urlscan.io logo urlscan.io
SecurityTrails logo

cheet-4549-torontosun.gdev.postmedia.digital Open in urlscan Pro
34.95.11.30  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://cheet-4549-torontosun.gdev.postmedia.digital/
Effective URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Submission: On January 31 via api from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 88 IPs in 7 countries across 82 domains to perform 363 HTTP transactions. The main IP is 34.95.11.30, located in Montreal, Canada and belongs to GOOGLE-PRIVATE-CLOUD, US. The main domain is cheet-4549-torontosun.gdev.postmedia.digital.
TLS certificate: Issued by R3 on January 31st 2022. Valid for: 3 months.
This is the only time cheet-4549-torontosun.gdev.postmedia.digital was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 29 34.95.11.30 396982 (GOOGLE-PR...)
8 142.250.65.162 15169 (GOOGLE)
4 143.204.137.197 16509 (AMAZON-02)
6 23.57.136.222 16625 (AKAMAI-AS)
2 18 104.16.190.66 13335 (CLOUDFLAR...)
1 99.84.125.32 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 99.84.42.98 16509 (AMAZON-02)
1 13.33.46.72 16509 (AMAZON-02)
11 34.149.157.221 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
4 2600:9000:214... 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
2 6 13.33.46.48 16509 (AMAZON-02)
1 2a04:4e42::645 54113 (FASTLY)
6 151.101.130.133 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 52.204.164.51 14618 (AMAZON-AES)
1 104.36.115.98 62713 (AS-PUBMATIC)
2 104.94.205.31 16625 (AKAMAI-AS)
77 3.230.217.116 14618 (AMAZON-AES)
4 7 68.67.160.117 29990 (ASN-APPNEX)
1 178.250.2.131 44788 (ASN-CRITE...)
3 35.244.159.8 15169 (GOOGLE)
2 2602:803:c002... 26667 (RUBICONPR...)
4 2a04:4e42:400... 54113 (FASTLY)
1 99.84.40.238 16509 (AMAZON-02)
1 2600:141b:e80... 20940 (AKAMAI-ASN1)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 146.75.28.157 54113 (FASTLY)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 54.144.144.142 14618 (AMAZON-AES)
4 4 2620:1ec:21::14 8068 (MICROSOFT...)
1 1 108.174.10.14 14413 (LINKEDIN)
1 3 104.18.101.194 13335 (CLOUDFLAR...)
2 99.83.154.140 16509 (AMAZON-02)
1 2 2607:f8b0:400... 15169 (GOOGLE)
1 14 209.54.176.128 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 104.244.42.3 13414 (TWITTER)
1 104.244.42.5 13414 (TWITTER)
2 151.101.66.133 54113 (FASTLY)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
7 7 151.101.130.49 54113 (FASTLY)
1 34.73.194.24 396982 (GOOGLE-PR...)
3 3 35.211.178.172 15169 (GOOGLE)
13 16 142.250.81.226 15169 (GOOGLE)
2 3 3.218.90.66 14618 (AMAZON-AES)
1 1 69.90.254.78 13768 (COGECO-PEER1)
2 2 54.175.198.118 14618 (AMAZON-AES)
1 4 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
4 9 3.212.61.226 14618 (AMAZON-AES)
3 23.54.68.197 16625 (AKAMAI-AS)
1 2 63.251.114.136 29791 (VOXEL-DOT...)
3 3 52.223.22.214 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 4 3.216.55.148 14618 (AMAZON-AES)
11 3.223.182.225 14618 (AMAZON-AES)
2 5 35.190.60.146 15169 (GOOGLE)
1 2 184.85.195.135 16625 (AKAMAI-AS)
7 7 54.236.195.76 14618 (AMAZON-AES)
1 3 54.85.224.115 14618 (AMAZON-AES)
2 156.154.202.36 19907 (NEUSTAR-AS6)
3 13 23.54.68.240 16625 (AKAMAI-AS)
1 3 2600:1f18:4e9... 14618 (AMAZON-AES)
10 10 35.71.131.137 16509 (AMAZON-02)
3 11 34.98.64.218 15169 (GOOGLE)
2 2 192.132.33.46 18568 (BIDTELLECT)
1 1 68.67.161.206 29990 (ASN-APPNEX)
6 6 74.121.140.14 30419 (MEDIAMATH...)
5 23.92.190.68 29791 (VOXEL-DOT...)
2 2 185.184.8.65 204995 (RTB-HOUSE...)
1 1 54.165.115.242 14618 (AMAZON-AES)
4 4 199.127.204.142 26120 (RHYTHMONE)
2 104.36.115.113 62713 (AS-PUBMATIC)
1 1 69.173.151.100 26667 (RUBICONPR...)
1 2 185.167.164.37 198622 (ADFORM)
11 104.36.115.109 62713 (AS-PUBMATIC)
3 3 107.178.254.65 15169 (GOOGLE)
1 1 34.98.67.3 15169 (GOOGLE)
4 104.36.115.114 62713 (AS-PUBMATIC)
1 1 75.126.248.142 36351 (SOFTLAYER)
2 2 2620:112:f002... 6336 (TURN-US-ASN)
5 69.173.144.138 26667 (RUBICONPR...)
3 3 69.173.144.165 26667 (RUBICONPR...)
5 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2600:9000:202... 16509 (AMAZON-02)
13 52.201.20.189 14618 (AMAZON-AES)
2 2620:100:a001::4 19750 (AS-CRITEO)
5 2607:f8b0:400... 15169 (GOOGLE)
1 2a04:4e42:200... 54113 (FASTLY)
1 151.101.1.108 54113 (FASTLY)
1 2 35.186.253.211 15169 (GOOGLE)
2 2 34.203.25.60 14618 (AMAZON-AES)
2 2 207.198.113.169 13768 (COGECO-PEER1)
1 2 107.178.246.49 15169 (GOOGLE)
2 2 3.231.80.183 14618 (AMAZON-AES)
1 1 198.148.27.139 19189 (PULSEPOINT)
1 1 199.187.193.193 47043 (SMARTADSE...)
1 1 193.122.130.38 31898 (ORACLE-BM...)
1 38.91.45.7 398989 (DEEPINTENT)
1 74.119.119.150 19750 (AS-CRITEO)
3 3 141.94.170.64 16276 (OVH)
2 2 34.229.3.43 14618 (AMAZON-AES)
1 2 35.201.96.126 15169 (GOOGLE)
1 2 44.198.222.213 14618 (AMAZON-AES)
2 2 2606:ae80:145... 25751 (VALUECLICK)
1 18.213.56.215 14618 (AMAZON-AES)
1 1 34.194.30.250 14618 (AMAZON-AES)
2 2606:4700:10:... ()
1 2 2620:100:a001::c ()
1 2600:9000:214... ()
1 74.119.119.139 ()
363 88
29    34.95.11.30 (Montreal, Canada)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: 30.11.95.34.bc.googleusercontent.com
cheet-4549-torontosun.gdev.postmedia.digital
8    142.250.65.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f2.1e100.net
securepubads.g.doubleclick.net
www.googleadservices.com
4    143.204.137.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-137-197.ewr52.r.cloudfront.net
c.amazon-adsystem.com
6    23.57.136.222 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-57-136-222.deploy.static.akamaitechnologies.com
micro.rubiconproject.com
ads.rubiconproject.com
eus.rubiconproject.com
18    104.16.190.66 (None, )

