urlscan.io logo urlscan.io
SecurityTrails logo

torontosun.com Open in urlscan Pro
34.111.249.109  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://torontosun.com/
Effective URL: https://torontosun.com/
Submission: On October 23 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 110 IPs in 9 countries across 81 domains to perform 401 HTTP transactions. The main IP is 34.111.249.109, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is torontosun.com. The Cisco Umbrella rank of the primary domain is 421022.
TLS certificate: Issued by GTS CA 1D4 on September 3rd 2023. Valid for: 3 months.
This is the only time torontosun.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 34.111.249.109 396982 (GOOGLE-CL...)
48 34.149.157.221 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 108.138.1.25 16509 (AMAZON-02)
2 23.201.255.110 16625 (AKAMAI-AS)
1 13.32.27.10 16509 (AMAZON-02)
29 34.117.54.29 396982 (GOOGLE-CL...)
1 18.66.112.103 16509 (AMAZON-02)
1 2606:4700:e2:... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 99.86.4.71 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 23.197.10.19 16625 (AKAMAI-AS)
2 34.249.211.193 16509 (AMAZON-02)
1 52.222.209.4 16509 (AMAZON-02)
1 35.241.9.51 15169 (GOOGLE)
1 6 185.89.210.122 29990 (ASN-APPNEX)
36 18.156.195.47 16509 (AMAZON-02)
2 8 104.18.26.193 13335 (CLOUDFLAR...)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 2a02:2638:3::7 44788 (ASN-CRITE...)
17 18.197.245.211 16509 (AMAZON-02)
1 216.52.2.6 32475 (SINGLEHOP...)
2 2602:803:c003... 26667 (RUBICONPR...)
1 35.186.253.211 15169 (GOOGLE)
11 34.107.254.252 396982 (GOOGLE-CL...)
2 99.83.154.140 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
16 20 2600:9000:239... 16509 (AMAZON-02)
24 2a04:4e42::626 54113 (FASTLY)
8 8 142.250.184.226 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 18.185.12.185 16509 (AMAZON-02)
1 152.199.22.243 15133 (EDGECAST)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
5 2600:9000:212... 16509 (AMAZON-02)
9 2a00:1450:400... 15169 (GOOGLE)
1 5 13.32.99.90 16509 (AMAZON-02)
1 2a04:4e42:200... 54113 (FASTLY)
3 2600:9000:249... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 2600:1f18:44f... 14618 (AMAZON-AES)
2 2a03:2880:f08... 32934 (FACEBOOK)
2 2606:4700:440... 13335 (CLOUDFLAR...)
4 2a02:26f0:280... 20940 (AKAMAI-ASN1)
1 2606:4700::68... 13335 (CLOUDFLAR...)
7 2a04:4e42:400... 54113 (FASTLY)
3 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 18.65.39.16 16509 (AMAZON-02)
1 18.66.100.58 16509 (AMAZON-02)
5 2001:4860:480... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 35.187.184.108 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638:d::2 44788 (ASN-CRITE...)
1 108.156.60.61 16509 (AMAZON-02)
1 143.204.98.68 16509 (AMAZON-02)
1 52.17.99.225 16509 (AMAZON-02)
2 2a03:2880:f17... 32934 (FACEBOOK)
2 35.190.0.66 15169 (GOOGLE)
1 35.244.170.237 15169 (GOOGLE)
9 23.213.169.236 16625 (AKAMAI-AS)
4 116.202.32.62 24940 (HETZNER-AS)
1 2 2a02:2638:d::d 44788 (ASN-CRITE...)
1 3.82.70.184 14618 (AMAZON-AES)
1 130.162.160.243 31898 (ORACLE-BM...)
3 167.235.124.59 24940 (HETZNER-AS)
1 2600:9000:25e... 16509 (AMAZON-02)
1 178.250.7.13 44788 (ASN-CRITE...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
6 2.18.161.148 16625 (AKAMAI-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:1901:0:8... 15169 (GOOGLE)
2 104.18.24.18 13335 (CLOUDFLAR...)
1 151.101.65.108 54113 (FASTLY)
2 23.43.60.191 16625 (AKAMAI-AS)
2 23.52.120.246 16625 (AKAMAI-AS)
1 35.244.159.8 15169 (GOOGLE)
1 69.173.144.165 26667 (RUBICONPR...)
2 3.124.223.97 16509 (AMAZON-02)
1 3 198.47.127.19 62713 (AS-PUBMATIC)
3 3 54.83.245.159 14618 (AMAZON-AES)
2 2 178.250.7.11 44788 (ASN-CRITE...)
1 2600:1f18:ed:... 14618 (AMAZON-AES)
3 15.197.193.217 16509 (AMAZON-02)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
1 2a05:d018:cc3... 16509 (AMAZON-02)
2 2a05:d018:d29... 16509 (AMAZON-02)
1 1 193.0.160.131 54312 (ROCKETFUEL)
9 198.47.127.205 3257 (GTT-BACKB...)
1 2 52.95.118.179 16509 (AMAZON-02)
1 1 2620:116:800d... 16509 (AMAZON-02)
1 34.248.79.181 16509 (AMAZON-02)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
3 4 54.152.141.210 14618 (AMAZON-AES)
3 4 37.157.6.243 198622 (ADFORM)
1 35.204.74.118 396982 (GOOGLE-CL...)
1 3.71.149.231 16509 (AMAZON-02)
1 185.64.190.81 ()
1 1 85.114.159.93 ()
3 3 3.125.229.157 ()
1 1 51.255.68.171 ()
1 2 151.101.130.49 ()
1 1 35.214.171.154 ()
1 2606:4700:10:... ()
1 2 77.243.51.122 ()
1 1 141.94.171.216 ()
1 98.98.134.241 ()
1 2a02:fa8:8806... ()
401 110
3    34.111.249.109 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 109.249.111.34.bc.googleusercontent.com
torontosun.com
48    34.149.157.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.157.149.34.bc.googleusercontent.com
smartcdn.gprod.postmedia.digital
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net
c.amazon-adsystem.com
2    23.201.255.110 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-255-110.deploy.static.akamaitechnologies.com
micro.rubiconproject.com
ads.rubiconproject.com
1    13.32.27.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-10.fra56.r.cloudfront.net
cdn.adsafeprotected.com
29    34.117.54.29 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 29.54.117.34.bc.googleusercontent.com
dcs-static.gprod.postmedia.digital
fem.gprod.postmedia.digital
1    18.66.112.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-103.fra56.r.cloudfront.net
ak.sail-horizon.com
1    2606:4700:e2::ac40:8f26 (United States)

ASN13335 (CLOUDFLARENET, US)
www.npttech.com
4    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2606:4700::6812:4eb (United States)

ASN13335 (CLOUDFLARENET, US)
auth.lrcontent.com
1    2606:4700:4400::ac40:9256 (United States)

ASN13335 (CLOUDFLARENET, US)
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
1    99.86.4.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-71.fra6.r.cloudfront.net
config.aps.amazon-adsystem.com
2    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    23.197.10.19 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-10-19.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
2    34.249.211.193 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-211-193.eu-west-1.compute.amazonaws.com
pixel.adsafeprotected.com
1    52.222.209.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-209-4.fra56.r.cloudfront.net
aax.amazon-adsystem.com
1    35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co
6    185.89.210.122 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
36    18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
c2shb.pubgw.yahoo.com
8    104.18.26.193 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
17    18.197.245.211 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-245-211.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
1    216.52.2.6 (New York, United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
2    2602:803:c003:200::44 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
11    34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com
api.permutive.com
googlesync.permutive.com
2    99.83.154.140 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa7557bb34ea5624b.awsglobalaccelerator.com
api.sail-personalize.com
1    2606:4700::6811:7711 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
1    2a00:1450:4001:81c::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
20    2600:9000:2394:5a00:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.jwplayer.com
24    2a04:4e42::626 (United States)

ASN54113 (FASTLY, US)
assets-jpcust.jwpsrv.com
ssl.p.jwpcdn.com
prd.jwpltx.com
8    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
cm.g.doubleclick.net
6    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
c8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com
4    18.185.12.185 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-12-185.eu-central-1.compute.amazonaws.com
postmedia.hub.loginradius.com
1    152.199.22.243 (United States)

ASN15133 (EDGECAST, US)
entitlements.jwplayer.com
2    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
6    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2606:4700::6812:b07e (United States)

ASN13335 (CLOUDFLARENET, US)
experience.tinypass.com
cdn.tinypass.com
5    2600:9000:2127:cc00:8:2ae1:d740:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.viafoura.net
9    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    13.32.99.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-90.fra60.r.cloudfront.net
sb.scorecardresearch.com
1    2a04:4e42:200::645 (United States)

ASN54113 (FASTLY, US)
jssdkcdns.mparticle.com
3    2600:9000:2491:d000:2:cecb:23c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
videos-cloudfront-usp.jwpsrv.com
1    2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
3    2600:1f18:44f0:4846:83a2:ca80:55fb:13bf (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
api.viafoura.co
2    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2606:4700:4400::ac40:91b1 (United States)

ASN13335 (CLOUDFLARENET, US)
assets.ribn.com
4    2a02:26f0:280:19f::268b (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.cxense.com
1    2606:4700::6811:c376 (United States)

ASN13335 (CLOUDFLARENET, US)
c2.piano.io
7    2a04:4e42:400::645 (United States)

ASN54113 (FASTLY, US)
identity.mparticle.com
jssdks.mparticle.com
3    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2606:4700:3033::ac43:9fa2 (United States)

ASN13335 (CLOUDFLARENET, US)
sdk.mrf.io
1    18.65.39.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-39-16.ams1.r.cloudfront.net
get.s-onetag.com
1    18.66.100.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-100-58.fra56.r.cloudfront.net
cdn.parsely.com
5    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
region1.google-analytics.com
3    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    35.187.184.108 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 108.184.187.35.bc.googleusercontent.com
rtb.ads.travelaudience.com
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    108.156.60.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-60-61.ams1.r.cloudfront.net
onetag-geo.s-onetag.com
1    143.204.98.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-68.fra50.r.cloudfront.net
signal-beacon.s-onetag.com
1    52.17.99.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-99-225.eu-west-1.compute.amazonaws.com
p1.parsely.com
2    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
1    35.244.170.237 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 237.170.244.35.bc.googleusercontent.com
static.travelaudience.com
9    23.213.169.236 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-169-236.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
4    116.202.32.62 (Toenisvorst, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: haproxy03.cl03.het.mrf.io
events.newsroom.bi
compassdata.mrf.io
2    2a02:2638:d::d (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    3.82.70.184 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-82-70-184.compute-1.amazonaws.com
i.viafoura.co
1    130.162.160.243 (Slough, United Kingdom)

ASN31898 (ORACLE-BMC-31898, US)
mb.moatads.com
3    167.235.124.59 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nue0037.cxense.com
p1cluster.cxense.com
comcluster.cxense.com
id.cxense.com
1    2600:9000:25e8:de00:0:723d:9040:93a1 (United States)

ASN16509 (AMAZON-02, US)
ping-meta-prd.jwpltx.com
1    178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    2606:4700::6812:5eb (United States)

ASN13335 (CLOUDFLARENET, US)
config.lrcontent.com
6    2.18.161.148 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-161-148.deploy.static.akamaitechnologies.com
travel198849194933.s.moatpixel.com
1    2606:4700::6812:a07e (United States)

ASN13335 (CLOUDFLARENET, US)
buy.tinypass.com
1    2600:1901:0:8344:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
lexicon.33across.com
2    104.18.24.18 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
1    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    23.43.60.191 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-43-60-191.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    23.52.120.246 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-120-246.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
postmedia-d.openx.net
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    3.124.223.97 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-223-97.eu-central-1.compute.amazonaws.com
prebid-a.rubiconproject.com
3    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
3    54.83.245.159 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-83-245-159.compute-1.amazonaws.com
i.liadm.com
2    178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    2600:1f18:ed:550e:132:470b:d941:69f0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
3    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
1    2a05:d018:cc3:fe04:7a7f:ca4e:e98:dab3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
d.adroll.com
2    2a05:d018:d29:3601:865d:cd9c:e13b:6712 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    193.0.160.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
9    198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
simage2.pubmatic.com
image2.pubmatic.com
2    52.95.118.179 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    34.248.79.181 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-79-181.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
1    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
4    54.152.141.210 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-152-141-210.compute-1.amazonaws.com
a.audrte.com
4    37.157.6.243 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
c1.adform.net
1    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
1    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    185.64.190.81 (None, )

ASN- ()
simage4.pubmatic.com
1    85.114.159.93 (None, )

ASN- ()
dsp.adfarm1.adition.com
3    3.125.229.157 (None, )

ASN- ()
x.bidswitch.net
1    51.255.68.171 (None, )

ASN- ()
dsp.nrich.ai
2    151.101.130.49 (None, )

ASN- ()
sync-tm.everesttech.net
1    35.214.171.154 (None, )

ASN- ()
csync.loopme.me
1    2606:4700:10::6816:1857 (None, )

ASN- ()
mwzeom.zeotap.com
2    77.243.51.122 (None, )

ASN- ()
uipglob.semasio.net
1    141.94.171.216 (None, )

ASN- ()
pixel.onaudience.com
1    98.98.134.241 (None, )

ASN- ()
pixel-sync.sitescout.com
1    2a02:fa8:8806:12::1370 (None, )

ASN- ()
pubmatic-match.dotomi.com
Apex Domain
Subdomains		 Transfer
77 postmedia.digital
smartcdn.gprod.postmedia.digital — Cisco Umbrella Rank: 103458
dcs-static.gprod.postmedia.digital — Cisco Umbrella Rank: 132535
fem.gprod.postmedia.digital — Cisco Umbrella Rank: 160602
1 MB
39 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 2038
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 491
ups.analytics.yahoo.com — Cisco Umbrella Rank: 363
3 KB
21 jwplayer.com
cdn.jwplayer.com — Cisco Umbrella Rank: 2920
entitlements.jwplayer.com — Cisco Umbrella Rank: 3916
66 KB
19 jwpsrv.com
assets-jpcust.jwpsrv.com — Cisco Umbrella Rank: 4023
videos-cloudfront-usp.jwpsrv.com — Cisco Umbrella Rank: 5960
946 KB
17 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1193
3 KB
16 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 581
ads.pubmatic.com — Cisco Umbrella Rank: 588
image6.pubmatic.com — Cisco Umbrella Rank: 967
simage2.pubmatic.com — Cisco Umbrella Rank: 959
image2.pubmatic.com — Cisco Umbrella Rank: 1116
simage4.pubmatic.com
29 KB
15 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214
cm.g.doubleclick.net — Cisco Umbrella Rank: 255
stats.g.doubleclick.net — Cisco Umbrella Rank: 98
258 KB
14 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
c8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
74 KB
12 permutive.com
api.permutive.com — Cisco Umbrella Rank: 2382
cdn.permutive.com — Cisco Umbrella Rank: 3138
googlesync.permutive.com — Cisco Umbrella Rank: 9435
39 KB
10 moatads.com
z.moatads.com — Cisco Umbrella Rank: 712
mb.moatads.com — Cisco Umbrella Rank: 779
px.moatads.com — Cisco Umbrella Rank: 628
114 KB
9 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
697 KB
9 rubiconproject.com
micro.rubiconproject.com — Cisco Umbrella Rank: 3504
ads.rubiconproject.com — Cisco Umbrella Rank: 2373
fastlane.rubiconproject.com — Cisco Umbrella Rank: 563
eus.rubiconproject.com — Cisco Umbrella Rank: 662
token.rubiconproject.com — Cisco Umbrella Rank: 504
prebid-a.rubiconproject.com — Cisco Umbrella Rank: 3219
205 KB
8 mparticle.com
jssdkcdns.mparticle.com — Cisco Umbrella Rank: 6968
identity.mparticle.com — Cisco Umbrella Rank: 3048
jssdks.mparticle.com — Cisco Umbrella Rank: 5767
96 KB
8 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 570
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 513
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 716
5 KB
7 cxense.com
cdn.cxense.com — Cisco Umbrella Rank: 5598
p1cluster.cxense.com — Cisco Umbrella Rank: 10775
comcluster.cxense.com — Cisco Umbrella Rank: 5196
id.cxense.com — Cisco Umbrella Rank: 11611
81 KB
7 google.com
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 2714
2 KB
7 jwpcdn.com
ssl.p.jwpcdn.com — Cisco Umbrella Rank: 2961
288 KB
7 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 261
acdn.adnxs.com — Cisco Umbrella Rank: 663
22 KB
7 gstatic.com
fonts.gstatic.com
www.gstatic.com
90 KB
7 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 334
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 657
aax.amazon-adsystem.com — Cisco Umbrella Rank: 426
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1086
71 KB
6 moatpixel.com
travel198849194933.s.moatpixel.com — Cisco Umbrella Rank: 206966
2 KB
6 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 895
gum.criteo.com — Cisco Umbrella Rank: 478
mug.criteo.com — Cisco Umbrella Rank: 2541
dis.criteo.com — Cisco Umbrella Rank: 648
8 KB
5 travelaudience.com
rtb.ads.travelaudience.com — Cisco Umbrella Rank: 272360
ads.travelaudience.com — Cisco Umbrella Rank: 8325
static.travelaudience.com — Cisco Umbrella Rank: 335159
79 KB
5 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 179
4 KB
5 viafoura.net
cdn.viafoura.net — Cisco Umbrella Rank: 13613
211 KB
4 adform.net
dmp.adform.net — Cisco Umbrella Rank: 3616
c1.adform.net — Cisco Umbrella Rank: 643
3 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2979
3 KB
4 liadm.com
i.liadm.com — Cisco Umbrella Rank: 617
i6.liadm.com — Cisco Umbrella Rank: 3258
2 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
region1.google-analytics.com — Cisco Umbrella Rank: 2250
21 KB
4 viafoura.co
api.viafoura.co — Cisco Umbrella Rank: 13788
i.viafoura.co — Cisco Umbrella Rank: 13724
4 KB
4 loginradius.com
postmedia.hub.loginradius.com — Cisco Umbrella Rank: 161068
1 KB
4 lrcontent.com
auth.lrcontent.com — Cisco Umbrella Rank: 67806
config.lrcontent.com — Cisco Umbrella Rank: 22731
100 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49
storage.googleapis.com — Cisco Umbrella Rank: 439
imasdk.googleapis.com — Cisco Umbrella Rank: 498
535 KB
3 bidswitch.net
x.bidswitch.net
1 KB
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 22832
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 27465
897 B
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 402
445 B
3 newsroom.bi
events.newsroom.bi — Cisco Umbrella Rank: 8041
850 B
3 google.de
www.google.de — Cisco Umbrella Rank: 6147
578 B
3 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 4704
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 5837
signal-beacon.s-onetag.com — Cisco Umbrella Rank: 6331
19 KB
3 mrf.io
sdk.mrf.io — Cisco Umbrella Rank: 10215
compassdata.mrf.io — Cisco Umbrella Rank: 66361
47 KB
3 tinypass.com
experience.tinypass.com — Cisco Umbrella Rank: 8991
cdn.tinypass.com — Cisco Umbrella Rank: 6818
buy.tinypass.com — Cisco Umbrella Rank: 7378
108 KB
3 adsafeprotected.com
cdn.adsafeprotected.com — Cisco Umbrella Rank: 4144
pixel.adsafeprotected.com — Cisco Umbrella Rank: 936
9 KB
3 torontosun.com
torontosun.com — Cisco Umbrella Rank: 421022
84 KB
2 semasio.net
uipglob.semasio.net
1 KB
2 everesttech.net
sync-tm.everesttech.net
534 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 753
cdn.indexww.com — Cisco Umbrella Rank: 1795
2 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 116
216 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 728
61 KB
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 3328
p1.parsely.com — Cisco Umbrella Rank: 2550
22 KB
2 ribn.com
assets.ribn.com — Cisco Umbrella Rank: 150735
8 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 187
91 KB
2 jwpltx.com
prd.jwpltx.com — Cisco Umbrella Rank: 3305
ping-meta-prd.jwpltx.com — Cisco Umbrella Rank: 7213
271 B
2 sail-personalize.com
api.sail-personalize.com — Cisco Umbrella Rank: 3629
497 B
2 openx.net
rtb.openx.net — Cisco Umbrella Rank: 912
postmedia-d.openx.net — Cisco Umbrella Rank: 242123
433 B
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 373
3 KB
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 sitescout.com
pixel-sync.sitescout.com
187 B
1 onaudience.com
pixel.onaudience.com
419 B
1 zeotap.com
mwzeom.zeotap.com
439 B
1 loopme.me
csync.loopme.me
225 B
1 nrich.ai
dsp.nrich.ai
566 B
1 adition.com
dsp.adfarm1.adition.com
524 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 952
610 B
1 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 1011
266 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 929
587 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1000
759 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1495
181 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 1703
424 B
1 33across.com
lexicon.33across.com — Cisco Umbrella Rank: 1726
249 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 223
59 KB
1 piano.io
c2.piano.io — Cisco Umbrella Rank: 5898
2 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 344
17 KB
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 754
402 B
1 prmutv.co
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co — Cisco Umbrella Rank: 214676
392 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1235
17 KB
1 permutive.app
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app — Cisco Umbrella Rank: 170602
133 KB
1 npttech.com
www.npttech.com — Cisco Umbrella Rank: 8321
3 KB
1 sail-horizon.com
ak.sail-horizon.com — Cisco Umbrella Rank: 3713
33 KB
0 turn.com Failed
ad.turn.com Failed
0 contextweb.com Failed
bh.contextweb.com Failed
0 stackadapt.com Failed
sync.srv.stackadapt.com Failed
401 81
Domain Requested by
48 smartcdn.gprod.postmedia.digital torontosun.com
36 c2shb.pubgw.yahoo.com micro.rubiconproject.com
25 dcs-static.gprod.postmedia.digital torontosun.com
dcs-static.gprod.postmedia.digital
20 cdn.jwplayer.com 16 redirects dcs-static.gprod.postmedia.digital
cdn.jwplayer.com
ssl.p.jwpcdn.com
17 btlr.sharethrough.com micro.rubiconproject.com
16 assets-jpcust.jwpsrv.com
10 api.permutive.com 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
9 www.googletagmanager.com fem.gprod.postmedia.digital
www.googletagmanager.com
jssdkcdns.mparticle.com
torontosun.com
www.google-analytics.com
8 px.moatads.com rtb.ads.travelaudience.com
8 cm.g.doubleclick.net 8 redirects
7 ssl.p.jwpcdn.com cdn.jwplayer.com
6 simage2.pubmatic.com ads.pubmatic.com
6 travel198849194933.s.moatpixel.com rtb.ads.travelaudience.com
6 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
c8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com
6 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
imasdk.googleapis.com
www.googletagservices.com
6 ib.adnxs.com 1 redirects 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
micro.rubiconproject.com
acdn.adnxs.com
5 sb.scorecardresearch.com 1 redirects fem.gprod.postmedia.digital
5 cdn.viafoura.net fem.gprod.postmedia.digital
cdn.viafoura.net
4 a.audrte.com 3 redirects ads.pubmatic.com
4 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
4 region1.analytics.google.com www.googletagmanager.com
4 identity.mparticle.com jssdkcdns.mparticle.com
4 cdn.cxense.com cdn.tinypass.com
cdn.cxense.com
4 postmedia.hub.loginradius.com fem.gprod.postmedia.digital
auth.lrcontent.com
4 fonts.gstatic.com fonts.googleapis.com
4 fem.gprod.postmedia.digital torontosun.com
fem.gprod.postmedia.digital
4 securepubads.g.doubleclick.net torontosun.com
securepubads.g.doubleclick.net
c8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com
3 x.bidswitch.net 3 redirects
3 c1.adform.net 2 redirects ads.pubmatic.com
3 image2.pubmatic.com ads.pubmatic.com
3 match.adsrvr.org ssum-sec.casalemedia.com
ads.pubmatic.com
3 i.liadm.com 3 redirects
3 image6.pubmatic.com 1 redirects ads.pubmatic.com
3 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
3 events.newsroom.bi sdk.mrf.io
3 jssdks.mparticle.com jssdkcdns.mparticle.com
3 www.google.de
3 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 api.viafoura.co cdn.viafoura.net
3 videos-cloudfront-usp.jwpsrv.com ssl.p.jwpcdn.com
3 www.gstatic.com cdn.jwplayer.com
www.gstatic.com
3 www.google.com tpc.googlesyndication.com
c8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com
3 c.amazon-adsystem.com torontosun.com
c.amazon-adsystem.com
3 torontosun.com 1 redirects dcs-static.gprod.postmedia.digital
2 uipglob.semasio.net 1 redirects
2 sync-tm.everesttech.net 1 redirects ads.pubmatic.com
2 cr.frontend.weborama.fr 2 redirects
2 aax-eu.amazon-adsystem.com 1 redirects ads.pubmatic.com
2 pr-bh.ybp.yahoo.com ssum-sec.casalemedia.com
ads.pubmatic.com
2 dis.criteo.com 2 redirects
2 prebid-a.rubiconproject.com micro.rubiconproject.com
2 eus.rubiconproject.com micro.rubiconproject.com
eus.rubiconproject.com
2 ads.pubmatic.com micro.rubiconproject.com
ads.pubmatic.com
2 config.lrcontent.com auth.lrcontent.com
2 gum.criteo.com 1 redirects static.criteo.net
2 ads.travelaudience.com rtb.ads.travelaudience.com
2 www.facebook.com
2 static.criteo.net micro.rubiconproject.com
static.criteo.net
2 rtb.ads.travelaudience.com c8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com
rtb.ads.travelaudience.com
2 sdk.mrf.io torontosun.com
sdk.mrf.io
2 assets.ribn.com www.googletagmanager.com
torontosun.com
2 connect.facebook.net www.googletagmanager.com
connect.facebook.net
2 imasdk.googleapis.com cdn.jwplayer.com
imasdk.googleapis.com
2 c8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 api.sail-personalize.com ak.sail-horizon.com
2 fastlane.rubiconproject.com micro.rubiconproject.com
2 pixel.adsafeprotected.com cdn.adsafeprotected.com
2 cdn.jsdelivr.net micro.rubiconproject.com
securepubads.g.doubleclick.net
2 auth.lrcontent.com torontosun.com
cdn.viafoura.net
1 pubmatic-match.dotomi.com
1 pixel-sync.sitescout.com
1 pixel.onaudience.com 1 redirects
1 mwzeom.zeotap.com
1 csync.loopme.me 1 redirects
1 dsp.nrich.ai 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 simage4.pubmatic.com ads.pubmatic.com
1 ups.analytics.yahoo.com ads.pubmatic.com
1 um.simpli.fi ads.pubmatic.com
1 dmp.adform.net 1 redirects
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 sync.crwdcntrl.net ads.pubmatic.com
1 cms.quantserve.com 1 redirects
1 cdn.indexww.com ssum-sec.casalemedia.com
1 p.rfihub.com 1 redirects
1 d.adroll.com ssum-sec.casalemedia.com
1 s.company-target.com 1 redirects
1 i6.liadm.com ssum-sec.casalemedia.com
1 token.rubiconproject.com eus.rubiconproject.com
1 postmedia-d.openx.net micro.rubiconproject.com
1 acdn.adnxs.com micro.rubiconproject.com
1 js-sec.indexww.com micro.rubiconproject.com
1 lexicon.33across.com micro.rubiconproject.com
1 buy.tinypass.com cdn.tinypass.com
1 id.cxense.com cdn.cxense.com
1 comcluster.cxense.com cdn.cxense.com
1 region1.google-analytics.com www.googletagmanager.com
1 mug.criteo.com
1 ping-meta-prd.jwpltx.com
1 compassdata.mrf.io sdk.mrf.io
1 p1cluster.cxense.com cdn.cxense.com
1 mb.moatads.com z.moatads.com
1 i.viafoura.co cdn.viafoura.net
1 z.moatads.com rtb.ads.travelaudience.com
1 static.travelaudience.com rtb.ads.travelaudience.com
1 p1.parsely.com
1 signal-beacon.s-onetag.com get.s-onetag.com
1 onetag-geo.s-onetag.com get.s-onetag.com
1 www.googletagservices.com c8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com
1 cdn.parsely.com www.googletagmanager.com
1 get.s-onetag.com www.googletagmanager.com
1 c2.piano.io cdn.tinypass.com
1 s0.2mdn.net imasdk.googleapis.com
1 cdn.tinypass.com experience.tinypass.com
1 jssdkcdns.mparticle.com fem.gprod.postmedia.digital
1 experience.tinypass.com fem.gprod.postmedia.digital
1 prd.jwpltx.com
1 entitlements.jwplayer.com cdn.jwplayer.com
1 googlesync.permutive.com
1 storage.googleapis.com dcs-static.gprod.postmedia.digital
1 cdn.permutive.com 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
1 rtb.openx.net micro.rubiconproject.com
1 ap.lijit.com micro.rubiconproject.com
1 bidder.criteo.com micro.rubiconproject.com
1 hbopenbid.pubmatic.com micro.rubiconproject.com
1 htlb.casalemedia.com micro.rubiconproject.com
1 23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 secure.cdn.fastclick.net torontosun.com
1 ads.rubiconproject.com micro.rubiconproject.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app fem.gprod.postmedia.digital
1 www.npttech.com torontosun.com
1 ak.sail-horizon.com torontosun.com
1 cdn.adsafeprotected.com torontosun.com
1 micro.rubiconproject.com torontosun.com
1 fonts.googleapis.com torontosun.com
0 ad.turn.com Failed
0 bh.contextweb.com Failed ads.pubmatic.com
0 sync.srv.stackadapt.com Failed ads.pubmatic.com
401 141
Subject Issuer Validity Valid
torontosun.com
GTS CA 1D4		 2023-09-03 -
2023-12-02		 3 months crt.sh
gprod.postmedia.digital
GTS CA 1D4		 2023-09-04 -
2023-12-03		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.adsafeprotected.com
Amazon RSA 2048 M01		 2023-05-22 -
2024-06-19		 a year crt.sh
ak.sail-horizon.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-01-16		 a year crt.sh
npttech.com
GTS CA 1P5		 2023-09-01 -
2023-11-30		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-29 -
2024-04-28		 a year crt.sh
permutive.app
Cloudflare Inc ECC CA-3		 2023-09-07 -
2023-12-06		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-03 -
2024-10-03		 a year crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-27		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.prmutv.co
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-10-17 -
2024-04-10		 6 months crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
api.permutive.com
R3		 2023-10-15 -
2024-01-13		 3 months crt.sh
api.sail-personalize.com
Amazon RSA 2048 M01		 2023-04-25 -
2024-05-23		 a year crt.sh
permutive.com
Cloudflare Inc ECC CA-3		 2023-01-26 -
2024-01-25		 a year crt.sh
storage.googleapis.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
jwplayer.com
Amazon RSA 2048 M02		 2023-03-01 -
2023-12-25		 10 months crt.sh
*.loginradius.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-29 -
2023-12-15		 a year crt.sh
*.jwplayer.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-30 -
2024-09-30		 a year crt.sh
entitlements.jwplayer.com
GeoTrust TLS RSA CA G1		 2023-04-11 -
2024-05-11		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
viafoura.com
Amazon RSA 2048 M02		 2023-08-08 -
2024-09-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-15 -
2023-12-28		 a year crt.sh
jssdkcdns.mparticle.com
Go Daddy Secure Certificate Authority - G2		 2023-05-02 -
2024-06-02		 a year crt.sh
jwpsrv.com
Amazon RSA 2048 M02		 2023-03-20 -
2024-04-16		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-08-02 -
2023-10-31		 3 months crt.sh
*.cxense.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-13		 a year crt.sh
piano.io
Cloudflare Inc ECC CA-3		 2023-03-27 -
2024-03-26		 a year crt.sh
identity.mparticle.com
Go Daddy Secure Certificate Authority - G2		 2023-05-08 -
2024-06-08		 a year crt.sh
*.s-onetag.com
Amazon RSA 2048 M01		 2023-02-23 -
2024-01-02		 10 months crt.sh
*.parsely.com
Amazon RSA 2048 M02		 2023-05-06 -
2024-06-03		 a year crt.sh
www.google.de
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
rtb.ads.travelaudience.com
R3		 2023-08-31 -
2023-11-29		 3 months crt.sh
jssdks.mparticle.com
Go Daddy Secure Certificate Authority - G2		 2023-09-16 -
2024-10-17		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
ads.travelaudience.com
R3		 2023-09-07 -
2023-12-06		 3 months crt.sh
static.travelaudience.com
R3		 2023-10-02 -
2023-12-31		 3 months crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-16 -
2023-11-18		 a year crt.sh
ssl03.cert.cl03.k8s.mrf.io
R3		 2023-08-30 -
2023-11-28		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-06-20 -
2024-07-20		 a year crt.sh
ssl02.cert.cl03.k8s.mrf.io
R3		 2023-08-31 -
2023-11-29		 3 months crt.sh
jwpltx.com
Amazon RSA 2048 M03		 2023-10-12 -
2024-11-09		 a year crt.sh
lexicon.33across.com
GTS CA 1D4		 2023-10-01 -
2023-12-30		 3 months crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
d.adroll.com
Amazon RSA 2048 M01		 2023-10-09 -
2024-11-07		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M02		 2023-10-08 -
2024-11-06		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-08-15 -
2024-09-15		 a year crt.sh

This page contains 28 frames:

Primary Page: https://torontosun.com/
Frame ID: 0F793B86B4497B8C40FD78742FE1F58C
Requests: 282 HTTP requests in this frame

Frame: https://fem.gprod.postmedia.digital/v88.1/xd.html
Frame ID: 9EB5F1CE7FB4D89F5BCC6E1D0BB54F24
Requests: 2 HTTP requests in this frame

Frame: https://c8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BE00300CFA2A700FCC5AA14593B2D02B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4F2FD1CE25974A8D55807C391F0119CE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8DFDB5AAA5A68FA9E81A021E8AC26290
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.597.0_en_ca.html
Frame ID: 58E36DE432F9278F4CE414F35DEF8928
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: CFB9FB5712A74220B7CFFFEB22DBD81D
Requests: 1 HTTP requests in this frame

Frame: https://c8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9F43BDE304AD7C22AD97A1935C055DFA
Requests: 9 HTTP requests in this frame

Frame: https://rtb.ads.travelaudience.com/rtb?ads=30000567.16.0.70015989.0.0..0.DE.-1..fI1mva3lHiOCOcKjEwft-w%3D%3D.60026414.OTk5JTJjMQ==...fI1mva3lHiOCOcKjEwft-w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWnLvYsA2ZcLZEOqgjuwPpK2moArKkbX7ctPipc7RCsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi01NjExMDUzNjYyNjEzMzkwyAEJqQJGBtdv48ixPuACAKgDAcgDAqoEkAJP0HHRc8IS9sWV0lmVItVVnNavHSUw_lQL0-reXLwJ5M08v8QQ_G8OJXXIBsIe7TuFuEoIChlC8B98Z74jKz5hIE3Gk4zQGJOdxSJgTIEhoDeLaeWkPd3mIfc8VYTQmyboe5ETRuLH5-P5MWVCX4a72WvyJl4R5L-Tn2w6jmb3HG_N4Mc4sXeE-zbFj1Wm839oEZOY4rfp1LdRHrxq9sjK4WFXxaMcS16aW7oQjzsWh5wRSTIX1DeY4ZhDNkNJFFJksnykvvPtKJZ5Wwfi4ZRBWNNX9kuFeflV1KgomAHOwVDolMGd2yfonChnaRAi6k7Egj7JDni37ZEl3fhhjTky0RD_mTbHgVxrC-t8J-NYsuAEAYAGy8zuq9HslIGeAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3d_1mks0gC8K0rRj2c66eZHHE9dA%26client%3Dca-pub-5611053662613390%26adurl%3D&googlewinningprice=ZTbAYgAELMIHg5BqAAmWpLzn5xHxPSoIsJkH6Q&wpc=EUR&site=torontosun.com&slotvisibility=1&gcpm=780477&gpos=1&bidder=bidder-rtb-production-8d8b49fdb-rlg9c&dv=1&uuid=&suid=&brq=feDpfi_OPUTm4HhI4wI9kTl_f4r2OXNl16mHzw&ssp_id=0&l=en&ts=1698087010&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=d1sZmcrEbdBBtNSTVqO6R6NLKLLj5AZi3SHit1fHwy8=
Frame ID: 2DDAFA63CA95B0BCF0EC1C0DB06C6A05
Requests: 21 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: 6C302BB0891C37D42CB9789407D673D0
Requests: 4 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=torontosun.com
Frame ID: 36F3F940FCE046A9D5C86E8DB9950A65
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 7B15E0F3C85D330A5FFFCE0B4BD18889
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 7690FBBEEB65E631CF3624B41B16C66B
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Frame ID: BB433376980646A4100EFFD4147EE9B2
Requests: 21 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: E4D70969BC67150F03249791A5FF153F
Requests: 3 HTTP requests in this frame

Frame: https://postmedia-d.openx.net/w/1.0/pd
Frame ID: 56EF616B9C6DFBB62FFD86856AD6A309
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 6827C123A9A8B4EDA7E4FE38D8859887
Requests: 10 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: BE6AC734C2BEB14DA79EF61D418E106B
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=BF315FA3-C219-4309-B844-F95173D3C1EE&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: D25B59DDCB1D8D96C251DA8CFFE19BCB
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=7NuWrrnek6_32Zf96tiIrryKkan3iJ2h6t8aO7lk
Frame ID: 9FA301B52DE2C2FAF9E23020A29D59EF
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=BF315FA3-C219-4309-B844-F95173D3C1EE&gdpr=0&gdpr_consent=
Frame ID: 31B19E6C541DFC0BD099BA0EAB219FE7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1657394206772175296&gdpr=0&gdpr_consent=
Frame ID: C9AB4025B8369C33B270DC5D70EFE9D9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7293228208088479900&gdpr=0&gdpr_consent=
Frame ID: 772FAE842AFDE810E39BCDBBB7A8EA28
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=73a37dbc-c837-473d-bfbb-e2a3f9dc2823&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: 0F2C471AD6E5239E8ACEB6ED784009B4
Requests: 1 HTTP requests in this frame

Frame: https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
Frame ID: 5846832728A525706B1D87C45B2746DE
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZTbAagAZ_Ux69gAN
Frame ID: D2597D3533940AE179449F4BC8A4B5D4
Requests: 1 HTTP requests in this frame

Frame: https://bh.contextweb.com/bh/rtset?ev=AAEaNU7KbYEAABl2rRJBkA&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0
Frame ID: 744C895A21BBC3EDBF5671FE986F48E1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 9B8A678727056E3735B7476C941163D6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home | Toronto Sun Home Page | Toronto SunToronto SunUser

Page URL History Show full URLs

  1. http://torontosun.com/ HTTP 308
    https://torontosun.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

401
Requests

91 %
HTTPS

41 %
IPv6

81
Domains

141
Subdomains

110
IPs

9
Countries

6052 kB
Transfer

16015 kB
Size

92
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://torontosun.com/ HTTP 308
    https://torontosun.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 176
  • https://cdn.jwplayer.com/v2/media/5InsPXkI/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/xEJOYXGL-320.jpg
Request Chain 177
  • https://cdn.jwplayer.com/v2/media/qIddva7a/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/lZkR3Uq2-320.jpg
Request Chain 178
  • https://cdn.jwplayer.com/v2/media/LuZFA28Q/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/kWraXbYv-320.jpg
Request Chain 179
  • https://cdn.jwplayer.com/v2/media/Yf1XC2k4/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/1gwc3KrK-320.jpg
Request Chain 180
  • https://cdn.jwplayer.com/v2/media/gYeY39kv/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/s5ojZEf4-320.jpg
Request Chain 181
  • https://cdn.jwplayer.com/v2/media/r6KmTgtP/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/yLoM8dau-320.jpg
Request Chain 182
  • https://cdn.jwplayer.com/v2/media/jUQxAbsU/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/O4ieNkOL-320.jpg
Request Chain 183
  • https://cdn.jwplayer.com/v2/media/Dna87nsU/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/7en9q9Iw-320.jpg
Request Chain 184
  • https://cdn.jwplayer.com/v2/media/abDNkQjt/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/JoFyjIB7-320.jpg
Request Chain 185
  • https://cdn.jwplayer.com/v2/media/hWntWOSO/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/634lTQv1-320.jpg
Request Chain 187
  • https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=a001c47d-333e-411b-814b-f950c8d3ecc2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=a001c47d-333e-411b-814b-f950c8d3ecc2&google_tc= HTTP 302
  • https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEMFv-GS9fbPd2W2im2np6zI&error=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=a001c47d-333e-411b-814b-f950c8d3ecc2&google_cver=1
Request Chain 205
  • https://cdn.jwplayer.com/tracks/EdGjRjsz.srt HTTP 301
  • https://assets-jpcust.jwpsrv.com/tracks/EdGjRjsz.srt
Request Chain 207
  • https://cdn.jwplayer.com/strips/hWntWOSO-120.vtt HTTP 301
  • https://assets-jpcust.jwpsrv.com/strips/hWntWOSO-120.vtt
Request Chain 211
  • https://cdn.jwplayer.com/v2/media/hWntWOSO/poster.jpg?width=720 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/634lTQv1-720.jpg
Request Chain 212
  • https://cdn.jwplayer.com/v2/media/hWntWOSO/poster.jpg?width=640 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/634lTQv1-640.jpg
Request Chain 224
  • https://cdn.jwplayer.com/strips/hWntWOSO-120.jpg HTTP 301
  • https://assets-jpcust.jwpsrv.com/strips/hWntWOSO-120.jpg
Request Chain 246
  • https://cdn.jwplayer.com/v2/media/5InsPXkI/poster.jpg?width=120 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/xEJOYXGL-120.jpg
Request Chain 259
  • https://sb.scorecardresearch.com/c2/10276888/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
Request Chain 320
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=torontosun.com&sn=ChromeSyncframe&so=0&topUrl=torontosun.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=957KfnxjdGxndWxVaDcvMXRSSUhNMXp2eStVRlQyUlQwV0NjV1Z0TnZvdkFKM0hYc1Z0WXUwQ21VUWExZ09FakgvZTBEakMwYktEc1RMYXpqK1lzMVB2TzZvYXBudXF2RStoWVBFTXFsNFlqVEVRcHRlL0JuTWZtRU9XMGpzNTlUNTRySGh3aFAzTXBPd2RDWS8wUUN5eXJUbW5QRUREbGxNcDNJajJPS3VtR3Vwb2d6T0RrTzkzNWJUQ1pwTTF3UXpYcG1HOXVVdjYydDByaVU1MnNla1NjUHoweGxSOHRMWXBYbXNOblVyeXhRZDVJekxSS2hoQUVUVTMydVdQY20rWnRsSU1jWCtYL1lHbC83MHJEY252OWVmUT09fA&cppv=2
Request Chain 352
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 358
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZTbAZ8eQW9bD1wpBe6KdEQAA%261144&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZTbAZ8eQW9bD1wpBe6KdEQAA%261144&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=7ebe0a12528e432e8feec65d889b5766 HTTP 303
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@ HTTP 302
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-rcZQdbXnyfWHOkUpQMC3ZHkNiJNKPxd0_09_yQ HTTP 303
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-rcZQdbXnyfWHOkUpQMC3ZHkNiJNKPxd0_09_yQ
Request Chain 360
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZTbAZ8eQW9bD1wpBe6KdEQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJknGVll3t04fDu6d7IuY6I&google_cver=1
Request Chain 361
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZTbAZ8eQW9bD1wpBe6KdEQAABHgAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDYvMuJIQBNKuCCHmWpmNRM&google_cver=1
Request Chain 362
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1713898215&external_user_id=c8ca5890-41b1-4bec-8d08-2d636606f9c4
Request Chain 365
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5140084927873655478
Request Chain 367
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 368
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=BF315FA3-C219-4309-B844-F95173D3C1EE&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=BF315FA3-C219-4309-B844-F95173D3C1EE&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 369
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=7NuWrrnek6_32Zf96tiIrryKkan3iJ2h6t8aO7lk
Request Chain 370
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vzFfo8IZQwm4RPlRc9PB7g%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 372
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=247156000 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=BF315FA3-C219-4309-B844-F95173D3C1EE
Request Chain 373
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=BF315FA3-C219-4309-B844-F95173D3C1EE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZjdsdEJKNmdGWHRRSlNrSlBNbUpjM1Nrdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=1082156798336320022&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 374
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QkYzMTVGQTMtQzIxOS00MzA5LUI4NDQtRjk1MTczRDNDMUVF&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 375
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDB3uO4mJ-ExrVj15GamT90&google_cver=1
Request Chain 377
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1082156798336320022
Request Chain 390
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1657394206772175296&gdpr=0&gdpr_consent=
Request Chain 391
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7293228208088479900&gdpr=0&gdpr_consent=
Request Chain 392
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=73a37dbc-c837-473d-bfbb-e2a3f9dc2823&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=57687c99-3e20-4ced-9a31-7aec8cbce554&expires=1&user_group=2&ssp=pubmatic&bsw_param=73a37dbc-c837-473d-bfbb-e2a3f9dc2823&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=73a37dbc-c837-473d-bfbb-e2a3f9dc2823&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 394
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZTbAagAZ_Ux69gAN
Request Chain 395
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFYU5VN0tiWUVBQUJsMnJSSkJrQQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAEaNU7KbYEAABl2rRJBkA&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0
Request Chain 396
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 398
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=BF315FA3-C219-4309-B844-F95173D3C1EE&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=BF315FA3-C219-4309-B844-F95173D3C1EE&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 399
  • https://pixel.onaudience.com/?partner=214&mapped=BF315FA3-C219-4309-B844-F95173D3C1EE&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0

