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.165.216 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link.calgaryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

GET
H/1.1 404
Not Found fp-work.svg
s3.amazonaws.com/asset-nationalpost-pub/test-assets/sailthru/ Frame F103 0
0 311ms
103ms Image
application/xml 52.217.165.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/asset-nationalpost-pub/test-assets/sailthru/fp-work.svg
Requested by: Host: link.calgaryherald.com
URL: https://link.calgaryherald.com/join/5r6/fp-newsletters-ceros
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.165.216 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link.calgaryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

GET
H/1.1 404
Not Found fp-energy.svg
s3.amazonaws.com/asset-nationalpost-pub/test-assets/sailthru/ Frame F103 0
0 310ms
108ms Image
application/xml 52.217.165.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/asset-nationalpost-pub/test-assets/sailthru/fp-energy.svg
Requested by: Host: link.calgaryherald.com
URL: https://link.calgaryherald.com/join/5r6/fp-newsletters-ceros
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.165.216 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link.calgaryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

GET
H/1.1 404
Not Found fp-finance.svg
s3.amazonaws.com/asset-nationalpost-pub/test-assets/sailthru/ Frame F103 0
0 315ms
107ms Image
application/xml 52.217.165.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/asset-nationalpost-pub/test-assets/sailthru/fp-finance.svg
Requested by: Host: link.calgaryherald.com
URL: https://link.calgaryherald.com/join/5r6/fp-newsletters-ceros
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.165.216 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link.calgaryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

GET
H/1.1 404
Not Found fp-investor.svg
s3.amazonaws.com/asset-nationalpost-pub/test-assets/sailthru/ Frame F103 0
0 418ms
110ms Image
application/xml 52.217.165.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/asset-nationalpost-pub/test-assets/sailthru/fp-investor.svg
Requested by: Host: link.calgaryherald.com
URL: https://link.calgaryherald.com/join/5r6/fp-newsletters-ceros
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.165.216 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link.calgaryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

GET
H/1.1 404
Not Found fp-posthaste.png
s3.amazonaws.com/asset-nationalpost-pub/test-assets/sailthru/ Frame F103 0
0 527ms
107ms Image
application/xml 52.217.165.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/asset-nationalpost-pub/test-assets/sailthru/fp-posthaste.png
Requested by: Host: link.calgaryherald.com
URL: https://link.calgaryherald.com/join/5r6/fp-newsletters-ceros
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.165.216 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link.calgaryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

GET
H2 200 api.js Show response
www.google.com/recaptcha/ Frame F103 1 KB
1 KB 58ms
24ms Script
text/javascript 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=st_recaptcha_onload&render=explicit

Requested by

Host: link.calgaryherald.com
URL: https://link.calgaryherald.com/join/5r6/fp-newsletters-ceros

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a6ad528e9300c8b543eb9ddc2b46da99dcc89882644a0c0df2b519db52581b3e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link.calgaryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 21:42:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 854
x-xss-protection: 1; mode=block
expires: Mon, 04 Sep 2023 21:42:21 GMT

GET
H2 200 bentonsans-bold.css
media-s3-us-east-1.ceros.com/postmedia-network/fonts/2020/06/24/a1cad37a-458e-481c-a491-3580f2edbdf2/ 289 B
398 B 142ms
141ms Stylesheet
text/css 2606:4700:4400::ac40:9be3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media-s3-us-east-1.ceros.com/postmedia-network/fonts/2020/06/24/a1cad37a-458e-481c-a491-3580f2edbdf2/bentonsans-bold.css

Requested by

Host: newsletters.financialpost.com
URL: https://newsletters.financialpost.com/webfont-1.6.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9be3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2d08a3b155fbec3cf756b7de4e9c4c1f9efc5cfb7f74fe4e5df8d4bc728e9d7

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsletters.financialpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 21:42:21 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 24 Jun 2020 22:22:56 GMT
server: cloudflare
etag: W/"921fd0cefee0733fd23ee0284d07008b"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
cf-ray: 801966de39ad2c4e-FRA

GET
H2 200 simple Show response
api.sail-personalize.com/v1/personalize/ Frame F103 256 B
474 B 108ms
108ms Fetch
application/json 99.83.154.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sail-personalize.com/v1/personalize/simple?isMobile=0
Requested by: Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa7557bb34ea5624b.awsglobalaccelerator.com
Software: /
Resource Hash: 62a645c1108276fe803ecf12d1c053e257ca7089318d7422a0c59fa13f9e3d06