ASN13335 (CLOUDFLARENET, US)
hb.districtm.io
cdn.districtm.io
dmx.districtm.io
1    99.84.125.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-125-32.ewr52.r.cloudfront.net
cdn.adsafeprotected.com
1    2607:f8b0:4006:81d::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:3037::6815:3c3f (United States)

ASN13335 (CLOUDFLARENET, US)
www.npttech.com
1    2606:4700:10::6816:48e8 (United States)

ASN13335 (CLOUDFLARENET, US)
auth.lrcontent.com
1    99.84.42.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-42-98.ewr52.r.cloudfront.net
ak.sail-horizon.com
1    13.33.46.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-46-72.ewr52.r.cloudfront.net
fem.prod.postmedia.digital
11    34.149.157.221 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 221.157.149.34.bc.googleusercontent.com
smartcdn.gprod.postmedia.digital
4    2607:f8b0:4006:820::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    2600:9000:2140:c000:8:f216:eb80:93a1 (United States)

ASN16509 (AMAZON-02, US)
d395dw5zk780j2.cloudfront.net
2    2607:f8b0:4006:81f::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    13.33.46.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-46-48.ewr52.r.cloudfront.net
sb.scorecardresearch.com
1    2a04:4e42::645 (United States)

ASN54113 (FASTLY, US)
jssdkcdns.mparticle.com
6    151.101.130.133 (United States)