401 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
torontosun.com/
Redirect Chain
  • http://torontosun.com/
  • https://torontosun.com/
555 KB
81 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.249.109 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
109.249.111.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
afc9f5a4a58588844ea3acea803a4516fa119aa08ac17d33deacc52092f0e846
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=180
content-encoding
gzip
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
content-type
text/html; charset=utf-8
date
Mon, 23 Oct 2023 18:50:08 GMT
expires
Mon, 23 Oct 2023 18:53:35 GMT
last-modified
Mon, 23 Oct 2023 18:49:51 GMT
permissions-policy
autoplay=(*), camera=(*), display-capture=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), microphone=(*), payment=(*)
referrer-policy
strict-origin-when-cross-origin
server
istio-envoy
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-dcs-cache-page
HIT
x-envoy-decorator-operation
pmd-nginx-proxy.nginx-proxy.svc.cluster.local:80/*
x-envoy-upstream-service-time
3
x-frame-options
SAMEORIGIN
x-pmd-backend
pmd-nginx-proxy-866f876f86-9g5nv
x-pmd-cache
HIT

Redirect headers

Cache-Control
private
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Mon, 23 Oct 2023 18:50:08 GMT
Location
https://torontosun.com:443/
ont-ndp-mpp-20231019-1-e1698075833400.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/ont-ndp-mpp-20231019-1-e1698075833400.jpg?quality=90&strip=all&w=466&type=webp&sig=EUnCrlNjUMSq8bECEKV7GQ
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
27c63725fb320f168c62b2933a5e284612674ceb14a998f9424ac85f6c00c73f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 23 Oct 2023 18:33:17 GMT
via
1.1 google
server
nginx/1.18.0
age
1012
etag
"f96f6152595f5046b565f70293bb6d8dff61c375"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-hjt22
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16220
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
64bd62679fbefcfd46fb16c93bccda65b4716fdb1714a7d0912f14601dc082e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 23 Oct 2023 18:50:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 23 Oct 2023 18:50:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 23 Oct 2023 18:50:08 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f6e33ef40e3eeb658a98492528f6abdcbf2856faedd88bfe45594c1214017ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29262
x-xss-protection
0
server
cafe
etag
736 / 19653 / m202310180101 / config-hash: 12387536524675601085
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 23 Oct 2023 18:50:09 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		263 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4c5f80cce6889f5bd1236ae540178efed729c20bf20c5afaeed6e2fa02d50323

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 17:52:02 GMT
content-encoding
gzip
via
1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront), 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
last-modified
Tue, 17 Oct 2023 19:57:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
age
3488
x-amz-server-side-encryption
AES256
etag
W/"b9a7eb01b5274e82795d834c0b8154f1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
S1FcGBKeLAsj4nKBpzz8ILiKiOd5LQb1z5Sfv9I4rW3im5V__Y4k0w==
14648.js
micro.rubiconproject.com/prebid/dynamic/ 		594 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://micro.rubiconproject.com/prebid/dynamic/14648.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-255-110.deploy.static.akamaitechnologies.com
Software
Apache/2.4.37 (rocky) OpenSSL/1.1.1k /
Resource Hash
674889c3d024c5e04a47ab29616a51304e396b120ab76011ddc8e012c047effb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:09 GMT
content-encoding
gzip
server
Apache/2.4.37 (rocky) OpenSSL/1.1.1k
vary
accept-encoding, referer
edge-cache-tag
prod-prebid-14648_The_Toronto_Sun.js
content-type
text/javascript;charset=UTF-8
cache-control
public, must-revalidate, max-age=14400
content-length
161785
expires
Tue, 24 Oct 2023 12:08:58 GMT
iasPET.1.js
cdn.adsafeprotected.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-10.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Mon, 23 Oct 2023 12:47:59 GMT
Content-Encoding
gzip
Via
1.1 bfa7dfbe8ca6d4eb3690c4c82ca6c0fa.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Jun 2021 17:38:57 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-C2
Age
575327
ETag
W/"51636de3ce868a2172f9e6996c2934e0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=604800
Connection
keep-alive
X-Amz-Cf-Id
jOTelFuPIqSAN7e20xq9JY-75ZlOc1ucBRatVULwAcOpxMp9Mzu5jg==
output.e13822da2ca5.css
dcs-static.gprod.postmedia.digital/14.6.4/CACHE/css/ 		29 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.6.4/CACHE/css/output.e13822da2ca5.css
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e13822da2ca587d1d53b050cb267bbfea098e785e496dfb833bf4ae38555a087

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:17:39 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1697215748
age
610349
x-guploader-uploadid
ADPycdvKKkdolBgc27ukHiZ2J4_JMyaN01jYep3ZWzTQI49Y-U71Z4fCza67k1bAyow3uV1Oz6of6L7-rT56Q2V1z2pfXg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2526
last-modified
Mon, 16 Oct 2023 17:05:13 GMT
server
UploadServer
etag
W/"e294df1b7807772797bf8455e49389d1"
vary
Accept-Encoding
x-goog-generation
1697475913371156
x-goog-hash
crc32c=7LFLRw==, md5=4pTfG3gHdyeXv4RV5JOJ0Q==
access-control-allow-origin
*
content-type
text/css
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
29809
accept-ranges
none
output.9173fdb755a0.css
dcs-static.gprod.postmedia.digital/14.6.4/CACHE/css/ 		88 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.6.4/CACHE/css/output.9173fdb755a0.css
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f65028b3a708fd2edf5da6274a77c5ad8c449009d8bbd59db7d4bf74e5c1d8d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:17:39 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1697215748
age
610349
x-guploader-uploadid
ADPycduCx2iX7sW9yLhbI5UlTrRQv1tVfPSZUt1DDJcSwI8Xj395G7Jl5AObdi-SEpSWEeqZMccVV2oeI21DXwJQ6ekbHQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14299
last-modified
Mon, 16 Oct 2023 17:05:09 GMT
server
UploadServer
etag
W/"71a8b5d6c6d06fca12a4b720abf1f234"
vary
Accept-Encoding
x-goog-generation
1697475909132339
x-goog-hash
crc32c=BbBlxA==, md5=cai11sbQb8oSpLcgq/HyNA==
access-control-allow-origin
*
content-type
text/css
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
89838
accept-ranges
none
output.7c2d0fc379d4.css
dcs-static.gprod.postmedia.digital/14.6.4/CACHE/css/ 		69 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.6.4/CACHE/css/output.7c2d0fc379d4.css
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
6590de42ad8bb123283a9f4483ecc1c62ca6321d557173de5157c3849ef93211

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:17:39 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1697215748
age
610349
x-guploader-uploadid
ADPycdtkUnYF3HIdQ41w84Sa6Rchkk0TSgqHvE8xVVnyCM27jkuAhem844IuaCpozFFJnjofvJ1FChhnNug_q5uCr8Ft9g
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7574
last-modified
Mon, 16 Oct 2023 17:05:08 GMT
server
UploadServer
etag
W/"73defadcca3cd47f9a086f960a73ceeb"
vary
Accept-Encoding
x-goog-generation
1697475908093481
x-goog-hash
crc32c=sCYZZw==, md5=c9763Mo81H+aCG+WCnPO6w==
access-control-allow-origin
*
content-type
text/css
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
71131
accept-ranges
none
output.e53a308bcf09.css
dcs-static.gprod.postmedia.digital/14.6.4/CACHE/css/ 		28 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.6.4/CACHE/css/output.e53a308bcf09.css
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
cd20c40c603998dd111a32f07f2007d003e939908a46b1b51202c2ea73d87e8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:20:02 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1697215747
age
610206
x-guploader-uploadid
ADPycdtz26KFhWsAqvejaIlIreOkT_cJaPcIAu10z2zGvXlR8EZB-N1m9FDRH668ej5GDiJtqENSpinqQWb7pofZ4BirZQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4707
last-modified
Mon, 16 Oct 2023 17:05:13 GMT
server
UploadServer
etag
W/"38b0a96795960b5578da961222ee8a3b"
vary
Accept-Encoding
x-goog-generation
1697475913481122
x-goog-hash
crc32c=aIZWnA==, md5=OLCpZ5WWC1V42pYSIu6KOw==
access-control-allow-origin
*
content-type
text/css
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
28644
accept-ranges
none
spm.v1.min.js
ak.sail-horizon.com/spm/ 		98 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-103.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8ed1c626af66981552aac1e9cd693fb3bbf73411f1af5ad340723545258fab7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:49:17 GMT
content-encoding
gzip
via
1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
last-modified
Tue, 29 Aug 2023 21:44:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
53
x-amz-server-side-encryption
AES256
etag
W/"edee28fbd3a5c9f3c17e0333554b5646"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=600; must-revalidate
x-amz-cf-id
90_D7Qkt5jks6H0PtWNwfretktKx1C6TU3cYmPy7uSmT2glIJ8NkcQ==
fem.js
fem.gprod.postmedia.digital/v88.1/ 		349 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v88.1/fem.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
15f196b5b2c511dd146cb4704fab50760bc6b3252e244c8f14413cdbd5fc0218

Request headers

Referer
https://torontosun.com/
Origin
https://torontosun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:23:57 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1696452273
age
609972
x-guploader-uploadid
ADPycdvCWn7Udjd3zx1PPuVuFItfXvzx9DhkCaZCqIIgwFfQsgWZ1gZtkofGXKTH1jQcFnAQlx-Mvome6ZIv24slzW-n231ReMA9
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100802
last-modified
Wed, 04 Oct 2023 20:45:48 GMT
server
UploadServer
etag
W/"064543354ae54eabb26ee7beab9595f5"
vary
Accept-Encoding
x-goog-generation
1696452348955107
x-goog-hash
crc32c=cTakuQ==, md5=BkVDNUrlTquybue+q5WV9Q==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
357631
accept-ranges
none
content-type
application/javascript
advertising.js
www.npttech.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.npttech.com/advertising.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8f26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:09 GMT
x-amz-version-id
AqISHxpKTQvORh8RqBdMoHK.Vq6tURDV
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
BTW118FYSST2NZRF
age
4060
alt-svc
h3=":443"; ma=86400
x-amz-id-2
VVoYvhVUjn4I4+el+kFDvTy+4TMhWGPwlyiQ6wfToQyOEzrNGXCBsX+pomyqM2bs2B6pvnodOu8=
last-modified
Tue, 18 Oct 2022 13:20:01 GMT
server
cloudflare
etag
W/"df0e1827cd8f289a645f38d8fecaf6e0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rsPzVyzsbH%2F8jSmeDc127eoAWkehNy7ioP6wBFsylHEydSAlxfoIPKOJpe4jCivNJlFeBWYW8ob%2ForWN5%2Fs0i%2F3qCK6z%2BtgdVbgJXlScJ%2BGxFkp6L9HVNMMDA8OCAw%2BMh41aEPb10B%2FmI7jrlBo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=28800
cf-ray
81ac29fe9e9e1d96-FRA
foreign-interference-20231023.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/foreign-interference-20231023.jpg?quality=90&strip=all&w=466&type=webp&sig=bDjweSGIQNAxKSYdjfWkcg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
440178d326fbc673d8c4d3dcfc2246975ae8cbf7b6450b35f871b8eeba052335

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 23 Oct 2023 18:23:51 GMT
via
1.1 google
server
nginx/1.18.0
age
1578
etag
"25753f1d75ac1a8964ea82c18c2df6cba03de518"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-qm8nd
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14252
elon-musk.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/elon-musk.jpg?quality=90&strip=all&w=466&type=webp&sig=pmeofnp_-FLeLY47IPW_pw
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
a10c2815686d81abf93d9b8e680551c6da94101ba42919fe1f66f3c36bcb4e41

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 23 Oct 2023 16:08:35 GMT
via
1.1 google
server
nginx/1.18.0
age
9694
etag
"f739e7dd1a5c58f32c77a43c10ae975d6eea1f48"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-x8zht
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15242
futbol1-e1698068017926.png
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/futbol1-e1698068017926.png?quality=90&strip=all&w=466&type=webp&sig=nnLDy31vHh_xju5lzbJF0A
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
02d5b021c3d2f2771f27b4fdb3720b9996392332600db581d2f738aa46fd6e2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 23 Oct 2023 13:36:41 GMT
via
1.1 google
server
nginx/1.18.0
age
18808
etag
"2191df7f360895765af3f61f857fc801e2ce3226"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-hjt22
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35048
convoy-trial-20231023.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/convoy-trial-20231023.jpg?quality=90&strip=all&w=466&type=webp&sig=L2dFuRXL3dTcl8_jyYJcyw
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
11c4f0fc4e13b2e4a34e1679b18b5636c75fa5a761602f6a096b95186aff778a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 23 Oct 2023 18:43:40 GMT
via
1.1 google
server
nginx/1.18.0
age
389
etag
"b860252c9f55d7f4c056e3781f3de641e05d8185"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-hfcnn
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37704
20231011121028-6526cd62496aba64910ab573jpeg-e1698061927689.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/20231011121028-6526cd62496aba64910ab573jpeg-e1698061927689.jpg?quality=90&strip=all&w=466&type=webp&sig=NVC62eV6nFnSbYVSiepeqA
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
76da8d65154aea71a794d050831797a3ec34d8b535080dd92bd50a0080095864

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 23 Oct 2023 18:05:41 GMT
via
1.1 google
server
nginx/1.18.0
age
2668
etag
"acf12b85c0d47b182523e7c65ee4309cf6123098"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-wwbgg
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42342
ont-urban-boundaries-20231023.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/ont-urban-boundaries-20231023.jpg?quality=90&strip=all&w=466&type=webp&sig=wv3ncBrRrjxqt1l6VC91mA
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
69026cc820b188c704c34bd97b5d7006b8fb92fca46013aa1e55a029ba437dc2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 23 Oct 2023 14:38:01 GMT
via
1.1 google
server
nginx/1.18.0
age
15128
etag
"e2a8a82fdff6f737226036b9ef0aecabf5b1f5ea"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-hjt22
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10062
1021-lf-bunny-scaled-e1697832117548.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/1021-lf-bunny-scaled-e1697832117548.jpg?quality=90&strip=all&w=466&type=webp&sig=Cwj3vJyC18zSPDpfrW38Gg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
8c53e96ed767e39fc112c093cb774e7dd4817842a1aff73c59727851037fe465

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 23 Oct 2023 18:40:51 GMT
via
1.1 google
server
nginx/1.18.0
age
558
etag
"bca5e56819a3d954d7b8e79e6166ca4418a328ad"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-hfcnn
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35726
boc-rate-summary-20231022-1-e1698066986888.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/ 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/boc-rate-summary-20231022-1-e1698066986888.jpg?quality=90&strip=all&w=466&type=webp&sig=7P8BhKNUhsg_S-7-TahXbQ
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
8e9a93bb9abfdde19cc4513a7a8c27c13d292d1bcbed467a6e413fc830dcdc75

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 23 Oct 2023 13:23:37 GMT
via
1.1 google
server
nginx/1.18.0
age
19592
etag
"41a79434dc2f16ffdf5252a03b4828f72ae5792d"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-mswwr
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50604
Palestine-supporters-Instagram-Oct21.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/Palestine-supporters-Instagram-Oct21.jpg?quality=90&strip=all&w=466&type=webp&sig=zb5hsOjcYohlTTVwOLLgfQ
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
6dd94ba984a9f122962af0265f1cf890c7904996c3dec138b95c47bfb8169912

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Sun, 22 Oct 2023 00:43:13 GMT
via
1.1 google
server
nginx/1.18.0
age
151616
etag
"a8b833a332da5b3d35c45c06e834876bc4ba6126"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-wwbgg
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33936
truncated
/ 		256 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3fde76cacc186420d0405496f66f9cd00a7c14a38a9ffa4b626a09affe83cc2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/svg+xml
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://torontosun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 04:06:52 GMT
x-content-type-options
nosniff
age
312197
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Oct 2024 04:06:52 GMT
icon-generic-play.svg
dcs-static.gprod.postmedia.digital/14.6.4/websites/images/common-icon/ 		1 KB
788 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/14.6.4/websites/images/common-icon/icon-generic-play.svg
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.6.4/CACHE/css/output.e53a308bcf09.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
2f28c008f0ce667d697ccc95a07377e8562c0c28dd910f864724a265f75671e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dcs-static.gprod.postmedia.digital/14.6.4/CACHE/css/output.e53a308bcf09.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:24:08 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1697215744
age
609961
x-guploader-uploadid
ADPycdvYpyWALK5U9lthCZ7rvJrDvCccMc4y55upQunB8tnPbFTWV90FVq8Xpl0kmm-bn1OKGhv5CCzgh58EvkbPcobqkgNnWx2H
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
501
last-modified
Mon, 16 Oct 2023 17:06:25 GMT
server
UploadServer
etag
W/"34ef0f992f9fa3f5a172353b887ba82c"
vary
Accept-Encoding
x-goog-generation
1697475985424962
x-goog-hash
crc32c=+OS2xg==, md5=NO8PmS+fo/WhcjU7iHuoLA==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
1091
accept-ranges
none
NGSpv5_NC0k9P_v6ZUCbLRAHxK1EbiusdUmm.woff2
fonts.gstatic.com/s/heebo/v22/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/heebo/v22/NGSpv5_NC0k9P_v6ZUCbLRAHxK1EbiusdUmm.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41fa01c782917e3f2c7ec4c60602f471ee628280908b71da13d4b127626ac85b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://torontosun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 22:38:22 GMT
x-content-type-options
nosniff
age
331907
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11076
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:52:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Oct 2024 22:38:22 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://torontosun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 13:37:19 GMT
x-content-type-options
nosniff
age
191570
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 20 Oct 2024 13:37:19 GMT
PN_xRfK9oXHga0XdZsg_.woff2
fonts.gstatic.com/s/martel/v10/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/martel/v10/PN_xRfK9oXHga0XdZsg_.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b52af4f6849257bb609f2078d51dc45ad49c0f9b5ff217cf6f9c1c8afcb9a8df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://torontosun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 05:29:44 GMT
x-content-type-options
nosniff
age
220825
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18860
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:03:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 20 Oct 2024 05:29:44 GMT
truncated
/ 		2 B
2 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
text/plain;charset=US-ASCII
icon-fire.svg
dcs-static.gprod.postmedia.digital/14.6.4/websites/images/common-icon/ 		835 B
864 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/14.6.4/websites/images/common-icon/icon-fire.svg
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.6.4/CACHE/css/output.7c2d0fc379d4.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a345a18e5d3f6c07451cb14dd480bfad123f03663912b581265d617d4725fe9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dcs-static.gprod.postmedia.digital/14.6.4/CACHE/css/output.7c2d0fc379d4.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:18:38 GMT
x-goog-meta-goog-reserved-file-mtime
1697215744
age
610291
x-guploader-uploadid
ADPycdv5bMddiCcbBUyvXhAbYrfZFZMTDvtY1ohT1dxFPDJ__htRMvsuukPyJKCFQBmgKoVHaLXKLe65ORfJSWPaIxfaTg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
835
last-modified
Mon, 16 Oct 2023 17:06:25 GMT
server
UploadServer
etag
"9c6e99306a671d196d8945273b28bfe8"
x-goog-generation
1697475985185695
x-goog-hash
crc32c=0k5Zig==, md5=nG6ZMGpnHRltiUUnOyi/6A==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
835
accept-ranges
bytes
carousel-previous.svg
dcs-static.gprod.postmedia.digital/14.6.4/websites/images/common-icon/ 		1 KB
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/14.6.4/websites/images/common-icon/carousel-previous.svg
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.6.4/CACHE/css/output.7c2d0fc379d4.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e5bab9427ec1d36c811e3ca40b2a1014b330dea0fc48b787041c572e1fdc4f28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dcs-static.gprod.postmedia.digital/14.6.4/CACHE/css/output.7c2d0fc379d4.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:20:05 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1697215744
age
610204
x-guploader-uploadid
ADPycdvqubfxlITduEH2uzqQfiiS7-Kr-O2zCmriMWVBaBDePHPzt6oz9K06JDvjabvfM5-HP2_RyHozkahTJ7fvTdbr6A
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
519
last-modified
Mon, 16 Oct 2023 17:06:24 GMT
server
UploadServer
etag
W/"23fbd7cd311279a2b6eb68d8f6059047"
vary
Accept-Encoding
x-goog-generation
1697475984270513
x-goog-hash
crc32c=RxdKhw==, md5=I/vXzTESeaK262jY9gWQRw==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
1204
accept-ranges
none
carousel-next.svg
dcs-static.gprod.postmedia.digital/14.6.4/websites/images/common-icon/ 		1 KB
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/14.6.4/websites/images/common-icon/carousel-next.svg
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.6.4/CACHE/css/output.7c2d0fc379d4.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b510ee91066f77f938f78422378a73f44818d0ee661c0ccb5ad398cc7dd6b080

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dcs-static.gprod.postmedia.digital/14.6.4/CACHE/css/output.7c2d0fc379d4.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:20:05 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1697215744
age
610204
x-guploader-uploadid
ADPycdtXASG-ZnsQfevX203EdUc7UWWuYytkf1OIC3lCVahY_B0QCmnSctJL2fK8URbOXtIs4feBRh5cxuD9Bv4xw4RvtA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
520
last-modified
Mon, 16 Oct 2023 17:06:24 GMT
server
UploadServer
etag
W/"735fdba5ead6fce3777e91bf3fee8dd6"
vary
Accept-Encoding
x-goog-generation
1697475984231945
x-goog-hash
crc32c=8FG2nQ==, md5=c1/bperW/ON3fpG/P+6N1g==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
1204
accept-ranges
none
postmedia-image-fallback.webp
dcs-static.gprod.postmedia.digital/14.6.4/websites/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/14.6.4/websites/images/postmedia-image-fallback.webp
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
179c493864283938999b1e6cfb14839f78f9b25d1ec30faabbf9ea18216b23e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:18:38 GMT
x-goog-meta-goog-reserved-file-mtime
1697215743
age
610291
x-guploader-uploadid
ADPycdsNfx4Y0AYwe-lL_YP3Q-s9UmV52oKY_smwyKHFA5DmaoXEMvdpM75QwbISfjgtTm7E8KXknVnR_vX2k23EtpuEcQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2934
last-modified
Mon, 16 Oct 2023 17:06:47 GMT
server
UploadServer
etag
"496f3aa3adffbf2280dd5f74fb6eef8f"
x-goog-generation
1697476007146845
x-goog-hash
crc32c=Qpf2ww==, md5=SW86o63/vyKA3V90+27vjw==
access-control-allow-origin
*
content-type
application/octet-stream
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
2934
accept-ranges
bytes
LoginRadiusV2.js
auth.lrcontent.com/v2/js/ 		210 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.lrcontent.com/v2/js/LoginRadiusV2.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e3a0ec886bc332d36f61c37c9e7ec663e19bb89bbd6b0243140c871c70d33e8
Security Headers
Name Value
Strict-Transport-Security max-age= 63072000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:09 GMT
strict-transport-security
max-age= 63072000; includeSubdomains; preload
via
1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
gzip
x-amz-cf-pop
FRA56-C1
age
5548
cf-polished
origSize=1329386
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cf-bgj
minify
last-modified
Mon, 16 Oct 2023 05:52:51 GMT
server
cloudflare
etag
W/"06ae4cc55e4412a63367b4a85f937078"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=14400
cf-ray
81ac29ff58ce1c6d-FRA
x-amz-cf-id
KARlD1b6owvtG-ykq61FLi9_1Rmf6hLWEwXd2lGcqSgVyQ1xPgcjwQ==
expires
Mon, 23 Oct 2023 22:50:09 GMT
shared.2bbcd3ad9e5d.js
dcs-static.gprod.postmedia.digital/14.6.4/CACHE/js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.6.4/CACHE/js/shared.2bbcd3ad9e5d.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
5de38dd9b29b93fa720fd1bbee60d4553b6c2a7fa8737c694ba259df256f66d3

Request headers

Referer
https://torontosun.com/
Origin
https://torontosun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:16:44 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1697215747
age
610405
x-guploader-uploadid
ADPycdtlyye1LroMBbiMoz5Zvbsk0-WNwz3IWNYnAUWaKESielsiahyrB9DhMCTcN4y38ocKkBmLkxhM5jdtG26xpNZTnw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7470
last-modified
Mon, 16 Oct 2023 17:05:15 GMT
server
UploadServer
etag
W/"76430a2f1f03162aec36ac65859c1ea8"
vary
Accept-Encoding
x-goog-generation
1697475915015643
x-goog-hash
crc32c=8CSqOg==, md5=dkMKLx8DFirsNqxlhZweqA==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
20818
accept-ranges
none
content-type
application/javascript
main.2de0fd2c3cca.js
dcs-static.gprod.postmedia.digital/14.6.4/CACHE/js/ 		133 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.6.4/CACHE/js/main.2de0fd2c3cca.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
2de0fd2c3ccae4ab523d0aebb8f902740899faeca158e8bfbb54669cd0bd7afa

Request headers

Referer
https://torontosun.com/
Origin
https://torontosun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:16:44 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1697215747
age
610405
x-guploader-uploadid
ADPycds-kuMFp7kw1PUBgmepnhYsidNquARfWHEwiYMm19QqDCj2TrvNa8K-znnZWgkYUKvwGgX-chTaK_nMiUOibkyfng
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46197
last-modified
Mon, 16 Oct 2023 17:05:14 GMT
server
UploadServer
etag
W/"0f593ed83f5051ed5d411923e379acb0"
vary
Accept-Encoding
x-goog-generation
1697475914800277
x-goog-hash
crc32c=C/G7rg==, md5=D1k+2D9QUe1dQRkj43mssA==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
135975
accept-ranges
none
content-type
application/javascript
23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/ 		445 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v88.1/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a43c14fa427a2d1dc15abcf451ac122237be1f65ff733bc1cf072547cbf3084b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:09 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
23dc09d6-b664-425a-a76e-0eed6a6cc102
age
0
x-guploader-uploadid
ABPtcPrESmdasgprtVzoMyZrbOPzOHMMZ1MIUm8MUc9vMfHyIlRYMNpbMme3UGCT6_EdmJRxBf0ZrB2csnIFa-9dR1RjkufzFhWy
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
last-modified
Fri, 20 Oct 2023 15:23:25 GMT
server
cloudflare
etag
W/"07959bf936acafc198af861998422bfd"
vary
Accept-Encoding
x-goog-generation
1697815405809780
content-type
application/javascript
x-goog-hash
crc32c=+UMGDg==, md5=B5Wb+Tasr8GYr4YZmEIr/Q==
cache-control
public, max-age=900
x-goog-stored-content-length
137533
timing-allow-origin
*
cf-ray
81ac29ffebb83813-FRA
expires
Mon, 23 Oct 2023 19:05:09 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/ 		422 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b333a33f794194adaf94287fb06c6529010aade13c0574140ea03f4bd9f433bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 10:56:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
28392
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135328
x-xss-protection
0
server
cafe
etag
16474413789440466402
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 22 Oct 2024 10:56:57 GMT
3528
config.aps.amazon-adsystem.com/configs/ 		505 B
770 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/3528
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-71.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
39f38410c55909990198bec4def77bd2348d9a27a6cb0de629109b690726290e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:47:32 GMT
via
1.1 92ab13182d4b89ed20b3b5c10adc4f22.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
157
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
505
x-amz-cf-id
9qTigZJ0cNiniEMTExSPz-rj-HyG2Sq6vL7XAnYUvgYYMq3j701g0Q==
config
c.amazon-adsystem.com/cdn/prod/ 		353 B
702 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3528&u=https%3A%2F%2Ftorontosun.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
Server /
Resource Hash
d00b4c8953cdf25f549728ad667759e6f7650b5bf6146ecd3ec7c087bd3265b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 15:10:58 GMT
via
1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
age
13151
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://torontosun.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
353
x-amz-cf-id
tOfxlDz9-nXrEOynxzwQy73R46cMiCkhDdE-Ux3IYJJ39lyX_3IKoQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront)
date
Mon, 23 Oct 2023 02:53:21 GMT
x-amz-cf-pop
FRA56-P6
age
57409
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
gA8n26Z4IVLaaxgDCWQ_tB_7w_tRPPuFas0AMY9G3QJQpuKzZ7UChg==
14648-pbjs-floors.json
ads.rubiconproject.com/floors/ 		73 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/floors/14648-pbjs-floors.json
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-255-110.deploy.static.akamaitechnologies.com
Software
Apache/2.4.37 (rocky) OpenSSL/1.1.1k /
Resource Hash
ecf3583217d45aacd20a55f17e79fbfd8d4c39cca3190c8509d2029d9e413624

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 23 Oct 2023 18:50:09 GMT
content-encoding
gzip
last-modified
Mon, 23 Oct 2023 17:40:39 GMT
server
Apache/2.4.37 (rocky) OpenSSL/1.1.1k
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1500
access-control-allow-credentials
true
accept-ranges
bytes
content-length
5967
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231023
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95b148d265f8bde25dede14eba0137177c17a68351561113e4f1f573dbc0435c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 23 Oct 2023 18:50:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
10160
x-jsd-version
1.0.1851
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230067-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"635-j5iF0FxgnLQwnwrcrCti8KPTr8k"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g5JGm0Pm%2BggyKdFlwZo9AWhHfignkHHueRZ0dDeEpwlX3DMS25xtkmVkX17M6w1v3ADWgC7TTANG0%2F4LqQGoqc9oJ%2BTr%2F0w3Z0BJuBZD4M%2FlWnXQ2A5r1kegp1g5sES3R4%2FtB9HG%2BAvrN4Geb%2FQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
81ac2a004e542c6f-FRA
xd.html
fem.gprod.postmedia.digital/v88.1/ Frame 9EB5 		165 B
194 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v88.1/xd.html
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v88.1/fem.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
5e5de8421c5407d204ef4033de2ed27dfafd3c5d931bddd16daf4933dd0e0bcf

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
781831
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=31622400
content-length
165
content-type
text/html
date
Sat, 14 Oct 2023 17:39:38 GMT
etag
"d55cfaf9cba70c25ebb0c3ecdc88e5b2"
last-modified
Wed, 04 Oct 2023 20:45:50 GMT
server
UploadServer
x-cache-hit
hit
x-goog-generation
1696452350442566
x-goog-hash
crc32c=HSJWmA== md5=1Vz6+cunDCXrsMPs3Ijlsg==
x-goog-meta-goog-reserved-file-mtime
1696452273
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
165
x-guploader-uploadid
ADPycdtAQGICgKqDh8OoSbFc-q2Jz_j0X9-3JdAyeta3yhi1ZoyV21UyAATlmnrckmxSEVd53nc_MUhElbWJejlf59ESqwkVBBRS
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.10.19 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-10-19.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:09 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Mon, 23 Oct 2023 19:05:09 GMT
michael-stamatakos-e1697637537482.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/michael-stamatakos-e1697637537482.jpg?quality=90&strip=all&w=344&type=webp&sig=2TjaamXa9B5sz2c8dCzNAg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
a93a488d3100615a5cbc0a779462a8021f60629cefa40a89dc10c4e1aaf3bc7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 23 Oct 2023 18:43:42 GMT
via
1.1 google
server
nginx/1.18.0
age
387
etag
"67aeb105747d5255585238740eeba3acdb0e3a94"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-hjt22
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8328
vincentasaro.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2017/12/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2017/12/vincentasaro.jpg?quality=90&strip=all&w=344&type=webp&sig=Af8sGpX3xvN1Bw4lHYWX8Q
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
050f01428f1212d41f78937ff24274c539045a1477321b09f3db06436f232a4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 23 Oct 2023 14:37:32 GMT
via
1.1 google
server
nginx/1.18.0
age
15157
etag
"455b5892ad6ecc7c40c25539c08a9dc59b4610e4"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-brdx2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23568
JEEP-e1698072991440.png
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/JEEP-e1698072991440.png?quality=90&strip=all&w=344&type=webp&sig=OaaUkRlckRi9ISmI0WolZQ
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
4125e17e53d668767a6ba6127acb4faffe9b20748baacdfc95a54d908d199428

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 23 Oct 2023 18:45:57 GMT
via
1.1 google
server
nginx/1.18.0
age
252
etag
"7affbad4bd56b7d55d461246e4b875fff4616b04"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-brdx2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9608
bell-media-outfront-20231023.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/bell-media-outfront-20231023.jpg?quality=90&strip=all&w=344&type=webp&sig=LniRYINcKEEaexnX3hr75A
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
80d7719730935376ba7c5551dfda2160533c328fcccedd39348be49bafce813f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 23 Oct 2023 18:23:45 GMT
via
1.1 google
server
nginx/1.18.0
age
1584
etag
"c19d05e5f0c189e8932d1961faf216fd868f3a48"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-hjt22
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14952
CP168492292-1.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/CP168492292-1.jpg?quality=90&strip=all&w=344&type=webp&sig=mkvDUzbiwD4-UObJSFha5g
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
49bf986eda17b5d79186dcdd091973d4ab73a3e774c82905eb64308f641e2136

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 23 Oct 2023 17:43:40 GMT
via
1.1 google
server
nginx/1.18.0
age
3989
etag
"568cf12d6bae7a74f375985fc918152b9728c20e"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-hjt22
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21470
ont-ndp-mpp-20231019-1-e1698075833400.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/ont-ndp-mpp-20231019-1-e1698075833400.jpg?quality=90&strip=all&w=344&type=webp&sig=bQX1Z7cf8EuKXk4bD_huEQ
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
18362c79e301db0bfe6151aad4529f98ed58c78f34de1ede556d0a683d044e90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 23 Oct 2023 15:49:40 GMT
via
1.1 google
server
nginx/1.18.0
age
10829
etag
"b32543dfd049ed949dae4e77a6d1e5817606a3f6"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-hfcnn
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11430
20231011121028-6526cd62496aba64910ab573jpeg-e1698061927689.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/20231011121028-6526cd62496aba64910ab573jpeg-e1698061927689.jpg?quality=90&strip=all&w=344&type=webp&sig=JCAne9M6q3pfp7rg2ONhWA
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
fe2865843f8a04437fed9bb0f68018cbd6cdbecb5c4b4c70a504f41ab008255c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 23 Oct 2023 11:54:52 GMT
via
1.1 google
server
nginx/1.18.0
age
24917
etag
"93d85280433ce8a13d37e67b938cd70133b54ea1"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-wwbgg
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26178
elon-musk.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/elon-musk.jpg?quality=90&strip=all&w=344&type=webp&sig=Uqaga-UGxoYWKw--wCmt8A
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
fc81a082b8bb3b830caf54bc8c463f3a35cca28e6e93100a64d1ddb40a42ec7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 23 Oct 2023 13:27:50 GMT
via
1.1 google
server
nginx/1.18.0
age
19339
etag
"7d96d569ae1817aef4ae047c5ef9d05c848ed1b0"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-x8zht
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10890
futbol1-e1698068017926.png
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/futbol1-e1698068017926.png?quality=90&strip=all&w=344&type=webp&sig=QKFGPIsnk1WCqcVwz9YBcA
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
67466012d868d91bfa102522652a5d75cecbc80445bf46a619ca04928c543872

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 23 Oct 2023 13:39:53 GMT
via
1.1 google
server
nginx/1.18.0
age
18616
etag
"e563ddf794d273b0cfaf4240459b1cdce954249e"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-nw7m9
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23574
1021-lf-bunny-scaled-e1697832117548.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/1021-lf-bunny-scaled-e1697832117548.jpg?quality=90&strip=all&w=344&type=webp&sig=V9IIOUTVoPULYOANR1C__A
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
b73aae0a99bbdbad9a499416c7f5e7dc621d4b8f82f733204feb414ada7a42f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 23 Oct 2023 17:51:23 GMT
via
1.1 google
server
nginx/1.18.0
age
3526
etag
"a3e289a45ff4ae87849aaa83425f52dc0343bc6e"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-qm8nd
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21574
GettyImages-1254842202.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2020/11/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2020/11/GettyImages-1254842202.jpg?quality=90&strip=all&w=344&type=webp&sig=hWw9GGX7d67EZpXaZDYbRA
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
3bdd66f75a3e158453a1841639637ab7385e2a39ff16d356925d1c6b3e52f6b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 23 Oct 2023 07:19:34 GMT
via
1.1 google
server
nginx/1.18.0
age
41435
etag
"cd7c331eb12a8ff3f350a2c48d6afd40059c9f98"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-nw7m9
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9646
GettyImages-926016876-scaled-e1697911004966.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/GettyImages-926016876-scaled-e1697911004966.jpg?quality=90&strip=all&w=344&type=webp&sig=8eRXL978ZWRZip6IbEpmQQ
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
d846066a899e1d5bd33e3d6c616c335a6281a979453eaf74dfc41a9ad9ef481e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Sun, 22 Oct 2023 23:10:00 GMT
via
1.1 google
server
nginx/1.18.0
age
70809
etag
"197f330a04e5e510c01f2fb7eff0247f2ff41371"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-nw7m9
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25062
monday-letters-e1603061546312.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2019/10/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2019/10/monday-letters-e1603061546312.jpg?quality=90&strip=all&w=344&type=webp&sig=GJ470nf1NmY8ERldzXTwHQ
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
693b7ad329853b5d32ab0196b6f79c23f3e6497458005a36fa0ef85b876f066b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 23 Oct 2023 14:17:45 GMT
via
1.1 google
server
nginx/1.18.0
age
16344
etag
"5aaabaade41cd7efb5c2a3221be9326b7c7d5f5c"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-ghzzq
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37102
GettyImages-1499111355-scaled-e1698069222515.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/GettyImages-1499111355-scaled-e1698069222515.jpg?quality=90&strip=all&w=344&type=webp&sig=q8uVLx5OIg2svCx698nZ-g
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
3382f5feb5553038273e8f8d235e06baeac3022ce5500f933f619ccdef5586ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 23 Oct 2023 14:03:22 GMT
via
1.1 google
server
nginx/1.18.0
age
17207
etag
"f6a2c1c0082ef066b353c53a34813c4189cf114f"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-mswwr
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21328
1111_na_homeless-scaled-e1697923799638.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/1111_na_homeless-scaled-e1697923799638.jpg?quality=90&strip=all&w=344&type=webp&sig=MQVOgpwqnKPRQ2vPKeqH1g
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
de68a4d1589f452e7a9eda135ab254a89514003b5aece81d16b0eba2bfaa3084

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Sun, 22 Oct 2023 15:35:52 GMT
via
1.1 google
server
nginx/1.18.0
age
98057
etag
"42e11aec5dfde3f7d74b591622eaec9466eb6b91"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-ghzzq
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22270
1024toronto-raptors-darko-rajakovic-scaled-e1698082604360.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/1024toronto-raptors-darko-rajakovic-scaled-e1698082604360.jpg?quality=90&strip=all&w=344&type=webp&sig=6sFMCFlZF2tr6Cl4v8bEeA
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
cb23e5010cbd08669cb219ea507d685a0e468e83384076f7ba2e89cf723ce689

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 23 Oct 2023 18:45:57 GMT
via
1.1 google
server
nginx/1.18.0
age
252
etag
"38699f8b3d28050b440dea57b1c05f59b6edcdeb"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-qm8nd
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16024
BKN-Raptors-Camp-Basketball-20231003-scaled-e1698019674327.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/BKN-Raptors-Camp-Basketball-20231003-scaled-e1698019674327.jpg?quality=90&strip=all&w=344&type=webp&sig=GoNXK0qjEGaBzEizy5KYVA
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
e6e8dd35a8e047cd5d4742ba6175d55e1bb778d495bd2536e1d7d67c05d03a0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 23 Oct 2023 06:54:32 GMT
via
1.1 google
server
nginx/1.18.0
age
42937
etag
"10c37f2ea857883f1a939abbc92cd7de5fa749db"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-nw7m9
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17506
hkn-jets-bowness-20231023.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/hkn-jets-bowness-20231023.jpg?quality=90&strip=all&w=344&type=webp&sig=MJRE8jJ-mtrXi6T-wQn5tA
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
0cf2e378ce3ebdd5c4225574b71a852dc9c46b098f875ddf2c27cdd4773114c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 23 Oct 2023 18:45:57 GMT
via
1.1 google
server
nginx/1.18.0
age
252
etag
"ece883a17c7892ade9e7e26e2a04a2fc00262e42"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-hqzfk
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15030
debrincat.jpeg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/debrincat.jpeg?quality=90&strip=all&w=344&type=webp&sig=rYiSbjZQnR8DhQaUy5uQQQ
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
13866ab1f090ecc145186272a5092114fcd97e1d547eafe6b03e7e6bfb59cf93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 23 Oct 2023 18:05:42 GMT
via
1.1 google
server
nginx/1.18.0
age
2667
etag
"4903ab461787f9f88d5d36649581b2b88e51f7fe"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-mswwr
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20316
Joseph-Woll-files-May16-scaled-e1684277774528.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/05/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/05/Joseph-Woll-files-May16-scaled-e1684277774528.jpg?quality=90&strip=all&w=344&type=webp&sig=_Ty9V032ccn6xnsi2CcAnQ
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
bcd0956ceacaac48e94c195437041361de8f8bdeba19024d7c049c17f28e680d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Sun, 22 Oct 2023 18:09:22 GMT
via
1.1 google
server
nginx/1.18.0
age
88847
etag
"559b99fc681b262be7c55da9db5e854036876be0"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-hqzfk
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26440
Dave-Chappelle-files-oct23-scaled-e1635039314297.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2021/10/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2021/10/Dave-Chappelle-files-oct23-scaled-e1635039314297.jpg?quality=90&strip=all&w=344&type=webp&sig=CWzQbxfI64l6cUeMh5mPUA
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
bcbfbbd3c1f420528b3bf767b79e6d0e826aa11ba36544fa5cbb40147ed5279e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 23 Oct 2023 17:09:02 GMT
via
1.1 google
server
nginx/1.18.0
age
6067
etag
"6146b1a0ed2bd97fc5868793531571f61e8e097e"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-hqzfk
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11316
Dwayne-Johnson-Black-Adam-Toronto-premiere.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/10/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/10/Dwayne-Johnson-Black-Adam-Toronto-premiere.jpg?quality=90&strip=all&w=344&type=webp&sig=vaYiVSsGUrgJ2Rh49jTaPQ
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
844d86eef3da1626f5afe02a5a200a1cdc43c37ee2c6d893907ab957df157a62