Request headers

x-lib-version: v1.0.1
accept-language: de-DE,de;q=0.9
authorization: Bearer b9d3df2fccd108b5eff3c44f573b2cd6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
content-type: application/json
accept: application/json
Referer: https://link.calgaryherald.com/
x-referring-url: https://link.calgaryherald.com/join/5r6/fp-newsletters-ceros

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 21:42:21 GMT
content-encoding: gzip
allowedorigins: *
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
allowedmethods: GET,OPTIONS
cache-control: no-store
access-control-allow-credentials: true
allowedheaders: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length: 173
expires: -1

OPTIONS
H2 200 simple
api.sail-personalize.com/v1/personalize/ Frame 0
0 337ms
107ms Preflight
text/plain 99.83.154.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sail-personalize.com/v1/personalize/simple?isMobile=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa7557bb34ea5624b.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-lib-version,x-referring-url
Access-Control-Request-Method: GET
Origin: https://link.calgaryherald.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
access-control-allow-methods: OPTIONS,GET,POST,PUT,DELETE
access-control-allow-origin: https://link.calgaryherald.com
access-control-max-age: 1800
allow: HEAD,GET,OPTIONS
content-length: 18
content-type: text/plain
date: Mon, 04 Sep 2023 21:42:21 GMT

GET PostSans-Bold.woff
s3.amazonaws.com/asset-nationalpost-pub/test-assets/fonts/ Frame F103 0
0

GET PostSans-Medium.woff
s3.amazonaws.com/asset-nationalpost-pub/test-assets/fonts/ Frame F103 0
0

GET
H2 200 bentonsans-bold.woff
media-s3-us-east-1.ceros.com/postmedia-network/fonts/2020/06/24/a7d4504a-335e-497b-9cd4-21d46c4ef5ef/ 18 KB
18 KB 411ms
411ms Font
font/woff 2606:4700:4400::ac40:9be3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media-s3-us-east-1.ceros.com/postmedia-network/fonts/2020/06/24/a7d4504a-335e-497b-9cd4-21d46c4ef5ef/bentonsans-bold.woff

Requested by

Host: media-s3-us-east-1.ceros.com
URL: https://media-s3-us-east-1.ceros.com/postmedia-network/fonts/2020/06/24/a1cad37a-458e-481c-a491-3580f2edbdf2/bentonsans-bold.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9be3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

942fc68f8c8cc2b68f854debd1021aa7d2ae298b6c86766383d4761f8e2e4fef

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://media-s3-us-east-1.ceros.com/postmedia-network/fonts/2020/06/24/a1cad37a-458e-481c-a491-3580f2edbdf2/bentonsans-bold.css
Origin: https://newsletters.financialpost.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 21:42:21 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
content-length: 18388
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 24 Jun 2020 22:22:56 GMT
server: cloudflare
etag: "fd7dece21eaaef77037c85cac55edef2"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, PUT, POST, HEAD
content-type: font/woff
access-control-max-age: 3000
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
x-frame-options: DENY
accept-ranges: bytes
cf-ray: 801966df6a5403b0-FRA

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ Frame F103 454 KB
183 KB 83ms
23ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=st_recaptcha_onload&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

587fc1c1e943e8763bd2e2ff0be4a0e5efc61181b1a4834c99aac812c5c126a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://link.calgaryherald.com/
Origin: https://link.calgaryherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 09:22:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 130770
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 186637
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 02:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 02 Sep 2024 09:22:51 GMT

GET
H2 200 bentonsans-bookitalic.woff
media-s3-us-east-1.ceros.com/postmedia-network/fonts/2020/06/24/dfb4272b-bef4-40ef-931e-831adb8a9fdc/ 19 KB
19 KB 288ms
288ms Font
font/woff 2606:4700:4400::ac40:9be3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media-s3-us-east-1.ceros.com/postmedia-network/fonts/2020/06/24/dfb4272b-bef4-40ef-931e-831adb8a9fdc/bentonsans-bookitalic.woff

Requested by

Host: media-s3-us-east-1.ceros.com
URL: https://media-s3-us-east-1.ceros.com/postmedia-network/fonts/2020/06/24/e6fb37af-0597-443b-805f-e68a83693dd5/bentonsans-bookitalic.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9be3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67dfeac821c2adee605d2692dd14dc2409e1f016367d5c51c572f2503f703864