ASN54113 (FASTLY, US)
cdn.krxd.net
1    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
3    52.204.164.51 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-164-51.compute-1.amazonaws.com
pixel.adsafeprotected.com
1    104.36.115.98 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    104.94.205.31 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-94-205-31.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
77    3.230.217.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-217-116.compute-1.amazonaws.com
c2shb.ssp.yahoo.com
7    68.67.160.117 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
1    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
3    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
postmedia-d.openx.net
u.openx.net
us-u.openx.net
2    2602:803:c002:200::41 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
4    2a04:4e42:400::645 (United States)

ASN54113 (FASTLY, US)
identity.mparticle.com
1    99.84.40.238 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-40-238.ewr52.r.cloudfront.net
cdn.parsely.com
1    2600:141b:e800:3d::17dc:f9cb (Piscataway, United States)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
2    2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    146.75.28.157 (Ashburn, United States)

ASN54113 (FASTLY, US)
static.ads-twitter.com
3    2606:4700::6811:b9b1 (United States)

ASN13335 (CLOUDFLARENET, US)
sandbox.tinypass.com
1    54.144.144.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-144-142.compute-1.amazonaws.com
p1.parsely.com
4    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com
px4.ads.linkedin.com
3    104.18.101.194 (None, )

ASN13335 (CLOUDFLARENET, US)
p.adsymptotic.com
2    99.83.154.140 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa7557bb34ea5624b.awsglobalaccelerator.com
api.sail-personalize.com
2    2607:f8b0:4006:81c::2002 (United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
14    209.54.176.128 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    2607:f8b0:4006:80d::2002 (United States)

ASN15169 (GOOGLE, US)
adservice.google.ca
1    2607:f8b0:4006:81e::2002 (United States)

ASN15169 (GOOGLE, US)
adservice.google.com
1    104.244.42.3 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    104.244.42.5 (United States)

ASN13414 (TWITTER, US)
t.co
2    151.101.66.133 (United States)

ASN54113 (FASTLY, US)
consumer.krxd.net
1    2607:f8b0:4006:823::2001 (United States)

ASN15169 (GOOGLE, US)
9ab1a5e59a6ae4f1c380e4ad20393179.safeframe.googlesyndication.com
2    2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
7    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    34.73.194.24 (North Charleston, United States)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: 24.194.73.34.bc.googleusercontent.com
dmx.us-east-34.districtm.io
3    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
16    142.250.81.226 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f2.1e100.net
cm.g.doubleclick.net
3    3.218.90.66 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-90-66.compute-1.amazonaws.com
ups.analytics.yahoo.com
1    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
2    54.175.198.118 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-198-118.compute-1.amazonaws.com
sync.srv.stackadapt.com
4    2607:f8b0:4006:80b::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
2    2607:f8b0:4006:81e::2003 (United States)

ASN15169 (GOOGLE, US)
www.google.ca
9    3.212.61.226 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-61-226.compute-1.amazonaws.com
match.sharethrough.com
3    23.54.68.197 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-54-68-197.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    63.251.114.136 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
3    52.223.22.214 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
1    2606:4700::6810:f015 (United States)

ASN13335 (CLOUDFLARENET, US)
c2-sandbox.piano.io
4    3.216.55.148 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-55-148.compute-1.amazonaws.com
usermatch.krxd.net
11    3.223.182.225 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-182-225.compute-1.amazonaws.com
beacon.krxd.net
5    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
id.rlcdn.com
2    184.85.195.135 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-85-195-135.deploy.static.akamaitechnologies.com
stags.bluekai.com
tags.bluekai.com
7    54.236.195.76 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-195-76.compute-1.amazonaws.com
match.prod.bidr.io
3    54.85.224.115 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-224-115.compute-1.amazonaws.com
ml314.com
2    156.154.202.36 (United States)