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 23 Oct 2023 15:39:39 GMT
via
1.1 google
server
nginx/1.18.0
age
11430
etag
"7232ff30220a3a980d66a458abeeacce323fd3ee"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-wwbgg
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16050
britney-spears-instagram-july23.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2021/07/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2021/07/britney-spears-instagram-july23.jpg?quality=90&strip=all&w=344&type=webp&sig=ipln7j-tekzASk2o87Dsag
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
81445b406a674cfab3930f31d2339fcde386403cdacbd021ec168467abd7ae86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 23 Oct 2023 14:26:55 GMT
via
1.1 google
server
nginx/1.18.0
age
15794
etag
"9cfa6e7f80b1b3e816779c90f8063b252333e69f"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-brdx2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27606
kanye-west-3.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/kanye-west-3.jpg?quality=90&strip=all&w=344&type=webp&sig=VKYdVYEranqIkGirre5Nkg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
0d00a2a6dba8a17d08bd7d321de0ac24c90dd0c0df01f61fd78fb5f23f799a6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 23 Oct 2023 18:40:25 GMT
via
1.1 google
server
nginx/1.18.0
age
584
etag
"1e3da261d27222222b894fcc3c318cd6ef163e7a"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-wwbgg
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20662
shaniaell04-e1698061898208.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/shaniaell04-e1698061898208.jpg?quality=90&strip=all&w=344&type=webp&sig=RgHsvoVWHkEJCdeo8gARyw
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
7481940b38e0ef35880b5aa4a737ff132a01640a20891a702a850108bd95bea5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 23 Oct 2023 18:50:09 GMT
via
1.1 google
server
nginx/1.18.0
etag
"9af83ce5fa02166aba615cbe1c70a1c13e462c5a"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
miss
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-ghzzq
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19598
GettyImages-1423553379-scaled-e1697736203915.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/GettyImages-1423553379-scaled-e1697736203915.jpg?quality=90&strip=all&w=344&type=webp&sig=30vcwF6RgmuxothDPpwk8g
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
35824264a9e14428872f840d1377d1f805a4cf51b7eb24bef3d57cf3bd959e08

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 23 Oct 2023 11:09:14 GMT
via
1.1 google
server
nginx/1.18.0
age
27655
etag
"9fd6d4b4d8fd9d7f11630d005ccc75c66cdaa14d"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-hqzfk
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28984
GettyImages-1309247019-scaled-e1697321495102.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/GettyImages-1309247019-scaled-e1697321495102.jpg?quality=90&strip=all&w=344&type=webp&sig=QyPr3KXWlWUfBVA-D2DhTA
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
53ea1ee9cc3f30a5e3b324f66643f4fbc5425e120c217de68c7862212fbefdb4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 23 Oct 2023 11:12:45 GMT
via
1.1 google
server
nginx/1.18.0
age
27444
etag
"42c11b154b1909a98c8aadfe07eb5edec940ae93"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-ghzzq
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20078
Willow2.TS_.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/Willow2.TS_.jpg?quality=90&strip=all&w=344&type=webp&sig=cN5Mr5ijC22N6TRpw2E38w
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
6191a4503e767446918f91cec6f09a7a005cf9dc29336fdd6b89af49c64a9fbb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 23 Oct 2023 01:17:46 GMT
via
1.1 google
server
nginx/1.18.0
age
63143
etag
"f076abb473b38e2e38622cba38d7cfb6333d7c5e"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-mswwr
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22492
CP168561723-scaled-e1696256818679.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/CP168561723-scaled-e1696256818679.jpg?quality=90&strip=all&w=344&type=webp&sig=Q8w3eEUKbDwaIms_llFfaA
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
a778e186c3e33d7b4aed07697bd2cc9b528871ca4bbd21eb05dfd914aba1243e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 23 Oct 2023 00:40:59 GMT
via
1.1 google
server
nginx/1.18.0
age
65350
etag
"c8851e3208f6461cb7d28c8e36bd3e29faacdcc5"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-qm8nd
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29850
GettyImages-520363497-scaled-e1696650952829.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/10/GettyImages-520363497-scaled-e1696650952829.jpg?quality=90&strip=all&w=344&type=webp&sig=tmR71g1xdL6oyW13XpclSQ
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
511fbcd8bd5db286078078587d4e4d6f42aeeedf47e20c1faa891fccd03acea9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Sun, 22 Oct 2023 22:09:52 GMT
via
1.1 google
server
nginx/1.18.0
age
74417
etag
"704ab79e3564ac25b0cfbfb6e7280696378f0787"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-nw7m9
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39558
GettyImages-1429580529.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/10/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/10/GettyImages-1429580529.jpg?quality=90&strip=all&w=344&type=webp&sig=8gj3WUDl9VVBJrnHdTz3dA
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
c2fc57b180afd0cb7881dbb0812b85d881e1476a46559f1788a219af104173b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Mon, 23 Oct 2023 13:37:01 GMT
via
1.1 google
server
nginx/1.18.0
age
18788
etag
"73a3cf3bf2d2f6b8fd2a3798759bf284f0dbdfff"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-nw7m9
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9112
GettyImages-510308930-1.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/10/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/10/GettyImages-510308930-1.jpg?quality=90&strip=all&w=344&type=webp&sig=eQUAiFL3LC36ouhRtRwBGA
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
448284959cd6022d644ac96927c57929d64b4df87dcf157191fa35b991d2f676

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Wed, 18 Oct 2023 19:19:47 GMT
via
1.1 google
server
nginx/1.18.0
age
430222
etag
"ad68dc03590bb32e9e10013984ee5c3d53ce6ddd"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-hfcnn
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9086
Dave-Dodds-and-Tracey.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/10/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/10/Dave-Dodds-and-Tracey.jpg?quality=90&strip=all&w=344&type=webp&sig=ZYvabGI8UITLJ4hHAEO_Bw
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
1680cf46d8a68ee73cd01447b257403b449ef10713319e631e0e53338f8078d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Wed, 18 Oct 2023 19:19:47 GMT
via
1.1 google
server
nginx/1.18.0
age
430222
etag
"2db26eb3fd40fad96262a1fcce3eff49980ae988"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-hqzfk
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22824
Untitled-design-3.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/10/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/10/Untitled-design-3.jpg?quality=90&strip=all&w=344&type=webp&sig=KZUGESCY_sTsFEw-JoxCQw
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
02b6b5e2b324c800b154f5f76f5a2c78a9b1907e724ad63a13c6f1db08d69878

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Mon, 16 Oct 2023 13:22:40 GMT
via
1.1 google
server
nginx/1.18.0
age
624449
etag
"104c66ae33a9be8d279755c4fa2b95befe90812f"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-hjt22
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10082
GettyImages-1208113592.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/10/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/10/GettyImages-1208113592.jpg?quality=90&strip=all&w=344&type=webp&sig=0VP5iG7-g8r3c9yTh2ZAdA
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
d0b908ded387674260f99ef2d55defbca28a1ef9428a83650594069025a270d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Mon, 16 Oct 2023 13:22:40 GMT
via
1.1 google
server
nginx/1.18.0
age
624449
etag
"05d1772b6f75ef6567c4ed9f238e2e404792c836"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-wwbgg
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16010
Toyota-EPU.jpg
smartcdn.gprod.postmedia.digital/driving/wp-content/uploads/2023/10/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/driving/wp-content/uploads/2023/10/Toyota-EPU.jpg?quality=90&strip=all&w=344&type=webp&sig=DL9xh1CHHWYPcufcVaN4NA
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
17fa66df97eaffcc41d90b1f1e86e5d56b08a8fd79703615ee75bca4ae5689cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-pmd-smartcdn-requester
driving
date
Mon, 23 Oct 2023 16:17:21 GMT
via
1.1 google
server
nginx/1.18.0
age
9168
etag
"858fddd0c60e552d0975748ac6daddd7c4f89091"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-x8zht
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10006
2022-Ford-Mustang-Mach-E-Cottage-Trip-Front-3Q.jpg
smartcdn.gprod.postmedia.digital/driving/wp-content/uploads/2021/09/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/driving/wp-content/uploads/2021/09/2022-Ford-Mustang-Mach-E-Cottage-Trip-Front-3Q.jpg?quality=90&strip=all&w=344&type=webp&sig=tXvCzN8P_wN-714zZD_DNw
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
240b510ef18a76fb2487d642a8addcc5b9dddbd2acda3c903fa7fa34d50de76d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-pmd-smartcdn-requester
driving
date
Fri, 20 Oct 2023 18:42:19 GMT
via
1.1 google
server
nginx/1.18.0
age
259670
etag
"83f282f072f1bbe219a4a1eb5d96ee81b51e0cfd"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-hjt22
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44076
2023-Toyota-Crown-in-IIHS-Crash-Test.jpg
smartcdn.gprod.postmedia.digital/driving/wp-content/uploads/2023/10/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/driving/wp-content/uploads/2023/10/2023-Toyota-Crown-in-IIHS-Crash-Test.jpg?quality=90&strip=all&w=344&type=webp&sig=yI0iQou9m9TJq5_0cMbSjg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
0e052c3c1edeab4aa2c5a2a921762060b145330322a89f0dde3d839dedbfeec8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-pmd-smartcdn-requester
driving
date
Fri, 20 Oct 2023 18:12:49 GMT
via
1.1 google
server
nginx/1.18.0
age
261440
etag
"fb35d7e655cbe7d86c790a0af5b621df72f132d9"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-745f5c45c7-x8zht
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26634
661f0c84785f13f8660931.js
dcs-static.gprod.postmedia.digital/14.6.4/websites/js/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.6.4/websites/js/661f0c84785f13f8660931.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.6.4/CACHE/js/shared.2bbcd3ad9e5d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e0c867c8b4ddc4704dea1c8f1cfd309b9a4bd9cdd64a9fbbf21ffd1b31bf156a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:17:49 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1697215743
age
610340
x-guploader-uploadid
ADPycdtBXqcZcF3lI6waxKlfxOucKBo9k_Z2V9bMiwSxKyGZkyptpjnv2h9Rnby_fHawaori0yFsOHg5D6LTr6ntcgnJK_m_3Yeo
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2269
last-modified
Mon, 16 Oct 2023 17:06:55 GMT
server
UploadServer
etag
W/"8f66e8bc3032ac3dc8ebd62539ebc17b"
vary
Accept-Encoding
x-goog-generation
1697476015079313
x-goog-hash
crc32c=HMgZdw==, md5=j2bovDAyrD3I69YlOevBew==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
8968
accept-ranges
none
549d21599267e48aeee43.js
dcs-static.gprod.postmedia.digital/14.6.4/websites/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.6.4/websites/js/549d21599267e48aeee43.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.6.4/CACHE/js/shared.2bbcd3ad9e5d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
1878705aec86baf73aac495488bd3b4d7b96be51f50cebf682105a8a128dd631

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:17:47 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1697215743
age
610342
x-guploader-uploadid
ADPycduM2jUd8ExWzSosfWYxUtE3PGfcfOxkOmlOfeR2fEB0htLgwD3wVJaHt4y0-qiGiVgy_GkJxzKunsY1HekuuNxACg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3662
last-modified
Mon, 16 Oct 2023 17:06:54 GMT
server
UploadServer
etag
W/"073e06f4cf147feffc382b7119c17239"
vary
Accept-Encoding
x-goog-generation
1697476014741010
x-goog-hash
crc32c=MNq3iw==, md5=Bz4G9M8Uf+/8OCtxGcFyOQ==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
11539
accept-ranges
none
db35c160545b9564077b16.js
dcs-static.gprod.postmedia.digital/14.6.4/websites/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.6.4/websites/js/db35c160545b9564077b16.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.6.4/CACHE/js/shared.2bbcd3ad9e5d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3f1e409bdcf5920c4899c37c39e7b3fb92b60a2c1a041a16648b010e5bd439d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:16:45 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1697215743
age
610404
x-guploader-uploadid
ADPycduG02xi9_7C2CrzPnc2tBfluR8QKegBakUTbAeJgth34BBFA0NrrnaHomZ7NArgFcAXSTwjnslBbjqE3azVqmN23g
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4429
last-modified
Mon, 16 Oct 2023 17:06:57 GMT
server
UploadServer
etag
W/"0450506b259d7522ba0081aa72a162ee"
vary
Accept-Encoding
x-goog-generation
1697476017317182
x-goog-hash
crc32c=9cn5PA==, md5=BFBQayWddSK6AIGqcqFi7g==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
13988
accept-ranges
none
7380f428297495c9787e0.js
dcs-static.gprod.postmedia.digital/14.6.4/websites/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.6.4/websites/js/7380f428297495c9787e0.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.6.4/CACHE/js/shared.2bbcd3ad9e5d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8d3d191d44b6a042adb3ac86d403f8eaa0f7d28056ce74fb3ec3bc65aff5178f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:16:45 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1697215743
age
610404
x-guploader-uploadid
ADPycdtUtMjVQptxahN6RKGGBp82Y2-M6sQv1bxyHGFVMkYIjgo_mA5WrdW2LNj7ApUUGhgGAqjwJQMwuhPM1tRDfJRWVg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2820
last-modified
Mon, 16 Oct 2023 17:06:55 GMT
server
UploadServer
etag
W/"16a345a6eb36c4391df09d45582d99e7"
vary
Accept-Encoding
x-goog-generation
1697476015217093
x-goog-hash
crc32c=eCv7Ug==, md5=FqNFpus2xDkd8J1FWC2Z5w==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
6981
accept-ranges
none
a0a743a72a229993c3542.js
dcs-static.gprod.postmedia.digital/14.6.4/websites/js/ 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.6.4/websites/js/a0a743a72a229993c3542.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.6.4/CACHE/js/shared.2bbcd3ad9e5d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
48a6618e191e032cbab736538a295ce156e9e2324bcddeb22b30b88d375f58b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:17:47 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1697215742
age
610342
x-guploader-uploadid
ADPycdt2__NVJn9UW7eubZyBGVFrqB0jmWohB6QuAOd3wqL6xc0CO9CYCJ0CTkf1mHFC_QNJzg569tl9Pmigwb2lZBqtEA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10749
last-modified
Mon, 16 Oct 2023 17:06:56 GMT
server
UploadServer
etag
W/"4063a47afddd97b3d0cdaf5a06231acf"
vary
Accept-Encoding
x-goog-generation
1697476016249915
x-goog-hash
crc32c=YDKjTA==, md5=QGOkev3dl7PQza9aBiMazw==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
35089
accept-ranges
none
3ab33e9eef7515f1f7e65.js
dcs-static.gprod.postmedia.digital/14.6.4/websites/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.6.4/websites/js/3ab33e9eef7515f1f7e65.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.6.4/CACHE/js/shared.2bbcd3ad9e5d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8a9e771dbc369bfe7301ad483fa04ea91854400a00a33a978b6e805be79e34b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:20:07 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1697215742
age
610202
x-guploader-uploadid
ADPycdvvyx3onTxsOiLScA6CT659X8kiusmOXjCFKuAM5Z8lc1aXn6EA77tGPiyygoNqjRPN-bbVqBWWymVt_xlRCo7qJw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3497
last-modified
Mon, 16 Oct 2023 17:06:53 GMT
server
UploadServer
etag
W/"5646bc70e2fae94989285f3f732e864c"
vary
Accept-Encoding
x-goog-generation
1697476013108564
x-goog-hash
crc32c=Vuq8cw==, md5=Vka8cOL66UmJKF8/cy6GTA==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
10705
accept-ranges
none
5cdc54d1fda6ebee642148.js
dcs-static.gprod.postmedia.digital/14.6.4/websites/js/ 		224 B
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.6.4/websites/js/5cdc54d1fda6ebee642148.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.6.4/CACHE/js/shared.2bbcd3ad9e5d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
2df0a4053e66a1f1ef57b3561d2f22d0071064b7924a47b157d456b853e2cc5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:20:07 GMT
x-goog-meta-goog-reserved-file-mtime
1697215742
age
610202
x-guploader-uploadid
ADPycdtB1XZwqvD8OMJJTukvjJjpQl_dwwdE9OoOB0EVuB0fjfHdDQxPZH0Vw3YWzk_QO6lS3RfohLRRR1susATydw4DtQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
224
last-modified
Mon, 16 Oct 2023 17:06:54 GMT
server
UploadServer
etag
"041737f261e0c00d60a30a3eb1c00a1c"
x-goog-generation
1697476014776315
x-goog-hash
crc32c=D0UeMg==, md5=BBc38mHgwA1gowo+scAKHA==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
224
accept-ranges
bytes
acff26aee19cfd8cf6bf27.js
dcs-static.gprod.postmedia.digital/14.6.4/websites/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.6.4/websites/js/acff26aee19cfd8cf6bf27.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.6.4/CACHE/js/shared.2bbcd3ad9e5d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
93c998a47545beef7c24cdbaa5a200d951fc0d0cc3ca4d2389117a82b23ec049

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:20:07 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1697215743
age
610202
x-guploader-uploadid
ADPycduiTYQkW3cCT6PNco6FYGENrqbWn1ZgJBjLjiQGvGJ29v4xSv7Tph4WPyMDyBn7oETbo3rxJbk7WFJj4CMEXhvSEw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3669
last-modified
Mon, 16 Oct 2023 17:06:56 GMT
server
UploadServer
etag
W/"dadc1a3cae56fe1cc2bcdeef1f2ec2d2"
vary
Accept-Encoding
x-goog-generation
1697476016592784
x-goog-hash
crc32c=xFPSMQ==, md5=2twaPK5W/hzCvN7vHy7C0g==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
11527
accept-ranges
none
8c782fd1a8b079fc16ee17.js
dcs-static.gprod.postmedia.digital/14.6.4/websites/js/ 		750 B
787 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.6.4/websites/js/8c782fd1a8b079fc16ee17.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.6.4/CACHE/js/shared.2bbcd3ad9e5d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
bffba5346310aac216c4809e6d6f8501f5d2dadffa0db3d16852c2b0264a1356

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:20:07 GMT
x-goog-meta-goog-reserved-file-mtime
1697215743
age
610202
x-guploader-uploadid
ADPycdvQ9cim-6jj-mYVCnPnzLi7uywNrVdZw_z5-n6Q7_QiFJfmIRJDTwipp6vB74-Qab-UnZ20VDOl5e7FiM07ObTC0A
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
750
last-modified
Mon, 16 Oct 2023 17:06:56 GMT
server
UploadServer
etag
"207908b45730227112908863fe0d0e83"
x-goog-generation
1697476016068696
x-goog-hash
crc32c=fgMlXA==, md5=IHkItFcwInESkIhj/g0Ogw==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
750
accept-ranges
bytes
89c990664a3c5e637fda35.js
dcs-static.gprod.postmedia.digital/14.6.4/websites/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.6.4/websites/js/89c990664a3c5e637fda35.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.6.4/CACHE/js/shared.2bbcd3ad9e5d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
057195b80c1594769bccb5bbb495f6b011b0fa6b0a39f12194248ef9dc15420a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:16:45 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1697215742
age
610404
x-guploader-uploadid
ADPycduAWt8mq8saJbcf6ex1qdq74-HB4KNJ8W8MgvCW4d99KBh3CJgNJiAP_Jh_84XJhqyxJzsX7cmZqQU347lBJ7WJGg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1071
last-modified
Mon, 16 Oct 2023 17:06:55 GMT
server
UploadServer
etag
W/"d02f8c5e62b55a0b33441e24cf495155"
vary
Accept-Encoding
x-goog-generation
1697476015628014
x-goog-hash
crc32c=/bKBxw==, md5=0C+MXmK1WgszRB4kz0lRVQ==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
2461
accept-ranges
none
46779143793836621a7b37.js
dcs-static.gprod.postmedia.digital/14.6.4/websites/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.6.4/websites/js/46779143793836621a7b37.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.6.4/CACHE/js/shared.2bbcd3ad9e5d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
6dbeb4fdbd083a2cc1ffbdc398ecb79a1c08fb996481cbd4f83b8e0734dca35f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:20:07 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1697215742
age
610202
x-guploader-uploadid
ADPycdv7wrJWXoWVR5B6ejTJC8NRQTwGjs1eM9reOzlaZfXIqSrwMlOCUdi80qbN8mdgmKM1iCw7pXrmkoV7sMHiPpYSFQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2923
last-modified
Mon, 16 Oct 2023 17:06:53 GMT
server
UploadServer
etag
W/"794db008dc877d0721ad80600bf580d0"
vary
Accept-Encoding
x-goog-generation
1697476013765069
x-goog-hash
crc32c=SYZT1Q==, md5=eU2wCNyHfQchrYBgC/WA0A==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
9837
accept-ranges
none
xd.js
fem.gprod.postmedia.digital/v88.1/ Frame 9EB5 		51 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v88.1/xd.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v88.1/xd.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ca23ed35f9fb9d1b934686a2f2f5f2b4ba8703096de39805cecbe2407a5056fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fem.gprod.postmedia.digital/v88.1/xd.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:23:56 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1696452273
age
609973
x-guploader-uploadid
ADPycdvZ-O3EhxXrf8lmvmU3BcrD2iyAwMmgGla2b4J9rb-E4elccOY6kLMDscHcqIPDds2Tesuw6F7P9S-o8z20Ad5z5Q
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17091
last-modified
Wed, 04 Oct 2023 20:45:50 GMT
server
UploadServer
etag
W/"728ed41ebd5acd478f42cc1386de5687"
vary
Accept-Encoding
x-goog-generation
1696452350543208
x-goog-hash
crc32c=4vr+2w==, md5=co7UHr1azUePQswTht5Whw==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
51876
accept-ranges
none
db937de5f271191df6744.js
dcs-static.gprod.postmedia.digital/14.6.4/websites/js/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.6.4/websites/js/db937de5f271191df6744.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.6.4/CACHE/js/shared.2bbcd3ad9e5d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
07af69012c290d3655c6c0e638f4ac4e504d55363dff7eb7a1319615336c9fd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:16:45 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1697215743
age
610404
x-guploader-uploadid
ADPycdt-BXbGvkAyXjKpJKckMdOsRziAfhJOZBO6Qqf2_XlPiu5dcXfVZ7mxrsktdpEDqqxV3g3-79BJBTi4B0tHdHC7Xw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4394
last-modified
Mon, 16 Oct 2023 17:06:57 GMT
server
UploadServer
etag
W/"3bfbd59f97296aaf58442bbdf53f71d3"
vary
Accept-Encoding
x-goog-generation
1697476017353057
x-goog-hash
crc32c=TWNiDw==, md5=O/vVn5cpaq9YRCu99T9x0w==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
15526
accept-ranges
none
4e8720b61d861864435e36.js
dcs-static.gprod.postmedia.digital/14.6.4/websites/js/ 		224 B
264 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.6.4/websites/js/4e8720b61d861864435e36.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.6.4/CACHE/js/shared.2bbcd3ad9e5d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
da9b18821986663ec3e5f926699020bfcd9ca73aec75fbed9006866022808e8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:16:45 GMT
x-goog-meta-goog-reserved-file-mtime
1697215743
age
610404
x-guploader-uploadid
ADPycdurPeCsDkaXVNTPuep3SoamZsdHiPhjl9VX5czp7Fse6nXWgLxrjuiO_zhpJ3aHuGhK7Bxpcqokq4QeOUqMHErI3g
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
224
last-modified
Mon, 16 Oct 2023 17:06:54 GMT
server
UploadServer
etag
"087008fa497bb67bcdf1a4c150537516"
x-goog-generation
1697476014307412
x-goog-hash
crc32c=UBw1Fg==, md5=CHAI+kl7tnvN8aTBUFN1Fg==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
224
accept-ranges
bytes
a3ec7ed2dfcc00ca264c23.js
dcs-static.gprod.postmedia.digital/14.6.4/websites/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.6.4/websites/js/a3ec7ed2dfcc00ca264c23.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.6.4/CACHE/js/shared.2bbcd3ad9e5d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ce559c0f43ec2a0dc664159bd06a2ac3bd3e5fdde0958a7db9418a80b1c4cf09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:17:47 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1697215743
age
610342
x-guploader-uploadid
ADPycdu7lokqIeiEXiGNViWvzGKMAjDRQtiAEV8pdGkID_xqWL_Udtt8hqsXN65NjHTEObDzMmnFeKwAIJgKNY6LP0u77w
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2088
last-modified
Mon, 16 Oct 2023 17:06:56 GMT
server
UploadServer
etag
W/"a382b48ee1cf980223c8003d301c2f39"
vary
Accept-Encoding
x-goog-generation
1697476016332670
x-goog-hash
crc32c=TYe94Q==, md5=o4K0juHPmAIjyAA9MBwvOQ==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
6047
accept-ranges
none
pub
pixel.adsafeprotected.com/services/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=928934&slot=%7Bid:ad-1,ss:%5B1200.90,970.90,728.90%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-2,ss:%5B6.6,1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-1,ss:%5B8.8%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-3,ss:%5B7.7,1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-2,ss:%5B8.8%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-4,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-3,ss:%5B8.8%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-5,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-4,ss:%5B8.8%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-6,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-5,ss:%5B8.8%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-7,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-6,ss:%5B8.8%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-8,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-7,ss:%5B8.8%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-9,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-8,ss:%5B8.8%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-10,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=7633c11e-e252-bd14-64e4-c33b20509a2f&url=https%253A%252F%252Ftorontosun.com%252F
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.211.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-211-193.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
830803100dd79ed8f203d35255fbcdbdcf3ba529dd4f681992934682d2937cf5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:09 GMT
server
nginx
x-server-name
app06.ie.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://torontosun.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
bid
aax.amazon-adsystem.com/e/dtb/ 		64 B
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3528&u=https%3A%2F%2Ftorontosun.com%2F&pid=lGjC5UEE1wUc9&cb=0&ws=1600x1200&v=23.1010.1530&t=2000&slots=%5B%7B%22sd%22%3A%22ad-1%22%2C%22s%22%3A%5B%221200x90%22%2C%22970x90%22%2C%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22ad-2%22%2C%22s%22%3A%5B%226x6%22%2C%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-1%22%2C%22s%22%3A%5B%228x8%22%5D%7D%2C%7B%22sd%22%3A%22ad-3%22%2C%22s%22%3A%5B%227x7%22%2C%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-2%22%2C%22s%22%3A%5B%228x8%22%5D%7D%2C%7B%22sd%22%3A%22ad-4%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-3%22%2C%22s%22%3A%5B%228x8%22%5D%7D%2C%7B%22sd%22%3A%22ad-5%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-4%22%2C%22s%22%3A%5B%228x8%22%5D%7D%2C%7B%22sd%22%3A%22ad-6%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-5%22%2C%22s%22%3A%5B%228x8%22%5D%7D%2C%7B%22sd%22%3A%22ad-7%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-6%22%2C%22s%22%3A%5B%228x8%22%5D%7D%2C%7B%22sd%22%3A%22ad-8%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-7%22%2C%22s%22%3A%5B%228x8%22%5D%7D%2C%7B%22sd%22%3A%22ad-9%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-8%22%2C%22s%22%3A%5B%228x8%22%5D%7D%2C%7B%22sd%22%3A%22ad-10%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-4.fra56.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:09 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 bafba29f1325f15932567e0ae2d444a4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-amz-rid
YCTYN6S8NWX3DE9RASN6
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
uW7vZOv_iX6m6I186T7c7cEQdQ-EgkGck_WdqHtou-MCbl0LSG8PUQ==
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1954
x-jsd-version
master
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230042-FRA, cache-jnb7027-JNB
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2BEQQOMOY%2F8XwhsH3eOkunHIivtACWX180IGopar6lBrtE1Ob2gmUR5fMmt81ZbCJN0q%2BsSS2lxNftX8fWj99iJ9mQnTpRF8aJZcemyxCyz2IJac8UGJXV0JDeA498IyWV4RC%2FjnPK6B32dPBow%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
81ac2a0129ea18e3-FRA
pxid
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/v2.0/ 		46 B
392 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/v2.0/pxid?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.9.241.35.bc.googleusercontent.com
Software
Permutive /
Resource Hash
c217e950c087942f196ecb03af69d4e2266d6f7da2e4acd4bbdb3a1b879170d5

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 23 Oct 2023 18:50:09 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66
getuidj
ib.adnxs.com/ 		11 B
572 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 23 Oct 2023 18:50:09 GMT
an-x-request-uuid
ed8199a0-a715-4c5d-a6b2-86866e2fffa2
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://torontosun.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.10.197; 80.255.10.197; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
11
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
b49fc039-1d86-4bdb-b0dc-10fac9d66e68
https://torontosun.com/ 		159 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://torontosun.com/b49fc039-1d86-4bdb-b0dc-10fac9d66e68
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2a5f335a8a9b8b290b529ede633efa998182d4391e539f40b67238a0448ee72e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Length
162447
Content-Type
e1a9952a-652c-4fb8-8d2e-300980081ad4
https://torontosun.com/ 		159 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://torontosun.com/e1a9952a-652c-4fb8-8d2e-300980081ad4
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2a5f335a8a9b8b290b529ede633efa998182d4391e539f40b67238a0448ee72e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Length
162447
Content-Type
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 23 Oct 2023 18:50:09 GMT
server
ATS/9.1.10.90
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 23 Oct 2023 18:50:09 GMT
server
ATS/9.1.10.90
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 23 Oct 2023 18:50:09 GMT
server
ATS/9.1.10.90
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 23 Oct 2023 18:50:09 GMT
server
ATS/9.1.10.90
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 23 Oct 2023 18:50:09 GMT
server
ATS/9.1.10.90
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 23 Oct 2023 18:50:09 GMT
server
ATS/9.1.10.90
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 23 Oct 2023 18:50:09 GMT
server
ATS/9.1.10.90
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 23 Oct 2023 18:50:09 GMT
server
ATS/9.1.10.90
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 23 Oct 2023 18:50:09 GMT
server
ATS/9.1.10.90
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 23 Oct 2023 18:50:09 GMT
server
ATS/9.1.10.90
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 23 Oct 2023 18:50:09 GMT
server
ATS/9.1.10.90
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 23 Oct 2023 18:50:09 GMT
server
ATS/9.1.10.90
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 23 Oct 2023 18:50:09 GMT
server
ATS/9.1.10.90
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 23 Oct 2023 18:50:09 GMT
server
ATS/9.1.10.90
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 23 Oct 2023 18:50:09 GMT
server
ATS/9.1.10.90
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 23 Oct 2023 18:50:09 GMT
server
ATS/9.1.10.90
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 23 Oct 2023 18:50:09 GMT
server
ATS/9.1.10.90
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 23 Oct 2023 18:50:09 GMT
server
ATS/9.1.10.90
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
554 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=613230
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c28ae882b78ca13100834dc9427f353742caf63bb88dfd51ddad35578af27ab

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 23 Oct 2023 18:50:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o87%2Fv3wSWXZNPpWn7pJ%2BSh2uh2A8%2Fg8rbwkJulANX%2BkXAOvIKl31LQs2Gwf%2B%2BPAicq23TkQ5T1nf%2F4bOslYT3Nj%2FwoWBqqyqUjYRZmR1wqwfQlW1HdT6ZalDxH0%2B5uxqJ%2FroShQn"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://torontosun.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
81ac2a022bbf65c0-FRA
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
prebid
ib.adnxs.com/ut/v3/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
d2285d900cd4ffba600ac43f569aee827afbf9a6522e52bc7517e2f263279e11
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 23 Oct 2023 18:50:09 GMT
content-encoding
gzip
an-x-request-uuid
bf631f3d-90ed-4257-b5b3-6b506396f835
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://torontosun.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.10.197; 80.255.10.197; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		364 B
925 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
c81bfc21d22d598af44dfd8257de7701da4cddd95817c7418f3de0643d53630a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 23 Oct 2023 18:50:09 GMT
an-x-request-uuid
a76df8ef-a28e-468a-91a4-a54e4b4d299d
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://torontosun.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.10.197; 80.255.10.197; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
364
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
117 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash
6e836f518a7bf77f3cd3a2484434b3a521af6afec03b8ecd460aa0c84bab066f

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
application/json

Response headers

date
Mon, 23 Oct 2023 18:50:09 GMT
content-encoding
gzip
server
ATS/9.1.10.90
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
82
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash
e93d9c2963111a7dbcfda20bfe51b7cfc0f414a6312f8e49b2f1e3f572e9f53e

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
application/json

Response headers

date
Mon, 23 Oct 2023 18:50:09 GMT
content-encoding
gzip
server
ATS/9.1.10.90
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
125 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash
186b11319af63ea1721f331629c92791658df3c695ac434fd6e9adf647c0ab49

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
application/json

Response headers

date
Mon, 23 Oct 2023 18:50:09 GMT
content-encoding
gzip
server
ATS/9.1.10.90
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash
e5e9d922e0fb53fd9258e04d3afd2d6e566b467af5818870ce2a97adcb0a5211

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
application/json

Response headers

date
Mon, 23 Oct 2023 18:50:09 GMT
content-encoding
gzip
server
ATS/9.1.10.90
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash
d5d6ae55512477c1b5ac1f48ca7afaeba4a2f1303ba1746e0ebde556f1d6e58f

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
application/json

Response headers

date
Mon, 23 Oct 2023 18:50:09 GMT
content-encoding
gzip
server
ATS/9.1.10.90
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash
0181830d059025699d6fa80fa316f09782b0eb342b2913d114ca10c3c84bc1a8

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
application/json

Response headers

date
Mon, 23 Oct 2023 18:50:09 GMT
content-encoding
gzip
server
ATS/9.1.10.90
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash
c91cc5fe602eae98675f9ebd673221eb36dac6208a200fb402deb8092a1c777f

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
application/json

Response headers

date
Mon, 23 Oct 2023 18:50:09 GMT
content-encoding
gzip
server
ATS/9.1.10.90
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash
602801ba87bfbce0a4e7436238aa728efbe7356948b15d4b77d6a6b172e700fb

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
application/json

Response headers

date
Mon, 23 Oct 2023 18:50:09 GMT
content-encoding
gzip
server
ATS/9.1.10.90
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
341 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash
dee33f183cb48eb1c7b986a4a16b3bb7e5ab897be0607e7529fb360ed5984692

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
application/json

Response headers

date
Mon, 23 Oct 2023 18:50:09 GMT
content-encoding
gzip
server
ATS/9.1.10.90
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash
23966be124244107feca25e76a15ba53d9cd0e78cad3ef28e252482a32b2f191

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
application/json

Response headers

date
Mon, 23 Oct 2023 18:50:09 GMT
content-encoding
gzip
server
ATS/9.1.10.90
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash
d9137152d1b4c7cc373a892c237350f3e8976c3c20f4a050b412521ba16f8459

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
application/json

Response headers

date
Mon, 23 Oct 2023 18:50:09 GMT
content-encoding
gzip
server
ATS/9.1.10.90
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash
bb9b9c77d20087cc9ecfd835876be849b360a7a5bec7135eb2c9f1d2dfc3285e

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
application/json

Response headers

date
Mon, 23 Oct 2023 18:50:09 GMT
content-encoding
gzip
server
ATS/9.1.10.90
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash
58ed1b18e25607ec42f9df78bb2e16151b0a06a37aaf5f694919e124dddace55

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
application/json

Response headers

date
Mon, 23 Oct 2023 18:50:09 GMT
content-encoding
gzip
server
ATS/9.1.10.90
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash
fa7d0a82428d5c48cee1698c147855ba7b0f0b12c069637f3f2a4277a7d1723b

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
application/json

Response headers

date
Mon, 23 Oct 2023 18:50:09 GMT
content-encoding
gzip
server
ATS/9.1.10.90
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash
507a7f4fba1db3db4c412da3f80761c5375acfaaf5fc71a8b979b6904ce05f9f

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
application/json

Response headers

date
Mon, 23 Oct 2023 18:50:09 GMT
content-encoding
gzip
server
ATS/9.1.10.90
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash
224903a3774ac0a6459c4a33b621ea644c765fc783f8c7e70e43449f78924ac3

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
application/json

Response headers

date
Mon, 23 Oct 2023 18:50:09 GMT
content-encoding
gzip
server
ATS/9.1.10.90
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash
6317ec8c4a5b393a3e6d00c04f4affd86d30566cfe5d31ec9b501a99876ffb29

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
application/json

Response headers

date
Mon, 23 Oct 2023 18:50:09 GMT
content-encoding
gzip
server
ATS/9.1.10.90
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash
5def222b06bbda501f2758fa0c7366d1485623828c68f39a773b845f8ed473d3

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
application/json

Response headers

date
Mon, 23 Oct 2023 18:50:09 GMT
content-encoding
gzip
server
ATS/9.1.10.90
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
84
translator
hbopenbid.pubmatic.com/ 		0
112 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://torontosun.com
date
Mon, 23 Oct 2023 18:50:08 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		0
193 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.17.0&cb=70247940771&lsavail=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://torontosun.com
date
Mon, 23 Oct 2023 18:50:08 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
156 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.245.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-245-211.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://torontosun.com
date
Mon, 23 Oct 2023 18:50:09 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
156 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.245.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-245-211.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://torontosun.com
date
Mon, 23 Oct 2023 18:50:09 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
156 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.245.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-245-211.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://torontosun.com
date
Mon, 23 Oct 2023 18:50:09 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
156 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.245.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-245-211.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://torontosun.com
date
Mon, 23 Oct 2023 18:50:09 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
156 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.245.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-245-211.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://torontosun.com
date
Mon, 23 Oct 2023 18:50:09 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
156 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.245.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-245-211.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://torontosun.com
date
Mon, 23 Oct 2023 18:50:09 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
156 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.245.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-245-211.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://torontosun.com
date
Mon, 23 Oct 2023 18:50:09 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
156 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.245.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-245-211.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://torontosun.com
date
Mon, 23 Oct 2023 18:50:09 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
156 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.245.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-245-211.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://torontosun.com
date
Mon, 23 Oct 2023 18:50:09 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
156 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.245.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-245-211.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://torontosun.com
date
Mon, 23 Oct 2023 18:50:09 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
156 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.245.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-245-211.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://torontosun.com
date
Mon, 23 Oct 2023 18:50:09 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
156 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.245.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-245-211.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://torontosun.com
date
Mon, 23 Oct 2023 18:50:09 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.245.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-245-211.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://torontosun.com
date
Mon, 23 Oct 2023 18:50:09 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
156 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.245.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-245-211.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://torontosun.com
date
Mon, 23 Oct 2023 18:50:09 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
156 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.245.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-245-211.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://torontosun.com
date
Mon, 23 Oct 2023 18:50:09 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
156 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.245.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-245-211.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://torontosun.com
date
Mon, 23 Oct 2023 18:50:09 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
156 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.245.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-245-211.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://torontosun.com
date
Mon, 23 Oct 2023 18:50:09 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
bid
ap.lijit.com/rtb/ 		25 B
402 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.17.0
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 New York, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
bad45554710eef2281d90a8d0f813dba9f04fe01bdd6f38dea8a069a4aabb843

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

Date
Mon, 23 Oct 2023 18:50:09 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://torontosun.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
fastlane.json
fastlane.rubiconproject.com/a/api/ 		1 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14648&site_id=359816&zone_id=1939012&size_id=2%3B15%3B15%3B15%3B15%3B15%3B15%3B15%3B15%3B15&alt_size_ids=55%3B2%2C55%2C57%3B2%2C10%2C43%2C44%2C55%2C57%3B2%2C55%2C57%3B2%2C10%2C43%2C44%2C55%2C57%3B2%2C55%2C57%3B2%2C10%2C43%2C44%2C55%2C57%3B2%2C55%2C57%3B2%2C10%2C43%2C44%2C55%2C57%3B2%2C55%2C57&eid_pubcid.org=342ff2b5-8e5f-42e0-ba76-03c93567531c%5E1&rf=https%3A%2F%2Ftorontosun.com%2F&tg_i.domain=torontosun.com&tg_i.page=https%3A%2F%2Ftorontosun.com%2F&tg_i.aupname=%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex&tg_i.pbadslot=%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-1%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-2%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-native-1%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-3%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-native-2%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-4%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-native-3%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-5%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-native-4%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-6&tk_flint=dmpbjs_v8.17.0&x_source.tid=26112b4c-591b-4940-8f75-d9bb21037283&l_pb_bid_id=2425f048d399c683%3B243a7f985d501ee7%3B24411aea9d2a7bad%3B24599b9025fdceae%3B2466ea90fcd7dc0d%3B247a04842aeb0695%3B248f1f4787e2aa48%3B249e780b76c794ab%3B250df992193dbcb%3B251bd1f5f0a0dab9&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=96f6d4ec-eb16-4da1-b561-7b86c842e253%3B56ea281c-a1b8-498a-8683-6d25b33f1c3f%3B2dcb9657-e997-4a56-88de-4746dbca6a8f%3B6c2459aa-065c-4779-b560-f1568efd73be%3Beb58e175-8c04-468d-a79f-0ccd27665770%3Bcf5662e8-284a-4ca4-8bc0-d31fc4d28e2c%3Be9897f52-fe82-44e6-8f94-eddbd003e311%3B224ea7de-71ec-4ce6-97d7-22c3477d047b%3Bf742dffa-9a74-4265-a8cd-e5a75f5a74ee%3Bdaf8e218-d8c5-4da3-9eaa-bad328c8ec10&rp_hard_floor=0.36&rp_maxbids=1&p_gpid=%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-1%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-2%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-native-1%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-3%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-native-2%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-4%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-native-3%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-5%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-native-4%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-6&slots=10&rand=0.9533457147553968
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
5056dc2bb66bca02f604b3b267d97613ebe9dbf72c0047128e91029e9f5f6519