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://media-s3-us-east-1.ceros.com/postmedia-network/fonts/2020/06/24/e6fb37af-0597-443b-805f-e68a83693dd5/bentonsans-bookitalic.css
Origin: https://newsletters.financialpost.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 21:42:22 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
content-length: 19220
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 24 Jun 2020 22:23:00 GMT
server: cloudflare
etag: "ae7bbcfba98a4f3701ff25a45fe8754c"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, PUT, POST, HEAD
content-type: font/woff
access-control-max-age: 3000
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
x-frame-options: DENY
accept-ranges: bytes
cf-ray: 801966e68b5f03b0-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s3.amazonaws.com
URL: https://s3.amazonaws.com/asset-nationalpost-pub/test-assets/fonts/PostSans-Bold.woff

Domain: s3.amazonaws.com
URL: https://s3.amazonaws.com/asset-nationalpost-pub/test-assets/fonts/PostSans-Medium.woff

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 14:31:04	Name: test_cookie Value: CheckForPermission
.financialpost.com/	1970-01-21 00:07:03	Name: _ga Value: GA1.2.486766236.1693863739
.financialpost.com/	1970-01-20 14:32:30	Name: _gid Value: GA1.2.524583222.1693863739
.financialpost.com/	1970-01-20 14:31:03	Name: _gat_gtag_UA_149272255_1 Value: 1