ASN19907 (NEUSTAR-AS6, US)
aa.agkn.com
13    23.54.68.240 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-54-68-240.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
js-sec.indexww.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
3    2600:1f18:4e9:5a02:1f9d:78fd:b4f5:2185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
10    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
data.adsrvr.org
11    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
u.openx.net
2    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
1    68.67.161.206 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 798.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
6    74.121.140.14 (Reston, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
5    23.92.190.68 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ce.lijit.com
2    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
creativecdn.com
1    54.165.115.242 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-115-242.compute-1.amazonaws.com
aorta.clickagy.com
4    199.127.204.142 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
2    104.36.115.113 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
2    185.167.164.37 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
11    104.36.115.109 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
3    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.98.67.3 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
4    104.36.115.114 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
1    75.126.248.142 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 8e.f8.7e4b.ip4.static.sl-reverse.com
um.simpli.fi
2    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
5    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
3    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
5    2607:f8b0:4006:808::2001 (United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2607:f8b0:4006:821::2002 (United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2600:9000:202c:d600:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
13    52.201.20.189 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-20-189.compute-1.amazonaws.com
dt.adsafeprotected.com
2    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
5    2607:f8b0:4006:816::2002 (United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a04:4e42:200::645 (United States)

ASN54113 (FASTLY, US)
jssdks.mparticle.com
1    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
2    34.203.25.60 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-203-25-60.compute-1.amazonaws.com
sync.ipredictive.com
2    207.198.113.169 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    107.178.246.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com
pixel.tapad.com
2    3.231.80.183 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-231-80-183.compute-1.amazonaws.com
pixel.advertising.com
1    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    199.187.193.193 (Canada)

ASN47043 (SMARTADSERVER, CA)
rtb-csync.smartadserver.com
1    193.122.130.38 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
1    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
3    141.94.170.64 (France)

ASN16276 (OVH, FR)
PTR: pikafka-7.cloudy.ovh
pixel.onaudience.com
2    34.229.3.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-229-3-43.compute-1.amazonaws.com
loada.exelator.com
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
2    44.198.222.213 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-198-222-213.compute-1.amazonaws.com
io.narrative.io
2    2606:ae80:1451:19::1400 (United States)

ASN25751 (VALUECLICK, US)
pubmatic-match.dotomi.com
1    18.213.56.215 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-56-215.compute-1.amazonaws.com
rtb.adentifi.com
1    34.194.30.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-30-250.compute-1.amazonaws.com
sync.extend.tv
2    2606:4700:10::6816:49e8 (None, )

ASN- ()
config.lrcontent.com
2    2620:100:a001::c (None, )

ASN- ()
gum.criteo.com
1    2600:9000:2140:e200:7:75d4:e40:93a1 (None, )

ASN- ()
assets.ribn.com
1    74.119.119.139 (None, )