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 23 Oct 2023 18:50:10 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://torontosun.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		71 KB
25 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14648&site_id=359816&zone_id=1939012&size_id=15&alt_size_ids=2%2C10%2C43%2C44%2C55%2C57%3B2%2C55%2C57%3B2%2C10%2C43%2C44%2C55%2C57%3B2%2C55%2C57%3B2%2C10%2C43%2C44%2C55%2C57%3B2%2C55%2C57%3B2%2C10%2C43%2C44%2C55%2C57%3B2%2C55%2C57&eid_pubcid.org=342ff2b5-8e5f-42e0-ba76-03c93567531c%5E1&rf=https%3A%2F%2Ftorontosun.com%2F&tg_i.domain=torontosun.com&tg_i.page=https%3A%2F%2Ftorontosun.com%2F&tg_i.aupname=%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex&tg_i.pbadslot=%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-native-5%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-7%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-native-6%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-8%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-native-7%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-9%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-native-8%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-10&tk_flint=dmpbjs_v8.17.0&x_source.tid=26112b4c-591b-4940-8f75-d9bb21037283&l_pb_bid_id=252f8772935e2cd8%3B253b0a8afeb81f6b%3B25484a68d98f25e%3B255427fa8ece3217%3B25697d40ea21a915%3B257b46bbac380ecf%3B25847cb48c8e9dab%3B25952e9cb4292811&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=4bbddd1a-d71a-4e07-befa-4d979aeda88a%3B10cd42a7-ff57-4849-8922-324e0f37ccb9%3Bfb8dd746-e1c0-4466-b5d6-38d1efeba8d0%3B3146dea7-d9b9-436b-b180-e8f98acc2d64%3Bd0b20c8a-51d8-4912-811c-fb506c6b0847%3Bdc378ca0-ed92-4322-9787-69c5925b4edf%3Bd72bcb70-cd99-4c09-9354-898b2f594322%3B80408332-1669-4917-b4fc-334ccf62c455&rp_hard_floor=0.36&rp_maxbids=1&p_gpid=%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-native-5%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-7%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-native-6%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-8%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-native-7%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-9%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-native-8%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-10&slots=8&rand=0.9055456022030617
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f0c9c9c6a40a39485d3fee09ca6ecba5547eb1897485c44922560dd0775514b7

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 23 Oct 2023 18:50:10 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://torontosun.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebidjs
rtb.openx.net/openrtbb/ 		53 B
257 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
b26a6d19d04b16fbed25cf037d5c79a18eb64d0ef1798b9929f5aef201c30a35

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 23 Oct 2023 18:50:09 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
/
torontosun.com/api-root/media/videos/playlists/JQkbLqiZ/player/json/ 		11 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://torontosun.com/api-root/media/videos/playlists/JQkbLqiZ/player/json/
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.6.4/websites/js/46779143793836621a7b37.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.249.109 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
109.249.111.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
219e6a8d881b5508478033bfaa78ece76701ce2ddf6294a16cceafa4369b9e8e
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:09 GMT
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-content-type-options
nosniff
content-encoding
gzip
x-envoy-decorator-operation
pmd-nginx-proxy.nginx-proxy.svc.cluster.local:80/*
via
1.1 google
x-envoy-upstream-service-time
24
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
referrer-policy
strict-origin-when-cross-origin
last-modified
Monday, 23-Oct-2023 18:50:09 GMT
server
istio-envoy
x-pmd-backend
pmd-nginx-proxy-866f876f86-6d6bz
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,Accept, Cookie, Origin
content-type
application/json
allow
GET, HEAD, OPTIONS
cache-control
max-age=900,no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
permissions-policy
autoplay=(*), camera=(*), display-capture=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), microphone=(*), payment=(*)
expires
Mon, 23 Oct 2023 18:51:47 GMT
geoip
api.permutive.com/v2.0/ 		209 B
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
9d799961163bc310e9b528b76ced3dd459085488c92a0713ce48f2ee67c4a06b

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 23 Oct 2023 18:50:09 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
144
watson
api.permutive.com/v2.0/ 		281 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/watson?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
93c45b6c4d23d6de935cc95285dbd06307bb024640cb4c186ddb7cdbc091aac1

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 23 Oct 2023 18:50:09 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
208
simple
api.sail-personalize.com/v1/personalize/ 		288 B
497 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Requested by
Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash
226a80e6e859edb56cf726a6d0335c6ecf77ce3ea5a72bb7c981670dc6e669e0

Request headers

x-lib-version
v1.0.1
accept-language
de-DE,de;q=0.9
authorization
Bearer b9d3df2fccd108b5eff3c44f573b2cd6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
application/json
accept
application/json
Referer
https://torontosun.com/
x-referring-url
https://torontosun.com/

Response headers

pragma
no-cache
date
Mon, 23 Oct 2023 18:50:10 GMT
content-encoding
gzip
allowedorigins
*
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
allowedmethods
GET,OPTIONS
cache-control
no-store
access-control-allow-credentials
true
allowedheaders
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length
196
expires
-1
simple
api.sail-personalize.com/v1/personalize/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-lib-version,x-referring-url
Access-Control-Request-Method
GET
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
access-control-allow-methods
OPTIONS,GET,POST,PUT,DELETE
access-control-allow-origin
https://torontosun.com
access-control-max-age
1800
allow
HEAD,GET,OPTIONS
content-length
18
content-type
text/plain
date
Mon, 23 Oct 2023 18:50:10 GMT
23dc09d6-b664-425a-a76e-0eed6a6cc102-models.bin
cdn.permutive.com/models/v2/ 		55 KB
38 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/models/v2/23dc09d6-b664-425a-a76e-0eed6a6cc102-models.bin
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:7711 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43d60886ca625f722d5cbb36a5d7c506c89bfeeea0cbc9a17c151735c32791b6

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 23 Oct 2023 18:50:09 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-oid
23dc09d6-b664-425a-a76e-0eed6a6cc102
age
0
x-guploader-uploadid
ADPycdsQPUDN5zbez3NvjRgHi5LZDg5bXxrmBQAx7xfzMbKDS4czBCuJD83VWVQtpzWHV7GfvgSma7xMlbzdmCvi3aoggRI9825Y
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
38117
last-modified
Tue, 17 Oct 2023 06:02:11 GMT
server
cloudflare
etag
"bff3d6259f9a284fec66563c175923c4"
vary
Accept-Encoding
x-goog-generation
1697522531043185
content-type
application/x-binary
access-control-allow-origin
*
x-goog-hash
crc32c=7HQcWg==, md5=v/PWJZ+aKE/sZlY8F1kjxA==
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=900, no-transform
x-goog-stored-content-length
38117
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81ac2a033fb603d8-FRA
expires
Mon, 23 Oct 2023 18:37:43 GMT
identify
api.permutive.com/v2.0/ 		50 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
bc2f58921012cb4607a3f0dc7c1732508794f895097b6765eef95e17ecfe4ec6

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 23 Oct 2023 18:50:09 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
comscore.js
storage.googleapis.com/pmd-dev-northamerica-northeast1-asset-analytics-pub/js/ 		168 KB
168 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/pmd-dev-northamerica-northeast1-asset-analytics-pub/js/comscore.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.6.4/websites/js/89c990664a3c5e637fda35.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
276b5244682738d09b1f2ea556faf7d6d967c844fa95c762c121a0957ebe4503

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:44:02 GMT
age
367
x-guploader-uploadid
ABPtcPokB4kc0LG9X4g9zTJVwO1U8hgOI23lrVuxzZYnDAGPdaVWKVNFfJs5ZyS9nh31cw5ZzyKPUFzYUw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
171739
last-modified
Tue, 13 Sep 2022 19:04:43 GMT
server
UploadServer
etag
"702fb2c84c6e8b364a6130cb860c7987"
x-goog-generation
1663095883714722
x-goog-hash
crc32c=aQkgGQ==, md5=cC+yyExuizZKYTDLhgx5hw==
content-type
text/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
171739
accept-ranges
bytes
expires
Mon, 23 Oct 2023 19:44:02 GMT
pub
pixel.adsafeprotected.com/services/ 		298 B
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=928934&slot=%7Bid:jw-ad-1,ss:%5B640.480%5D,p:undefined,t:video%7D&wr=1600.1200&sr=1600.1200&sessionId=7633c11e-e252-bd14-64e4-c33b20509a2f&url=https%253A%252F%252Ftorontosun.com%252F
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.211.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-211-193.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
070e77f663ce94a757d2514f9f3c48eb74fda732d413e4648d8f452e5580d096

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:09 GMT
server
nginx
x-server-name
app26.ie.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://torontosun.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
xEJOYXGL-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/5InsPXkI/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/xEJOYXGL-320.jpg
29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/xEJOYXGL-320.jpg
Protocol
H2
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
07223153c92e034c016dedfaa898b45fcbb56871a1c8ba078f67556a2a90a7c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:10 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
856
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
29947
x-served-by
cache-iad-kiad7000176-IAD, cache-fra-eddf8230122-FRA
last-modified
Fri, 20 Oct 2023 23:30:54 GMT
server
nginx
x-timer
S1698087010.276809,VS0,VE2
etag
"475a40cc007e3ce3f982e4f243b58085"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
148, 1

Redirect headers

date
Mon, 23 Oct 2023 18:50:09 GMT
via
1.1 ac059d7185137233d6f58dd3345e3798.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P2
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/xEJOYXGL-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
nBeXPEuqXVLqCtqN6oZPJhm0rdbh_GJi8yhWSUbnOPHhmQaV_w18dQ==
lZkR3Uq2-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/qIddva7a/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/lZkR3Uq2-320.jpg
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/lZkR3Uq2-320.jpg
Protocol
H2
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
95e5b61dfe96ac5d56f754571e6a751a50cef585f7ca307a26b2f7d0bbbb6ace

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:10 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
856
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
15844
x-served-by
cache-iad-kiad7000063-IAD, cache-fra-eddf8230122-FRA
last-modified
Fri, 20 Oct 2023 20:36:51 GMT
server
nginx
x-timer
S1698087010.278548,VS0,VE1
etag
"b564fa40821c8cd349339bdc5f46bb38"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
17, 1

Redirect headers

date
Mon, 23 Oct 2023 18:50:09 GMT
via
1.1 ac059d7185137233d6f58dd3345e3798.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P2
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/lZkR3Uq2-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
nDNPkmwG955FfYnrRLE-r57ri_c5hEDNlEw0JgbV9SK2fCfQo5Y0qw==
kWraXbYv-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/LuZFA28Q/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/kWraXbYv-320.jpg
17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/kWraXbYv-320.jpg
Protocol
H2
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2437e6f31b0e302ef924b77a9687abcb3d397275c23db81a1076ed0a0aead607

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:10 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
427
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
17191
x-served-by
cache-iad-kjyo7100106-IAD, cache-fra-eddf8230122-FRA
last-modified
Fri, 20 Oct 2023 20:17:41 GMT
server
nginx
x-timer
S1698087010.277332,VS0,VE2
etag
"a766008b5e688d069e23516a6abd3e82"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
10, 1

Redirect headers

date
Mon, 23 Oct 2023 18:50:09 GMT
via
1.1 ac059d7185137233d6f58dd3345e3798.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P2
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/kWraXbYv-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
hK7HR-Jh-CYffdbmSw4L2DjUgtA6TUgV-GqoicXvw5LGTGMWFpiSiw==
1gwc3KrK-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/Yf1XC2k4/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/1gwc3KrK-320.jpg
43 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/1gwc3KrK-320.jpg
Protocol
H2
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0aca931187f332210b7d8f4f00d940f42dbeda0644170780ba45d6c6a8c6e487

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:10 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
647
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
43051
x-served-by
cache-iad-kiad7000021-IAD, cache-fra-eddf8230122-FRA
last-modified
Fri, 20 Oct 2023 17:41:41 GMT
server
nginx
x-timer
S1698087010.277775,VS0,VE2
etag
"4321acf86f9c19e24e07d795734c5c36"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
4, 1

Redirect headers

date
Mon, 23 Oct 2023 18:50:09 GMT
via
1.1 ac059d7185137233d6f58dd3345e3798.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P2
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/1gwc3KrK-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
t8Ah42OgK_5YPVzCTK9AEzp40gMjl5V7kOMuG2ypkAC-yientfgncA==
s5ojZEf4-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/gYeY39kv/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/s5ojZEf4-320.jpg
27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/s5ojZEf4-320.jpg
Protocol
H2
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
876dad72c8fcd96eeda8be4cb50a6114f9de42218743d3a1613d019b1d619299

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:10 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
813
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
27463
x-served-by
cache-iad-kcgs7200040-IAD, cache-fra-eddf8230122-FRA
last-modified
Thu, 19 Oct 2023 22:17:01 GMT
server
nginx
x-timer
S1698087010.278103,VS0,VE2
etag
"351c1554cc512b3c22afefd494f6c46b"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
20, 1

Redirect headers

date
Mon, 23 Oct 2023 18:50:09 GMT
via
1.1 ac059d7185137233d6f58dd3345e3798.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P2
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/s5ojZEf4-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
VWmPxn_6frqSNs5y4SLPuzCq1EwuipKUsDINFy7ZyZejRdevOr93Yg==
yLoM8dau-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/r6KmTgtP/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/yLoM8dau-320.jpg
29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/yLoM8dau-320.jpg
Protocol
H2
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
79b989418f8502a5e74df993405b7ad322113c4293e4e1fc6c4c39828075c2a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:10 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
442
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
29614
x-served-by
cache-iad-kiad7000137-IAD, cache-fra-eddf8230122-FRA
last-modified
Thu, 19 Oct 2023 19:46:47 GMT
server
nginx
x-timer
S1698087010.278394,VS0,VE16
etag
"642419583daf69ca507e91f8539ca9b0"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
63, 1

Redirect headers

date
Mon, 23 Oct 2023 18:50:09 GMT
via
1.1 ac059d7185137233d6f58dd3345e3798.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P2
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/yLoM8dau-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
Rgoh12QiMHcGBvqfm8kMSWj12yX-v4X3YQVg8V-qT8kLr-pqLJCtpA==
O4ieNkOL-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/jUQxAbsU/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/O4ieNkOL-320.jpg
25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/O4ieNkOL-320.jpg
Protocol
H2
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c59318fa5a976aa79440635feea9d1b0eb46de96f0133c069759058286af6154

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:10 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
560
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
25413
x-served-by
cache-iad-kjyo7100066-IAD, cache-fra-eddf8230122-FRA
last-modified
Thu, 19 Oct 2023 17:31:42 GMT
server
nginx
x-timer
S1698087010.277079,VS0,VE1
etag
"902a5ea8b81f9b2484f2c803b91ae761"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
56, 1

Redirect headers

date
Mon, 23 Oct 2023 18:50:09 GMT
via
1.1 ac059d7185137233d6f58dd3345e3798.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P2
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/O4ieNkOL-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
60uYKRFyZ0_IIrrRID7LKMviZsF4VyaM68Mqyv4MA0SpUeopoB8DLg==
7en9q9Iw-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/Dna87nsU/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/7en9q9Iw-320.jpg
19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/7en9q9Iw-320.jpg
Protocol
H2
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
90d7aa6ac96b93dbf49a7e7609b027fa9c32daaaf284939fcb03345d4a79bbdf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:10 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
428
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
19408
x-served-by
cache-iad-kjyo7100147-IAD, cache-fra-eddf8230122-FRA
last-modified
Thu, 19 Oct 2023 15:59:45 GMT
server
nginx
x-timer
S1698087010.280630,VS0,VE2
etag
"cbcacc13fa040115a1728e4b83779032"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
6, 1

Redirect headers

date
Mon, 23 Oct 2023 18:50:09 GMT
via
1.1 ac059d7185137233d6f58dd3345e3798.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P2
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/7en9q9Iw-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
yFbBIIVkhVkEnqKrSl8lzTBx18AeZmYEzBsTx5yNiHU-2GXwHKpmTw==
JoFyjIB7-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/abDNkQjt/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/JoFyjIB7-320.jpg
35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/JoFyjIB7-320.jpg
Protocol
H2
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
119be99222d0be6873b16f1ab556e5ed54f7a64d7bf3528064dcfab437149aa9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:10 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
815
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
35368
x-served-by
cache-iad-kcgs7200075-IAD, cache-fra-eddf8230122-FRA
last-modified
Wed, 18 Oct 2023 18:58:34 GMT
server
nginx
x-timer
S1698087010.281010,VS0,VE2
etag
"658827536ae5478896bb6fa51da6248a"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
6077, 1

Redirect headers

date
Mon, 23 Oct 2023 18:50:09 GMT
via
1.1 ac059d7185137233d6f58dd3345e3798.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P2
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/JoFyjIB7-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
mV-bce7N_N4l8IRBzDBM7l0v1F6EmaBvncCEuPjB8WeRT0XBhxA4sA==
634lTQv1-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/hWntWOSO/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/634lTQv1-320.jpg
32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/634lTQv1-320.jpg
Protocol
H2
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4992ede20f45638296e34403d29df1453b7fab9223951274ae0637d1eb33a6b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:10 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
648
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
32894
x-served-by
cache-iad-kcgs7200091-IAD, cache-fra-eddf8230122-FRA
last-modified
Mon, 23 Oct 2023 15:43:38 GMT
server
nginx
x-timer
S1698087010.280608,VS0,VE1
etag
"633a86f8006271a1756b6c67663b1970"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
70, 1

Redirect headers

date
Mon, 23 Oct 2023 18:47:17 GMT
via
1.1 ac059d7185137233d6f58dd3345e3798.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P2
age
171
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/634lTQv1-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Hit from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
Vv9jnpiXuR3NyDOKTQw77UZu_9CLzNxF0HQXu8QIZnQ-4iA1N1_m5A==
segment
api.permutive.com/adv/v2/ 		14 B
78 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/adv/v2/segment?new-session=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 23 Oct 2023 18:50:09 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14
content-type
application/json
sync
googlesync.permutive.com/v2.0/px/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=a001c47d-333e-411b-814b-f950c8d3ecc2
  • https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=a001c47d-333e-411b-814b-f950c8d3ecc2&google_tc=
  • https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEMFv-GS9fbPd2W2im2np6zI&error=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=a001c47d-333e-411b-814b-f950c8d3ecc2&google_cver=1
35 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEMFv-GS9fbPd2W2im2np6zI&error=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=a001c47d-333e-411b-814b-f950c8d3ecc2&google_cver=1
Protocol
H2
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:10 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
vary
Origin
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 23 Oct 2023 18:50:09 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEMFv-GS9fbPd2W2im2np6zI&error=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=a001c47d-333e-411b-814b-f950c8d3ecc2&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
404
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dchHpZtp.js
cdn.jwplayer.com/libraries/ 		109 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/libraries/dchHpZtp.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.6.4/websites/js/89c990664a3c5e637fda35.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2394:5a00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
e1af27d1c1580f275620e5abe619e3c1531eac5fde8d9022fb1c59a3b1d7a977

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:09 GMT
content-encoding
gzip
via
1.1 ac059d7185137233d6f58dd3345e3798.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P2
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180
x-robots-tag
noindex, indexifembedded
content-length
41627
x-amz-cf-id
ARDRha0dY7NwKrmKBCB9Qer5ZSxYp04ya7jMLUdiZ5wevWwW9O2zDA==
JQkbLqiZ
cdn.jwplayer.com/v2/playlists/ 		59 KB
9 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/v2/playlists/JQkbLqiZ
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.6.4/websites/js/a0a743a72a229993c3542.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2394:5a00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
c5d66071dcfb176c4931798a028bacd797fbf23b7aaf18f31be09a42d012b20e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:10 GMT
content-encoding
gzip
via
1.1 d46464e02ca4f5540906664a2cfbcce2.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P2
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-robots-tag
noindex, indexifembedded
content-length
8769
x-amz-cf-id
EZK6KI9qLWAKbJBRDmVtn3Xcca2XMyBDaQ7aMzVoVHWCMWTE-lUHZg==
expires
Mon, 23 Oct 2023 18:53:10
6684754e93d96dad9937.js
fem.gprod.postmedia.digital/v88.1/chunks/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v88.1/chunks/6684754e93d96dad9937.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v88.1/fem.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
d314da1c0fe98b9d700b0ea14785acd14ad4d09e989e39c8b3422c1f91db98ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:23:56 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1696452273
age
609974
x-guploader-uploadid
ADPycdtKZnQ3vfgPl_ae2bXTZqf2VzG6JB108RyFYu-95HMIJhfY_g5PAMv7395ZwzfNurnellyMg5z8FYFO3vUOxBYCyg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1102
last-modified
Wed, 04 Oct 2023 20:45:48 GMT
server
UploadServer
etag
W/"bd3d37a8cf8e04887f4a3ee2dc03dde4"
vary
Accept-Encoding
x-goog-generation
1696452348215071
x-goog-hash
crc32c=E9ySAQ==, md5=vT03qM+OBIh/Sj7i3APd5A==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
3197
accept-ranges
none
ads
securepubads.g.doubleclick.net/gampad/ 		670 KB
95 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1952604898827495&correlator=3188326113753780&output=ldjh&gdfp_req=1&vrg=202310180101&ptt=17&impl=fifs&iu_parts=3081%2CSMCO_ENUR_TSUN_EN_WEB%2Cindex&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=1200x90%7C970x90%7C728x90%2C6x6%7C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C320x50%2C7x7%7C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C320x50%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C320x50%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C320x50%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C320x50%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C320x50%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C320x50%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C320x50%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250&fluid=0%2C0%2Cheight%2C0%2Cheight%2C0%2Cheight%2C0%2Cheight%2C0%2Cheight%2C0%2Cheight%2C0%2Cheight%2C0%2Cheight%2C0&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1698087010140&lmt=1698079791&adxs=200%2C797%2C768%2C797%2C768%2C200%2C768%2C200%2C768%2C200%2C768%2C200%2C768%2C200%2C768%2C200%2C768%2C200&adys=154%2C1615%2C2183%2C3221%2C4053%2C4079%2C4652%2C4420%2C5045%2C4761%2C5330%2C5102%2C5678%2C5443%2C6012%2C5784%2C6309%2C6125&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7C10%7C11%7C12%7C13%7C14%7C15%7C16%7C17&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg%7Ch%7Ci&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Ftorontosun.com%2F&vis=1&psz=1600x90%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250&msz=1600x-1%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1&fws=4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4&ohw=1600%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600&ga_vid=902897307.1698087010&ga_sid=1698087010&ga_hid=1585049294&ga_fc=false&a3p=EjsKCnB1YmNpZC5vcmcSJDM0MmZmMmI1LThlNWYtNDJlMC1iYTc2LTAzYzkzNTY3NTMxYxiz-_3utTFIAA..&dlt=1698087008952&idt=451&prev_scp=loc%3D1%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Dfd8b8b00-71d4-11ee-a6ae-0a55872b6571%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%2C90%7Cloc%3D2%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Dfd8b8b01-71d4-11ee-a6ae-0a55872b6571%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%7Cslot%3Dinfeed%26loc%3D1%26amznbid%3D2%26amznp%3D2%26id%3Dfd8b8b02-71d4-11ee-a6ae-0a55872b6571%7Cloc%3D3%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Dfd8b8b03-71d4-11ee-a6ae-0a55872b6571%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%2C80%7Cslot%3Dinfeed%26loc%3D2%26amznbid%3D2%26amznp%3D2%26id%3Dfd8b8b04-71d4-11ee-a6ae-0a55872b6571%7Cloc%3D4%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Dfd8b8b05-71d4-11ee-a6ae-0a55872b6571%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%2C50%7Cslot%3Dinfeed%26loc%3D3%26amznbid%3D2%26amznp%3D2%26id%3Dfd8b8b06-71d4-11ee-a6ae-0a55872b6571%7Cloc%3D5%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Dfd8b8b07-71d4-11ee-a6ae-0a55872b6571%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%2C50%7Cslot%3Dinfeed%26loc%3D4%26amznbid%3D2%26amznp%3D2%26id%3Dfd8b8b08-71d4-11ee-a6ae-0a55872b6571%7Cloc%3D6%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Dfd8b8b09-71d4-11ee-a6ae-0a55872b6571%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%2C50%7Cslot%3Dinfeed%26loc%3D5%26amznbid%3D2%26amznp%3D2%26id%3Dfd8b8b0a-71d4-11ee-a6ae-0a55872b6571%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.57%26hb_adid%3D283c9b4ed7043ac6%26hb_bidder%3Drubicon%7Cloc%3D7%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Dfd8b8b0b-71d4-11ee-a6ae-0a55872b6571%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%2C50%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.50%26hb_adid%3D285e98122ae12d17%26hb_bidder%3Drubicon%7Cslot%3Dinfeed%26loc%3D6%26amznbid%3D2%26amznp%3D2%26id%3Dfd8b8b0c-71d4-11ee-a6ae-0a55872b6571%7Cloc%3D8%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Dfd8b8b0d-71d4-11ee-a6ae-0a55872b6571%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%2C50%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.60%26hb_adid%3D282a2340504f01f1%26hb_bidder%3Drubicon%7Cslot%3Dinfeed%26loc%3D7%26amznbid%3D2%26amznp%3D2%26id%3Dfd8b8b0e-71d4-11ee-a6ae-0a55872b6571%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.87%26hb_adid%3D280f3ed1c3d6c883%26hb_bidder%3Drubicon%7Cloc%3D9%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Dfd8b8b0f-71d4-11ee-a6ae-0a55872b6571%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%2C50%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.53%26hb_adid%3D284773cf839784b7%26hb_bidder%3Drubicon%7Cslot%3Dinfeed%26loc%3D8%26amznbid%3D2%26amznp%3D2%26id%3Dfd8b8b10-71d4-11ee-a6ae-0a55872b6571%7Cloc%3D10%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Dfd8b8b11-71d4-11ee-a6ae-0a55872b6571%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%2C50%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.61%26hb_adid%3D281d3a106a4f3133%26hb_bidder%3Drubicon&cust_params=permutive%3D96400%252Crts%26prmtvvid%3Dca668033-5241-4b51-9e90-6d2aeff86c04%26prmtvwid%3D23dc09d6-b664-425a-a76e-0eed6a6cc102%26no_pol%3Dtrue%26page%3Dindex%26pr%3Dtsun%26sensitive%3Dn%26negative%3Dn%26et%3Dsm%26ck%3Dindex%26imp%3Dindex%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3Dlow%26ias-kw%3D%26prmtvsdk%3Dweb&adks=913967088%2C1205333068%2C3841865907%2C4150895342%2C3841865906%2C225519802%2C3841865917%2C225519797%2C3841865916%2C225519796%2C3841865919%2C225519799%2C3841865918%2C225519798%2C3841865913%2C225519793%2C3841865912%2C3169864135&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
413dc68c9b72121d1b30623b1ded0f17a0b41bbd4bf9dcf0e3923d6f32116e45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:10 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,71397,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
97223
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1,-1,-1,-2,-1,-2,-1,-2,6121373163,-2,6122671129,-2,6123534194,-2,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,-1,-1,-1,-1,-2,-1,-2,-1,-2,138406246674,-2,138406246677,-2,138406246893,-2,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://torontosun.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310180101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47b4298117139d672739fe4ab41096e5ebcfedc6df564c3640d2aa085dfb2251
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:10 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12222
x-xss-protection
0
container.html
c8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BE00 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 23 Oct 2023 18:50:10 GMT
expires
Tue, 22 Oct 2024 18:50:10 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
login
postmedia.hub.loginradius.com/ssologin/ 		38 B
548 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v88.1/fem.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.185.12.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-12-185.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
application/json

Response headers

Date
Mon, 23 Oct 2023 18:50:10 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Server
nginx
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,OPTIONS, POST, GET, PUT, OPTIONS, DELETE
Content-Type
application/json
Access-Control-Allow-Origin
https://torontosun.com
X-LoginRadius-Server
Primary - IDX - AWS
Access-Control-Allow-Credentials
true
X-Server
ms_idx_primary
Connection
keep-alive
Content-Length
38
login
postmedia.hub.loginradius.com/ssologin/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.185.12.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-12-185.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,OPTIONS POST, GET, PUT, OPTIONS, DELETE
Access-Control-Allow-Origin
https://torontosun.com
Connection
keep-alive
Date
Mon, 23 Oct 2023 18:50:10 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-LoginRadius-Server
Primary - IDX - AWS
X-Server
ms_idx_primary
googima.js
ssl.p.jwpcdn.com/player/v/8.29.0/ 		74 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.29.0/googima.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/dchHpZtp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
105933481e535b109533e3cc21dbd150a4e91de57a58cb25b3d705cb22f5d989

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:10 GMT
content-encoding
gzip
via
1.1 varnish
age
78553
x-cache
HIT
content-length
22437
x-served-by
cache-fra-eddf8230122-FRA
last-modified
Mon, 02 Oct 2023 22:03:25 GMT
server
AmazonS3
x-timer
S1698087010.293280,VS0,VE0
etag
"2fe1c579d9356ff9521421da65df30f8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, immutable
accept-ranges
bytes
x-cache-hits
8416
jwpsrv.js
ssl.p.jwpcdn.com/player/v/8.29.0/ 		64 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.29.0/jwpsrv.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/dchHpZtp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cce768cee839e01c304a426f0dbce4298f6024d856d1abe69efe450ac35863b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:10 GMT
content-encoding
gzip
via
1.1 varnish
age
844
x-cache
HIT
content-length
19606
x-served-by
cache-fra-eddf8230122-FRA
last-modified
Mon, 02 Oct 2023 22:03:26 GMT
server
AmazonS3
x-timer
S1698087010.292921,VS0,VE0
etag
"3ce929563cdc089513e92ce60145673b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, immutable
accept-ranges
bytes
x-cache-hits
531
jwplayer.core.controls.js
ssl.p.jwpcdn.com/player/v/8.29.0/ 		318 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.29.0/jwplayer.core.controls.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/dchHpZtp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9c4716092f12c43127bde81ec43d177867923da7a413316d9d0a1c8459943c1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:10 GMT
content-encoding
gzip
via
1.1 varnish
age
1710816
x-cache
HIT
content-length
85285
x-served-by
cache-fra-eddf8230122-FRA
last-modified
Mon, 02 Oct 2023 22:03:18 GMT
server
AmazonS3
x-timer
S1698087010.293274,VS0,VE0
etag
"5f1aa3e16060fbd8fe0bd3918d8a43e3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
72701
JQkbLqiZ
cdn.jwplayer.com/v2/playlists/ 		59 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/v2/playlists/JQkbLqiZ
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/dchHpZtp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2394:5a00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
c5d66071dcfb176c4931798a028bacd797fbf23b7aaf18f31be09a42d012b20e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:10 GMT
content-encoding
gzip
via
1.1 d46464e02ca4f5540906664a2cfbcce2.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P2
x-cache
Hit from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-robots-tag
noindex, indexifembedded
content-length
8769
x-amz-cf-id
A9yZYmXgCR9QcqlPV6e1w85xm5_-eKZbX6XbjUBr3RZsYCpBnIXYfA==
expires
Mon, 23 Oct 2023 18:53:10
provider.hlsjs.js
ssl.p.jwpcdn.com/player/v/8.29.0/ 		413 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.29.0/provider.hlsjs.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/dchHpZtp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0d76cb17b3bd9640de472967669e9fd1fc906ff36dad542c4ba7fbda863dd0e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:10 GMT
content-encoding
gzip
via
1.1 varnish
age
1720139
x-cache
HIT
content-length
126154
x-served-by
cache-fra-eddf8230122-FRA
last-modified
Mon, 02 Oct 2023 22:03:21 GMT
server
AmazonS3
x-timer
S1698087010.316253,VS0,VE0
etag
"8c1d575c2d94e44fc03052842279a635"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
63462
EP4j6LNJEeu2Q2J+7u8ONQ.json
entitlements.jwplayer.com/ 		69 B
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://entitlements.jwplayer.com/EP4j6LNJEeu2Q2J+7u8ONQ.json
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/dchHpZtp.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.243 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frb/67A5) /
Resource Hash
5427e10c23520fbca480e8750c7e03dc2858eee594081879ea72a559bbd9fa81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:10 GMT
content-encoding
gzip
last-modified
Mon, 23 Oct 2023 18:48:02 GMT
server
ECAcc (frb/67A5)
age
128
vary
Accept-Encoding
x-cache
HIT
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1800, s-maxage=10380
accept-ranges
bytes
content-length
80
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		362 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/dchHpZtp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e8d2516036834f2e64ed6a774c7ddc6f737fc79d85f7b6eb01ef1c4bb726ee4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127088
x-xss-protection
0
expires
Mon, 23 Oct 2023 18:50:10 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 23 Oct 2023 18:50:10 GMT
events
api.permutive.com/v2.0/batch/ 		101 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
56df44dcc95d7ced101bea8a0964e58f4d499b8090a7beccd4cc659d25be873c

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 23 Oct 2023 18:50:10 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
EdGjRjsz.srt
assets-jpcust.jwpsrv.com/tracks/
Redirect Chain
  • https://cdn.jwplayer.com/tracks/EdGjRjsz.srt
  • https://assets-jpcust.jwpsrv.com/tracks/EdGjRjsz.srt
17 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets-jpcust.jwpsrv.com/tracks/EdGjRjsz.srt
Protocol
H2
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c0305ea37f813c5c3a4ef01059cb6d31958b121d584fec3ebcdcaa21182d0759

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:10 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
466
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
6511
x-served-by
cache-iad-kcgs7200056-IAD, cache-fra-eddf8230041-FRA
last-modified
Mon, 23 Oct 2023 15:47:45 GMT
server
nginx
x-timer
S1698087011.538647,VS0,VE8
etag
"36584449781ef99cda1fd211fa24613d"
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
59, 1

Redirect headers

date
Mon, 23 Oct 2023 18:50:10 GMT
via
1.1 d46464e02ca4f5540906664a2cfbcce2.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P2
x-cache
Miss from cloudfront
content-type
text/html
location
https://assets-jpcust.jwpsrv.com/tracks/EdGjRjsz.srt
access-control-allow-origin
*
x-robots-tag
noindex, indexifembedded
content-length
166
x-amz-cf-id
o27e7fMR8GSrUln4S9ROWxvi9tyZXrjXhmaPQr65M6dc5H_1zdbNEA==
polyfills.webvtt.js
ssl.p.jwpcdn.com/player/v/8.29.0/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.29.0/polyfills.webvtt.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/dchHpZtp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7532e5d50a7ff54a07a11ca11dd5374299bfe20df5b5362ffae6e60dd21c1b01

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:10 GMT
content-encoding
gzip
via
1.1 varnish
age
1719973
x-cache
HIT
content-length
4510
x-served-by
cache-fra-eddf8230122-FRA
last-modified
Mon, 02 Oct 2023 22:03:20 GMT
server
AmazonS3
x-timer
S1698087010.413757,VS0,VE0
etag
"70e8b3e7ab45a0720d835735f266b928"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
11342
hWntWOSO-120.vtt
assets-jpcust.jwpsrv.com/strips/
Redirect Chain
  • https://cdn.jwplayer.com/strips/hWntWOSO-120.vtt
  • https://assets-jpcust.jwpsrv.com/strips/hWntWOSO-120.vtt
5 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets-jpcust.jwpsrv.com/strips/hWntWOSO-120.vtt
Protocol
H2
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b8e1e7ef9a3a7d25200da1e6d25b8bff7b7e64ea52de2f53cd4a2e573417e810

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:10 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
465
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
953
x-served-by
cache-iad-kjyo7100103-IAD, cache-fra-eddf8230041-FRA
last-modified
Mon, 23 Oct 2023 15:42:02 GMT
server
nginx
x-timer
S1698087011.515383,VS0,VE96
etag
"4f25a2e5d4e65a59e8d2123bdf6509ca"
vary
Accept-Encoding
content-type
text/vtt
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
57, 1

Redirect headers

date
Mon, 23 Oct 2023 18:47:19 GMT
via
1.1 d46464e02ca4f5540906664a2cfbcce2.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P2
age
171
x-cache
Hit from cloudfront
content-type
text/html
location
https://assets-jpcust.jwpsrv.com/strips/hWntWOSO-120.vtt
access-control-allow-origin
*
x-robots-tag
noindex, indexifembedded
content-length
166
x-amz-cf-id
uuE68cv7sKtYvVcr58nAinhhM5hOOVIFnPFzNxOoWh4-w-fkIJbzXw==
provider.cast.js
ssl.p.jwpcdn.com/player/v/8.29.0/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.29.0/provider.cast.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/dchHpZtp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c470f5269cbf861321afe03dc2db7a3c691b4d4aebec846e2adc28e221200bff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:10 GMT
content-encoding
gzip
via
1.1 varnish
age
559068
x-cache
HIT
content-length
10036
x-served-by
cache-fra-eddf8230122-FRA
last-modified
Mon, 02 Oct 2023 22:03:21 GMT
server
AmazonS3
x-timer
S1698087010.453566,VS0,VE0
etag
"86aae4eb26409f98d6e1dc10184c2dc9"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
39300
related.js
ssl.p.jwpcdn.com/player/v/8.29.0/ 		103 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.29.0/related.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/dchHpZtp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4764187b9b40abb4f95c07944d8b09658af59469609b4c3da568301e65c9fe27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:10 GMT
content-encoding
gzip
via
1.1 varnish
age
1720138
x-cache
HIT
content-length
25137
x-served-by
cache-fra-eddf8230122-FRA
last-modified
Mon, 02 Oct 2023 22:03:23 GMT
server
AmazonS3
x-timer
S1698087010.453926,VS0,VE0
etag
"af698803a5b3dd71dfd6367c59524de8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
76244
hWntWOSO.m3u8
cdn.jwplayer.com/manifests/ 		2 KB
780 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/manifests/hWntWOSO.m3u8
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.29.0/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2394:5a00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
d67d60068f5c9f58f9cdb6fb030e7cf2bc2f1bd9e63c765c37f766ed4c183cb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:10 GMT
content-encoding
gzip
via
1.1 d46464e02ca4f5540906664a2cfbcce2.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P2
x-cache
Miss from cloudfront
content-type
application/vnd.apple.mpegurl; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180
x-robots-tag
noindex, indexifembedded
content-length
429
x-amz-cf-id
1nVQ7M94uRhmiJGJwGBNCFM5X2_ndYkEyQ9dlqidQPLj4e0cla4G9g==
634lTQv1-720.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/hWntWOSO/poster.jpg?width=720
  • https://assets-jpcust.jwpsrv.com/thumbnails/634lTQv1-720.jpg
102 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/634lTQv1-720.jpg
Protocol
H2
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bf8cc7bc9819882d69b9f80140c7b8d9315f840ee9522e5227e5cbcd42124d0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:10 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
369
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
104212
x-served-by
cache-iad-kcgs7200111-IAD, cache-fra-eddf8230122-FRA
last-modified
Mon, 23 Oct 2023 15:43:38 GMT
server
nginx
x-timer
S1698087011.530433,VS0,VE2
etag
"0a05509ed5dbac4b28f2eb0a58ddba00"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
38, 1

Redirect headers

date
Mon, 23 Oct 2023 18:47:19 GMT
via
1.1 ac059d7185137233d6f58dd3345e3798.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P2
age
171
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/634lTQv1-720.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Hit from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
AeIOwpj33RzGwzsYRCUqyq-bBTjTaPUUHpTsfbaF3lcIVALB-P_Lng==
634lTQv1-640.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/hWntWOSO/poster.jpg?width=640
  • https://assets-jpcust.jwpsrv.com/thumbnails/634lTQv1-640.jpg
86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/634lTQv1-640.jpg
Protocol
H2
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bf4ee5152a160e2110f97197e59bcff84700f33e6c1e7617224824ff702e4478

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:10 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
189
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
88372
x-served-by
cache-iad-kcgs7200070-IAD, cache-fra-eddf8230122-FRA
last-modified
Mon, 23 Oct 2023 15:43:38 GMT
server
nginx
x-timer
S1698087011.597522,VS0,VE3
etag
"54d0f04aa206cb35785e1d3591e64338"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
23, 1

Redirect headers

date
Mon, 23 Oct 2023 18:50:10 GMT
via
1.1 ac059d7185137233d6f58dd3345e3798.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P2
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/634lTQv1-640.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
ezAqomwnp8invr-gESgu8fTpxhp0VKNya6Jjw86I_Yi_5gkeTV1iug==
ping.gif
prd.jwpltx.com/v1/jwplayer6/ 		0
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prd.jwpltx.com/v1/jwplayer6/ping.gif?h=-1654237118&e=e&n=3601545595602103&abc=0&aid=EP4j6LNJEeu2Q2J%2B7u8ONQ&amp=0&ask=1J8JX5g6&at=1&c=1&ccp=0&cp=0&d=0&eb=0&ed=6&emi=q0mwxzcxwzzp&i=0&id=hWntWOSO&lid=gr6bny1i6476&lsa=set&mt=0&pbd=1&pbr=1&pgi=1b2o4i41fsol&ph=1&pid=dchHpZtp&pii=0&pl=282&plc=20&pli=1xhu1l519g3w&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&pu=https%3A%2F%2Ftorontosun.com%2F&pv=8.29.0&pyc=0&s=0&sdk=0&stc=1&stpe=0&t=Off%20The%20Post%3A%20Is%20there%20a%20changing%20of%20the%20guard%20in%20the%20Atlantic%20Division%3F&tv=3.43.0&vb=1&vi=1&vl=90&wd=501&ab=1&cae=0&cb=1&cdid=leadVideoIFrameHeadline&cme=0&dd=1&fed=JQkbLqiZ&flc=1&fv=&ga=0&lng=en-CA&mk=hls&mu=https%3A%2F%2Fcdn.jwplayer.com%2Fmanifests%2FhWntWOSO.m3u8&pbc=0&pd=2&pdr=&plng=en-CA&plt=950&pni=1&po=0&pogt=%20Toronto%20Sun&rf=%2F%2Fcdn.jwplayer.com%2Fv2%2Fplaylists%2F4KFQF7jC%3Frelated_media_id%3DMEDIAID&sn=%7B%22controlbar%22%3A%7B%22background%22%3A%22rgba(0%2C0%2C0%2C0)%22%2C%22icons%22%3A%22rgba(255%2C255%2C255%2C0.8)%22%2C%22iconsActive%22%3A%22%23FFFFFF%22%2C%22text%22%3A%22%23FFFFFF%22%7D%2C%22menus%22%3A%7B%22background%22%3A%22%23333333%22%2C%22text%22%3A%22rgba(255%2C255%2C255%2C0.8)%22%2C%22textActive%22%3A%22%23FFFFFF%22%7D%2C%22timeslider%22%3A%7B%22progress%22%3A%22%23F2F2F2%22%2C%22rail%22%3A%22rgba(255%2C255%2C255%2C0.3)%22%7D%2C%22tooltips%22%3A%7B%22background%22%3A%22%23FFFFFF%22%2C%22text%22%3A%22%23000000%22%7D%7D&sp=0&st=170&sa=1698087010457
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230122-FRA
date
Mon, 23 Oct 2023 18:50:10 GMT
via
1.1 varnish
server
nginx
accept-ranges
bytes
x-cache
MISS
x-cache-hits
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4F2F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1514
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 23 Oct 2023 18:24:56 GMT
expires
Tue, 22 Oct 2024 18:24:56 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8DFD 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
07757295204ff32918c99bbdc8dbd90dd1f40b5f12cf7e6ba50e33b40284c72d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-YbIp2z1sbJSDz0uKtugEMA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-YbIp2z1sbJSDz0uKtugEMA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 23 Oct 2023 18:50:10 GMT
expires
Mon, 23 Oct 2023 18:50:10 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/dchHpZtp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 23 Oct 2023 18:50:10 GMT
load
experience.tinypass.com/xbuilder/experience/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://experience.tinypass.com/xbuilder/experience/load?aid=KlFb8Hg2nS
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v88.1/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0876b1b660da79fad9471d3e15816803e4c8f066cba866063bca01f316f7ec93
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
date
Mon, 23 Oct 2023 18:50:10 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Oct 2023 18:45:17 GMT
server
cloudflare
age
293
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=1800
cf-ray
81ac2a08ce118fe0-FRA
alt-svc
h3=":443"; ma=86400
x-request-id
y3g9s1bzcu
expires
Mon, 23 Oct 2023 19:20:10 GMT
vf-v2.js
cdn.viafoura.net/ 		841 KB
197 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/vf-v2.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v88.1/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:cc00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
db96d7f33dc3879960203d2b7e8554cfd32346483db10b9d6e3f17d96ae22e09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
8rE3jSzH0ZsR02nPu3M9oxppV3PBeDaz
content-encoding
br
via
1.1 4bc1976da553dde6dd59c4ea33001b72.cloudfront.net (CloudFront)
date
Mon, 23 Oct 2023 18:46:21 GMT
x-amz-cf-pop
PRG50-C1
age
233
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 19 Oct 2023 19:20:49 GMT
server
AmazonS3
etag
W/"be798ee6930d7917f07f22795e90b3aa"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
x-amz-cf-id
p0iOsnNSOkJwsnD0JYlzUq1jQ7YFrsoBVq3LIWqup2nuCV6yadbGqw==
gtm.js
www.googletagmanager.com/ 		415 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v88.1/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
252a6a463b13fe14ce9ae7efd43b6d9f04ba2c9a297c4486008d0b48aa15c56e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
115211
x-xss-protection
0
last-modified
Mon, 23 Oct 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 23 Oct 2023 18:50:10 GMT
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v88.1/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-90.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 07:14:51 GMT
content-encoding
gzip
via
1.1 372875ad1ec20daf24f3f29f14a73cd0.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jul 2023 22:21:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
41720
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
tkx8cncqmJyw8k_AOQV6CqcrRKaGf61nFy0beGUOW4Qy7MprC4RX0A==
mparticle.js
jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/ 		287 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v88.1/fem.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
40ff50af720e02cfd6a4c63305d9d4a36bfbd5b390648225ab530218628a9f06