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://s3.amazonaws.com/asset-nationalpost-pub/test-assets/sailthru/fp-economy.svg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://s3.amazonaws.com/asset-nationalpost-pub/test-assets/sailthru/fp-work.svg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://s3.amazonaws.com/asset-nationalpost-pub/test-assets/sailthru/fp-energy.svg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://s3.amazonaws.com/asset-nationalpost-pub/test-assets/sailthru/fp-finance.svg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	error	URL: https://link.calgaryherald.com/join/5r6/fp-newsletters-ceros Message: Access to font at 'https://s3.amazonaws.com/asset-nationalpost-pub/test-assets/fonts/PostSans-Bold.woff' from origin 'https://link.calgaryherald.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://s3.amazonaws.com/asset-nationalpost-pub/test-assets/fonts/PostSans-Bold.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://link.calgaryherald.com/join/5r6/fp-newsletters-ceros Message: Access to font at 'https://s3.amazonaws.com/asset-nationalpost-pub/test-assets/fonts/PostSans-Medium.woff' from origin 'https://link.calgaryherald.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://s3.amazonaws.com/asset-nationalpost-pub/test-assets/fonts/PostSans-Medium.woff Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://s3.amazonaws.com/asset-nationalpost-pub/test-assets/sailthru/fp-investor.svg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://s3.amazonaws.com/asset-nationalpost-pub/test-assets/sailthru/fp-posthaste.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
ak.sail-horizon.com
api.ceros.com
api.sail-personalize.com
assets-s3-us-east-1.ceros.com
fonts.googleapis.com
fonts.gstatic.com
link.calgaryherald.com
media-s3-us-east-1.ceros.com
newsletters.financialpost.com
pubads.g.doubleclick.net
s3.amazonaws.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
s3.amazonaws.com
13.32.99.60
151.101.130.51
18.66.112.45
2606:4700:4400::6812:21be
2606:4700:4400::ac40:9be3
2a00:1450:4001:806::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:811::2004
2a00:1450:4001:812::200e
2a00:1450:4001:827::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::200a
3.222.82.214
52.217.165.216
99.83.154.140
0b82466a6fe31e0baf68cee789f451980ffd808f9425e045e8f205abc574e683
0bdc36e577bc83412c5caa3bed15343eabec4bf9e941465a1bd0830ea8799772
0e61b865322f87d77619b9b47d8bf776f863de6e09b2bc8d34152a3fabb7c04a
11532358b63cb89c5c90eb4786fe01c5fc332e33141cd62cecc9a5db6c82f3b2
123a98ae8318ec39326ff07fcb9a62481e1c243351166ff1e3501b7b8b59239c
166fd5b52f7a4f6a734857db3d0956fb95342ebde1de8175e744973936929766
18d7be25bdb6402cb9ccc2e5a38f761f9029012328ab2b45af6fc30e38734051
263f18d14718efc84c245dd0e6408e539ce475abc6604dcdcf38019745444d53
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
2c32949b380a8e2de4d20de669d0573ba34d27f172a459886d434512fa2781cd
2dea4035f77031a35f930dd5ffd12db5f5cab458f69272c07d8968e1d289a247
2e1728d98b6a97d592fc8bcd79d1e255d2ff699df581b8dd7531b054dc853804
3b0a585ef0d7a06ed38fd133e0fdcf28cd5c2f9f2ac40114580f1dce13498123
445774832a1d99562eab24db80d2afb901d8377184cc4b6d6e504a23536eaca3
45d9f48e80bc98065852ef96c21c3f4c8f1776cfa766bdf32cdb6f637d02076c
4dccf797c03a514ecde9b44b1f643ce11c56361785e3ac0cfd9399c99679c2d4
4e975d777dc3368e5cae372330555d75fa503b6f4b1b9e19c9933d706f649fdf
4ef0dbcf386692d1526b6b870818651c6abb502339a9a6990b67213c314a1cbb
5490c8318336c4efbb6d3b00aa77d18008cc0081206c83c685f70b7f53f5a7f7
587fc1c1e943e8763bd2e2ff0be4a0e5efc61181b1a4834c99aac812c5c126a0
5c11a0405bfcca07e1a05baa52631f30ac97b8dba84e6fc2e92dfda853303291
60aa097f72d8f1596e36ce38612dfe62b576344e1432fb6fc971809b845dd1f7
62a645c1108276fe803ecf12d1c053e257ca7089318d7422a0c59fa13f9e3d06
67dfeac821c2adee605d2692dd14dc2409e1f016367d5c51c572f2503f703864
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e3fd3c3fedec9fded5a9493a3d261dc1e140e2bf77ba10b8f07242414a03bad
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
80d04a9018987b4cc89c281142cba5e7ef9f8771d90a1d9631fe03cc536f8cce
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
891e37d3a7de903a3c542379369560fe476c97e0336e2cf944ee193c9a559249
8ed1c626af66981552aac1e9cd693fb3bbf73411f1af5ad340723545258fab7e
942fc68f8c8cc2b68f854debd1021aa7d2ae298b6c86766383d4761f8e2e4fef
9ce49482f0b1022309f0f145692e9cc295d45fdd7d41c393ebb8960793cecff4
9f746df5705e59e0d6985f5ca1296e2636740b97c6070ac726d27f04c37f38f9
a256a62dbad30e6b29a64b4242bf123f0e9c3d90e2637bd3056a060b7b5373a1
a6ad528e9300c8b543eb9ddc2b46da99dcc89882644a0c0df2b519db52581b3e
ac6e8a79f24eb8dff1fc5e20cf56b6bf1a456c86917a6df92abc7031bb23d9af
b3ca40a4b1eb4788226dba2c2781828dc27f97d610f365fbdfc1f1bdc5d9205b
be0f07da08f09ac06a583fc1998713463647ebabfa2efa6d6c3049cbecc27645
c6e1cea01fe1a1e8ccccb0659a6edf025d77a8c1e97f938430be8618aabda31f
d6e326c73f85fac22d5b5a8d3254f5b135d3f3f9cb15f76ebfa58d4584bbb61c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de73451dea3f528ae3400d11bb012175ab3497b4addf477a755b336550bc2425
e2d08a3b155fbec3cf756b7de4e9c4c1f9efc5cfb7f74fe4e5df8d4bc728e9d7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42d2b578122b295f5ff5f05b5858be93433136f09921d6f3a71027009ede5ee
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1d1d70196b76b4e3e72981b51394465edbb2a26cd4826616b6ef1ff31759bbb
f619dac7a65a742377859042634f38d1ac996ee20c2897bc5e73befb52957743
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6bbb93d7bacea35536f71b3106fa79a7b96ee07c2c61529706ae7b714366e5b
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fcff38652ab4b3832242a2543c49e36fc47290ead95fc5670d5075013adc5cdd

newsletters.financialpost.com Open in urlscan Pro 151.101.130.51 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

63 Requests

95 %HTTPS

63 %IPv6

12 Domains

16 Subdomains

17 IPs

2 Countries

1515 kBTransfer

4741 kBSize

4 Cookies

15 Outgoing links

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

newsletters.financialpost.com Open in urlscan Pro
151.101.130.51 Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

95 %
HTTPS

63 %
IPv6

12
Domains

16
Subdomains

17
IPs

2
Countries

1515 kB
Transfer

4741 kB
Size

4
Cookies

63 HTTP transactions
1 data transactions