ASN- ()
mug.criteo.com
Apex Domain
Subdomains		 Transfer
83 yahoo.com
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 693
ups.analytics.yahoo.com — Cisco Umbrella Rank: 283
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 470
25 KB
41 postmedia.digital
cheet-4549-torontosun.gdev.postmedia.digital
fem.prod.postmedia.digital — Cisco Umbrella Rank: 121799
smartcdn.gprod.postmedia.digital — Cisco Umbrella Rank: 102338
577 KB
24 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
googleads.g.doubleclick.net — Cisco Umbrella Rank: 46
cm.g.doubleclick.net — Cisco Umbrella Rank: 197
221 KB
23 krxd.net
cdn.krxd.net — Cisco Umbrella Rank: 1256
consumer.krxd.net — Cisco Umbrella Rank: 1549
usermatch.krxd.net — Cisco Umbrella Rank: 1214
beacon.krxd.net — Cisco Umbrella Rank: 408
184 KB
21 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 459
ads.pubmatic.com — Cisco Umbrella Rank: 473
image6.pubmatic.com — Cisco Umbrella Rank: 595
simage2.pubmatic.com — Cisco Umbrella Rank: 552
image4.pubmatic.com — Cisco Umbrella Rank: 848
image2.pubmatic.com — Cisco Umbrella Rank: 1032
simage4.pubmatic.com — Cisco Umbrella Rank: 1179
34 KB
19 adsafeprotected.com
cdn.adsafeprotected.com — Cisco Umbrella Rank: 3473
pixel.adsafeprotected.com — Cisco Umbrella Rank: 556
static.adsafeprotected.com — Cisco Umbrella Rank: 533
dt.adsafeprotected.com — Cisco Umbrella Rank: 484
122 KB
19 districtm.io
hb.districtm.io — Cisco Umbrella Rank: 91020
cdn.districtm.io — Cisco Umbrella Rank: 2067
dmx.districtm.io — Cisco Umbrella Rank: 1407
dmx.us-east-34.districtm.io — Cisco Umbrella Rank: 18286
20 KB
18 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 281
s.amazon-adsystem.com — Cisco Umbrella Rank: 284
51 KB
17 rubiconproject.com
micro.rubiconproject.com — Cisco Umbrella Rank: 4925
ads.rubiconproject.com — Cisco Umbrella Rank: 2482
fastlane.rubiconproject.com — Cisco Umbrella Rank: 467
eus.rubiconproject.com — Cisco Umbrella Rank: 541
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1135
pixel.rubiconproject.com — Cisco Umbrella Rank: 312
token.rubiconproject.com — Cisco Umbrella Rank: 689
170 KB
16 openx.net
postmedia-d.openx.net — Cisco Umbrella Rank: 133589
u.openx.net — Cisco Umbrella Rank: 710
us-u.openx.net — Cisco Umbrella Rank: 359
rtb.openx.net — Cisco Umbrella Rank: 1548
3 KB
13 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 461
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 520
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590
dsum.casalemedia.com — Cisco Umbrella Rank: 1272
13 KB
11 googlesyndication.com
9ab1a5e59a6ae4f1c380e4ad20393179.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 124
pagead2.googlesyndication.com — Cisco Umbrella Rank: 100
112 KB
10 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 329
data.adsrvr.org — Cisco Umbrella Rank: 6192
5 KB
9 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 637
2 KB
9 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 241
secure.adnxs.com — Cisco Umbrella Rank: 404
acdn.adnxs.com — Cisco Umbrella Rank: 565
25 KB
7 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 524
3 KB
7 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 690
ce.lijit.com — Cisco Umbrella Rank: 816
7 KB
7 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 560
1 KB
6 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 421
3 KB
6 mparticle.com
jssdkcdns.mparticle.com — Cisco Umbrella Rank: 5618
identity.mparticle.com — Cisco Umbrella Rank: 2364
jssdks.mparticle.com — Cisco Umbrella Rank: 5364
48 KB
6 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 138
3 KB
5 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 316
id.rlcdn.com — Cisco Umbrella Rank: 738
824 B
5 google.com
adservice.google.com — Cisco Umbrella Rank: 80
www.google.com — Cisco Umbrella Rank: 13
2 KB
5 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 546
www.linkedin.com — Cisco Umbrella Rank: 647
px4.ads.linkedin.com — Cisco Umbrella Rank: 5501
4 KB
5 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 722
dis.criteo.com — Cisco Umbrella Rank: 691
gum.criteo.com
mug.criteo.com
7 KB
4 cloudfront.net
d395dw5zk780j2.cloudfront.net
17 KB
4 gstatic.com
fonts.gstatic.com
60 KB
3 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 1510
1 KB
3 pippio.com
pippio.com — Cisco Umbrella Rank: 797
1 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 528
2 KB
3 ml314.com
ml314.com — Cisco Umbrella Rank: 1557
13 KB
3 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 389
1 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 287
2 KB
3 google.ca
adservice.google.ca — Cisco Umbrella Rank: 12419
www.google.ca — Cisco Umbrella Rank: 7861