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-served-by
cache-iad-kcgs7200117-IAD, cache-fra-eddf8230117-FRA
date
Mon, 23 Oct 2023 18:50:10 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
server
Kestrel
age
129
x-timer
S1698087011.743838,VS0,VE2
x-origin-name
fastlyshield--shield_ssl_cache_iad_kcgs7200117_IAD
x-cache
HIT, HIT
content-type
application/javascript
vary
Accept, Accept-Encoding
cache-control
public, max-age=3600
accept-ranges
bytes
content-length
97381
x-cache-hits
4, 1
gtm.js
www.googletagmanager.com/ 		152 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v88.1/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f1edf77f9ebe3c2c2f5e0794fee509b7b240ab9791e113d08b9404d34b7ad7bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50421
x-xss-protection
0
last-modified
Mon, 23 Oct 2023 18:07:41 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 23 Oct 2023 18:50:10 GMT
kdR3Uc-Lch-XuU6BJZRbuWDa0aJJ9it8wzNxgvcOl3M.js
pagead2.googlesyndication.com/bg/ Frame 4F2F 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/kdR3Uc-Lch-XuU6BJZRbuWDa0aJJ9it8wzNxgvcOl3M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
91d47751cf8b721f97b94e8125945bb960dad1a249f62b7cc3337182f70e9773
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 16:58:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
6700
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14703
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 22 Oct 2024 16:58:30 GMT
hWntWOSO-120.jpg
assets-jpcust.jwpsrv.com/strips/
Redirect Chain
  • https://cdn.jwplayer.com/strips/hWntWOSO-120.jpg
  • https://assets-jpcust.jwpsrv.com/strips/hWntWOSO-120.jpg
220 KB
219 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/strips/hWntWOSO-120.jpg
Protocol
H2
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6890863b82babe5311bd1d6dba85c3c2aa8bcdadb56b35a7b5418457321dc35c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:10 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
812
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
224411
x-served-by
cache-iad-kjyo7100041-IAD, cache-fra-eddf8230122-FRA
last-modified
Mon, 23 Oct 2023 15:42:03 GMT
server
nginx
x-timer
S1698087011.755356,VS0,VE2
etag
"4bf3d9f424c0d0511eb46bef4587fb99"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
40, 1

Redirect headers

date
Mon, 23 Oct 2023 18:50:10 GMT
via
1.1 ac059d7185137233d6f58dd3345e3798.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P2
x-cache
Miss from cloudfront
content-type
text/html
location
https://assets-jpcust.jwpsrv.com/strips/hWntWOSO-120.jpg
access-control-allow-origin
*
x-robots-tag
noindex, indexifembedded
content-length
166
x-amz-cf-id
FiCZrs8a0u2aFzLcHI3kB25a7ERepCa7OlWBCRnB5cXsRMszqQS8Jg==
manifest-audio_eng=112001-video_eng=183990.m3u8
videos-cloudfront-usp.jwpsrv.com/65376922_e585fd33a38c5b35288364deb5f4bf7bf16431ba/site/ReDAXyY4/media/hWntWOSO/version/hWntWOSO/manifest.ism/ 		11 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://videos-cloudfront-usp.jwpsrv.com/65376922_e585fd33a38c5b35288364deb5f4bf7bf16431ba/site/ReDAXyY4/media/hWntWOSO/version/hWntWOSO/manifest.ism/manifest-audio_eng=112001-video_eng=183990.m3u8
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.29.0/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:d000:2:cecb:23c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
326e1b254dca858716c5825b3d6c59ebdaac58ddacacd3d87bc6977314be4626

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 15:45:48 GMT
via
1.1 4a95385e61c9df8f5f8de6338a3fe59a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
11062
x-cache
Hit from cloudfront
content-length
11759
server
Apache
etag
"usp-7E830AF9"
vary
Accept-Encoding
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
access-control-expose-headers
server,range,date,x-cdn-forward
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
origin, range, x-cdn-forward
x-amz-cf-id
N4li7dv_vi8fISIGnE2ybBt5nfCeZycNJqQGrrf9mDNJmdWZw3C39Q==
cast_framework.js
www.gstatic.com/cast/sdk/libs/sender/1.0/ 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12197
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 23:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="chrome-dongle"
vary
Accept-Encoding
report-to
{"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type
text/javascript
cache-control
private, max-age=0
accept-ranges
bytes
expires
Mon, 23 Oct 2023 18:50:10 GMT
cast_sender.js
www.gstatic.com/eureka/clank/118/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/118/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e99e1ceb5d2b6483d5cf48bff61db9da00db6cb806b7aa2e0f22f87a787e0d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 15:57:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10384
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14707
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 15:06:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Tue, 24 Oct 2023 15:57:06 GMT
tinypass.min.js
cdn.tinypass.com/api/ 		356 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tinypass.com/api/tinypass.min.js?version=2
Requested by
Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=KlFb8Hg2nS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df56f5915568b16fcbf7ddb9a0dd9461e271dbb63311f3b57ae2bfaa53ed9508
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:10 GMT
x-amz-version-id
9h76hRPp2rHYvDuPI3US.bTTiyhAHDkX
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=86400; includeSubDomains
x-amz-request-id
P4JHJQGJWY3XSJN5
age
8268
x-amz-server-side-encryption
AES256
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
m076d0uUcxXZG6XORMffEBUK8KGVZzi4eEi0iefzIzM3E+Lzgb/STdXFNE32aIG7lcmzGmRiLbI=
last-modified
Mon, 23 Oct 2023 08:27:56 GMT
server
cloudflare
etag
W/"db536c627500a2f673f2ef29a1ee53ef"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
81ac2a093e988fe0-FRA
expires
Mon, 23 Oct 2023 22:50:10 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8DFD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310180101&jk=1952604898827495&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
manifest-audio_eng=112001-video_eng=183990-1.ts
videos-cloudfront-usp.jwpsrv.com/65376922_e585fd33a38c5b35288364deb5f4bf7bf16431ba/site/ReDAXyY4/media/hWntWOSO/version/hWntWOSO/manifest.ism/ 		227 KB
227 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://videos-cloudfront-usp.jwpsrv.com/65376922_e585fd33a38c5b35288364deb5f4bf7bf16431ba/site/ReDAXyY4/media/hWntWOSO/version/hWntWOSO/manifest.ism/manifest-audio_eng=112001-video_eng=183990-1.ts
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.29.0/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:d000:2:cecb:23c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
07ade38cead1a60fc075f6e28db0bfcaa1eb290427e88dab751ad233220e7424

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 15:45:49 GMT
via
1.1 4a95385e61c9df8f5f8de6338a3fe59a.cloudfront.net (CloudFront)
x-usp-info1
t=1970-01-01T00:00:00Z lookahead=2
x-amz-cf-pop
FRA56-P7
age
11061
x-cache
Hit from cloudfront
content-length
231992
server
Apache
etag
"usp-6F84F2F7"
content-type
video/MP2T
access-control-allow-origin
*
access-control-expose-headers
server,range,date,x-cdn-forward
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
link
<manifest-audio_eng=112001-video_eng=183990-2.ts>; rel="next"
access-control-allow-headers
origin, range, x-cdn-forward
x-amz-cf-id
meWIV6R1ybdGkGQpNl3xmni4yMLgoZW60yCBxGB9lTlr3NnnL_hoYQ==
gtm.js
www.googletagmanager.com/ 		118 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KJC8VVB&l=gtm_data_layer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dc36025a2e4956fdc7e586b66fb17ccf815b1a392a151a3d0fe0771fa962a828
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46164
x-xss-protection
0
last-modified
Mon, 23 Oct 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 23 Oct 2023 18:50:10 GMT
gtm.js
www.googletagmanager.com/ 		312 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4d1a44cd71b7bf19492c617f86c77dff3ad7435b8ef1335bc4411239a4fcf0e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94608
x-xss-protection
0
last-modified
Mon, 23 Oct 2023 18:07:41 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 23 Oct 2023 18:50:10 GMT
bridge3.597.0_en_ca.html
imasdk.googleapis.com/js/core/ Frame 58E3 		750 KB
241 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.597.0_en_ca.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3899cbeb9d3eab64577dadc7fd5c83da7ed53fba97b4c8d3db0d693a23cb0dc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
252949
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
246150
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Fri, 20 Oct 2023 20:34:21 GMT
expires
Sat, 19 Oct 2024 20:34:21 GMT
last-modified
Fri, 20 Oct 2023 19:28:50 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 23 Oct 2023 18:50:10 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame CFB9 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:01:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2891
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 23 Oct 2023 19:01:59 GMT
df962e91-cad6-46b6-8606-0eb878ed7e1a
https://torontosun.com/ 		366 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://torontosun.com/df962e91-cad6-46b6-8606-0eb878ed7e1a
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
943030a2bb4a69de7b031fefa25844e7cfd27154a2ba1f4b05d180a55273ab21

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Length
374591
Content-Type
text/javascript
v2
api.viafoura.co/v2/torontosun.com/bootstrap/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/torontosun.com/bootstrap/v2
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4846:83a2:ca80:55fb:13bf Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
5a2a34f6d11bce48c5770c5efd9f993a708646588c2db29f33e666e2a3463851

Request headers

Accept
application/json, text/plain, */*
Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

x-instance-id
i-0aae0e571c2b83bb1
pragma
no-cache
date
Mon, 23 Oct 2023 18:50:11 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://torontosun.com
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Mon, 23 Oct 2023 18:50:11 GMT
v2
api.viafoura.co/v2/torontosun.com/bootstrap/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/torontosun.com/bootstrap/v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4846:83a2:ca80:55fb:13bf Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
access-control-allow-origin
https://torontosun.com
access-control-max-age
1728000
cache-control
max-age=0
date
Mon, 23 Oct 2023 18:50:11 GMT
expires
Mon, 23 Oct 2023 18:50:11 GMT
server
nginx/1.18.0 (Ubuntu)
fbevents.js
connect.facebook.net/en_US/ 		199 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0ec8bc3ef1eb0c6ff43a2f94234c9487df3bf5e5f6b511693ca32cbb89bb665d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 23 Oct 2023 18:50:11 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
53588
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
hcy8SBBFy2EMeePg75kwNtnmOOC+LZj2rJa9a2f9EGzzoTsJKlVpqqLzE2hmAU8FAX6dfjxiOk8UILEjTKK8SQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		261 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-72QH41ZTMR&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6a99ab8fd9502d83584e76ab98b20609f4b7f564427afd058fc4a51cf6b5bae3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90417
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 23 Oct 2023 18:50:11 GMT
ribn.min.js
assets.ribn.com/production/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.ribn.com/production/ribn.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:91b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d22c2b457592d1f744afe93fdca6657e1985e47f0fade89674ae45ebce1d6428

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:11 GMT
content-encoding
gzip
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA50-C1
age
3364
x-cache
Hit from cloudfront
last-modified
Wed, 28 Oct 2020 14:49:59 GMT
server
cloudflare
etag
W/"6b213f30955b664fd78dc9e388b17e54"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
81ac2a0b6d9b18f1-FRA
x-amz-cf-id
Ysa5SrYE8NSP-ZSdUPMD3RCMHZ-8xQVjooue9FiTZlGCwkb3owX6gQ==
expires
Mon, 23 Oct 2023 22:50:11 GMT
ribn-postmedia.min.js
assets.ribn.com/v2/production/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.ribn.com/v2/production/ribn-postmedia.min.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:91b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c81cab8c63d469329c0e0724770c6c8622f0d5d1fb8b6f919b6d7dddfadba190

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:11 GMT
content-encoding
gzip
via
1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA50-C1
age
4774
x-cache
Hit from cloudfront
last-modified
Wed, 01 Sep 2021 18:06:03 GMT
server
cloudflare
etag
W/"baaa6497dd2dea88d8fdb6d6cca08cf2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
81ac2a0b6da318f1-FRA
x-amz-cf-id
nW_upkbVBQWglW4XPjFYBIgtcFa9COWIip6Os73Uplb1moQi2HpjRg==
expires
Mon, 23 Oct 2023 22:50:11 GMT
cx.cce.js
cdn.cxense.com/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.cce.js
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js?version=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:19f::268b Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
8774018c1144b86e36ee08be52ead31829085c7f81669101e728e6d3edc9b18b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Mon, 23 Oct 2023 18:50:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Aug 2023 09:25:23 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6042
Expires
Mon, 23 Oct 2023 19:50:11 GMT
execute
c2.piano.io/xbuilder/experience/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2.piano.io/xbuilder/experience/execute?aid=KlFb8Hg2nS
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js?version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c376 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1577baf7f66639fc04990a5645cde91729c99d785860566c1da85bbaaa4c5953
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 23 Oct 2023 18:50:11 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400
x-request-id
u2hc8fzkjo
pragma
no-cache
server
cloudflare
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://torontosun.com
access-control-expose-headers
Composer-Request-Control-Policy
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
81ac2a0bcc369b8c-FRA
generate_204
tpc.googlesyndication.com/ Frame 4F2F 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?8UGDSA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:11 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
xEJOYXGL-120.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/5InsPXkI/poster.jpg?width=120
  • https://assets-jpcust.jwpsrv.com/thumbnails/xEJOYXGL-120.jpg
7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/xEJOYXGL-120.jpg
Protocol
H2
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d82c17b4ebf12ae0b94273376fe1a2892840c91fd30eb8fa5b490a856fa3589c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:11 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
822
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
6851
x-served-by
cache-iad-kjyo7100117-IAD, cache-fra-eddf8230122-FRA
last-modified
Fri, 20 Oct 2023 23:30:54 GMT
server
nginx
x-timer
S1698087011.275775,VS0,VE0
etag
"6eefe95a4075c8a12c29b051bce16f9f"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
300, 2

Redirect headers

date
Mon, 23 Oct 2023 18:50:11 GMT
via
1.1 ac059d7185137233d6f58dd3345e3798.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P2
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/xEJOYXGL-120.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
Cye8A3cvtLJnvUtNwQ7A5jZ24l1uDez_F4x6EJCYvhso3f4TFOwyzg==
state
api.permutive.com/v1.0/ 		0
34 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v1.0/state?fetch_unseen=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 23 Oct 2023 18:50:11 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20
identify
identity.mparticle.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-mp-key
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type,x-mp-key
access-control-allow-methods
POST
access-control-allow-origin
*
age
90
date
Mon, 23 Oct 2023 18:50:11 GMT
server
Kestrel
strict-transport-security
max-age=900
via
1.1 varnish
x-cache
HIT
x-cache-hits
35
x-fastly-trace-id
1015966689
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by
cache-fra-eddf8230054-FRA
x-timer
S1698087011.403355,VS0,VE0
gtm.js
www.googletagmanager.com/ 		230 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5KMC8ND&l=dl_mparticle
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
240b1e9b49bbd0a1b332ff2e5b6d625aeb9d238886bccd16f364a5d4ffde21fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68244
x-xss-protection
0
last-modified
Mon, 23 Oct 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 23 Oct 2023 18:50:11 GMT
identify
identity.mparticle.com/v1/ 		176 B
285 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4acb988e880f8eed65ac2e0eeafd847f7b2d533127bdfc1521084f1a453b91b9
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

x-mp-key
us1-99b65fde89a1a145894d2d51d283cc83
Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/json

Response headers

x-served-by
cache-fra-eddf8230054-FRA
date
Mon, 23 Oct 2023 18:50:11 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=900
server
Kestrel
x-timer
S1698087011.426038,VS0,VE108
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-cache
MISS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
x-fastly-trace-id
1015967058
accept-ranges
bytes
x-cache-hits
0
container.html
c8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9F43 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 23 Oct 2023 18:50:10 GMT
expires
Tue, 22 Oct 2024 18:50:10 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 23 Oct 2023 17:51:33 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
3518
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 23 Oct 2023 19:51:33 GMT
marfeel-sdk.js
sdk.mrf.io/statics/ 		125 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:9fa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
556d08d99ff9acbfe85a14d3eb14e7db7d10930c1c6e47cf5d9a84a15ef85366

Request headers

Referer
https://torontosun.com/
Origin
https://torontosun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-response-time
1ms
date
Mon, 23 Oct 2023 18:50:11 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Mon, 23 Oct 2023 18:45:02 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=1800
x-envoy-upstream-service-time
5
accept-ranges
bytes
cf-ray
81ac2a0d6ff23a70-FRA
alt-svc
h3=":443"; ma=86400
content-length
35074
tag.min.js
get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/ 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/tag.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.39.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-16.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7fdeb1c6fd18e0f486055ae90b9c37c166cd1b455157daa7de08f4271ac696ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
XfYprRTzfIx5sUT1DKibUZklTDJ88StC
content-encoding
gzip
via
1.1 2f7b5be8899520ed019685dc425dc306.cloudfront.net (CloudFront)
date
Mon, 23 Oct 2023 04:59:24 GMT
last-modified
Thu, 24 Aug 2023 11:20:32 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P1
age
49901
x-amz-server-side-encryption
AES256
etag
W/"10ba0dba424c8954df3533bfd881e874"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
euNfWfjt4a70sCFVGMbD9tcxCowvY5dznesvnxbHvBGtmwtovuXzaQ==
js
www.googletagmanager.com/gtag/ 		261 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-H792QCFZPV&l=gtm_data_layer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
45de645e7c887232399adfa62b186fae268615a5f05aad880311510caec18d3c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90520
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 23 Oct 2023 18:50:11 GMT
p.js
cdn.parsely.com/keys/torontosun.com/ 		58 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/torontosun.com/p.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.100.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-100-58.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
3c5b584817a547de78b1d37a6c7e65fc36cb2f74abb5e7fb01e1d91579c59f05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
public
date
Mon, 23 Oct 2023 00:31:22 GMT
content-encoding
gzip
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
last-modified
Fri, 06 Oct 2023 19:46:20 GMT
server
nginx
x-amz-cf-pop
FRA56-P2
age
65929
etag
W/"6520640c-e74f"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
-C0G28QMQWEMPjH2o7BXie0C7sCnnjknVX-TK8MBSZOl3HHgVssPgA==
expires
Tue, 24 Oct 2023 00:31:22 GMT
b
sb.scorecardresearch.com/ 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=10276888&ns__t=1698087011350&ns_c=UTF-8&c8=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&c7=https%3A%2F%2Ftorontosun.com%2F&c9=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-90.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:11 GMT
via
1.1 372875ad1ec20daf24f3f29f14a73cd0.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
FhJ8Q-clB-ffbODDd6FQCkqGAFIbgQ1qkjuzh7vrlhg_SyZL05aLfg==
x-cache
Miss from cloudfront
1685973801652415
connect.facebook.net/signals/config/ 		142 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1685973801652415?v=2.9.135&r=stable&domain=torontosun.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2fae676c5618e7a321873e8446446ddf917c02a4f9ea26b15786bbb3bb30703c
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 23 Oct 2023 18:50:11 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
37576
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
kThBa48+XgfYxhkN08UGfL2wEqwU2fydVKI/h6X1HYKOZJjiA7QZqRcgVOXm7HLZb5abOBpevMoryM5PslQW+A==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/10276888/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
382 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol
H2
Server
13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-90.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 03:35:26 GMT
via
1.1 372875ad1ec20daf24f3f29f14a73cd0.cloudfront.net (CloudFront)
last-modified
Mon, 03 Jul 2023 14:48:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
54886
x-amz-server-side-encryption
AES256
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
0
x-amz-cf-id
hAzBss6H730SCTP162CK-Yuxq7P0N-S1FW839tKdtK9pqGoWF1Kz0A==

Redirect headers

date
Mon, 23 Oct 2023 18:50:11 GMT
via
1.1 372875ad1ec20daf24f3f29f14a73cd0.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
location
/internal-c2/default/cs.js
content-length
0
x-amz-cf-id
avkY2GUmflozZJ3pl87K9Sd38RSmCNs4h1tZ9LNv3cDOSLb1jKJ5FQ==
cx.js
cdn.cxense.com/ 		110 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.cce.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:19f::268b Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
7ab619e2032c2ac25c71e5f1dc1efc5ee2e122b34767ecac6765412b852e5c53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Mon, 23 Oct 2023 18:50:11 GMT
Content-Encoding
gzip
Last-Modified
Thu, 19 Oct 2023 15:17:22 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
36600
Expires
Mon, 23 Oct 2023 19:50:11 GMT
collect
region1.analytics.google.com/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-72QH41ZTMR&gtm=45je3ai0&_p=1585049294&_gaz=1&cid=902897307.1698087010&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1698087011&sct=1&seg=0&dl=https%3A%2F%2Ftorontosun.com%2F&dt=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-72QH41ZTMR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Oct 2023 18:50:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://torontosun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-72QH41ZTMR&cid=902897307.1698087010&gtm=45je3ai0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-72QH41ZTMR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Oct 2023 18:50:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://torontosun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-72QH41ZTMR&gtm=45je3ai0&_p=1585049294&cid=902897307.1698087010&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEI&_s=2&sid=1698087011&sct=1&seg=0&dl=https%3A%2F%2Ftorontosun.com%2F&dt=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&en=ad_impression&_c=1&ep.query_id=CMKSrojrjIIDFWqQgwcdpJYJpA&_et=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-72QH41ZTMR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Oct 2023 18:50:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://torontosun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-72QH41ZTMR&cid=902897307.1698087010&gtm=45je3ai0&aip=1&z=332006601
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Oct 2023 18:50:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rtb
rtb.ads.travelaudience.com/ Frame 2DDA 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.ads.travelaudience.com/rtb?ads=30000567.16.0.70015989.0.0..0.DE.-1..fI1mva3lHiOCOcKjEwft-w%3D%3D.60026414.OTk5JTJjMQ==...fI1mva3lHiOCOcKjEwft-w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWnLvYsA2ZcLZEOqgjuwPpK2moArKkbX7ctPipc7RCsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi01NjExMDUzNjYyNjEzMzkwyAEJqQJGBtdv48ixPuACAKgDAcgDAqoEkAJP0HHRc8IS9sWV0lmVItVVnNavHSUw_lQL0-reXLwJ5M08v8QQ_G8OJXXIBsIe7TuFuEoIChlC8B98Z74jKz5hIE3Gk4zQGJOdxSJgTIEhoDeLaeWkPd3mIfc8VYTQmyboe5ETRuLH5-P5MWVCX4a72WvyJl4R5L-Tn2w6jmb3HG_N4Mc4sXeE-zbFj1Wm839oEZOY4rfp1LdRHrxq9sjK4WFXxaMcS16aW7oQjzsWh5wRSTIX1DeY4ZhDNkNJFFJksnykvvPtKJZ5Wwfi4ZRBWNNX9kuFeflV1KgomAHOwVDolMGd2yfonChnaRAi6k7Egj7JDni37ZEl3fhhjTky0RD_mTbHgVxrC-t8J-NYsuAEAYAGy8zuq9HslIGeAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3d_1mks0gC8K0rRj2c66eZHHE9dA%26client%3Dca-pub-5611053662613390%26adurl%3D&googlewinningprice=ZTbAYgAELMIHg5BqAAmWpLzn5xHxPSoIsJkH6Q&wpc=EUR&site=torontosun.com&slotvisibility=1&gcpm=780477&gpos=1&bidder=bidder-rtb-production-8d8b49fdb-rlg9c&dv=1&uuid=&suid=&brq=feDpfi_OPUTm4HhI4wI9kTl_f4r2OXNl16mHzw&ssp_id=0&l=en&ts=1698087010&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=d1sZmcrEbdBBtNSTVqO6R6NLKLLj5AZi3SHit1fHwy8=
Requested by
Host: c8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com
URL: https://c8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.187.184.108 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
108.184.187.35.bc.googleusercontent.com
Software
/
Resource Hash
f2f5e79e87300e9bf76b80c6a21aa5bf93405e0e3cf238877db8ce307752e013
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://c8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 23 Oct 2023 18:50:11 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
x-engine-version
0.0.0
x-host
deliveryengine-rtb-production-f5498cbfb-8qs8k
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 9F43 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/window_focus_fy2021.js
Requested by
Host: c8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com
URL: https://c8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 17:32:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
4686
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 17:32:05 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 9F43 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: c8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com
URL: https://c8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f74f99e9fe1027d19c741e71e7a2adf40f49a011d50cb110e45a0511f624fb3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 00:02:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
67657
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8427
x-xss-protection
0
server
cafe
etag
8504628880869859743
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 00:02:34 GMT
l
www.google.com/ads/measurement/ Frame 9F43 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaScbqn8ctPn5KMvdcqkNmgj_MpgKp-n21QHeKUaiP86QCa3GFLgjAjn9fwnEYjyzMQCeFHT
Requested by
Host: c8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com
URL: https://c8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 9F43 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: c8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com
URL: https://c8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 06:34:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
303362
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 19 Oct 2024 06:34:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9F43 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com
URL: https://c8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60178
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697628223465749"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Oct 2023 18:50:11 GMT
Forwarding
jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 		0
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/Forwarding
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-fra-eddf8230078-FRA
date
Mon, 23 Oct 2023 18:50:11 GMT
via
1.1 varnish
server
Kestrel
x-timer
S1698087012.659321,VS0,VE2
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
x-cache-hits
0
thirdpartycookie
api.viafoura.co/v2/torontosun.com/ 		45 B
647 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/torontosun.com/thirdpartycookie?section=
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4846:83a2:ca80:55fb:13bf Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356

Request headers

Accept
application/json, text/plain, */*
Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-instance-id
i-060cd47d069bfe824
pragma
no-cache
date
Mon, 23 Oct 2023 18:50:11 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://torontosun.com
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Mon, 23 Oct 2023 18:50:11 GMT
publishertag.prebid.139.js
static.criteo.net/js/ld/ 		94 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.139.js
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
17882276150f09461415088bd161e0242ce0327673dc9233e11bf1f7cbe28762
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:11 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Jul 2023 13:25:47 GMT
server
nginx
etag
W/"64ad585b-17893"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 24 Oct 2023 18:50:11 GMT
manifest-audio_eng=112001-video_eng=395402.m3u8
videos-cloudfront-usp.jwpsrv.com/65376922_e585fd33a38c5b35288364deb5f4bf7bf16431ba/site/ReDAXyY4/media/hWntWOSO/version/hWntWOSO/manifest.ism/ 		11 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://videos-cloudfront-usp.jwpsrv.com/65376922_e585fd33a38c5b35288364deb5f4bf7bf16431ba/site/ReDAXyY4/media/hWntWOSO/version/hWntWOSO/manifest.ism/manifest-audio_eng=112001-video_eng=395402.m3u8
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.29.0/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:d000:2:cecb:23c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
340ca627ea7831f778e09ec891f7b7413590153b57808242f3ea3be585831b7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 15:45:49 GMT
via
1.1 4a95385e61c9df8f5f8de6338a3fe59a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
11062
x-cache
Hit from cloudfront
content-length
11759
server
Apache
etag
"usp-0F48FB21"
vary
Accept-Encoding
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
access-control-expose-headers
server,range,date,x-cdn-forward
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
origin, range, x-cdn-forward
x-amz-cf-id
1E4UkNMPLv0T8wypVIAw2cKGi77j__0OT4pOMMufg-nUHbJea95dJQ==
/
onetag-geo.s-onetag.com/ 		555 B
969 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.60.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-60-61.ams1.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 05:02:17 GMT
via
1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront), 1.1 e802bba79ff3efb2497084ca4babc248.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2, AMS1-P2
age
49674
x-amzn-requestid
ab50c726-f99b-454c-8e46-4030db1db421
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
NPSuFFJviYcEg6A=
content-length
555
x-amz-cf-id
Be8RwKgLvQEq1w5zbNqxyiNCAqPn0cxDRpBZqF23xH7YEJ84uGZlEQ==
beacon.min.js
signal-beacon.s-onetag.com/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signal-beacon.s-onetag.com/beacon.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-68.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b0a16378462c7afcb27d8e14cf50e2cd3a8980af2895d20622640b096920719e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
bto3eb0o1YxjKQVMPWidTjdqvOBrBN1F
content-encoding
gzip
via
1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
date
Mon, 23 Oct 2023 03:54:01 GMT
last-modified
Tue, 13 Jun 2023 14:58:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
53771
x-amz-server-side-encryption
AES256
etag
W/"565eb88b90415391668a5cb7cfb4557a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
CrDkn2gTpRJ1h1Q7gndJOs4546fJY1AdNdHi2lFS5LFktVwMkf8O2g==
gtm.js
www.googletagmanager.com/ 		226 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NFGNKKG&l=mpartical
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f8479d4bfb2e4f53aedad547189a6d3646a9a2d787b49aa7518142d25221928f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74297
x-xss-protection
0
last-modified
Mon, 23 Oct 2023 18:07:41 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 23 Oct 2023 18:50:11 GMT
/
p1.parsely.com/plogger/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1698087011674&plid=c513a66b-ecf2-4840-9e1e-425543e4fc5b&idsite=torontosun.com&url=https%3A%2F%2Ftorontosun.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22login_status%22%3A%22anonymous%22%7D&sid=1&surl=https%3A%2F%2Ftorontosun.com%2F&sref=&sts=1698087011663&slts=0&title=Home+%7C+Toronto+Sun+Home+Page+%7C+Toronto+Sun&date=Mon+Oct+23+2023+20%3A50%3A11+GMT%2B0200+(Central+European+Summer+Time)&action=pageview&pvid=e100329b-2c36-4769-819d-592195a22366&u=pid%3D3d13cbe1-2978-46b9-94b3-44c56c22736e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.99.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-99-225.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Mon, 23 Oct 2023 18:50:11 GMT
Cache-Control
no-cache
Last-Modified
Monday, 23-Oct-2023 18:50:11 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1685973801652415&ev=PageView&dl=https%3A%2F%2Ftorontosun.com%2F&rl=&if=false&ts=1698087011694&sw=1600&sh=1200&v=2.9.135&r=stable&ec=0&o=30&fbp=fb.1.1698087011690.83692537&cs_est=true&ler=empty&it=1698087011391&coo=false&tm=1&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 23 Oct 2023 18:50:11 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1685973801652415&ev=PageView&dl=https%3A%2F%2Ftorontosun.com%2F&rl=&if=false&ts=1698087011699&sw=1600&sh=1200&v=2.9.135&r=stable&ec=1&o=30&fbp=fb.1.1698087011690.83692537&cs_est=true&ler=empty&it=1698087011391&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 23 Oct 2023 18:50:11 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
www.google-analytics.com/j/ 		4 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1585049294&t=pageview&_s=1&dl=https%3A%2F%2Ftorontosun.com%2F&ul=en-us&de=UTF-8&dt=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACAABBAAAACAEK~&jid=1411841282&gjid=617469004&cid=902897307.1698087010&tid=UA-213173459-5&_gid=1443474347.1698087012&_r=1&_slc=1&gtm=45He3ai0n81P3Q4QHW&cd2=2023-10-23T20%3A50%3A11.339%2B02%3A00&cd7=anonymous&cd17=0&cd23=Toronto%20Sun&cd24=Cheetah&cd25=14.6.4&cd26=v88.1&cd27=0&cd28=GTM-P3Q4QHW&cd29=51&cd31=index&cd52=index&cd65=false&cd1=902897307.1698087010&z=1576671299
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 23 Oct 2023 18:50:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://torontosun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		15 B
83 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1585049294&t=pageview&_s=1&dl=https%3A%2F%2Ftorontosun.com%2F&ul=en-us&de=UTF-8&dt=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACAABBAAAACAEK~&jid=754124078&gjid=1149521283&cid=902897307.1698087010&tid=UA-114648105-14&_gid=1443474347.1698087012&_r=1&_slc=1&gtm=45He3ai0n81P3Q4QHW&z=710780373
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
07e6168cc4f12c66e03b1c278e8edba4e031a0ce6577aaee54e3cfbe73f2b3b9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 23 Oct 2023 18:50:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://torontosun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-H792QCFZPV&gtm=45je3ai0&_p=1585049294&_gaz=1&cid=902897307.1698087010&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEI&_s=1&dl=https%3A%2F%2Ftorontosun.com%2F&sid=1698087011&sct=1&seg=0&dt=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&en=ad_impression&_fv=1&_ss=1&_c=1&ep.debug_mode=false&ep.gtm_version=51&ep.gtm_container_id=GTM-P3Q4QHW&ep.ad_blocker_enabled=false&ep.user_status=anonymous&ep.page_type=index&ep.platform=Cheetah&ep.platform_version=14.6.4&ep.fem_version=v88.1&ep.brand=Toronto%20Sun&ep.timestamp=2023-10-23T20%3A50%3A11.334%2B02%3A00&ep.query_id=CMKSrojrjIIDFWqQgwcdpJYJpA
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H792QCFZPV&l=gtm_data_layer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Oct 2023 18:50:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://torontosun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-H792QCFZPV&cid=902897307.1698087010&gtm=45je3ai0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H792QCFZPV&l=gtm_data_layer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Oct 2023 18:50:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://torontosun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-H792QCFZPV&cid=902897307.1698087010&gtm=45je3ai0&aip=1&z=569259986
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Oct 2023 18:50:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
identify
identity.mparticle.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-mp-key
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type,x-mp-key
access-control-allow-methods
POST
access-control-allow-origin
*
age
91
date
Mon, 23 Oct 2023 18:50:11 GMT
server
Kestrel
strict-transport-security
max-age=900
via
1.1 varnish
x-cache
HIT
x-cache-hits
36
x-fastly-trace-id
1015972790
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by
cache-fra-eddf8230054-FRA
x-timer
S1698087012.810670,VS0,VE0
identify
identity.mparticle.com/v1/ 		176 B
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
f88b6c407781a770cc2b6caeab8a9b5a86a1dd7bf633b1791256c33538ca126b
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

x-mp-key
us1-99b65fde89a1a145894d2d51d283cc83
Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/json

Response headers

x-served-by
cache-fra-eddf8230054-FRA
date
Mon, 23 Oct 2023 18:50:11 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=900
server
Kestrel
x-timer
S1698087012.826240,VS0,VE114
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-cache
MISS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
x-fastly-trace-id
1015973035
accept-ranges
bytes
x-cache-hits
0
Forwarding
jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/Forwarding
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-fra-eddf8230078-FRA
date
Mon, 23 Oct 2023 18:50:11 GMT
via
1.1 varnish
server
Kestrel
x-timer
S1698087012.827454,VS0,VE2
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
x-cache-hits
0
identify
api.permutive.com/v2.0/ 		50 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
bc2f58921012cb4607a3f0dc7c1732508794f895097b6765eef95e17ecfe4ec6

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 23 Oct 2023 18:50:11 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
el.ashx
ads.travelaudience.com/ Frame 2DDA 		631 B
755 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.travelaudience.com/el.ashx?__trackerRequestId=0.3505578446953916&adPos=&ai1=1%3B30000567%3B16%3B1%3B%3B%3B0%3B-1%3B%3B%3B%3BfI1mva3lHiOCOcKjEwft-w%3D%3D%3B60026414%3B999%252c1%3B%3B%3B2%3B4%3B50005817%3BfI1mva3lHiOCOcKjEwft-w%3D%3D%3BEUR%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B70015989%3BfeDpfi_OPUTm4HhI4wI9kTl_f4r2OXNl16mHzw%3BEUR%3B2%3B%3B%3B%3B%3B0%3B%3B&aid=&an=&ask=&at=1&bc=1&bd=bidder-rtb-production-8d8b49fdb-rlg9c&bnr=0&brq=feDpfi_OPUTm4HhI4wI9kTl_f4r2OXNl16mHzw&di=&did=-1&dnt=&dv=1&ed=&ev=ic&fm=728x90&gcpm=780477&gctr=&ia=0&id5Decr=&id5Encr=&id5PID=&id5Src=&iid=&ilt=&ir=0&ld=&mai=&mat=1&mid=&na=&no=&oo=&pb=90000&pos_old=&rg=1&rts=&salt=18&sc=&site=torontosun.com&ssp=0&sv=1&tsf=&ua=&uc=DE&ucy=&uuid=5590303B-9C04-41A8-BD1E-50841811C18B&view=&vrt=&vw=&wp=ZTbAYgAELMIHg5BqAAmWpLzn5xHxPSoIsJkH6Q
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000567.16.0.70015989.0.0..0.DE.-1..fI1mva3lHiOCOcKjEwft-w%3D%3D.60026414.OTk5JTJjMQ==...fI1mva3lHiOCOcKjEwft-w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWnLvYsA2ZcLZEOqgjuwPpK2moArKkbX7ctPipc7RCsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi01NjExMDUzNjYyNjEzMzkwyAEJqQJGBtdv48ixPuACAKgDAcgDAqoEkAJP0HHRc8IS9sWV0lmVItVVnNavHSUw_lQL0-reXLwJ5M08v8QQ_G8OJXXIBsIe7TuFuEoIChlC8B98Z74jKz5hIE3Gk4zQGJOdxSJgTIEhoDeLaeWkPd3mIfc8VYTQmyboe5ETRuLH5-P5MWVCX4a72WvyJl4R5L-Tn2w6jmb3HG_N4Mc4sXeE-zbFj1Wm839oEZOY4rfp1LdRHrxq9sjK4WFXxaMcS16aW7oQjzsWh5wRSTIX1DeY4ZhDNkNJFFJksnykvvPtKJZ5Wwfi4ZRBWNNX9kuFeflV1KgomAHOwVDolMGd2yfonChnaRAi6k7Egj7JDni37ZEl3fhhjTky0RD_mTbHgVxrC-t8J-NYsuAEAYAGy8zuq9HslIGeAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3d_1mks0gC8K0rRj2c66eZHHE9dA%26client%3Dca-pub-5611053662613390%26adurl%3D&googlewinningprice=ZTbAYgAELMIHg5BqAAmWpLzn5xHxPSoIsJkH6Q&wpc=EUR&site=torontosun.com&slotvisibility=1&gcpm=780477&gpos=1&bidder=bidder-rtb-production-8d8b49fdb-rlg9c&dv=1&uuid=&suid=&brq=feDpfi_OPUTm4HhI4wI9kTl_f4r2OXNl16mHzw&ssp_id=0&l=en&ts=1698087010&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=d1sZmcrEbdBBtNSTVqO6R6NLKLLj5AZi3SHit1fHwy8=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.0.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.0.190.35.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:11 GMT
content-encoding
gzip
x-engine-version
0.0.0
via
1.1 google
server
nginx/1.21.6
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
content-type
image/jpeg
x-host
tde-deliveryengine-production-7595df5684-2nl6k
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
728x90_Abu_Dhabi_Winter_EUR_EN.gif
static.travelaudience.com/img/import/AbuDhabi_DMO/2023_Winter/ Frame 2DDA 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.travelaudience.com/img/import/AbuDhabi_DMO/2023_Winter/728x90_Abu_Dhabi_Winter_EUR_EN.gif
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000567.16.0.70015989.0.0..0.DE.-1..fI1mva3lHiOCOcKjEwft-w%3D%3D.60026414.OTk5JTJjMQ==...fI1mva3lHiOCOcKjEwft-w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWnLvYsA2ZcLZEOqgjuwPpK2moArKkbX7ctPipc7RCsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi01NjExMDUzNjYyNjEzMzkwyAEJqQJGBtdv48ixPuACAKgDAcgDAqoEkAJP0HHRc8IS9sWV0lmVItVVnNavHSUw_lQL0-reXLwJ5M08v8QQ_G8OJXXIBsIe7TuFuEoIChlC8B98Z74jKz5hIE3Gk4zQGJOdxSJgTIEhoDeLaeWkPd3mIfc8VYTQmyboe5ETRuLH5-P5MWVCX4a72WvyJl4R5L-Tn2w6jmb3HG_N4Mc4sXeE-zbFj1Wm839oEZOY4rfp1LdRHrxq9sjK4WFXxaMcS16aW7oQjzsWh5wRSTIX1DeY4ZhDNkNJFFJksnykvvPtKJZ5Wwfi4ZRBWNNX9kuFeflV1KgomAHOwVDolMGd2yfonChnaRAi6k7Egj7JDni37ZEl3fhhjTky0RD_mTbHgVxrC-t8J-NYsuAEAYAGy8zuq9HslIGeAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3d_1mks0gC8K0rRj2c66eZHHE9dA%26client%3Dca-pub-5611053662613390%26adurl%3D&googlewinningprice=ZTbAYgAELMIHg5BqAAmWpLzn5xHxPSoIsJkH6Q&wpc=EUR&site=torontosun.com&slotvisibility=1&gcpm=780477&gpos=1&bidder=bidder-rtb-production-8d8b49fdb-rlg9c&dv=1&uuid=&suid=&brq=feDpfi_OPUTm4HhI4wI9kTl_f4r2OXNl16mHzw&ssp_id=0&l=en&ts=1698087010&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=d1sZmcrEbdBBtNSTVqO6R6NLKLLj5AZi3SHit1fHwy8=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.170.237 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
237.170.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
4229bb0dbf8cee8830bba2007991d97deb4a8b25fa30cc70ab662845d5098e9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:27:45 GMT
age
1346
x-guploader-uploadid
ABPtcPpkbgi176oEvQLIc-trpbZCxQHnoWjt98K8-E1oj-1nFGIEhpNZ6lQMWL84Ys1MxlNMQtepeGXPRK5sBy16dvD3qarnDV0v
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54027
last-modified
Thu, 19 Oct 2023 01:54:55 GMT
server
UploadServer
etag
"4129dd3a5a40f12d4f1b1bdf1941d261"
vary
Origin
x-goog-generation
1697680495686905
x-goog-hash
crc32c=PzV0Ig==, md5=QSndOlpA8S1PGxvfGUHSYQ==
content-type
image/gif
cache-control
public, max-age=3600
x-goog-stored-content-length
54027
accept-ranges
bytes
expires
Mon, 23 Oct 2023 19:27:45 GMT
moatad.js
z.moatads.com/travel198849194933/ Frame 2DDA 		328 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/travel198849194933/moatad.js
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000567.16.0.70015989.0.0..0.DE.-1..fI1mva3lHiOCOcKjEwft-w%3D%3D.60026414.OTk5JTJjMQ==...fI1mva3lHiOCOcKjEwft-w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWnLvYsA2ZcLZEOqgjuwPpK2moArKkbX7ctPipc7RCsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi01NjExMDUzNjYyNjEzMzkwyAEJqQJGBtdv48ixPuACAKgDAcgDAqoEkAJP0HHRc8IS9sWV0lmVItVVnNavHSUw_lQL0-reXLwJ5M08v8QQ_G8OJXXIBsIe7TuFuEoIChlC8B98Z74jKz5hIE3Gk4zQGJOdxSJgTIEhoDeLaeWkPd3mIfc8VYTQmyboe5ETRuLH5-P5MWVCX4a72WvyJl4R5L-Tn2w6jmb3HG_N4Mc4sXeE-zbFj1Wm839oEZOY4rfp1LdRHrxq9sjK4WFXxaMcS16aW7oQjzsWh5wRSTIX1DeY4ZhDNkNJFFJksnykvvPtKJZ5Wwfi4ZRBWNNX9kuFeflV1KgomAHOwVDolMGd2yfonChnaRAi6k7Egj7JDni37ZEl3fhhjTky0RD_mTbHgVxrC-t8J-NYsuAEAYAGy8zuq9HslIGeAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3d_1mks0gC8K0rRj2c66eZHHE9dA%26client%3Dca-pub-5611053662613390%26adurl%3D&googlewinningprice=ZTbAYgAELMIHg5BqAAmWpLzn5xHxPSoIsJkH6Q&wpc=EUR&site=torontosun.com&slotvisibility=1&gcpm=780477&gpos=1&bidder=bidder-rtb-production-8d8b49fdb-rlg9c&dv=1&uuid=&suid=&brq=feDpfi_OPUTm4HhI4wI9kTl_f4r2OXNl16mHzw&ssp_id=0&l=en&ts=1698087010&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=d1sZmcrEbdBBtNSTVqO6R6NLKLLj5AZi3SHit1fHwy8=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.169.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-169-236.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
b6cb116aec40404b00a8f6d23fd9a447bc3b71b1545cf67e018cc464878dfada

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:11 GMT
content-encoding
gzip
last-modified
Thu, 05 Oct 2023 09:38:30 GMT
server
AmazonS3
x-amz-request-id
2C04JEH0HMWS4YG2
etag
"73773326162c6749f7b8df637f921ff4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=41327
accept-ranges
bytes
content-length
113550
x-amz-id-2
WMRaW6zN/xChGE6rUBjpwMkt2vZ523ukVe7ay+uNSFX34FulvFmBtGQ2QpBndZwJZrFDqbHVB9U=
creative.js
ads.travelaudience.com/js/ Frame 2DDA 		56 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.travelaudience.com/js/creative.js?version=0.0.0
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000567.16.0.70015989.0.0..0.DE.-1..fI1mva3lHiOCOcKjEwft-w%3D%3D.60026414.OTk5JTJjMQ==...fI1mva3lHiOCOcKjEwft-w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWnLvYsA2ZcLZEOqgjuwPpK2moArKkbX7ctPipc7RCsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi01NjExMDUzNjYyNjEzMzkwyAEJqQJGBtdv48ixPuACAKgDAcgDAqoEkAJP0HHRc8IS9sWV0lmVItVVnNavHSUw_lQL0-reXLwJ5M08v8QQ_G8OJXXIBsIe7TuFuEoIChlC8B98Z74jKz5hIE3Gk4zQGJOdxSJgTIEhoDeLaeWkPd3mIfc8VYTQmyboe5ETRuLH5-P5MWVCX4a72WvyJl4R5L-Tn2w6jmb3HG_N4Mc4sXeE-zbFj1Wm839oEZOY4rfp1LdRHrxq9sjK4WFXxaMcS16aW7oQjzsWh5wRSTIX1DeY4ZhDNkNJFFJksnykvvPtKJZ5Wwfi4ZRBWNNX9kuFeflV1KgomAHOwVDolMGd2yfonChnaRAi6k7Egj7JDni37ZEl3fhhjTky0RD_mTbHgVxrC-t8J-NYsuAEAYAGy8zuq9HslIGeAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3d_1mks0gC8K0rRj2c66eZHHE9dA%26client%3Dca-pub-5611053662613390%26adurl%3D&googlewinningprice=ZTbAYgAELMIHg5BqAAmWpLzn5xHxPSoIsJkH6Q&wpc=EUR&site=torontosun.com&slotvisibility=1&gcpm=780477&gpos=1&bidder=bidder-rtb-production-8d8b49fdb-rlg9c&dv=1&uuid=&suid=&brq=feDpfi_OPUTm4HhI4wI9kTl_f4r2OXNl16mHzw&ssp_id=0&l=en&ts=1698087010&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=d1sZmcrEbdBBtNSTVqO6R6NLKLLj5AZi3SHit1fHwy8=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.0.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.0.190.35.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
c254650f10a8fd8c05b50340c517f84deb5319b9cc5f4b90bc6ac77b2c018ae4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
public
date
Mon, 23 Oct 2023 18:50:11 GMT
content-encoding
gzip
via
1.1 google
last-modified
Mon, 23 Oct 2023 08:57:32 GMT
server
nginx/1.21.6
etag
W/"6536357c-e1b5"
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
max-age=86400, public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 24 Oct 2023 18:50:11 GMT
intl-messageformat.02672a020c7e0ec7e62f.js
cdn.viafoura.net/chunks/defaultVendors~languages/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/defaultVendors~languages/intl-messageformat.02672a020c7e0ec7e62f.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:cc00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dda2e8d451cf3520b8ab9f9249034d073b1352255351ecf40afd6b4e5a1cface

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:21:02 GMT
x-amz-version-id
Y8E0jWBuxoEgCsVbZaWRWk_5NEB6C3bt
content-encoding
br
via
1.1 4bc1976da553dde6dd59c4ea33001b72.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
343750
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 19 Oct 2023 19:20:13 GMT
server
AmazonS3
etag
W/"99bdbc105c8756601154bb6bb2ff743a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
8nKl-GwrtaNJL7K3S56ZCJl-P_TqcB8vYOJOfPpTx_IN2p0NTr-L4w==
intl-messageformat.1a1cdfc05ff7935c9501.js
cdn.viafoura.net/chunks/languages/ 		135 B
614 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/intl-messageformat.1a1cdfc05ff7935c9501.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:cc00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fab3a5b45c07012708c6ad1649345d90396f7be12a822c5bb68f2ecb88d429bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:21:03 GMT
x-amz-version-id
23DLcMbDe9sndqfORJK_9cny7XgFhZB2
via
1.1 4bc1976da553dde6dd59c4ea33001b72.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
343749
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
content-length
135
last-modified
Thu, 19 Oct 2023 19:20:22 GMT
server
AmazonS3
etag
"ab246a0b09ca785a5a04858030afba86"
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
rZlItFi0MifjAouvKoc0_7SbaEtIItYrH9kjuvTdZ0gnYMaLxWLAgw==
en-us-base-json.3ade99cd7fac103771a0.js
cdn.viafoura.net/chunks/languages/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/en-us-base-json.3ade99cd7fac103771a0.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:cc00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1b98a09f916713f08b8adc1edc21040480d9f5e305afa0256cfd41b3408ce254

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:21:01 GMT
x-amz-version-id
UxmkesejN_ZsNsiXWRqeBuZ.r8.0Fcvu
content-encoding
br
via
1.1 4bc1976da553dde6dd59c4ea33001b72.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
343751
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 19 Oct 2023 19:20:16 GMT
server
AmazonS3
etag
W/"8b5fb8045a9471f6844ff5ecb5d7bc34"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
3aR-f70N__hYLY5zBJubZ-ZNNDAvU2c3Al1_1yA6kDIULBrRLgKDOA==
sp1.html
cdn.cxense.com/ Frame 6C30 		672 B
747 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/sp1.html
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:19f::268b Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
72e60b6eb3be9d5d931fdeb84475759aa558145f9a848f1804423f5b1e611ecc

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Cache-Control
max-age=864000
Connection
keep-alive
Content-Encoding
gzip
Content-Length
377
Content-Type
text/html
Date
Mon, 23 Oct 2023 18:50:11 GMT
Expires
Thu, 02 Nov 2023 18:50:11 GMT
Last-Modified
Wed, 02 Aug 2023 12:14:52 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
ingest.php
events.newsroom.bi/ 		50 B
850 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.32.62 Toenisvorst, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy03.cl03.het.mrf.io
Software
istio-envoy /
Resource Hash
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 23 Oct 2023 18:50:11 GMT
content-encoding
gzip
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://torontosun.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
66
ad98bf682808f4798a52.js
sdk.mrf.io/statics/ 		47 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.mrf.io/statics/ad98bf682808f4798a52.js
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:9fa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d321458e38a170812d6109017b5c0d2d77b6ee982e68372b9f2216f8039b8e2

Request headers

Referer
https://torontosun.com/
Origin
https://torontosun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:11 GMT
content-encoding
gzip
via
1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA60-P2
age
1552
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
7
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 09 Oct 2023 08:31:44 GMT
server
cloudflare
etag
W/"4019917091f4a1477eba1521e8d22b24"
access-control-max-age
3600
access-control-allow-methods
GET
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
vary
Accept-Encoding
timing-allow-origin
*
cf-ray
81ac2a104c793a70-FRA
x-amz-cf-id
wmN6J7rBX9lB0Wa7HDeCZ0_opRUEh0FcyMJlw8CKpU-Z6DBS97W2bA==
cx.js
cdn.cxense.com/ Frame 6C30 		110 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:280:19f::268b Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
8ffe76ba71b92e6e6081611c692a2bfe28defe2cb663106110ac8a0ec0ba7560

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.cxense.com/sp1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Mon, 23 Oct 2023 18:50:11 GMT
Content-Encoding
gzip
Last-Modified
Thu, 19 Oct 2023 15:17:22 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
36600
Expires
Mon, 23 Oct 2023 19:50:11 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-213173459-5&cid=902897307.1698087010&jid=1411841282&gjid=617469004&_gid=1443474347.1698087012&_u=YCDACAAABAAAACAEK~&z=308246981
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 23 Oct 2023 18:50:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://torontosun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		228 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-QZZLREHFVM&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2323a7620d5e97dd00138ff5840951c4c650da98da557f90d1c9f697410364a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82976
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 23 Oct 2023 18:50:11 GMT
events
jssdks.mparticle.com/v3/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 		42 B
148 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v3/JS/us1-99b65fde89a1a145894d2d51d283cc83/events
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
65e6f619f8f45c9c76984b478e4332c37af544850d2e6f62e6e8b7ba88a09778

Request headers

Accept
text/plain;charset=UTF-8
Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-fra-eddf8230078-FRA
date
Mon, 23 Oct 2023 18:50:11 GMT
content-encoding
gzip
via
1.1 varnish
server
Kestrel
x-timer
S1698087012.993906,VS0,VE3
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-cache-hits
0
truncated
/ Frame 9F43 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3d63a4c283b22a0da0af9c49a8e3a3a1c395bbfc46673a86b0f4901ac4ddb6fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-213173459-5&cid=902897307.1698087010&jid=1411841282&_u=YCDACAAABAAAACAEK~&z=699921214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Oct 2023 18:50:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-213173459-5&cid=902897307.1698087010&jid=1411841282&_u=YCDACAAABAAAACAEK~&z=699921214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Oct 2023 18:50:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
audiences
api.permutive.com/audience-matching/v1/id/a001c47d-333e-411b-814b-f950c8d3ecc2/ 		12 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/audience-matching/v1/id/a001c47d-333e-411b-814b-f950c8d3ecc2/audiences?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
/
Resource Hash
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 23 Oct 2023 18:50:12 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12
content-type
application/json
syncframe
gum.criteo.com/ Frame 36F3 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=torontosun.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 23 Oct 2023 18:50:11 GMT
server
Kestrel
server-processing-duration-in-ticks
340678
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.139.js
static.criteo.net/js/ld/ 		94 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.139.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
17882276150f09461415088bd161e0242ce0327673dc9233e11bf1f7cbe28762
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Jul 2023 13:25:47 GMT
server
nginx
etag
W/"64ad585b-17893"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 24 Oct 2023 18:50:12 GMT
LoginRadiusV2.js
auth.lrcontent.com/v2/ 		210 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.lrcontent.com/v2/LoginRadiusV2.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e3a0ec886bc332d36f61c37c9e7ec663e19bb89bbd6b0243140c871c70d33e8
Security Headers
Name Value
Strict-Transport-Security max-age= 63072000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:12 GMT
strict-transport-security
max-age= 63072000; includeSubdomains; preload
via
1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
gzip
x-amz-cf-pop
FRA56-C1
age
2607
cf-polished
origSize=1329386
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
cf-bgj
minify
last-modified
Mon, 16 Oct 2023 05:52:50 GMT
server
cloudflare
etag
W/"06ae4cc55e4412a63367b4a85f937078"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=14400
cf-ray
81ac2a11d9cc1c6d-FRA
x-amz-cf-id
t4DWDgNIiaAWvGC03L6YSNceVo6a3JzJkjqATuvweN60fqggCLp5KA==
expires
Mon, 23 Oct 2023 22:50:12 GMT
ingest
i.viafoura.co/v3/torontosun.com/ 		67 B
391 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://i.viafoura.co/v3/torontosun.com/ingest
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.82.70.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-82-70-184.compute-1.amazonaws.com
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://torontosun.com
date
Mon, 23 Oct 2023 18:50:12 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/png
content-length
67
expires
Fri, 01 Jan 1990 00:00:00 GMT
n.js
mb.moatads.com/ Frame 2DDA 		84 B
261 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/n.js?e=35&ol=2482356833&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2Ba%24%3D!!t%2BxBk_lLgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-CVjuwVF0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-3wQSTAc2oUtvHw%3D%3D&sc=1&os=1-Nw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=TRAVELAUDIENCE_DISPLAY1&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fc8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com&lp=https%3A%2F%2Ftorontosun.com&t=1698087012141&de=804143234597&m=0&ar=0c7a73c5c3d-clean&iw=eaa0026&q=2&cb=0&ym=0&cu=1698087012141&ll=2&lm=2&ln=1&r=0&em=0&en=0&d=30000567%3A50005817%3A60026414%3A70015989&zMoatSSP=0&zMoatDeal=-1&zMoatSubdomain=torontosun.com&zMoatIMPID=feDpfi_OPUTm4HhI4wI9kTl_f4r2OXNl16mHzw&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Ftorontosun.com&id=0&ii=2&bo=c8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com&bd=728x90&zMoatOrigSlicer1=c8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com&zMoatOrigSlicer2=728x90&zMoatDomain=torontosun.com&gw=travel198849194933&fd=1&it=500&ti=0&ih=2&pe=0%3A404%3A404%3A0%3A0&jk=-1&jm=-1&fs=205668&na=521757774&cs=0&ord=1698087012141&jv=1028250023&callback=DOMlessLLDcallback_19087967
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/travel198849194933/moatad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.162.160.243 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
aee03ccf261e11a0a6e395d0ccf6a1d9786a60edc1c5c58a9e0abf87914ade47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:12 GMT
server
istio-envoy
etag
"2e292ce764cd48b37a6cc81e6dd4e8bcd60a1980"
content-type
text/html; charset=UTF-8
cache-control
max-age=900
x-envoy-upstream-service-time
9
timing-allow-origin
*
content-length
84
pixel.gif
px.moatads.com/ Frame 2DDA 		43 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=TRAVELAUDIENCE_DISPLAY1&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fc8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com&lp=https%3A%2F%2Ftorontosun.com&t=1698087012141&de=804143234597&m=0&ar=0c7a73c5c3d-clean&iw=eaa0026&q=3&cb=0&ym=0&cu=1698087012141&ll=2&lm=2&ln=1&r=0&em=0&en=0&d=30000567%3A50005817%3A60026414%3A70015989&zMoatSSP=0&zMoatDeal=-1&zMoatSubdomain=torontosun.com&zMoatIMPID=feDpfi_OPUTm4HhI4wI9kTl_f4r2OXNl16mHzw&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Ftorontosun.com&id=0&ii=2&bo=c8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com&bd=728x90&zMoatOrigSlicer1=c8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com&zMoatOrigSlicer2=728x90&zMoatDomain=torontosun.com&gw=travel198849194933&fd=1&it=500&ti=0&ih=2&pe=0%3A404%3A404%3A0%3A0&jk=-1&jm=-1&fs=205668&na=1802407092&cs=0
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000567.16.0.70015989.0.0..0.DE.-1..fI1mva3lHiOCOcKjEwft-w%3D%3D.60026414.OTk5JTJjMQ==...fI1mva3lHiOCOcKjEwft-w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWnLvYsA2ZcLZEOqgjuwPpK2moArKkbX7ctPipc7RCsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi01NjExMDUzNjYyNjEzMzkwyAEJqQJGBtdv48ixPuACAKgDAcgDAqoEkAJP0HHRc8IS9sWV0lmVItVVnNavHSUw_lQL0-reXLwJ5M08v8QQ_G8OJXXIBsIe7TuFuEoIChlC8B98Z74jKz5hIE3Gk4zQGJOdxSJgTIEhoDeLaeWkPd3mIfc8VYTQmyboe5ETRuLH5-P5MWVCX4a72WvyJl4R5L-Tn2w6jmb3HG_N4Mc4sXeE-zbFj1Wm839oEZOY4rfp1LdRHrxq9sjK4WFXxaMcS16aW7oQjzsWh5wRSTIX1DeY4ZhDNkNJFFJksnykvvPtKJZ5Wwfi4ZRBWNNX9kuFeflV1KgomAHOwVDolMGd2yfonChnaRAi6k7Egj7JDni37ZEl3fhhjTky0RD_mTbHgVxrC-t8J-NYsuAEAYAGy8zuq9HslIGeAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3d_1mks0gC8K0rRj2c66eZHHE9dA%26client%3Dca-pub-5611053662613390%26adurl%3D&googlewinningprice=ZTbAYgAELMIHg5BqAAmWpLzn5xHxPSoIsJkH6Q&wpc=EUR&site=torontosun.com&slotvisibility=1&gcpm=780477&gpos=1&bidder=bidder-rtb-production-8d8b49fdb-rlg9c&dv=1&uuid=&suid=&brq=feDpfi_OPUTm4HhI4wI9kTl_f4r2OXNl16mHzw&ssp_id=0&l=en&ts=1698087010&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=d1sZmcrEbdBBtNSTVqO6R6NLKLLj5AZi3SHit1fHwy8=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.169.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-169-236.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Oct 2023 18:50:12 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
x-akamai-ew-subworker
8096267
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 23 Oct 2023 18:50:12 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310180101&jk=1952604898827495&bg=!vr2lvfLNAAbDUgby41I7ADQBe5WfOEWd_WgWkAGsAYyhEy-m5IbmVcUiWXLwnWoGsbquhFANeW9ragjpyW941jBBHTbfAgAAAnpSAAAAA2gBB5kCuGMktjE2tNtnzGGnvIXLTNBBCfHHcBF_OIq3DvmcPiSOBUMI5fFXihjR1LjaCXs-KoGw1j16cP_ywi0-oDdoY8W9jyeL1J8sxZXn182MZEEPsmmArXp96MCTgH5mbR9L1d03WQbTOxMr5hKJa7A1hh3HoQV97H8eIBr70z6S9Llgunl908KOoD4k07UiI1cjohIsfWm1yG0mHiY0L33cizgySh5Qwf9rs0XhwqXhQlUfQqqXMgREJMVS1byxl9jgZx8mjBnUQSGKGjAejVXWVl6MQOHmDyQ9UFCu_IWXrZy4DlXcCL_Ip-Q23qCFtcUoZzwN1_m2qKlF3hulFqYqMDYOkk27cjRCXYluA7tCCZDsskAhdq2Lc2aQI2omTIBw4itCgPb5AQWytt_N4jkjn7rg-3qXLFLfa88Ae49YTZm5EHejiXP8pTY5XoXr6KvCyYLyfx3HOZNRKxyFyvaHWQSMaG9KxevCVKRL56QGXlpgur746UuBv0AaA46lBQzskCJ8RW9tO9rVk0CVUffJxZsKyTEGucQfdW6jwgaxUH1gFdFdF4eUhdq07S2QpeQJaDL_qRHsxXDQKPSsoOc2H_r59D4weM3UBTxNguG2o4Zld4Id2koOqudcgDRNu9CuqvyFKrKVZOzCyT1urOvH5rYQL62dI3FW6RAWK1EzwXRh9Dr5xhkI1cezQIhRAD_4vPw4e4w7TSACGmpRxkKlTIwugrHrnUqu2IDo429W-H7GqTVpIc3AVmuycFVKnWeZNTvloWGr0meOUApg3Da5V7VaSryPwtaneDYvYqoaB5gcAXFXKpT1p--CkVpNBjMSQ9mLcl0rg6lkj7LwANIAiHEJ1nbkyL2DhlflvBCaBI1CsoC3LvZwsfyTkw8auPVyeEmkS7Fe7G2gEp02FAB6Rnj8NzYHAqckDg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
p1.js
p1cluster.cxense.com/ Frame 6C30 		46 B
636 B 		Script
General
Check archive.org
Download Go to
Full URL
https://p1cluster.cxense.com/p1.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.235.124.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nue0037.cxense.com
Software
Jetty(9.4.28.v20200408) /
Resource Hash
b624889074ec38a8f82b3617e88561201a077eb00ca3e95a661d3e25f95dc746

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.cxense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:12 GMT
last-modified
Sun, 23 Apr 2023 18:50:12 GMT
server
Jetty(9.4.28.v20200408)
etag
23slzt8335cxrh53yp6cw0y9k
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
text/javascript;charset=utf-8
cache-control
private, proxy-revalidate
content-length
46
expires
Wed, 23 Oct 2024 18:50:12 GMT
rfv.php
compassdata.mrf.io/ 		27 B
470 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://compassdata.mrf.io/rfv.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.32.62 Toenisvorst, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy03.cl03.het.mrf.io
Software
istio-envoy /
Resource Hash
79df73fd1377483384f7b7565e98c4a430889f0388db05634271f9f302faeac7

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryKqe0N32u4KzbAdWU

Response headers

date
Mon, 23 Oct 2023 18:50:12 GMT
content-encoding
gzip
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://torontosun.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
42
ping.gif
ping-meta-prd.jwpltx.com/v1/jwplayer6/ 		0
202 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping-meta-prd.jwpltx.com/v1/jwplayer6/ping.gif?h=-1931503055&e=xapi&n=4729709995757307&aid=EP4j6LNJEeu2Q2J%2B7u8ONQ&emi=q0mwxzcxwzzp&id=hWntWOSO&pli=1xhu1l519g3w&pv=8.29.0&tv=3.43.0&ed=6&prs=idle&pid=dchHpZtp&ph=1&sdk=0&xam=on&xfmp=fullscreen&sa=1698087012251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25e8:de00:0:723d:9040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:12 GMT
via
1.1 5fcfa33730e16a82669ad0b497f19c94.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
AMS1-P3
x-amz-cf-id
Y-KKaT9xL5pjoNNSGyGTEIF75DQYgQ-A7c8fowoPpVArbC77KtI9yg==
x-cache
Miss from cloudfront
js-err
rtb.ads.travelaudience.com/ Frame 2DDA 		35 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.ads.travelaudience.com/js-err?description=Script%20error.&url=&line=0&col=0&parent_url=https%3A%2F%2Frtb.ads.travelaudience.com%2Frtb%3Fads%3D30000567.16.0.70015989.0.0..0.DE.-1..fI1mva3lHiOCOcKjEwft-w%253D%253D.60026414.OTk5JTJjMQ%3D%3D...fI1mva3lHiOCOcKjEwft-w%253D%253D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ%3D%3D.2.0%26p%3D90000%26x%3D728%26y%3D90%26click%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCWnLvYsA2ZcLZEOqgjuwPpK2moArKkbX7ctPipc7RCsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi01NjExMDUzNjYyNjEzMzkwyAEJqQJGBtdv48ixPuACAKgDAcgDAqoEkAJP0HHRc8IS9sWV0lmVItVVnNavHSUw_lQL0-reXLwJ5M08v8QQ_G8OJXXIBsIe7TuFuEoIChlC8B98Z74jKz5hIE3Gk4zQGJOdxSJgTIEhoDeLaeWkPd3mIfc8VYTQmyboe5ETRuLH5-P5MWVCX4a72WvyJl4R5L-Tn2w6jmb3HG_N4Mc4sXeE-zbFj1Wm839oEZOY4rfp1LdRHrxq9sjK4WFXxaMcS16aW7oQjzsWh5wRSTIX1DeY4ZhDNkNJFFJksnykvvPtKJZ5Wwfi4ZRBWNNX9kuFeflV1KgomAHOwVDolMGd2yfonChnaRAi6k7Egj7JDni37ZEl3fhhjTky0RD_mTbHgVxrC-t8J-NYsuAEAYAGy8zuq9HslIGeAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3d_1mks0gC8K0rRj2c66eZHHE9dA%2526client%253Dca-pub-5611053662613390%2526adurl%253D%26googlewinningprice%3DZTbAYgAELMIHg5BqAAmWpLzn5xHxPSoIsJkH6Q%26wpc%3DEUR%26site%3Dtorontosun.com%26slotvisibility%3D1%26gcpm%3D780477%26gpos%3D1%26bidder%3Dbidder-rtb-production-8d8b49fdb-rlg9c%26dv%3D1%26uuid%3D%26suid%3D%26brq%3DfeDpfi_OPUTm4HhI4wI9kTl_f4r2OXNl16mHzw%26ssp_id%3D0%26l%3Den%26ts%3D1698087010%26uc%3DDE%26at%3D1%26ia%3D0%26mai%3D%26mat%3D1%26ir%3D0%26an%3D%26rg%3D1%26hm%3Dd1sZmcrEbdBBtNSTVqO6R6NLKLLj5AZi3SHit1fHwy8%3D
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000567.16.0.70015989.0.0..0.DE.-1..fI1mva3lHiOCOcKjEwft-w%3D%3D.60026414.OTk5JTJjMQ==...fI1mva3lHiOCOcKjEwft-w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWnLvYsA2ZcLZEOqgjuwPpK2moArKkbX7ctPipc7RCsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi01NjExMDUzNjYyNjEzMzkwyAEJqQJGBtdv48ixPuACAKgDAcgDAqoEkAJP0HHRc8IS9sWV0lmVItVVnNavHSUw_lQL0-reXLwJ5M08v8QQ_G8OJXXIBsIe7TuFuEoIChlC8B98Z74jKz5hIE3Gk4zQGJOdxSJgTIEhoDeLaeWkPd3mIfc8VYTQmyboe5ETRuLH5-P5MWVCX4a72WvyJl4R5L-Tn2w6jmb3HG_N4Mc4sXeE-zbFj1Wm839oEZOY4rfp1LdRHrxq9sjK4WFXxaMcS16aW7oQjzsWh5wRSTIX1DeY4ZhDNkNJFFJksnykvvPtKJZ5Wwfi4ZRBWNNX9kuFeflV1KgomAHOwVDolMGd2yfonChnaRAi6k7Egj7JDni37ZEl3fhhjTky0RD_mTbHgVxrC-t8J-NYsuAEAYAGy8zuq9HslIGeAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3d_1mks0gC8K0rRj2c66eZHHE9dA%26client%3Dca-pub-5611053662613390%26adurl%3D&googlewinningprice=ZTbAYgAELMIHg5BqAAmWpLzn5xHxPSoIsJkH6Q&wpc=EUR&site=torontosun.com&slotvisibility=1&gcpm=780477&gpos=1&bidder=bidder-rtb-production-8d8b49fdb-rlg9c&dv=1&uuid=&suid=&brq=feDpfi_OPUTm4HhI4wI9kTl_f4r2OXNl16mHzw&ssp_id=0&l=en&ts=1698087010&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=d1sZmcrEbdBBtNSTVqO6R6NLKLLj5AZi3SHit1fHwy8=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.187.184.108 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
108.184.187.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://rtb.ads.travelaudience.com/rtb?ads=30000567.16.0.70015989.0.0..0.DE.-1..fI1mva3lHiOCOcKjEwft-w%3D%3D.60026414.OTk5JTJjMQ==...fI1mva3lHiOCOcKjEwft-w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWnLvYsA2ZcLZEOqgjuwPpK2moArKkbX7ctPipc7RCsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi01NjExMDUzNjYyNjEzMzkwyAEJqQJGBtdv48ixPuACAKgDAcgDAqoEkAJP0HHRc8IS9sWV0lmVItVVnNavHSUw_lQL0-reXLwJ5M08v8QQ_G8OJXXIBsIe7TuFuEoIChlC8B98Z74jKz5hIE3Gk4zQGJOdxSJgTIEhoDeLaeWkPd3mIfc8VYTQmyboe5ETRuLH5-P5MWVCX4a72WvyJl4R5L-Tn2w6jmb3HG_N4Mc4sXeE-zbFj1Wm839oEZOY4rfp1LdRHrxq9sjK4WFXxaMcS16aW7oQjzsWh5wRSTIX1DeY4ZhDNkNJFFJksnykvvPtKJZ5Wwfi4ZRBWNNX9kuFeflV1KgomAHOwVDolMGd2yfonChnaRAi6k7Egj7JDni37ZEl3fhhjTky0RD_mTbHgVxrC-t8J-NYsuAEAYAGy8zuq9HslIGeAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3d_1mks0gC8K0rRj2c66eZHHE9dA%26client%3Dca-pub-5611053662613390%26adurl%3D&googlewinningprice=ZTbAYgAELMIHg5BqAAmWpLzn5xHxPSoIsJkH6Q&wpc=EUR&site=torontosun.com&slotvisibility=1&gcpm=780477&gpos=1&bidder=bidder-rtb-production-8d8b49fdb-rlg9c&dv=1&uuid=&suid=&brq=feDpfi_OPUTm4HhI4wI9kTl_f4r2OXNl16mHzw&ssp_id=0&l=en&ts=1698087010&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=d1sZmcrEbdBBtNSTVqO6R6NLKLLj5AZi3SHit1fHwy8=
Origin
https://rtb.ads.travelaudience.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:12 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
access-control-allow-methods
GET
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
access-control-allow-origin
https://rtb.ads.travelaudience.com
content-type
image/gif
pixel.gif
px.moatads.com/ Frame 2DDA 		43 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fstatic.travelaudience.com%2Fimg%2Fimport%2FAbuDhabi_DMO%2F2023_Winter%2F728x90_Abu_Dhabi_Winter_EUR_EN.gif&i=TRAVELAUDIENCE_DISPLAY1&ol=2482356833&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2Ba%24%3D!!t%2BxBk_lLgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-CVjuwVF0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-3wQSTAc2oUtvHw%3D%3D&sc=1&os=1-Nw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Ftorontosun.com&id=0&ii=2&f=1&j=https%3A%2F%2Fc8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com&lp=https%3A%2F%2Ftorontosun.com&t=1698087012141&de=804143234597&cu=1698087012141&m=78&ar=0c7a73c5c3d-clean&iw=eaa0026&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A404%3A404%3A0%3A0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=50&cd=0&ah=50&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=30000567%3A50005817%3A60026414%3A70015989&bo=c8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com&bd=728x90&gw=travel198849194933&zMoatOrigSlicer1=c8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com&zMoatOrigSlicer2=728x90&zMoatDomain=torontosun.com&zMoatSubdomain=torontosun.com&zMoatSSP=0&zMoatDeal=-1&zMoatIMPID=feDpfi_OPUTm4HhI4wI9kTl_f4r2OXNl16mHzw&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&jk=-1&jm=-1&tc=0&fs=205668&na=1675110443&cs=0
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000567.16.0.70015989.0.0..0.DE.-1..fI1mva3lHiOCOcKjEwft-w%3D%3D.60026414.OTk5JTJjMQ==...fI1mva3lHiOCOcKjEwft-w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWnLvYsA2ZcLZEOqgjuwPpK2moArKkbX7ctPipc7RCsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi01NjExMDUzNjYyNjEzMzkwyAEJqQJGBtdv48ixPuACAKgDAcgDAqoEkAJP0HHRc8IS9sWV0lmVItVVnNavHSUw_lQL0-reXLwJ5M08v8QQ_G8OJXXIBsIe7TuFuEoIChlC8B98Z74jKz5hIE3Gk4zQGJOdxSJgTIEhoDeLaeWkPd3mIfc8VYTQmyboe5ETRuLH5-P5MWVCX4a72WvyJl4R5L-Tn2w6jmb3HG_N4Mc4sXeE-zbFj1Wm839oEZOY4rfp1LdRHrxq9sjK4WFXxaMcS16aW7oQjzsWh5wRSTIX1DeY4ZhDNkNJFFJksnykvvPtKJZ5Wwfi4ZRBWNNX9kuFeflV1KgomAHOwVDolMGd2yfonChnaRAi6k7Egj7JDni37ZEl3fhhjTky0RD_mTbHgVxrC-t8J-NYsuAEAYAGy8zuq9HslIGeAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3d_1mks0gC8K0rRj2c66eZHHE9dA%26client%3Dca-pub-5611053662613390%26adurl%3D&googlewinningprice=ZTbAYgAELMIHg5BqAAmWpLzn5xHxPSoIsJkH6Q&wpc=EUR&site=torontosun.com&slotvisibility=1&gcpm=780477&gpos=1&bidder=bidder-rtb-production-8d8b49fdb-rlg9c&dv=1&uuid=&suid=&brq=feDpfi_OPUTm4HhI4wI9kTl_f4r2OXNl16mHzw&ssp_id=0&l=en&ts=1698087010&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=d1sZmcrEbdBBtNSTVqO6R6NLKLLj5AZi3SHit1fHwy8=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.169.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-169-236.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Oct 2023 18:50:12 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
x-akamai-ew-subworker
8096267
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 23 Oct 2023 18:50:12 GMT
sid
mug.criteo.com/ Frame 36F3
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=torontosun.com&sn=ChromeSyncframe&so=0&topUrl=torontosun.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=957KfnxjdGxndWxVaDcvMXRSSUhNMXp2eStVRlQyUlQwV0NjV1Z0TnZvdkFKM0hYc1Z0WXUwQ21VUWExZ09FakgvZTBEakMwYktEc1RMYXpqK1lzMVB2TzZvYXBudXF2RStoWVBFTXFsNFlqVEVRcHRlL0JuTWZtRU9XMG...
435 B
656 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=957KfnxjdGxndWxVaDcvMXRSSUhNMXp2eStVRlQyUlQwV0NjV1Z0TnZvdkFKM0hYc1Z0WXUwQ21VUWExZ09FakgvZTBEakMwYktEc1RMYXpqK1lzMVB2TzZvYXBudXF2RStoWVBFTXFsNFlqVEVRcHRlL0JuTWZtRU9XMGpzNTlUNTRySGh3aFAzTXBPd2RDWS8wUUN5eXJUbW5QRUREbGxNcDNJajJPS3VtR3Vwb2d6T0RrTzkzNWJUQ1pwTTF3UXpYcG1HOXVVdjYydDByaVU1MnNla1NjUHoweGxSOHRMWXBYbXNOblVyeXhRZDVJekxSS2hoQUVUVTMydVdQY20rWnRsSU1jWCtYL1lHbC83MHJEY252OWVmUT09fA&cppv=2
Protocol
H2
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
3e3a18910e00a7c4f8222f53f62338707c164cdbe9958ade06d8632fee5fc05b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Oct 2023 18:50:12 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1362021
expires
0

Redirect headers

pragma
no-cache
date
Mon, 23 Oct 2023 18:50:11 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=957KfnxjdGxndWxVaDcvMXRSSUhNMXp2eStVRlQyUlQwV0NjV1Z0TnZvdkFKM0hYc1Z0WXUwQ21VUWExZ09FakgvZTBEakMwYktEc1RMYXpqK1lzMVB2TzZvYXBudXF2RStoWVBFTXFsNFlqVEVRcHRlL0JuTWZtRU9XMGpzNTlUNTRySGh3aFAzTXBPd2RDWS8wUUN5eXJUbW5QRUREbGxNcDNJajJPS3VtR3Vwb2d6T0RrTzkzNWJUQ1pwTTF3UXpYcG1HOXVVdjYydDByaVU1MnNla1NjUHoweGxSOHRMWXBYbXNOblVyeXhRZDVJekxSS2hoQUVUVTMydVdQY20rWnRsSU1jWCtYL1lHbC83MHJEY252OWVmUT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
263272
content-length
0
expires
0
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-QZZLREHFVM&gtm=45je3ai0&_p=1585049294&ul=en-us&sr=1600x1200&cid=902897307.1698087010&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Ftorontosun.com%2F&dt=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&sid=1698087012&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QZZLREHFVM&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Oct 2023 18:50:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://torontosun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
multimedia.php
events.newsroom.bi/ 		12 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/multimedia.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/ad98bf682808f4798a52.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.32.62 Toenisvorst, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy03.cl03.het.mrf.io
Software
istio-envoy /
Resource Hash

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 23 Oct 2023 18:50:12 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://torontosun.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
6
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
12
svod-module-js.c2d430242c27f18c872b.js
cdn.viafoura.net/chunks/vuex_store/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vuex_store/svod-module-js.c2d430242c27f18c872b.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2127:cc00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c27656543ea72cfde94a907f960c330cda303453cf29063a1eeec45ab293a470

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:21:03 GMT
x-amz-version-id
aRGFZGBrET0aoDAAX8hzpeq1UmTHbDsf
content-encoding
br
via
1.1 4bc1976da553dde6dd59c4ea33001b72.cloudfront.net (CloudFront)
age
343750
x-amz-cf-pop
PRG50-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 19 Oct 2023 19:20:28 GMT
server
AmazonS3
etag
W/"a040cc3cae7fb336a3a9e83ffe697152"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
y21sMKXn6VFS0xhoJDSNw0V3li4AG6eg2HdKJx1OIH6vGvgDd1IFug==
pixel.gif
px.moatads.com/ Frame 2DDA 		43 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRAVELAUDIENCE_DISPLAY1&ol=2482356833&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2Ba%24%3D!!t%2BxBk_lLgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-CVjuwVF0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-3wQSTAc2oUtvHw%3D%3D&sc=1&os=1-Nw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=1&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Ftorontosun.com&id=0&ii=2&f=1&j=https%3A%2F%2Fc8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com&lp=https%3A%2F%2Ftorontosun.com&t=1698087012141&de=804143234597&cu=1698087012141&m=207&ar=0c7a73c5c3d-clean&iw=eaa0026&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&lh=81&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A404%3A404%3A0%3A743&aa=0&ad=68&cn=0&gk=68&gl=0&ik=68&ic=68&ez=1&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=50&cd=50&ah=50&am=50&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=30000567%3A50005817%3A60026414%3A70015989&bo=c8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com&bd=728x90&gw=travel198849194933&zMoatOrigSlicer1=c8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com&zMoatOrigSlicer2=728x90&zMoatDomain=torontosun.com&zMoatSubdomain=torontosun.com&zMoatSSP=0&zMoatDeal=-1&zMoatIMPID=feDpfi_OPUTm4HhI4wI9kTl_f4r2OXNl16mHzw&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=-1&jm=-1&tc=0&fs=205668&na=217171795&cs=0
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000567.16.0.70015989.0.0..0.DE.-1..fI1mva3lHiOCOcKjEwft-w%3D%3D.60026414.OTk5JTJjMQ==...fI1mva3lHiOCOcKjEwft-w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWnLvYsA2ZcLZEOqgjuwPpK2moArKkbX7ctPipc7RCsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi01NjExMDUzNjYyNjEzMzkwyAEJqQJGBtdv48ixPuACAKgDAcgDAqoEkAJP0HHRc8IS9sWV0lmVItVVnNavHSUw_lQL0-reXLwJ5M08v8QQ_G8OJXXIBsIe7TuFuEoIChlC8B98Z74jKz5hIE3Gk4zQGJOdxSJgTIEhoDeLaeWkPd3mIfc8VYTQmyboe5ETRuLH5-P5MWVCX4a72WvyJl4R5L-Tn2w6jmb3HG_N4Mc4sXeE-zbFj1Wm839oEZOY4rfp1LdRHrxq9sjK4WFXxaMcS16aW7oQjzsWh5wRSTIX1DeY4ZhDNkNJFFJksnykvvPtKJZ5Wwfi4ZRBWNNX9kuFeflV1KgomAHOwVDolMGd2yfonChnaRAi6k7Egj7JDni37ZEl3fhhjTky0RD_mTbHgVxrC-t8J-NYsuAEAYAGy8zuq9HslIGeAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3d_1mks0gC8K0rRj2c66eZHHE9dA%26client%3Dca-pub-5611053662613390%26adurl%3D&googlewinningprice=ZTbAYgAELMIHg5BqAAmWpLzn5xHxPSoIsJkH6Q&wpc=EUR&site=torontosun.com&slotvisibility=1&gcpm=780477&gpos=1&bidder=bidder-rtb-production-8d8b49fdb-rlg9c&dv=1&uuid=&suid=&brq=feDpfi_OPUTm4HhI4wI9kTl_f4r2OXNl16mHzw&ssp_id=0&l=en&ts=1698087010&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=d1sZmcrEbdBBtNSTVqO6R6NLKLLj5AZi3SHit1fHwy8=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.169.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-169-236.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Oct 2023 18:50:12 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
x-akamai-ew-subworker
8096267
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 23 Oct 2023 18:50:12 GMT
rep.gif
comcluster.cxense.com/Repo/ Frame 6C30 		43 B
468 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comcluster.cxense.com/Repo/rep.gif?ver=2.8.33&typ=pgv&rnd=lo395vdh8eo5j0aj&sid=1138596495834131576&loc=https%3A%2F%2Ftorontosun.com%2F&new=1&arf=0&ltm=1698087011712&ref=&tzo=-120&wsz=1600x1200&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=lo395vyae8m5t5m4&ckp=lo395vdh5e6jblh5&glb=&cp_userState=anon&cst=23slzt8335cxrh53yp6cw0y9k
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.235.124.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nue0037.cxense.com
Software
Jetty(9.4.28.v20200408) /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.cxense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date
Mon, 23 Oct 2023 18:50:12 GMT
server
Jetty(9.4.28.v20200408)
content-length
43
content-type
image/gif
id
id.cxense.com/public/user/ 		102 B
675 B 		Script
General
Check archive.org
Download Go to
Full URL
https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22lo395vdh5e6jblh5%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%2223slzt8335cxrh53yp6cw0y9k%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%2223slzt8335cxrh53yp6cw0y9k%22%7D%5D%2C%22siteId%22%3A%221138596495834131576%22%2C%22location%22%3A%22https%3A%2F%2Ftorontosun.com%2F%22%7D&callback=cXJsonpCB1
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.235.124.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nue0037.cxense.com
Software
Jetty(9.4.28.v20200408) /
Resource Hash
a9acb91176388474590aa509f8cccf40080aa7223a01c45d404df6a0d03959ba
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Oct 2023 18:50:12 GMT
x-content-type-options
nosniff
server
Jetty(9.4.28.v20200408)
content-type
text/javascript;charset=utf-8
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-store, no-cache, must-revalidate
content-length
102
expires
Mon, 26 Jul 1997 05:00:00 GMT
appInfo
config.lrcontent.com/ciam/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://config.lrcontent.com/ciam/appInfo?apikey=1a9a7ccf-c3f1-4ec9-a65f-2c3e8d9510a5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:5eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-headers
x-requested-with
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://torontosun.com
allow
GET, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
81ac2a13a9f32bb5-FRA
date
Mon, 23 Oct 2023 18:50:12 GMT
server
cloudflare
vary
Origin
appInfo
config.lrcontent.com/ciam/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://config.lrcontent.com/ciam/appInfo?apikey=1a9a7ccf-c3f1-4ec9-a65f-2c3e8d9510a5
Requested by
Host: auth.lrcontent.com
URL: https://auth.lrcontent.com/v2/LoginRadiusV2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:5eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2d9f986e81ce3a5cd74a2c6c81f5d9ced7ec4955ff6f367f391b757ba81e677