1 KB
3 adsymptotic.com
p.adsymptotic.com — Cisco Umbrella Rank: 642
659 B
3 tinypass.com
sandbox.tinypass.com — Cisco Umbrella Rank: 137001
82 KB
3 lrcontent.com
auth.lrcontent.com — Cisco Umbrella Rank: 47177
config.lrcontent.com
48 KB
2 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3523
745 B
2 narrative.io
io.narrative.io — Cisco Umbrella Rank: 2498
643 B
2 fiftyt.com
visitor.fiftyt.com — Cisco Umbrella Rank: 4756
1007 B
2 exelator.com
loada.exelator.com — Cisco Umbrella Rank: 23037
2 KB
2 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 327
700 B
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 419
888 B
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 626
876 B
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1187
959 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 636
2 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 645
55 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 770
959 B
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 608
949 B
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 698
734 B
2 bttrack.com
bttrack.com — Cisco Umbrella Rank: 746
1 KB
2 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 442
1 KB
2 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 510
tags.bluekai.com — Cisco Umbrella Rank: 466
1 KB
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 973
825 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
424 B
2 sail-personalize.com
api.sail-personalize.com — Cisco Umbrella Rank: 2804
474 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 146
114 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 106
16 KB
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 2931
p1.parsely.com — Cisco Umbrella Rank: 2249
21 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
148 KB
1 ribn.com
assets.ribn.com
4 KB
1 extend.tv
sync.extend.tv — Cisco Umbrella Rank: 1830
546 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1228
88 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 921
221 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1292
801 B
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 578
763 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 577
799 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 165
38 KB
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 745
657 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 4739
358 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 905
584 B
1 clickagy.com
aorta.clickagy.com — Cisco Umbrella Rank: 2420
658 B
1 piano.io
c2-sandbox.piano.io
2 KB
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1208
606 B
1 t.co
t.co — Cisco Umbrella Rank: 487
336 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 537
457 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 630
6 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 1098
2 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 440
1 KB
1 sail-horizon.com
ak.sail-horizon.com — Cisco Umbrella Rank: 2906
43 KB
1 npttech.com
www.npttech.com — Cisco Umbrella Rank: 3811
3 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
1 KB
363 82
Domain Requested by
77 c2shb.ssp.yahoo.com micro.rubiconproject.com
29 cheet-4549-torontosun.gdev.postmedia.digital 1 redirects cheet-4549-torontosun.gdev.postmedia.digital
16 cm.g.doubleclick.net 13 redirects u.openx.net
eus.rubiconproject.com
14 s.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
u.openx.net
match.sharethrough.com
ap.lijit.com
eus.rubiconproject.com
cdn.districtm.io
ads.pubmatic.com
us-u.openx.net
ssum-sec.casalemedia.com
13 dt.adsafeprotected.com cheet-4549-torontosun.gdev.postmedia.digital
12 dmx.districtm.io 1 redirects hb.districtm.io
cdn.districtm.io
cheet-4549-torontosun.gdev.postmedia.digital
11 us-u.openx.net 2 redirects u.openx.net
micro.rubiconproject.com
us-u.openx.net
11 beacon.krxd.net cheet-4549-torontosun.gdev.postmedia.digital
cdn.krxd.net
11 smartcdn.gprod.postmedia.digital cheet-4549-torontosun.gdev.postmedia.digital
9 match.adsrvr.org 9 redirects
9 match.sharethrough.com 4 redirects s.amazon-adsystem.com
match.sharethrough.com
7 match.prod.bidr.io 7 redirects
7 sync-tm.everesttech.net 7 redirects
7 ib.adnxs.com 4 redirects micro.rubiconproject.com
acdn.adnxs.com
6 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
6 simage2.pubmatic.com ads.pubmatic.com
6 sync.mathtag.com 6 redirects
6 cdn.krxd.net fem.prod.postmedia.digital
cdn.krxd.net
6 sb.scorecardresearch.com 2 redirects fem.prod.postmedia.digital
cheet-4549-torontosun.gdev.postmedia.digital
6 securepubads.g.doubleclick.net cheet-4549-torontosun.gdev.postmedia.digital
securepubads.g.doubleclick.net
www.googletagservices.com