Request headers

Referer
https://torontosun.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:12 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json
access-control-allow-origin
https://torontosun.com
cache-control
max-age=86400
cf-ray
81ac2a140a722bb5-FRA
pixel.gif
travel198849194933.s.moatpixel.com/ Frame 2DDA 		43 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=50&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=torontosun.com&L1id=30000567&L2id=50005817&L3id=60026414&L4id=70015989&S1id=c8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com&S2id=728x90&ord=1698087012141&r=804143234597&t=meas&os=0&fi2=0&div1=0&ait=0&zMoatSubdomain=torontosun.com&zMoatIMPID=feDpfi_OPUTm4HhI4wI9kTl_f4r2OXNl16mHzw&bedc=1&nosend&q=1&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000567.16.0.70015989.0.0..0.DE.-1..fI1mva3lHiOCOcKjEwft-w%3D%3D.60026414.OTk5JTJjMQ==...fI1mva3lHiOCOcKjEwft-w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWnLvYsA2ZcLZEOqgjuwPpK2moArKkbX7ctPipc7RCsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi01NjExMDUzNjYyNjEzMzkwyAEJqQJGBtdv48ixPuACAKgDAcgDAqoEkAJP0HHRc8IS9sWV0lmVItVVnNavHSUw_lQL0-reXLwJ5M08v8QQ_G8OJXXIBsIe7TuFuEoIChlC8B98Z74jKz5hIE3Gk4zQGJOdxSJgTIEhoDeLaeWkPd3mIfc8VYTQmyboe5ETRuLH5-P5MWVCX4a72WvyJl4R5L-Tn2w6jmb3HG_N4Mc4sXeE-zbFj1Wm839oEZOY4rfp1LdRHrxq9sjK4WFXxaMcS16aW7oQjzsWh5wRSTIX1DeY4ZhDNkNJFFJksnykvvPtKJZ5Wwfi4ZRBWNNX9kuFeflV1KgomAHOwVDolMGd2yfonChnaRAi6k7Egj7JDni37ZEl3fhhjTky0RD_mTbHgVxrC-t8J-NYsuAEAYAGy8zuq9HslIGeAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3d_1mks0gC8K0rRj2c66eZHHE9dA%26client%3Dca-pub-5611053662613390%26adurl%3D&googlewinningprice=ZTbAYgAELMIHg5BqAAmWpLzn5xHxPSoIsJkH6Q&wpc=EUR&site=torontosun.com&slotvisibility=1&gcpm=780477&gpos=1&bidder=bidder-rtb-production-8d8b49fdb-rlg9c&dv=1&uuid=&suid=&brq=feDpfi_OPUTm4HhI4wI9kTl_f4r2OXNl16mHzw&ssp_id=0&l=en&ts=1698087010&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=d1sZmcrEbdBBtNSTVqO6R6NLKLLj5AZi3SHit1fHwy8=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-148.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Oct 2023 18:50:12 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
x-akamai-ew-subworker
8096267
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 23 Oct 2023 18:50:12 GMT
pixel.gif
travel198849194933.s.moatpixel.com/ Frame 2DDA 		43 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=68&fi=1&apd=186&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=torontosun.com&L1id=30000567&L2id=50005817&L3id=60026414&L4id=70015989&S1id=c8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com&S2id=728x90&ord=1698087012141&r=804143234597&t=hdn&os=1&fi2=0&div1=0&ait=0&zMoatSubdomain=torontosun.com&zMoatIMPID=feDpfi_OPUTm4HhI4wI9kTl_f4r2OXNl16mHzw&bedc=1&nosend&q=2&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000567.16.0.70015989.0.0..0.DE.-1..fI1mva3lHiOCOcKjEwft-w%3D%3D.60026414.OTk5JTJjMQ==...fI1mva3lHiOCOcKjEwft-w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWnLvYsA2ZcLZEOqgjuwPpK2moArKkbX7ctPipc7RCsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi01NjExMDUzNjYyNjEzMzkwyAEJqQJGBtdv48ixPuACAKgDAcgDAqoEkAJP0HHRc8IS9sWV0lmVItVVnNavHSUw_lQL0-reXLwJ5M08v8QQ_G8OJXXIBsIe7TuFuEoIChlC8B98Z74jKz5hIE3Gk4zQGJOdxSJgTIEhoDeLaeWkPd3mIfc8VYTQmyboe5ETRuLH5-P5MWVCX4a72WvyJl4R5L-Tn2w6jmb3HG_N4Mc4sXeE-zbFj1Wm839oEZOY4rfp1LdRHrxq9sjK4WFXxaMcS16aW7oQjzsWh5wRSTIX1DeY4ZhDNkNJFFJksnykvvPtKJZ5Wwfi4ZRBWNNX9kuFeflV1KgomAHOwVDolMGd2yfonChnaRAi6k7Egj7JDni37ZEl3fhhjTky0RD_mTbHgVxrC-t8J-NYsuAEAYAGy8zuq9HslIGeAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3d_1mks0gC8K0rRj2c66eZHHE9dA%26client%3Dca-pub-5611053662613390%26adurl%3D&googlewinningprice=ZTbAYgAELMIHg5BqAAmWpLzn5xHxPSoIsJkH6Q&wpc=EUR&site=torontosun.com&slotvisibility=1&gcpm=780477&gpos=1&bidder=bidder-rtb-production-8d8b49fdb-rlg9c&dv=1&uuid=&suid=&brq=feDpfi_OPUTm4HhI4wI9kTl_f4r2OXNl16mHzw&ssp_id=0&l=en&ts=1698087010&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=d1sZmcrEbdBBtNSTVqO6R6NLKLLj5AZi3SHit1fHwy8=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-148.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Oct 2023 18:50:12 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
x-akamai-ew-subworker
8096267
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 23 Oct 2023 18:50:12 GMT
pixel.gif
travel198849194933.s.moatpixel.com/ Frame 2DDA 		43 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=68&fi=1&apd=186&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=torontosun.com&L1id=30000567&L2id=50005817&L3id=60026414&L4id=70015989&S1id=c8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com&S2id=728x90&ord=1698087012141&r=804143234597&t=fv&os=1&fi2=0&div1=0&ait=0&zMoatSubdomain=torontosun.com&zMoatIMPID=feDpfi_OPUTm4HhI4wI9kTl_f4r2OXNl16mHzw&bedc=1&nosend&q=3&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000567.16.0.70015989.0.0..0.DE.-1..fI1mva3lHiOCOcKjEwft-w%3D%3D.60026414.OTk5JTJjMQ==...fI1mva3lHiOCOcKjEwft-w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWnLvYsA2ZcLZEOqgjuwPpK2moArKkbX7ctPipc7RCsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi01NjExMDUzNjYyNjEzMzkwyAEJqQJGBtdv48ixPuACAKgDAcgDAqoEkAJP0HHRc8IS9sWV0lmVItVVnNavHSUw_lQL0-reXLwJ5M08v8QQ_G8OJXXIBsIe7TuFuEoIChlC8B98Z74jKz5hIE3Gk4zQGJOdxSJgTIEhoDeLaeWkPd3mIfc8VYTQmyboe5ETRuLH5-P5MWVCX4a72WvyJl4R5L-Tn2w6jmb3HG_N4Mc4sXeE-zbFj1Wm839oEZOY4rfp1LdRHrxq9sjK4WFXxaMcS16aW7oQjzsWh5wRSTIX1DeY4ZhDNkNJFFJksnykvvPtKJZ5Wwfi4ZRBWNNX9kuFeflV1KgomAHOwVDolMGd2yfonChnaRAi6k7Egj7JDni37ZEl3fhhjTky0RD_mTbHgVxrC-t8J-NYsuAEAYAGy8zuq9HslIGeAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3d_1mks0gC8K0rRj2c66eZHHE9dA%26client%3Dca-pub-5611053662613390%26adurl%3D&googlewinningprice=ZTbAYgAELMIHg5BqAAmWpLzn5xHxPSoIsJkH6Q&wpc=EUR&site=torontosun.com&slotvisibility=1&gcpm=780477&gpos=1&bidder=bidder-rtb-production-8d8b49fdb-rlg9c&dv=1&uuid=&suid=&brq=feDpfi_OPUTm4HhI4wI9kTl_f4r2OXNl16mHzw&ssp_id=0&l=en&ts=1698087010&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=d1sZmcrEbdBBtNSTVqO6R6NLKLLj5AZi3SHit1fHwy8=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-148.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Oct 2023 18:50:12 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
x-akamai-ew-subworker
8096267
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 23 Oct 2023 18:50:12 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 9F43 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C57aTYsA2ZcLZEOqgjuwPpK2moArKkbX7ctPipc7RCsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi01NjExMDUzNjYyNjEzMzkwyAEJqQJGBtdv48ixPuACAKgDAcgDAqoEjQJP0HHRc8IS9sWV0lmVItVVnNavHSUw_lQL0-reXLwJ5M08v8QQ_G8OJXXIBsIe7TuFuEoIChlC8B98Z74jKz5hIE3Gk4zQGJOdxSJgTIEhoDeLaeWkPd3mIfc8VYTQmyboe5ETRuLH5-P5MWVCX4a72WvyJl4R5L-Tn2w6jmb3HG_N4Mc4sXeE-zbFj1Wm839oEZOY4rfp1LdRHrxq9sjK4WFXxaMcS16aW7oQjzsWh5wRSTIX1DeY4ZhDNkNJFFJksnykvvPtKJZ5Wwfi4ZRBWNNX9kuFeflV1KgomAHOwVDolMGd2yeqngn1-77N49Erq5teC-oI9bYvcPJPlYmBXhVtLIPqrUT7gBx1uOAEAYAGy8zuq9HslIGeAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOoAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi01NjExMDUzNjYyNjEzMzkwGM31EQ&sigh=FuXYLTV74XY&uach_m=[UACH]&cid=CAQSOwDICaaNrF-wGnQeZkE2wnknCPHQtpEUAr_Alx5eV6Rg2tpqw_98CunlsVvt8UWndychQYsioABxKWS1GAE&cbvp=2&vis=1
Requested by
Host: c8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com
URL: https://c8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
login
postmedia.hub.loginradius.com/ssologin/ 		38 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Requested by
Host: auth.lrcontent.com
URL: https://auth.lrcontent.com/v2/LoginRadiusV2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.185.12.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-12-185.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://torontosun.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Mon, 23 Oct 2023 18:50:12 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Server
nginx
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,OPTIONS, POST, GET, PUT, OPTIONS, DELETE
Content-Type
application/json
Access-Control-Allow-Origin
https://torontosun.com
X-LoginRadius-Server
Primary - IDX - AWS
Access-Control-Allow-Credentials
true
X-Server
ms_idx_primary
Connection
keep-alive
Content-Length
38
login
postmedia.hub.loginradius.com/ssologin/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.185.12.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-12-185.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
x-requested-with
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,OPTIONS POST, GET, PUT, OPTIONS, DELETE
Access-Control-Allow-Origin
https://torontosun.com
Connection
keep-alive
Date
Mon, 23 Oct 2023 18:50:12 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-LoginRadius-Server
Primary - IDX - AWS
X-Server
ms_idx_primary
pixel.gif
travel198849194933.s.moatpixel.com/ Frame 2DDA 		43 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=270&fi=1&apd=388&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=torontosun.com&L1id=30000567&L2id=50005817&L3id=60026414&L4id=70015989&S1id=c8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com&S2id=728x90&ord=1698087012141&r=804143234597&t=nht&os=1&fi2=0&div1=0&ait=0&zMoatSubdomain=torontosun.com&zMoatIMPID=feDpfi_OPUTm4HhI4wI9kTl_f4r2OXNl16mHzw&bedc=1&nosend&q=4&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-148.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Oct 2023 18:50:12 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
x-akamai-ew-subworker
8096267
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 23 Oct 2023 18:50:12 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9F43 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstPmEJHRy5zPQZv-S20aZEFNJNB0RfxTv4roZ5gsjYzgI2deGP7tLEk4gOI7-bMzQonkjhb-ZtRCxA2eXGTltvsLnTko7b9a0-nqEj9&sig=Cg0ArKJSzKqq1DwKWGZ5EAE&id=lidar2&mcvt=1000&p=109,436,199,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231018&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=913967088&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698087011299&rpt=732&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Oct 2023 18:50:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ Frame 2DDA 		43 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRAVELAUDIENCE_DISPLAY1&ol=2482356833&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2Ba%24%3D!!t%2BxBk_lLgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-CVjuwVF0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-3wQSTAc2oUtvHw%3D%3D&sc=1&os=1-Nw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Ftorontosun.com&id=0&ii=2&f=1&j=https%3A%2F%2Fc8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com&lp=https%3A%2F%2Ftorontosun.com&t=1698087012141&de=804143234597&cu=1698087012141&m=1213&ar=0c7a73c5c3d-clean&iw=eaa0026&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&lf=184&lg=1&lh=81&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A404%3A404%3A914%3A743&aa=1&ad=1074&cn=68&gn=1&gk=1074&gl=68&ik=1074&ic=1074&ez=1&co=1074&cp=991&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=991&cd=50&ah=991&am=50&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=30000567%3A50005817%3A60026414%3A70015989&bo=c8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com&bd=728x90&gw=travel198849194933&zMoatOrigSlicer1=c8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com&zMoatOrigSlicer2=728x90&zMoatDomain=torontosun.com&zMoatSubdomain=torontosun.com&zMoatSSP=0&zMoatDeal=-1&zMoatIMPID=feDpfi_OPUTm4HhI4wI9kTl_f4r2OXNl16mHzw&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=4&jm=-1&tc=0&fs=205668&na=385757046&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.169.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-169-236.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Oct 2023 18:50:13 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
x-akamai-ew-subworker
8096267
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 23 Oct 2023 18:50:13 GMT
pixel.gif
travel198849194933.s.moatpixel.com/ Frame 2DDA 		43 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=991&tet=1074&fi=1&apd=1192&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=torontosun.com&L1id=30000567&L2id=50005817&L3id=60026414&L4id=70015989&S1id=c8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com&S2id=728x90&ord=1698087012141&r=804143234597&t=iv&os=1&fi2=0&div1=1&ait=0&zMoatSubdomain=torontosun.com&zMoatIMPID=feDpfi_OPUTm4HhI4wI9kTl_f4r2OXNl16mHzw&bedc=1&nosend&q=5&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-148.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Oct 2023 18:50:13 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
x-akamai-ew-subworker
8096267
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 23 Oct 2023 18:50:13 GMT
pixel.gif
px.moatads.com/ Frame 2DDA 		43 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRAVELAUDIENCE_DISPLAY1&ol=2482356833&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2Ba%24%3D!!t%2BxBk_lLgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-CVjuwVF0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-3wQSTAc2oUtvHw%3D%3D&sc=1&os=1-Nw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Ftorontosun.com&id=0&ii=2&f=1&j=https%3A%2F%2Fc8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com&lp=https%3A%2F%2Ftorontosun.com&t=1698087012141&de=804143234597&cu=1698087012141&m=1214&ar=0c7a73c5c3d-clean&iw=eaa0026&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&lf=184&lg=1&lh=81&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A404%3A404%3A914%3A743&aa=1&ad=1074&cn=1074&gn=1&gk=1074&gl=1074&ik=1074&ic=1074&ez=1&co=1074&cp=991&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=991&cd=991&ah=991&am=991&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=30000567%3A50005817%3A60026414%3A70015989&bo=c8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com&bd=728x90&gw=travel198849194933&zMoatOrigSlicer1=c8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com&zMoatOrigSlicer2=728x90&zMoatDomain=torontosun.com&zMoatSubdomain=torontosun.com&zMoatSSP=0&zMoatDeal=-1&zMoatIMPID=feDpfi_OPUTm4HhI4wI9kTl_f4r2OXNl16mHzw&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=4&jm=-1&tc=0&fs=205668&na=131305730&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.169.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-169-236.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Oct 2023 18:50:13 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
x-akamai-ew-subworker
8096267
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 23 Oct 2023 18:50:13 GMT
pixel.gif
px.moatads.com/ Frame 2DDA 		43 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=2&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRAVELAUDIENCE_DISPLAY1&ol=2482356833&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2Ba%24%3D!!t%2BxBk_lLgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-CVjuwVF0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-3wQSTAc2oUtvHw%3D%3D&sc=1&os=1-Nw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Ftorontosun.com&id=0&ii=2&f=1&j=https%3A%2F%2Fc8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com&lp=https%3A%2F%2Ftorontosun.com&t=1698087012141&de=804143234597&cu=1698087012141&m=1214&ar=0c7a73c5c3d-clean&iw=eaa0026&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&lf=184&lg=1&lh=81&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A404%3A404%3A914%3A743&aa=1&ad=1074&cn=1074&gn=1&gk=1074&gl=1074&ik=1074&ic=1074&ez=1&co=1074&cp=991&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=991&cd=991&ah=991&am=991&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=30000567%3A50005817%3A60026414%3A70015989&bo=c8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com&bd=728x90&gw=travel198849194933&zMoatOrigSlicer1=c8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com&zMoatOrigSlicer2=728x90&zMoatDomain=torontosun.com&zMoatSubdomain=torontosun.com&zMoatSSP=0&zMoatDeal=-1&zMoatIMPID=feDpfi_OPUTm4HhI4wI9kTl_f4r2OXNl16mHzw&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=4&jm=-1&tc=0&fs=205668&na=480087362&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.169.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-169-236.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Oct 2023 18:50:13 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
x-akamai-ew-subworker
8096267
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 23 Oct 2023 18:50:13 GMT
events
api.permutive.com/v2.0/batch/ 		101 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
b13a65e04d66e76e5d1c2513403418b7bd53649bb590006984a6a745c074b16f

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 23 Oct 2023 18:50:14 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
gaAccount
buy.tinypass.com/api/v3/anon/assets/ 		52 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/assets/gaAccount?aid=KlFb8Hg2nS
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js?version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a07e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa0e6ae724664da43ec9e9daddbfebe716c5deaa9d582843186bc442566d9c4b
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 23 Oct 2023 18:50:14 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
wn
prod-dash-10-0-136-130
server
cloudflare
p3p
CP="NON DSP COR OUR IND"
access-control-allow-origin
*
server-time
0.002
content-type
application/json
cache-control
public, max-age=86400, s-maxage=86400
x-forwarded-https
on
cf-ray
81ac2a205eab9a0c-FRA
alt-svc
h3=":443"; ma=86400
x-request-id
Mqbwz2s1SqA
metrics
api.permutive.com/v2.0/internal/ 		2 B
37 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/internal/metrics?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 23 Oct 2023 18:50:14 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
content-type
text/plain;charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22
p
sb.scorecardresearch.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=19&c2=10276888&ns_ap_an=unknown&ns_ap_pn=js&ns_ap_pv=5&c12=_&name=foreground&ns_ap_ec=1&ns_ap_ev=start&ns_ap_device=Win32&ns_ap_id=1698087014909&ns_ap_csf=1&ns_ap_bi=unknown&ns_ap_pfm=webbrowser&ns_ap_pfv=Chrome%20118.0.5993.88&ns_ap_ver=unknown&ns_ap_sv=7.7.0%2B211006&ns_ap_bv=7.7.0%2B211006&ns_ap_smv=6.4&ns_type=view&ns_ap_gs=1698087009906&ns_ts=1698087009906&ns_ap_cfg=1110101-110-3C-7D0-A-1F-1E-1E-12C-A&ns_ap_env=0-0-2&ns_ap_ut=60000&ns_ap_ar=unknown&ns_ap_cs=1&ns_ap_fg=1&ns_ap_dft=0&ns_ap_dbt=0&ns_ap_dit=0&ns_ap_as=1&ns_ap_das=0&ns_ap_usage=0&ns_radio=unknown&ns_ap_install=1698087009906&ns_ap_ft=0&ns_ap_bt=0&ns_ap_it=0&ns_ap_res=1600x1200&ns_ap_sd=1600x1200&ns_ap_po=0x0&ns_ap_lang=en-US&ns_ap_jb=unknown&ns_c=UTF-8&c7=https%3A%2F%2Ftorontosun.com%2F&c8=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&c9=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-90.fra60.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:14 GMT
via
1.1 372875ad1ec20daf24f3f29f14a73cd0.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
cYvG4ayem54h0QDxGRakbCCiq9quNSa3DKuKtPYOydMpNC9p6O_T1A==
envelope
lexicon.33across.com/v1/ 		49 B
249 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a0000344KfnAAE&gdpr=0&src=pbjs&ver=8.17.0&coppa=0
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 23 Oct 2023 18:50:15 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://torontosun.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
ixmatch.html
js-sec.indexww.com/um/ Frame 7B15 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
979
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
81ac2a24cb749049-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 23 Oct 2023 18:50:15 GMT
expires
Mon, 23 Oct 2023 22:50:15 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 7690 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
32055
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 23 Oct 2023 18:50:15 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 19 Oct 2023 09:55:51 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
175, 259047
X-Served-By
cache-lga13626-LGA, cache-fra-eddf8230072-FRA
X-Timer
S1698087015.173874,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BB43 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.43.60.191 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-43-60-191.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=107071
content-encoding
gzip
content-length
5606
content-type
text/html
date
Mon, 23 Oct 2023 18:50:15 GMT
expires
Wed, 25 Oct 2023 00:34:46 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame E4D7 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 23 Oct 2023 18:50:15 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
pd
postmedia-d.openx.net/w/1.0/ Frame 56EF 		0
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://postmedia-d.openx.net/w/1.0/pd
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Mon, 23 Oct 2023 18:50:15 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
usync.js
eus.rubiconproject.com/ Frame E4D7 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
d5986e25fc5399f2a5ed2d4877259798ed184ad9154277efc93e7e4e2b092e5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Mon, 23 Oct 2023 18:50:15 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 Oct 2023 05:40:24 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=38967
Connection
keep-alive
Content-Length
11097
Expires
Tue, 24 Oct 2023 05:39:42 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 6827
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
821 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e1c4cfb61f6cca53546db9775f8a4ce5db717542f36f845c1da42d1f0f496e5

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
81ac2a26196465c0-FRA
content-encoding
br
content-type
text/html
date
Mon, 23 Oct 2023 18:50:15 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SzzLLSGSNlKtLlcVlPRutQDeo98bdGr9%2FZ1zo%2F0gZHQwfxxzaan0aTpL5c8UfaTSMr8Ic5u9Cp5Bsy%2Bubc1DvOeADjdsIyurISObGQuvcrwMb0sDrqBdz%2FKGSagVnzd6tlJfnIefv0VXtg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
81ac2a25e90365c0-FRA
content-length
0
date
Mon, 23 Oct 2023 18:50:15 GMT
expires
0
location
/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ri2uXpptxa1xOv0R057gDiOIFJ19xZXn1bYl8fD8sAhzOIWIBDyhJ6wsEK6wctfZBurzl6Tpe%2F13cvZyBnlYZUeCbVH1kQJaKLyD9knRHeP%2FzHSwaqopaTBdGviOMxDb65jdjz9B%2BuTyZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
khaos.json
token.rubiconproject.com/ Frame E4D7 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
402fba8a82f093def2459220061c8d31
Expires
0
event
prebid-a.rubiconproject.com/ 		0
125 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.223.97 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-223-97.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
*
date
Mon, 23 Oct 2023 18:50:15 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.223.97 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-223-97.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Mon, 23 Oct 2023 18:50:15 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
async_usersync
ib.adnxs.com/ Frame 7690 		0
595 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Oct 2023 18:50:15 GMT
an-x-request-uuid
8ed8e2cc-095c-44ee-b79e-7526e3e6336a
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.10.197; 80.255.10.197; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame BB43 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=62268615&p=160305&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
95e7ff1765632ac901edb5fa6a706ead32c4afc6daeb064351ff320b80adaea3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 23 Oct 2023 18:50:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
28292
i6.liadm.com/s/ Frame 6827
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZTbAZ8eQW9bD1wpBe6KdEQAA%261144&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZTbAZ8eQW9bD1wpBe6KdEQAA%261144&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=7ebe0a12528e432e8feec65d889b5766
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-rcZQdbXnyfWHOkUpQMC3ZHkNiJNKPxd0_09_yQ
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-rcZQdbXnyfWHOkUpQMC3ZHkNiJNKPxd0_09_yQ
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-rcZQdbXnyfWHOkUpQMC3ZHkNiJNKPxd0_09_yQ
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
2600:1f18:ed:550e:132:470b:d941:69f0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Mon, 23 Oct 2023 18:50:16 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-rcZQdbXnyfWHOkUpQMC3ZHkNiJNKPxd0_09_yQ
Date
Mon, 23 Oct 2023 18:50:16 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
3
casale
match.adsrvr.org/track/cmf/ Frame 6827 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:15 GMT
server
Kestrel
content-length
70
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame 6827
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZTbAZ8eQW9bD1wpBe6KdEQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJknGVll3t04fDu6d7IuY6I&google_cver=1
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJknGVll3t04fDu6d7IuY6I&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Oct 2023 18:50:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CHFxdIsKHQTkb1WVJb3IJP6fHR783M4TnQZoE00InLckw4XXjUjVmpqKrMBjKdHSUNynOnDGVKZjO9ukPVgJhgw1F6jGVdsuq9y7nNYOp2As9SoSx4s%2FAQ1dElljLh20q3qKG4mXoOIzxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81ac2a26af51048f-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 23 Oct 2023 18:50:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJknGVll3t04fDu6d7IuY6I&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 6827
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZTbAZ8eQW9bD1wpBe6KdEQAABHgAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDYvMuJIQBNKuCCHmWpmNRM&google_cver=1
43 B
767 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDYvMuJIQBNKuCCHmWpmNRM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Oct 2023 18:50:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3yVGAz8ULeBy3BQq5CA0vLH8F9tB1iXe986mv%2BRgxlmlVjcqYNH8geclIC%2FHHJ1eDkvVMswD3ePI%2FohpcVH3B1Q5kfkF4TcRpblNzfruXROAptOtnKkrvjXxo95EmGGitOIyel1igeUXlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81ac2a266ef5048f-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 23 Oct 2023 18:50:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDYvMuJIQBNKuCCHmWpmNRM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 6827
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1713898215&external_user_id=c8ca5890-41b1-4bec-8d08-2d636606f9c4
43 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1713898215&external_user_id=c8ca5890-41b1-4bec-8d08-2d636606f9c4
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Oct 2023 18:50:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7M6h0Tntg5k7hEV0usBRivw80BVGN8DMOjac2ORhfV5Rtu%2BMCVXevdZa5cEL8gIGIJy2x%2F7cLPKcfzNuvUJgD9qqrzv5%2BeRq9nR0bMrcn6%2F1BZud%2Bf6VxSN%2BZtC%2FSSt4dC8XYopjSH%2BFCA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81ac2a274826048f-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Mon, 23 Oct 2023 18:50:15 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1713898215&external_user_id=c8ca5890-41b1-4bec-8d08-2d636606f9c4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
tp_out
d.adroll.com/cm/index/ Frame 6827 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe04:7a7f:ca4e:e98:dab3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:15 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
ZTbAZ8eQW9bD1wpBe6KdEQAABHgAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 6827 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZTbAZ8eQW9bD1wpBe6KdEQAABHgAAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:865d:cd9c:e13b:6712 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:15 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame 6827
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5140084927873655478
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5140084927873655478
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Oct 2023 18:50:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AjrnVfI%2Bm%2F2mB%2F0NlCFDI3iyVMghQYQH6BDd3mCudSsWKGRDcn3bRV9EY7yy3J4vSx2YocwsPlr5yZtZt5%2BXQMWTGHqrppLYbX3aE6YGHOmO2eUYk%2BcmWh3rWQdMuXw%2FjPM32oc0Ghs8dg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81ac2a27b8f0048f-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5140084927873655478
Date
Mon, 23 Oct 2023 18:50:15 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
htw-pixel.gif
cdn.indexww.com/ht/ Frame 6827 		43 B
228 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZTbAZ8eQW9bD1wpBe6KdEQAA%261144
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:15 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
4257
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
81ac2a265d429049-FRA
content-length
43
expires
Tue, 24 Oct 2023 18:50:15 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame BE6A
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 23 Oct 2023 18:50:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Mon, 23 Oct 2023 18:50:14 GMT
expires
Mon, 23 Oct 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1090545
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame D25B
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=BF315FA3-C219-4309-B844-F95173D3C1EE&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=BF315FA3-C219-4309-B844-F95173D3C1EE&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=BF315FA3-C219-4309-B844-F95173D3C1EE&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.118.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 23 Oct 2023 18:50:15 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
RPH0KQW1TJNSD94CP8CQ

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Mon, 23 Oct 2023 18:50:15 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=BF315FA3-C219-4309-B844-F95173D3C1EE&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
GYRR1QVQVXT300GNPAM2
Pug
image2.pubmatic.com/AdServer/ Frame 9FA3
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=7NuWrrnek6_32Zf96tiIrryKkan3iJ2h6t8aO7lk
42 B
412 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=7NuWrrnek6_32Zf96tiIrryKkan3iJ2h6t8aO7lk
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 23 Oct 2023 18:50:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Mon, 23 Oct 2023 18:50:15 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=7NuWrrnek6_32Zf96tiIrryKkan3iJ2h6t8aO7lk
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BB43
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vzFfo8IZQwm4RPlRc9PB7g%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Server
23.43.60.191 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-43-60-191.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:15 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=107071
accept-ranges
bytes
content-length
5606
expires
Wed, 25 Oct 2023 00:34:46 GMT

Redirect headers

pragma
no-cache
date
Mon, 23 Oct 2023 18:50:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame BB43 		49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=BF315FA3-C219-4309-B844-F95173D3C1EE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.79.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-79-181.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Oct 2023 18:50:15 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.16.178
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame BB43
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=247156000
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=BF315FA3-C219-4309-B844-F95173D3C1EE
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=BF315FA3-C219-4309-B844-F95173D3C1EE
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Oct 2023 18:50:15 GMT
via
1.1 google
last-modified
Mon, 23 Oct 2023 18:50:15 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=BF315FA3-C219-4309-B844-F95173D3C1EE
date
Mon, 23 Oct 2023 18:50:15 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame BB43
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=BF315FA3-C219-4309-B844-F95173D3C1EE
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZjdsdEJKNmdGWHRRSlNrSlBNbUpjM1Nrdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=1082156798336320022&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
HTTP/1.1
Server
54.152.141.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-152-141-210.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Mon, 23 Oct 2023 18:50:16 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Mon, 23 Oct 2023 18:50:16 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame BB43
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QkYzMTVGQTMtQzIxOS00MzA5LUI4NDQtRjk1MTczRDNDMUVF&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 23 Oct 2023 18:50:15 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 23 Oct 2023 18:50:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame BB43
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDB3uO4mJ-ExrVj15GamT90&google_cver=1
42 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDB3uO4mJ-ExrVj15GamT90&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 23 Oct 2023 18:50:14 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 23 Oct 2023 18:50:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDB3uO4mJ-ExrVj15GamT90&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame BB43 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:15 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 22 Oct 2023 18:50:15 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame BB43
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1082156798336320022
42 B
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1082156798336320022
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 23 Oct 2023 18:50:15 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 23 Oct 2023 18:50:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1082156798336320022
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame BB43 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:15 GMT
server
Kestrel
content-length
70
content-type
image/gif
BF315FA3-C219-4309-B844-F95173D3C1EE
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame BB43 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/BF315FA3-C219-4309-B844-F95173D3C1EE?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:865d:cd9c:e13b:6712 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:15 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58292/ Frame BB43 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=BF315FA3-C219-4309-B844-F95173D3C1EE&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:15 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
async_usersync
ib.adnxs.com/ Frame 7690 		0
595 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Oct 2023 18:50:16 GMT
an-x-request-uuid
073efb4d-9651-4280-b19f-fb9d76514bce
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.10.197; 80.255.10.197; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-H792QCFZPV&gtm=45je3ai0&_p=1585049294&cid=902897307.1698087010&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=2&dl=https%3A%2F%2Ftorontosun.com%2F&sid=1698087011&sct=1&seg=1&dt=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&en=page_view&ep.debug_mode=false&ep.gtm_version=51&ep.gtm_container_id=GTM-P3Q4QHW&ep.ad_blocker_enabled=false&ep.user_status=anonymous&ep.page_type=index&ep.session_uuid=FDA91FDE-E60A-414A-CD60-E716712B2E74&ep.platform=Cheetah&ep.platform_version=14.6.4&ep.fem_version=v88.1&ep.mp_id=-6982765406744486215&ep.brand=Toronto%20Sun&ep.timestamp=2023-10-23T20%3A50%3A11.923%2B02%3A00&ep.ga_client_id=902897307.1698087010&ep.main_category=index&ep.metered_content=false&_et=135&up.mp_id=-6982765406744486215&up.client_id=902897307.1698087010
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H792QCFZPV&l=gtm_data_layer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Oct 2023 18:50:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://torontosun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
travel198849194933.s.moatpixel.com/ Frame 2DDA 		43 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=991&tet=4894&fi=1&apd=5012&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=torontosun.com&L1id=30000567&L2id=50005817&L3id=60026414&L4id=70015989&S1id=c8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com&S2id=728x90&ord=1698087012141&r=804143234597&t=page5&os=1&fi2=1&div1=1&ait=0&zMoatSubdomain=torontosun.com&zMoatIMPID=feDpfi_OPUTm4HhI4wI9kTl_f4r2OXNl16mHzw&bedc=1&nosend&q=6&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-148.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Oct 2023 18:50:17 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
x-akamai-ew-subworker
8096267
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 23 Oct 2023 18:50:17 GMT
pixel.gif
px.moatads.com/ Frame 2DDA 		43 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRAVELAUDIENCE_DISPLAY1&ol=2482356833&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2Ba%24%3D!!t%2BxBk_lLgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-CVjuwVF0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-3wQSTAc2oUtvHw%3D%3D&sc=1&os=1-Nw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Ftorontosun.com&id=0&ii=2&f=1&j=https%3A%2F%2Fc8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com&lp=https%3A%2F%2Ftorontosun.com&t=1698087012141&de=804143234597&cu=1698087012141&m=5233&ar=0c7a73c5c3d-clean&iw=eaa0026&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&lf=184&lg=1&lh=81&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A404%3A404%3A914%3A743&aa=1&ad=5095&cn=1074&gn=1&gk=5095&gl=1074&ik=5095&ic=5095&ez=1&co=1074&cp=991&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5012&cd=991&ah=5012&am=991&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=30000567%3A50005817%3A60026414%3A70015989&bo=c8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com&bd=728x90&gw=travel198849194933&zMoatOrigSlicer1=c8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com&zMoatOrigSlicer2=728x90&zMoatDomain=torontosun.com&zMoatSubdomain=torontosun.com&zMoatSSP=0&zMoatDeal=-1&zMoatIMPID=feDpfi_OPUTm4HhI4wI9kTl_f4r2OXNl16mHzw&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=6&jm=-1&tc=0&fs=205668&na=6029476&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.169.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-169-236.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Oct 2023 18:50:17 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
x-akamai-ew-subworker
8096267
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 23 Oct 2023 18:50:17 GMT
multimedia.php
events.newsroom.bi/ 		12 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/multimedia.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/ad98bf682808f4798a52.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.32.62 Toenisvorst, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy03.cl03.het.mrf.io
Software
istio-envoy /
Resource Hash

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 23 Oct 2023 18:50:17 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://torontosun.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
12
SPug
simage4.pubmatic.com/AdServer/ Frame BB43 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=160305&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:17 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel.gif
px.moatads.com/ Frame 2DDA 		43 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRAVELAUDIENCE_DISPLAY1&ol=2482356833&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2Ba%24%3D!!t%2BxBk_lLgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-CVjuwVF0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-3wQSTAc2oUtvHw%3D%3D&sc=1&os=1-Nw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=6&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Ftorontosun.com&id=0&ii=2&f=1&j=https%3A%2F%2Fc8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com&lp=https%3A%2F%2Ftorontosun.com&t=1698087012141&de=804143234597&cu=1698087012141&m=5435&ar=0c7a73c5c3d-clean&iw=eaa0026&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&lf=184&lg=1&lh=81&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A404%3A404%3A914%3A743&aa=1&ad=5296&cn=5095&gn=1&gk=5296&gl=5095&ik=5296&ic=5296&ez=1&co=1074&cp=991&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5213&cd=5012&ah=5213&am=5012&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=30000567%3A50005817%3A60026414%3A70015989&bo=c8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com&bd=728x90&gw=travel198849194933&zMoatOrigSlicer1=c8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com&zMoatOrigSlicer2=728x90&zMoatDomain=torontosun.com&zMoatSubdomain=torontosun.com&zMoatSSP=0&zMoatDeal=-1&zMoatIMPID=feDpfi_OPUTm4HhI4wI9kTl_f4r2OXNl16mHzw&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=6&jm=-1&tc=0&fs=205668&na=1087221262&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.169.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-169-236.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Oct 2023 18:50:17 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
x-akamai-ew-subworker
8096267
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 23 Oct 2023 18:50:17 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame BB43 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=64818744&p=160305&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
b32365fcbd05168aae475da89031f4532e10635201a903dc6c0efe74dc25e095

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 23 Oct 2023 18:50:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
match
c1.adform.net/serving/cookie/ Frame 31B1 		35 B
599 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=BF315FA3-C219-4309-B844-F95173D3C1EE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Mon, 23 Oct 2023 18:50:18 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame C9AB
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1657394206772175296&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1657394206772175296&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 23 Oct 2023 18:50:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
4417d73b-b7ae-4572-8474-4004766af734
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Mon, 23 Oct 2023 18:50:18 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1657394206772175296&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
80.255.10.197; 80.255.10.197; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 772F
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7293228208088479900&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7293228208088479900&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 23 Oct 2023 18:00:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Mon, 23 Oct 2023 18:50:18 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7293228208088479900&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame 0F2C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=73a37dbc-c837-473d-bfbb-e2a3f9dc2823&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=57687c99-3e20-4ced-9a31-7aec8cbce554&expires=1&user_group=2&ssp=pubmatic&bsw_param=73a37dbc-c837-473d-bfbb-e2a3f9dc2823&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=73a37dbc-c837-473d-bfbb-e2a3f9dc2823&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
1 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=73a37dbc-c837-473d-bfbb-e2a3f9dc2823&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Mon, 23 Oct 2023 18:50:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 23 Oct 2023 18:50:18 GMT
location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=73a37dbc-c837-473d-bfbb-e2a3f9dc2823&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
sync
sync.srv.stackadapt.com/ Frame 5846 		0
0
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame D259
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZTbAagAZ_Ux69gAN
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Mon, 23 Oct 2023 18:50:18 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230132-FRA
x-timer
S1698087019.658086,VS0,VE100

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Mon, 23 Oct 2023 18:50:18 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZTbAagAZ_Ux69gAN
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230132-FRA
x-timer
S1698087019.556129,VS0,VE95
rtset
bh.contextweb.com/bh/ Frame 744C
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFYU5VN0tiWUVBQUJsMnJSSkJrQQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?ev=AAEaNU7KbYEAABl2rRJBkA&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 9B8A
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
93 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 23 Oct 2023 18:50:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Mon, 23 Oct 2023 18:50:18 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
mw
mwzeom.zeotap.com/ Frame BB43 		95 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=BF315FA3-C219-4309-B844-F95173D3C1EE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:18 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
81ac2a39fbec9be9-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame BB43
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=BF315FA3-C219-4309-B844-F95173D3C1EE&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=BF315FA3-C219-4309-B844-F95173D3C1EE&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=BF315FA3-C219-4309-B844-F95173D3C1EE&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.51.122 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Oct 2023 18:50:22 GMT
frontend-id
1
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 23 Oct 2023 18:50:22 GMT
frontend-id
7
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=BF315FA3-C219-4309-B844-F95173D3C1EE&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame BB43
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=BF315FA3-C219-4309-B844-F95173D3C1EE&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Protocol
H2
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:50:18 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame BB43 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 -, , ASN (),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Mon, 23 Oct 2023 18:50:18 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
cs
ad.turn.com/r/ Frame BB43 		0
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame BB43 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=BF315FA3-C219-4309-B844-F95173D3C1EE&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Oct 2023 18:50:18 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.srv.stackadapt.com
URL
https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
Domain
bh.contextweb.com
URL
https://bh.contextweb.com/bh/rtset?ev=AAEaNU7KbYEAABl2rRJBkA&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0
Domain
ad.turn.com
URL
https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

148 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 function| setNptTechAdblockerCookie object| script object| modern_script_elem object| legacy_script_elem object| ytAdTargetingLoadEvent function| script_onload string| locSrc object| ytVideoAdTargetingConfig object| BlockAdBlock object| blockAdBlock object| webpackJsonpFrontEndModules object| tp object| __iasPET object| FrontEndModules object| googletag object| permutive object| apstag object| pbjs object| diagPixSentCodes object| __iasAdRefreshConfig object| ggeac object| google_tag_data object| google_js_reporting_queue object| _aps boolean| apstagLOADED object| apscustom object| pbjsChunk object| _pbjsGlobals object| LRNameSpace object| LoginRadiusDefaults function| LoginRadiusUtility function| LoginRadiusApiFramework function| setLoginRadiusDefaultSchema function| setLoginRadiusModuleFunctions function| LoginRadiusHooksModel function| SetLoginRadiusCommonFunctions function| LoginRadiusControllers function| LoginRadiusV2 function| FormValidator object| hash object| webpackChunkdjango_content_services object| htmx undefined| google_measure_js_timing object| PublisherCommonId object| Criteo object| __permutive string| iasScores object| Sailthru object| ns_ object| jwDefaults object| webpackChunkjwplayer function| jwplayer number| google_unique_id object| gaGlobal object| GoogleGcLKhOms function| WebVTT object| vf object| vfQ object| dataLayer object| mParticle object| gtm_data_layer boolean| femCePnIdReadyTriggered object| COMSCORE object| _comscore object| google_tag_manager object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| goog object| closure_lm_573066 object| _vfP boolean| vfLoaded function| setImmediate function| clearImmediate object| viafoura function| postscribe object| google_tag_manager_external function| fbq function| _fbq object| _fbq_gtm_ids function| onYouTubeIframeAPIReady object| Ribn object| cast function| _typeof boolean| pnFullTPVersion number| pnInitPerformance boolean| pnHasPolyfilled object| pn string| __tpVersion object| SWG function| ___tp object| closure_lm_176009 object| mpOneTrustKit object| GoogleTagManagerKit function| OptanonWrapper object| dl_mparticle string| GoogleAnalyticsObject function| ga function| e function| t object| marfeel object| PARSELY function| autotrack object| PianoESPConfig object| cX function| gtag function| cxCCE_callQueueExecute object| cxTest object| __connect object| mpartical object| ari object| gaplugins object| gaData function| _ga_originalSendHitTask object| webpackChunk_marfeel_marfeel_sdk object| __mrfCompass object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_139 object| Criteo_prebid_139 object| google_image_requests undefined| cXJsonpCB1