5 pagead2.googlesyndication.com www.googletagservices.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
5 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
5 pixel.rubiconproject.com eus.rubiconproject.com
5 image2.pubmatic.com ads.pubmatic.com
5 ce.lijit.com ap.lijit.com
5 cdn.districtm.io 1 redirects hb.districtm.io
cdn.districtm.io
s.amazon-adsystem.com
4 ssum-sec.casalemedia.com 2 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
4 usermatch.krxd.net 4 redirects
4 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
micro.rubiconproject.com
4 www.google.com 1 redirects cheet-4549-torontosun.gdev.postmedia.digital
securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 identity.mparticle.com jssdkcdns.mparticle.com
4 d395dw5zk780j2.cloudfront.net fem.prod.postmedia.digital
d395dw5zk780j2.cloudfront.net
4 fonts.gstatic.com fonts.googleapis.com
4 c.amazon-adsystem.com cheet-4549-torontosun.gdev.postmedia.digital
c.amazon-adsystem.com
3 pixel.onaudience.com 3 redirects
3 token.rubiconproject.com 3 redirects
3 pippio.com 3 redirects
3 sync.1rx.io 3 redirects
3 pr-bh.ybp.yahoo.com 1 redirects u.openx.net
ads.pubmatic.com
3 ml314.com 1 redirects cheet-4549-torontosun.gdev.postmedia.digital
ml314.com
3 idsync.rlcdn.com 1 redirects cheet-4549-torontosun.gdev.postmedia.digital
ads.pubmatic.com
3 eb2.3lift.com 3 redirects
3 ads.pubmatic.com s.amazon-adsystem.com
ads.pubmatic.com
micro.rubiconproject.com
3 ups.analytics.yahoo.com 2 redirects us-u.openx.net
3 x.bidswitch.net 3 redirects
3 p.adsymptotic.com 1 redirects cheet-4549-torontosun.gdev.postmedia.digital
us-u.openx.net
3 px.ads.linkedin.com 3 redirects
3 sandbox.tinypass.com fem.prod.postmedia.digital
sandbox.tinypass.com
3 pixel.adsafeprotected.com cdn.adsafeprotected.com
cheet-4549-torontosun.gdev.postmedia.digital
2 gum.criteo.com 1 redirects static.criteo.net
2 config.lrcontent.com auth.lrcontent.com
2 pubmatic-match.dotomi.com 2 redirects
2 io.narrative.io 1 redirects ads.pubmatic.com
2 visitor.fiftyt.com 1 redirects ads.pubmatic.com
2 loada.exelator.com 2 redirects
2 pixel.advertising.com 2 redirects
2 pixel.tapad.com 1 redirects us-u.openx.net
2 pixel-sync.sitescout.com 2 redirects
2 sync.ipredictive.com 2 redirects
2 rtb.openx.net 1 redirects us-u.openx.net
2 js-sec.indexww.com micro.rubiconproject.com
ssum-sec.casalemedia.com
2 simage4.pubmatic.com ads.pubmatic.com
2 static.criteo.net micro.rubiconproject.com
static.criteo.net
2 static.adsafeprotected.com pixel.adsafeprotected.com
cheet-4549-torontosun.gdev.postmedia.digital
2 id.rlcdn.com 1 redirects eus.rubiconproject.com
2 ad.turn.com 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 c1.adform.net 1 redirects ads.pubmatic.com
2 image6.pubmatic.com ads.pubmatic.com
2 creativecdn.com 2 redirects
2 bttrack.com 2 redirects
2 aa.agkn.com cheet-4549-torontosun.gdev.postmedia.digital
ads.pubmatic.com
2 ap.lijit.com 1 redirects s.amazon-adsystem.com
2 u.openx.net 1 redirects s.amazon-adsystem.com
2 www.google.ca cheet-4549-torontosun.gdev.postmedia.digital
2 sync.srv.stackadapt.com 2 redirects
2 www.facebook.com cheet-4549-torontosun.gdev.postmedia.digital
2 consumer.krxd.net cdn.krxd.net
2 googleads.g.doubleclick.net 1 redirects www.googleadservices.com
2 api.sail-personalize.com ak.sail-horizon.com
2 connect.facebook.net cheet-4549-torontosun.gdev.postmedia.digital
connect.facebook.net
2 www.googleadservices.com www.googletagmanager.com
www.googleadservices.com
2 fastlane.rubiconproject.com micro.rubiconproject.com
2 htlb.casalemedia.com micro.rubiconproject.com
2 www.googletagmanager.com fem.prod.postmedia.digital
1 mug.criteo.com
1 assets.ribn.com cheet-4549-torontosun.gdev.postmedia.digital
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 sync.extend.tv 1 redirects
1 rtb.adentifi.com ads.pubmatic.com
1 tags.bluekai.com ads.pubmatic.com
1 dis.criteo.com ads.pubmatic.com
1 match.deepintent.com ads.pubmatic.com
1 sync.technoratimedia.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 bh.contextweb.com 1 redirects
1 acdn.adnxs.com micro.rubiconproject.com
1 jssdks.mparticle.com jssdkcdns.mparticle.com
1 www.googletagservices.com securepubads.g.doubleclick.net
1 um.simpli.fi 1 redirects
1 tags.rd.linksynergy.com 1 redirects
1 pixel-us-east.rubiconproject.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 data.adsrvr.org 1 redirects
1 aorta.clickagy.com 1 redirects
1 secure.adnxs.com 1 redirects
1 stags.bluekai.com 1 redirects
1 c2-sandbox.piano.io sandbox.tinypass.com
1 ums.acuityplatform.com 1 redirects
1 dmx.us-east-34.districtm.io cheet-4549-torontosun.gdev.postmedia.digital