92 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: ChMKBgjdARCpFgoJCP____8HELMW
i6.liadm.com/s Name: _li_ss
Value: CgA
.torontosun.com/ Name: pbjs_sharedId
Value: 342ff2b5-8e5f-42e0-ba76-03c93567531c
.torontosun.com/ Name: pbjs_sharedId_cst
Value: zix7LPQsHA%3D%3D
.torontosun.com/ Name: permutive-id
Value: a001c47d-333e-411b-814b-f950c8d3ecc2
torontosun.com/ Name: __adblocker
Value: false
.23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/ Name: pxid
Value: b03f2bf7-1440-4636-9dad-8102b342aaa4
torontosun.com/ Name: sailthru_pageviews
Value: 1
torontosun.com/ Name: political-ad-opt-out
Value: {"data":false,"exp":604800000,"ts":1698087009758,"mac":267255467}
.adnxs.com/ Name: icu
Value: ChgI5PFMEAoYASABKAEw4YDbqQY4AUABSAEQ4YDbqQYYAA..
.adnxs.com/ Name: uuid2
Value: 1657394206772175296
.doubleclick.net/ Name: IDE
Value: AHWqTUmT-4J2ILlYC80qcS6WfO8tOnz4sXdhDsh9idNcjEHcuGgpSbyJacdfjznsq1Q
.rubiconproject.com/ Name: khaos
Value: LO395UCD-1V-KHRS
.rubiconproject.com/ Name: audit
Value: 1|yQuirGeEF6AM+9QDamAwSuQFbWGgM44fR/rFJVNr6iLc+rxEBxTUuAQBxVEbQ6MwO2/qkOf9OLqWAplhZreRNcxuhZpbWKLt+d0qAzS+fSW+xUA9sgf/4eNEKcfJxgEB
torontosun.com/ Name: sailthru_content
Value: 2daf89bab868e9ce42ab0131ed955a5b
torontosun.com/ Name: sailthru_visitor
Value: ae34601a-3cb5-46c8-a19f-b460765faf71
torontosun.com/ Name: x-id
Value: {"data":{"adLight":false,"id":"xinbvd4q469gwlpq3lt398104cyq1puy","updated":1698087010555,"printSubscriber":false},"exp":604800000,"ts":1698087010555,"mac":576816366}
fem.gprod.postmedia.digital/ Name: x-id
Value: {"data":{"adLight":false,"id":"xinbvd4q469gwlpq3lt398104cyq1puy","updated":1698087010555,"printSubscriber":false},"exp":604800000,"ts":1698087010581,"mac":576819125}
.torontosun.com/ Name: _pctx
Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAEzIEYOBmADgFYAnADYALIP69uonh34B2YSAC%2BQA
.torontosun.com/ Name: _pcid
Value: %7B%22browserId%22%3A%22lo395vdh5e6jblh5%22%7D
.torontosun.com/ Name: _pcus
Value: eyJ1c2VyU2VnbWVudHMiOm51bGx9
torontosun.com/ Name: __pnahc
Value: 0
.torontosun.com/ Name: __gads
Value: ID=1118898bdf5bfe57:T=1698087010:RT=1698087010:S=ALNI_MbETsaK2L3K-z5jwLc55urRmuUOYQ
.torontosun.com/ Name: __gpi
Value: UID=00000ca17062cd28:T=1698087010:RT=1698087010:S=ALNI_MY8zZVZnM0Tnla2Ki3asFUq8XFL_A
.piano.io/ Name: __cf_bm
Value: _Lrve6JvPMlogMxhWNZZ_aq3EMQVhGX8Zkr5P9cgeBg-1698087011-0-AZkyamHL89YWt66FPenglQY6e613tno6zIggZD4mEMqeeX0sUm6dEUlJL55jgBVS0fKmPxbK2ES+3aYY4STk0rk=
.torontosun.com/ Name: __tbc
Value: %7Bkpex%7D_aFPERyiMjH0oUtq9Bd_Lm4uSP-zgOaTw71LdogCERUyusT-iX7iRgMPWy9VtxX7
.torontosun.com/ Name: __pat
Value: -14400000
.torontosun.com/ Name: __pvi
Value: eyJpZCI6InYtbG8zOTV2ZHI3dHk5c2JsZSIsImRvbWFpbiI6Ii50b3JvbnRvc3VuLmNvbSIsInRpbWUiOjE2OTgwODcwMTE0MDJ9
.torontosun.com/ Name: xbc
Value: %7Bkpex%7D1jEUNwnqXG4kHinbrZ95P04nc1ZAh6s-dDmMZQoYFpxAI_2iq27aSTRd4JFwLzzRCmznyVGBaEctAQ2mBLVQQjt2OrdHaPRCAZp3buXpSlg
.torontosun.com/ Name: _ga_72QH41ZTMR
Value: GS1.1.1698087011.1.0.1698087011.60.0.0
.viafoura.co/ Name: VfSess
Value: bomhe2b96kjuqi4ic2i2sbb0om
.viafoura.co/ Name: vfThirdpartyCookiesEnabled
Value: true
.torontosun.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://torontosun.com/%22%2C%22sref%22:%22%22%2C%22sts%22:1698087011663%2C%22slts%22:0}
.torontosun.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=3d13cbe1-2978-46b9-94b3-44c56c22736e%22%2C%22session_count%22:1%2C%22last_session_ts%22:1698087011663}
.travelaudience.com/ Name: _tracker
Value: %7B%22pb%22%3A%2290000%22%2C%22UUID%22%3A%225590303B-9C04-41A8-BD1E-50841811C18B%22%7D
.torontosun.com/ Name: _fbp
Value: fb.1.1698087011690.83692537
.torontosun.com/ Name: _gid
Value: GA1.2.1443474347.1698087012
.torontosun.com/ Name: _gat_UA-213173459-5
Value: 1
.torontosun.com/ Name: _gat_UA-114648105-14
Value: 1
.torontosun.com/ Name: _ga
Value: GA1.1.902897307.1698087010
.torontosun.com/ Name: cX_P
Value: lo395vdh5e6jblh5
.torontosun.com/ Name: ___nrbic
Value: %7B%22previousVisit%22%3A1698087011%2C%22currentVisitStarted%22%3A1698087011%2C%22sessionId%22%3A%220c7c4784-1c55-4449-a5a3-34158c1c6605%22%2C%22sessionVars%22%3A%5B%5D%2C%22visitedInThisSession%22%3Atrue%2C%22pagesViewed%22%3A1%2C%22landingPage%22%3A%22https%3A//torontosun.com/%22%2C%22referrer%22%3A%22%22%7D
.torontosun.com/ Name: ___nrbi
Value: %7B%22firstVisit%22%3A1698087011%2C%22userId%22%3A%220c0b6dbd-c4af-42f5-b6ba-0b69b0d86b71%22%2C%22userVars%22%3A%5B%5D%2C%22futurePreviousVisit%22%3A1698087011%2C%22timesVisited%22%3A1%7D
.torontosun.com/ Name: compass_uid
Value: 0c0b6dbd-c4af-42f5-b6ba-0b69b0d86b71
.torontosun.com/ Name: _ga_H792QCFZPV
Value: GS1.1.1698087011.1.1.1698087011.60.0.0
events.newsroom.bi/ Name: 1528_u
Value: 0c0b6dbd-c4af-42f5-b6ba-0b69b0d86b71
events.newsroom.bi/ Name: 1528_s
Value: 0c7c4784-1c55-4449-a5a3-34158c1c6605
events.newsroom.bi/ Name: 1528_lv
Value: null
events.newsroom.bi/ Name: 1528_ut
Value: 0
.torontosun.com/ Name: mprtcl-v4_4662F03F
Value: {'gs':{'ie':1|'dt':'us1-99b65fde89a1a145894d2d51d283cc83'|'av':'1.0.0'|'cgid':'2e5cd68b-ec3e-45e5-97e0-baf36264345a'|'das':'ad13b656-4c30-45ba-ee78-69131a958839'|'csm':'WyItNjk4Mjc2NTQwNjc0NDQ4NjIxNSJd'|'sid':'FDA91FDE-E60A-414A-CD60-E716712B2E74'|'les':1698087011990|'ssd':1698087011264}|'l':1|'-6982765406744486215':{'fst':1698087011582|'ui':'eyIwIjoieGluYnZkNHE0Njlnd2xwcTNsdDM5ODEwNGN5cTFwdXkifQ=='}|'cu':'-6982765406744486215'}
torontosun.com/ Name: _vfz
Value: torontosun%2Ecom.00000000-0000-4000-8000-d11b93482c8b.1698087012.1.medium=direct|source=|sharer_uuid=|terms=
.torontosun.com/ Name: _vfa
Value: torontosun%2Ecom.00000000-0000-4000-8000-d11b93482c8b.86b96666-16ee-4c10-9088-690b97e249a3.1698087012.1698087012.1698087012.1
.torontosun.com/ Name: _vfb
Value: torontosun%2Ecom.00000000-0000-4000-8000-d11b93482c8b.2..1698087012....
.criteo.com/ Name: uid
Value: 5d2353ef-e3be-4213-8623-52f41a016a8c
.torontosun.com/ Name: _gcl_au
Value: 1.1.1445887138.1698087012
.torontosun.com/ Name: _ga_QZZLREHFVM
Value: GS1.2.1698087012.1.0.1698087012.0.0.0
.cxense.com/ Name: gckp
Value: 32oyg8y3xbliy3i8nf3mjihptu
.torontosun.com/ Name: cX_G
Value: cx%3A2tvu6od51zp202kjfaz3matznj%3Ax8l5uoxciyaz
.torontosun.com/ Name: cto_bundle
Value: HOIYXV92VGIwdUM1OVpyTUFkeFhPV3NPYVVibyUyRlF2cXlIQlclMkYxdEJzQTlwNzF5Z2dCNU5sOHF1a3g0ejBKWDlYOVclMkJwa0JUdVVOaFJhd1cwNFFzVzk5NlhOJTJGaXR6TzZxc2ZnTVhYS2VsNm8zWnhIV29lRFZtWXNKaXpQckxqWXB4NndLdU8xeXAzd2h5QzdZcm96QSUyRnB1dHVRJTNEJTNE
.viafoura.co/ Name: vfDeviceId
Value: 6664e1d8-05db-42b4-a0bf-845d70db077f
.ads.pubmatic.com/ Name: KCCH
Value: YES
.casalemedia.com/ Name: CMID
Value: ZTbAZ8eQW9bD1wpBe6KdEQAA
.casalemedia.com/ Name: CMPS
Value: 1144
.casalemedia.com/ Name: CMPRO
Value: 1144
.pubmatic.com/ Name: KADUSERCOOKIE
Value: BF315FA3-C219-4309-B844-F95173D3C1EE
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 160305:2
.pubmatic.com/ Name: DPSync3
Value: 1699228800%3A201_245_241_235
.pubmatic.com/ Name: SyncRTB3
Value: 1699228800%3A21_56_54_251_71_220_13_8%7C1699315200%3A35%7C1698624000%3A223
.weborama.fr/ Name: AFFICHE_W
Value: WpVGiGxvHuNa63
.quantserve.com/ Name: d
Value: EMoBCwGgKvijAA
.quantserve.com/ Name: mc
Value: 6536c067-72e06-6fd41-f8901
.adform.net/ Name: C
Value: 1
.yahoo.com/ Name: A3
Value: d=AQABBGfANmUCEIlXc0k-ZfNozk-s1bY8o94FEgEBAQEROGVAZQAAAAAA_eMAAA&S=AQAAAiUwmzZDJJXS290zm9n-iyg
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-7NuWrrnek6_32Zf96tiIrryKkan3iJ2h6t8aO7lk&KRTB&19420-7NuWrrnek6_32Zf96tiIrryKkan3iJ2h6t8aO7lk&KRTB&22979-7NuWrrnek6_32Zf96tiIrryKkan3iJ2h6t8aO7lk&KRTB&23403-7NuWrrnek6_32Zf96tiIrryKkan3iJ2h6t8aO7lk
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEDB3uO4mJ-ExrVj15GamT90&KRTB&23025-CAESEDB3uO4mJ-ExrVj15GamT90&KRTB&23386-CAESEDB3uO4mJ-ExrVj15GamT90
.adform.net/ Name: uid
Value: 1082156798336320022
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-1082156798336320022&KRTB&23263-1082156798336320022&KRTB&23481-1082156798336320022
.pubmatic.com/ Name: PugT
Value: 1698087015
.company-target.com/ Name: tuuid
Value: c8ca5890-41b1-4bec-8d08-2d636606f9c4
.company-target.com/ Name: tuuid_lu
Value: 1698087015|ix:0
.simpli.fi/ Name: suid
Value: FC17057118A748A3B041E1F7D156CD68
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0MrcwNzYzNTUxtxDiM9T1c_evsPSKz08qKqoCAPaqxWslAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0MrcwNzYzNTUxtxDiM9T1c_evsPSKz08qKqoCAPaqxWslAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA__vFyGtoZmlhYGFuYGhqZmgJAGqPx28QAAAA
.amazon-adsystem.com/ Name: ad-id
Value: A5QfUHXA90I8jlDorXLSjiY
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.liadm.com/ Name: lidid
Value: 7ebe0a12-528e-432e-8fee-c65d889b5766
.audrte.com/ Name: arcki2
Value: f7ltBJ6gFXtQJSkJPMmJc3Skw!20220908!1698087015840!ip#80.255.10.197
.audrte.com/ Name: arcki2_pubmatic
Value: BF315FA3-C219-4309-B844-F95173D3C1EE!20220908!1698087015844
.audrte.com/ Name: arcki2_ddp2
Value: f7ltBJ6gFXtQJSkJPMmJc3Skw!20220908!1698087015981
.audrte.com/ Name: arcki2_adform
Value: 1082156798336320022!20220908!1698087016122

4 Console Messages

Source Level URL
Text
rendering warning URL: https://cdn.jwplayer.com/libraries/dchHpZtp.js(Line 9)
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 502)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
javascript warning URL: https://z.moatads.com/travel198849194933/moatad.js(Line 138)
Message:
The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=BF315FA3-C219-4309-B844-F95173D3C1EE&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co
a.audrte.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
ads.pubmatic.com
ads.rubiconproject.com
ads.travelaudience.com
ak.sail-horizon.com
ap.lijit.com
api.permutive.com
api.sail-personalize.com
api.viafoura.co
assets-jpcust.jwpsrv.com
assets.ribn.com
auth.lrcontent.com
bh.contextweb.com
bidder.criteo.com
btlr.sharethrough.com
buy.tinypass.com
c.amazon-adsystem.com
c1.adform.net
c2.piano.io
c2shb.pubgw.yahoo.com
c8accb93d29bdca198e855b42c6b2403.safeframe.googlesyndication.com
cdn.adsafeprotected.com
cdn.cxense.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.jwplayer.com
cdn.parsely.com
cdn.permutive.com
cdn.tinypass.com
cdn.viafoura.net
cm.g.doubleclick.net
cms.quantserve.com
comcluster.cxense.com
compassdata.mrf.io
config.aps.amazon-adsystem.com
config.lrcontent.com
connect.facebook.net
cr.frontend.weborama.fr
csync.loopme.me
d.adroll.com
dcs-static.gprod.postmedia.digital
dis.criteo.com
dmp.adform.net
dsp.adfarm1.adition.com
dsp.nrich.ai
dsum-sec.casalemedia.com
entitlements.jwplayer.com
eus.rubiconproject.com
events.newsroom.bi
experience.tinypass.com
fastlane.rubiconproject.com
fem.gprod.postmedia.digital
fonts.googleapis.com
fonts.gstatic.com
get.s-onetag.com
googlesync.permutive.com
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.liadm.com
i.viafoura.co
i6.liadm.com
ib.adnxs.com
id.cxense.com
identity.mparticle.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
js-sec.indexww.com
jssdkcdns.mparticle.com
jssdks.mparticle.com
lexicon.33across.com
match.adsrvr.org
mb.moatads.com
micro.rubiconproject.com
mug.criteo.com
mwzeom.zeotap.com
onetag-geo.s-onetag.com
p.rfihub.com
p1.parsely.com
p1cluster.cxense.com
pagead2.googlesyndication.com
ping-meta-prd.jwpltx.com
pixel-sync.sitescout.com
pixel.adsafeprotected.com
pixel.onaudience.com
postmedia-d.openx.net
postmedia.hub.loginradius.com
pr-bh.ybp.yahoo.com
prd.jwpltx.com
prebid-a.rubiconproject.com
pubmatic-match.dotomi.com
px.moatads.com
region1.analytics.google.com
region1.google-analytics.com
rtb.ads.travelaudience.com
rtb.openx.net
s.company-target.com
s0.2mdn.net
sb.scorecardresearch.com
sdk.mrf.io
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
signal-beacon.s-onetag.com
simage2.pubmatic.com
simage4.pubmatic.com
smartcdn.gprod.postmedia.digital
ssl.p.jwpcdn.com
ssum-sec.casalemedia.com
static.criteo.net
static.travelaudience.com
stats.g.doubleclick.net
storage.googleapis.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.srv.stackadapt.com
token.rubiconproject.com
torontosun.com
tpc.googlesyndication.com
travel198849194933.s.moatpixel.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
videos-cloudfront-usp.jwpsrv.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.npttech.com
x.bidswitch.net
z.moatads.com
ad.turn.com
bh.contextweb.com
sync.srv.stackadapt.com
104.18.24.18
104.18.26.193
108.138.1.25
108.156.60.61
116.202.32.62
13.32.27.10
13.32.99.90
130.162.160.243
141.94.171.216
142.250.184.226
143.204.98.68
15.197.193.217
151.101.130.49
151.101.65.108
152.199.22.243
167.235.124.59
178.250.7.11
178.250.7.13
18.156.195.47
18.185.12.185
18.197.245.211
18.65.39.16
18.66.100.58
18.66.112.103
185.64.189.112
185.64.190.81
185.89.210.122
193.0.160.131
198.47.127.19
198.47.127.205
2.18.161.148
2001:4860:4802:34::36
216.52.2.6
23.197.10.19
23.201.255.110
23.213.169.236
23.43.60.191
23.52.120.246
2600:1901:0:8344::
2600:1f18:44f0:4846:83a2:ca80:55fb:13bf
2600:1f18:ed:550e:132:470b:d941:69f0
2600:9000:2127:cc00:8:2ae1:d740:93a1
2600:9000:2394:5a00:1:a3fa:7cc0:93a1
2600:9000:2491:d000:2:cecb:23c0:93a1
2600:9000:25e8:de00:0:723d:9040:93a1
2602:803:c003:200::44
2606:4700:10::6816:1857
2606:4700:3033::ac43:9fa2
2606:4700:4400::ac40:91b1
2606:4700:4400::ac40:9256
2606:4700::6810:5514
2606:4700::6811:7711
2606:4700::6811:c376
2606:4700::6812:4eb
2606:4700::6812:5eb
2606:4700::6812:a07e
2606:4700::6812:b07e
2606:4700:e2::ac40:8f26
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:803::2001
2a00:1450:4001:803::2004
2a00:1450:4001:806::2003
2a00:1450:4001:806::2008
2a00:1450:4001:806::200e
2a00:1450:4001:810::200a
2a00:1450:4001:811::2006
2a00:1450:4001:812::200a
2a00:1450:4001:81c::201b
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::2001
2a00:1450:4001:828::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2002
2a00:1450:400c:c00::9b
2a02:2638:3::7
2a02:2638:d::2
2a02:2638:d::d
2a02:26f0:280:19f::268b
2a02:fa8:8806:12::1370
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42:200::645
2a04:4e42:400::645
2a04:4e42::626
2a05:d018:cc3:fe04:7a7f:ca4e:e98:dab3
2a05:d018:d29:3601:865d:cd9c:e13b:6712
3.124.223.97
3.125.229.157
3.71.149.231
3.82.70.184
34.107.254.252
34.111.129.221
34.111.131.239
34.111.249.109
34.117.54.29
34.149.157.221
34.248.79.181
34.249.211.193
34.96.71.22
35.186.253.211
35.187.184.108
35.190.0.66
35.204.74.118
35.214.171.154
35.241.9.51
35.244.159.8
35.244.170.237
37.157.6.243
51.255.68.171
52.17.99.225
52.222.209.4
52.95.118.179
54.152.141.210
54.83.245.159
69.173.144.165
77.243.51.122
85.114.159.93
98.98.134.241
99.83.154.140
99.86.4.71
0181830d059025699d6fa80fa316f09782b0eb342b2913d114ca10c3c84bc1a8
02b6b5e2b324c800b154f5f76f5a2c78a9b1907e724ad63a13c6f1db08d69878
02d5b021c3d2f2771f27b4fdb3720b9996392332600db581d2f738aa46fd6e2b
050f01428f1212d41f78937ff24274c539045a1477321b09f3db06436f232a4f
057195b80c1594769bccb5bbb495f6b011b0fa6b0a39f12194248ef9dc15420a
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
070e77f663ce94a757d2514f9f3c48eb74fda732d413e4648d8f452e5580d096
07223153c92e034c016dedfaa898b45fcbb56871a1c8ba078f67556a2a90a7c5
07757295204ff32918c99bbdc8dbd90dd1f40b5f12cf7e6ba50e33b40284c72d
07ade38cead1a60fc075f6e28db0bfcaa1eb290427e88dab751ad233220e7424
07af69012c290d3655c6c0e638f4ac4e504d55363dff7eb7a1319615336c9fd1
07e6168cc4f12c66e03b1c278e8edba4e031a0ce6577aaee54e3cfbe73f2b3b9
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0876b1b660da79fad9471d3e15816803e4c8f066cba866063bca01f316f7ec93
0aca931187f332210b7d8f4f00d940f42dbeda0644170780ba45d6c6a8c6e487
0cf2e378ce3ebdd5c4225574b71a852dc9c46b098f875ddf2c27cdd4773114c0
0d00a2a6dba8a17d08bd7d321de0ac24c90dd0c0df01f61fd78fb5f23f799a6c
0d76cb17b3bd9640de472967669e9fd1fc906ff36dad542c4ba7fbda863dd0e8
0e052c3c1edeab4aa2c5a2a921762060b145330322a89f0dde3d839dedbfeec8
0ec8bc3ef1eb0c6ff43a2f94234c9487df3bf5e5f6b511693ca32cbb89bb665d
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
105933481e535b109533e3cc21dbd150a4e91de57a58cb25b3d705cb22f5d989
119be99222d0be6873b16f1ab556e5ed54f7a64d7bf3528064dcfab437149aa9
11c4f0fc4e13b2e4a34e1679b18b5636c75fa5a761602f6a096b95186aff778a
13866ab1f090ecc145186272a5092114fcd97e1d547eafe6b03e7e6bfb59cf93
1577baf7f66639fc04990a5645cde91729c99d785860566c1da85bbaaa4c5953
15f196b5b2c511dd146cb4704fab50760bc6b3252e244c8f14413cdbd5fc0218
1680cf46d8a68ee73cd01447b257403b449ef10713319e631e0e53338f8078d2
17882276150f09461415088bd161e0242ce0327673dc9233e11bf1f7cbe28762
179c493864283938999b1e6cfb14839f78f9b25d1ec30faabbf9ea18216b23e5
17fa66df97eaffcc41d90b1f1e86e5d56b08a8fd79703615ee75bca4ae5689cd
18362c79e301db0bfe6151aad4529f98ed58c78f34de1ede556d0a683d044e90
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
186b11319af63ea1721f331629c92791658df3c695ac434fd6e9adf647c0ab49
1878705aec86baf73aac495488bd3b4d7b96be51f50cebf682105a8a128dd631
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1b98a09f916713f08b8adc1edc21040480d9f5e305afa0256cfd41b3408ce254
1c28ae882b78ca13100834dc9427f353742caf63bb88dfd51ddad35578af27ab
219e6a8d881b5508478033bfaa78ece76701ce2ddf6294a16cceafa4369b9e8e
224903a3774ac0a6459c4a33b621ea644c765fc783f8c7e70e43449f78924ac3
226a80e6e859edb56cf726a6d0335c6ecf77ce3ea5a72bb7c981670dc6e669e0
2323a7620d5e97dd00138ff5840951c4c650da98da557f90d1c9f697410364a5
23966be124244107feca25e76a15ba53d9cd0e78cad3ef28e252482a32b2f191
240b1e9b49bbd0a1b332ff2e5b6d625aeb9d238886bccd16f364a5d4ffde21fc
240b510ef18a76fb2487d642a8addcc5b9dddbd2acda3c903fa7fa34d50de76d
2437e6f31b0e302ef924b77a9687abcb3d397275c23db81a1076ed0a0aead607
252a6a463b13fe14ce9ae7efd43b6d9f04ba2c9a297c4486008d0b48aa15c56e
25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
276b5244682738d09b1f2ea556faf7d6d967c844fa95c762c121a0957ebe4503
27c63725fb320f168c62b2933a5e284612674ceb14a998f9424ac85f6c00c73f
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63
2a5f335a8a9b8b290b529ede633efa998182d4391e539f40b67238a0448ee72e
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78
2d321458e38a170812d6109017b5c0d2d77b6ee982e68372b9f2216f8039b8e2
2de0fd2c3ccae4ab523d0aebb8f902740899faeca158e8bfbb54669cd0bd7afa
2df0a4053e66a1f1ef57b3561d2f22d0071064b7924a47b157d456b853e2cc5a
2e1c4cfb61f6cca53546db9775f8a4ce5db717542f36f845c1da42d1f0f496e5
2f28c008f0ce667d697ccc95a07377e8562c0c28dd910f864724a265f75671e4
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fae676c5618e7a321873e8446446ddf917c02a4f9ea26b15786bbb3bb30703c
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
326e1b254dca858716c5825b3d6c59ebdaac58ddacacd3d87bc6977314be4626
3382f5feb5553038273e8f8d235e06baeac3022ce5500f933f619ccdef5586ba
340ca627ea7831f778e09ec891f7b7413590153b57808242f3ea3be585831b7b
35824264a9e14428872f840d1377d1f805a4cf51b7eb24bef3d57cf3bd959e08
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3899cbeb9d3eab64577dadc7fd5c83da7ed53fba97b4c8d3db0d693a23cb0dc1
39f38410c55909990198bec4def77bd2348d9a27a6cb0de629109b690726290e
3bdd66f75a3e158453a1841639637ab7385e2a39ff16d356925d1c6b3e52f6b9
3c5b584817a547de78b1d37a6c7e65fc36cb2f74abb5e7fb01e1d91579c59f05
3d63a4c283b22a0da0af9c49a8e3a3a1c395bbfc46673a86b0f4901ac4ddb6fa
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e3a18910e00a7c4f8222f53f62338707c164cdbe9958ade06d8632fee5fc05b
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f1e409bdcf5920c4899c37c39e7b3fb92b60a2c1a041a16648b010e5bd439d4
3fde76cacc186420d0405496f66f9cd00a7c14a38a9ffa4b626a09affe83cc2a
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40ff50af720e02cfd6a4c63305d9d4a36bfbd5b390648225ab530218628a9f06
4125e17e53d668767a6ba6127acb4faffe9b20748baacdfc95a54d908d199428
413dc68c9b72121d1b30623b1ded0f17a0b41bbd4bf9dcf0e3923d6f32116e45
41fa01c782917e3f2c7ec4c60602f471ee628280908b71da13d4b127626ac85b
4229bb0dbf8cee8830bba2007991d97deb4a8b25fa30cc70ab662845d5098e9d
43d60886ca625f722d5cbb36a5d7c506c89bfeeea0cbc9a17c151735c32791b6
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
440178d326fbc673d8c4d3dcfc2246975ae8cbf7b6450b35f871b8eeba052335
448284959cd6022d644ac96927c57929d64b4df87dcf157191fa35b991d2f676
45de645e7c887232399adfa62b186fae268615a5f05aad880311510caec18d3c
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4764187b9b40abb4f95c07944d8b09658af59469609b4c3da568301e65c9fe27
47b4298117139d672739fe4ab41096e5ebcfedc6df564c3640d2aa085dfb2251
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48a6618e191e032cbab736538a295ce156e9e2324bcddeb22b30b88d375f58b7
4992ede20f45638296e34403d29df1453b7fab9223951274ae0637d1eb33a6b6
49bf986eda17b5d79186dcdd091973d4ab73a3e774c82905eb64308f641e2136
4acb988e880f8eed65ac2e0eeafd847f7b2d533127bdfc1521084f1a453b91b9
4c5f80cce6889f5bd1236ae540178efed729c20bf20c5afaeed6e2fa02d50323
4d1a44cd71b7bf19492c617f86c77dff3ad7435b8ef1335bc4411239a4fcf0e3
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e8d2516036834f2e64ed6a774c7ddc6f737fc79d85f7b6eb01ef1c4bb726ee4
5056dc2bb66bca02f604b3b267d97613ebe9dbf72c0047128e91029e9f5f6519
507a7f4fba1db3db4c412da3f80761c5375acfaaf5fc71a8b979b6904ce05f9f
511fbcd8bd5db286078078587d4e4d6f42aeeedf47e20c1faa891fccd03acea9
53ea1ee9cc3f30a5e3b324f66643f4fbc5425e120c217de68c7862212fbefdb4
5427e10c23520fbca480e8750c7e03dc2858eee594081879ea72a559bbd9fa81
556d08d99ff9acbfe85a14d3eb14e7db7d10930c1c6e47cf5d9a84a15ef85366
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56df44dcc95d7ced101bea8a0964e58f4d499b8090a7beccd4cc659d25be873c
58ed1b18e25607ec42f9df78bb2e16151b0a06a37aaf5f694919e124dddace55
5a2a34f6d11bce48c5770c5efd9f993a708646588c2db29f33e666e2a3463851
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1
5de38dd9b29b93fa720fd1bbee60d4553b6c2a7fa8737c694ba259df256f66d3
5def222b06bbda501f2758fa0c7366d1485623828c68f39a773b845f8ed473d3
5e5de8421c5407d204ef4033de2ed27dfafd3c5d931bddd16daf4933dd0e0bcf
602801ba87bfbce0a4e7436238aa728efbe7356948b15d4b77d6a6b172e700fb
6191a4503e767446918f91cec6f09a7a005cf9dc29336fdd6b89af49c64a9fbb
61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
6317ec8c4a5b393a3e6d00c04f4affd86d30566cfe5d31ec9b501a99876ffb29
64bd62679fbefcfd46fb16c93bccda65b4716fdb1714a7d0912f14601dc082e2
6590de42ad8bb123283a9f4483ecc1c62ca6321d557173de5157c3849ef93211
65e6f619f8f45c9c76984b478e4332c37af544850d2e6f62e6e8b7ba88a09778
67466012d868d91bfa102522652a5d75cecbc80445bf46a619ca04928c543872
674889c3d024c5e04a47ab29616a51304e396b120ab76011ddc8e012c047effb
6890863b82babe5311bd1d6dba85c3c2aa8bcdadb56b35a7b5418457321dc35c
69026cc820b188c704c34bd97b5d7006b8fb92fca46013aa1e55a029ba437dc2
693b7ad329853b5d32ab0196b6f79c23f3e6497458005a36fa0ef85b876f066b
6a99ab8fd9502d83584e76ab98b20609f4b7f564427afd058fc4a51cf6b5bae3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6dbeb4fdbd083a2cc1ffbdc398ecb79a1c08fb996481cbd4f83b8e0734dca35f
6dd94ba984a9f122962af0265f1cf890c7904996c3dec138b95c47bfb8169912
6e3a0ec886bc332d36f61c37c9e7ec663e19bb89bbd6b0243140c871c70d33e8
6e836f518a7bf77f3cd3a2484434b3a521af6afec03b8ecd460aa0c84bab066f
72e60b6eb3be9d5d931fdeb84475759aa558145f9a848f1804423f5b1e611ecc
7481940b38e0ef35880b5aa4a737ff132a01640a20891a702a850108bd95bea5
7532e5d50a7ff54a07a11ca11dd5374299bfe20df5b5362ffae6e60dd21c1b01
76da8d65154aea71a794d050831797a3ec34d8b535080dd92bd50a0080095864
79b989418f8502a5e74df993405b7ad322113c4293e4e1fc6c4c39828075c2a5
79df73fd1377483384f7b7565e98c4a430889f0388db05634271f9f302faeac7
7ab619e2032c2ac25c71e5f1dc1efc5ee2e122b34767ecac6765412b852e5c53
7fdeb1c6fd18e0f486055ae90b9c37c166cd1b455157daa7de08f4271ac696ce
80d7719730935376ba7c5551dfda2160533c328fcccedd39348be49bafce813f
81445b406a674cfab3930f31d2339fcde386403cdacbd021ec168467abd7ae86
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
830803100dd79ed8f203d35255fbcdbdcf3ba529dd4f681992934682d2937cf5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
844d86eef3da1626f5afe02a5a200a1cdc43c37ee2c6d893907ab957df157a62
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
876dad72c8fcd96eeda8be4cb50a6114f9de42218743d3a1613d019b1d619299
8774018c1144b86e36ee08be52ead31829085c7f81669101e728e6d3edc9b18b
8a9e771dbc369bfe7301ad483fa04ea91854400a00a33a978b6e805be79e34b1
8c53e96ed767e39fc112c093cb774e7dd4817842a1aff73c59727851037fe465
8d3d191d44b6a042adb3ac86d403f8eaa0f7d28056ce74fb3ec3bc65aff5178f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e99e1ceb5d2b6483d5cf48bff61db9da00db6cb806b7aa2e0f22f87a787e0d3
8e9a93bb9abfdde19cc4513a7a8c27c13d292d1bcbed467a6e413fc830dcdc75
8ed1c626af66981552aac1e9cd693fb3bbf73411f1af5ad340723545258fab7e
8ffe76ba71b92e6e6081611c692a2bfe28defe2cb663106110ac8a0ec0ba7560
90d7aa6ac96b93dbf49a7e7609b027fa9c32daaaf284939fcb03345d4a79bbdf
91d47751cf8b721f97b94e8125945bb960dad1a249f62b7cc3337182f70e9773
93c45b6c4d23d6de935cc95285dbd06307bb024640cb4c186ddb7cdbc091aac1
93c998a47545beef7c24cdbaa5a200d951fc0d0cc3ca4d2389117a82b23ec049
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
943030a2bb4a69de7b031fefa25844e7cfd27154a2ba1f4b05d180a55273ab21
95b148d265f8bde25dede14eba0137177c17a68351561113e4f1f573dbc0435c
95e5b61dfe96ac5d56f754571e6a751a50cef585f7ca307a26b2f7d0bbbb6ace
95e7ff1765632ac901edb5fa6a706ead32c4afc6daeb064351ff320b80adaea3
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c4716092f12c43127bde81ec43d177867923da7a413316d9d0a1c8459943c1d
9d799961163bc310e9b528b76ced3dd459085488c92a0713ce48f2ee67c4a06b
a10c2815686d81abf93d9b8e680551c6da94101ba42919fe1f66f3c36bcb4e41
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
a2d9f986e81ce3a5cd74a2c6c81f5d9ced7ec4955ff6f367f391b757ba81e677
a345a18e5d3f6c07451cb14dd480bfad123f03663912b581265d617d4725fe9a
a43c14fa427a2d1dc15abcf451ac122237be1f65ff733bc1cf072547cbf3084b
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a778e186c3e33d7b4aed07697bd2cc9b528871ca4bbd21eb05dfd914aba1243e
a93a488d3100615a5cbc0a779462a8021f60629cefa40a89dc10c4e1aaf3bc7d
a9acb91176388474590aa509f8cccf40080aa7223a01c45d404df6a0d03959ba
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aee03ccf261e11a0a6e395d0ccf6a1d9786a60edc1c5c58a9e0abf87914ade47
afc9f5a4a58588844ea3acea803a4516fa119aa08ac17d33deacc52092f0e846
b0a16378462c7afcb27d8e14cf50e2cd3a8980af2895d20622640b096920719e
b13a65e04d66e76e5d1c2513403418b7bd53649bb590006984a6a745c074b16f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b26a6d19d04b16fbed25cf037d5c79a18eb64d0ef1798b9929f5aef201c30a35
b32365fcbd05168aae475da89031f4532e10635201a903dc6c0efe74dc25e095
b333a33f794194adaf94287fb06c6529010aade13c0574140ea03f4bd9f433bf
b510ee91066f77f938f78422378a73f44818d0ee661c0ccb5ad398cc7dd6b080
b52af4f6849257bb609f2078d51dc45ad49c0f9b5ff217cf6f9c1c8afcb9a8df
b624889074ec38a8f82b3617e88561201a077eb00ca3e95a661d3e25f95dc746
b6cb116aec40404b00a8f6d23fd9a447bc3b71b1545cf67e018cc464878dfada
b73aae0a99bbdbad9a499416c7f5e7dc621d4b8f82f733204feb414ada7a42f2
b8e1e7ef9a3a7d25200da1e6d25b8bff7b7e64ea52de2f53cd4a2e573417e810
bad45554710eef2281d90a8d0f813dba9f04fe01bdd6f38dea8a069a4aabb843
bb9b9c77d20087cc9ecfd835876be849b360a7a5bec7135eb2c9f1d2dfc3285e
bc2f58921012cb4607a3f0dc7c1732508794f895097b6765eef95e17ecfe4ec6
bcbfbbd3c1f420528b3bf767b79e6d0e826aa11ba36544fa5cbb40147ed5279e
bcd0956ceacaac48e94c195437041361de8f8bdeba19024d7c049c17f28e680d
bf4ee5152a160e2110f97197e59bcff84700f33e6c1e7617224824ff702e4478
bf8cc7bc9819882d69b9f80140c7b8d9315f840ee9522e5227e5cbcd42124d0f
bffba5346310aac216c4809e6d6f8501f5d2dadffa0db3d16852c2b0264a1356
c0305ea37f813c5c3a4ef01059cb6d31958b121d584fec3ebcdcaa21182d0759
c217e950c087942f196ecb03af69d4e2266d6f7da2e4acd4bbdb3a1b879170d5
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c254650f10a8fd8c05b50340c517f84deb5319b9cc5f4b90bc6ac77b2c018ae4
c27656543ea72cfde94a907f960c330cda303453cf29063a1eeec45ab293a470
c2fc57b180afd0cb7881dbb0812b85d881e1476a46559f1788a219af104173b6
c470f5269cbf861321afe03dc2db7a3c691b4d4aebec846e2adc28e221200bff
c59318fa5a976aa79440635feea9d1b0eb46de96f0133c069759058286af6154
c5d66071dcfb176c4931798a028bacd797fbf23b7aaf18f31be09a42d012b20e
c81bfc21d22d598af44dfd8257de7701da4cddd95817c7418f3de0643d53630a
c81cab8c63d469329c0e0724770c6c8622f0d5d1fb8b6f919b6d7dddfadba190
c91cc5fe602eae98675f9ebd673221eb36dac6208a200fb402deb8092a1c777f
ca23ed35f9fb9d1b934686a2f2f5f2b4ba8703096de39805cecbe2407a5056fb
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb23e5010cbd08669cb219ea507d685a0e468e83384076f7ba2e89cf723ce689
cce768cee839e01c304a426f0dbce4298f6024d856d1abe69efe450ac35863b4
cd20c40c603998dd111a32f07f2007d003e939908a46b1b51202c2ea73d87e8d
ce559c0f43ec2a0dc664159bd06a2ac3bd3e5fdde0958a7db9418a80b1c4cf09
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d00b4c8953cdf25f549728ad667759e6f7650b5bf6146ecd3ec7c087bd3265b8
d0b908ded387674260f99ef2d55defbca28a1ef9428a83650594069025a270d9
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d2285d900cd4ffba600ac43f569aee827afbf9a6522e52bc7517e2f263279e11
d22c2b457592d1f744afe93fdca6657e1985e47f0fade89674ae45ebce1d6428
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d314da1c0fe98b9d700b0ea14785acd14ad4d09e989e39c8b3422c1f91db98ae
d5986e25fc5399f2a5ed2d4877259798ed184ad9154277efc93e7e4e2b092e5c
d5d6ae55512477c1b5ac1f48ca7afaeba4a2f1303ba1746e0ebde556f1d6e58f
d67d60068f5c9f58f9cdb6fb030e7cf2bc2f1bd9e63c765c37f766ed4c183cb2
d82c17b4ebf12ae0b94273376fe1a2892840c91fd30eb8fa5b490a856fa3589c
d846066a899e1d5bd33e3d6c616c335a6281a979453eaf74dfc41a9ad9ef481e
d9137152d1b4c7cc373a892c237350f3e8976c3c20f4a050b412521ba16f8459
da9b18821986663ec3e5f926699020bfcd9ca73aec75fbed9006866022808e8a
db96d7f33dc3879960203d2b7e8554cfd32346483db10b9d6e3f17d96ae22e09
dc36025a2e4956fdc7e586b66fb17ccf815b1a392a151a3d0fe0771fa962a828
dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302
dda2e8d451cf3520b8ab9f9249034d073b1352255351ecf40afd6b4e5a1cface
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de68a4d1589f452e7a9eda135ab254a89514003b5aece81d16b0eba2bfaa3084
dee33f183cb48eb1c7b986a4a16b3bb7e5ab897be0607e7529fb360ed5984692
df56f5915568b16fcbf7ddb9a0dd9461e271dbb63311f3b57ae2bfaa53ed9508
e0c867c8b4ddc4704dea1c8f1cfd309b9a4bd9cdd64a9fbbf21ffd1b31bf156a
e13822da2ca587d1d53b050cb267bbfea098e785e496dfb833bf4ae38555a087
e1af27d1c1580f275620e5abe619e3c1531eac5fde8d9022fb1c59a3b1d7a977
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5bab9427ec1d36c811e3ca40b2a1014b330dea0fc48b787041c572e1fdc4f28
e5e9d922e0fb53fd9258e04d3afd2d6e566b467af5818870ce2a97adcb0a5211
e6e8dd35a8e047cd5d4742ba6175d55e1bb778d495bd2536e1d7d67c05d03a0d
e93d9c2963111a7dbcfda20bfe51b7cfc0f414a6312f8e49b2f1e3f572e9f53e
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ecf3583217d45aacd20a55f17e79fbfd8d4c39cca3190c8509d2029d9e413624
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c9c9c6a40a39485d3fee09ca6ecba5547eb1897485c44922560dd0775514b7
f1edf77f9ebe3c2c2f5e0794fee509b7b240ab9791e113d08b9404d34b7ad7bf
f2f5e79e87300e9bf76b80c6a21aa5bf93405e0e3cf238877db8ce307752e013
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f65028b3a708fd2edf5da6274a77c5ad8c449009d8bbd59db7d4bf74e5c1d8d9
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6e33ef40e3eeb658a98492528f6abdcbf2856faedd88bfe45594c1214017ed9
f74f99e9fe1027d19c741e71e7a2adf40f49a011d50cb110e45a0511f624fb3a
f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9
f8479d4bfb2e4f53aedad547189a6d3646a9a2d787b49aa7518142d25221928f
f88b6c407781a770cc2b6caeab8a9b5a86a1dd7bf633b1791256c33538ca126b
fa0e6ae724664da43ec9e9daddbfebe716c5deaa9d582843186bc442566d9c4b
fa7d0a82428d5c48cee1698c147855ba7b0f0b12c069637f3f2a4277a7d1723b
fab3a5b45c07012708c6ad1649345d90396f7be12a822c5bb68f2ecb88d429bf
fc81a082b8bb3b830caf54bc8c463f3a35cca28e6e93100a64d1ddb40a42ec7b
fe2865843f8a04437fed9bb0f68018cbd6cdbecb5c4b4c70a504f41ab008255c