1 9ab1a5e59a6ae4f1c380e4ad20393179.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 t.co cheet-4549-torontosun.gdev.postmedia.digital
1 analytics.twitter.com static.ads-twitter.com
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.ca securepubads.g.doubleclick.net
1 px4.ads.linkedin.com 1 redirects
1 www.linkedin.com 1 redirects
1 p1.parsely.com cheet-4549-torontosun.gdev.postmedia.digital
1 static.ads-twitter.com cheet-4549-torontosun.gdev.postmedia.digital
1 snap.licdn.com www.googletagmanager.com
1 cdn.parsely.com www.googletagmanager.com
1 postmedia-d.openx.net micro.rubiconproject.com
1 bidder.criteo.com micro.rubiconproject.com
1 hbopenbid.pubmatic.com micro.rubiconproject.com
1 cdn.jsdelivr.net micro.rubiconproject.com
1 ads.rubiconproject.com micro.rubiconproject.com
1 jssdkcdns.mparticle.com fem.prod.postmedia.digital
1 fem.prod.postmedia.digital cheet-4549-torontosun.gdev.postmedia.digital
1 ak.sail-horizon.com cheet-4549-torontosun.gdev.postmedia.digital
1 auth.lrcontent.com cheet-4549-torontosun.gdev.postmedia.digital
1 www.npttech.com cheet-4549-torontosun.gdev.postmedia.digital
1 fonts.googleapis.com cheet-4549-torontosun.gdev.postmedia.digital
1 cdn.adsafeprotected.com cheet-4549-torontosun.gdev.postmedia.digital
1 hb.districtm.io cheet-4549-torontosun.gdev.postmedia.digital
1 micro.rubiconproject.com cheet-4549-torontosun.gdev.postmedia.digital
363 135
Subject Issuer Validity Valid
cheet-4549-driving.gdev.postmedia.digital
R3		 2022-01-31 -
2022-05-01		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
districtm.io
Cloudflare Inc ECC CA-3		 2021-06-02 -
2022-06-01		 a year crt.sh
*.adsafeprotected.com
Amazon		 2021-07-21 -
2022-08-19		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-05 -
2022-07-04		 a year crt.sh
ak.sail-horizon.com
Amazon		 2022-01-06 -
2023-02-02		 a year crt.sh
fem.prod.postmedia.digital
Amazon		 2021-11-08 -
2022-12-06		 a year crt.sh
smartcdn.gprod.postmedia.digital
GTS CA 1D4		 2021-12-16 -
2022-03-16		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
jssdkcdns.mparticle.com
R3		 2021-12-27 -
2022-03-27		 3 months crt.sh
cdn.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-30 -
2022-12-29		 a year crt.sh
fw.adsafeprotected.com
Amazon		 2021-08-11 -
2022-09-09		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2021-08-04 -
2022-09-04		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-14 -
2022-04-06		 6 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-26		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
identity.mparticle.com
Go Daddy Secure Certificate Authority - G2		 2021-07-07 -
2022-08-08		 a year crt.sh
*.parsely.com
Amazon		 2021-07-05 -
2022-08-03		 a year crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2021-07-15 -
2022-07-20		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-11-10 -
2022-02-08		 3 months crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-21 -
2022-07-26		 a year crt.sh
*.piano.io
Sectigo RSA Domain Validation Secure Server CA		 2021-08-19 -
2022-09-18		 a year crt.sh
api.sail-personalize.com
Amazon		 2021-06-24 -
2022-07-23		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2021-07-14 -
2022-06-27		 a year crt.sh
*.google.ca
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-24 -
2022-03-23		 a year crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-24 -
2022-03-23		 a year crt.sh
consumer.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-13 -
2022-07-12		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.sharethrough.com
Amazon		 2021-08-13 -
2022-09-11		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.ml314.com
Amazon		 2021-12-17 -
2023-01-14		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-18 -
2022-07-13		 6 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2021-04-22 -
2022-05-21		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-24		 3 months crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh
jssdks.mparticle.com
R3		 2021-12-27 -
2022-03-27		 3 months crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.agkn.com
RapidSSL RSA CA 2018		 2020-07-25 -
2022-09-18		 2 years crt.sh
adentifi.com
Amazon		 2021-09-04 -
2022-10-03		 a year crt.sh
*.ribn.com
Amazon		 2021-09-20 -
2022-10-19		 a year crt.sh

This page contains 36 frames:

Primary Page: https://cheet-4549-torontosun.gdev.postmedia.digital/
Frame ID: 13A2143EDD388DA329D53B854E7262B5
Requests: 211 HTTP requests in this frame

Frame: https://d395dw5zk780j2.cloudfront.net/v49.3/xd.html
Frame ID: 35CDB7FCC9788B235B1600742FB156AE
Requests: 2 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 7CD28A9911315E95A80BEF45955DDB7B
Requests: 10 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: AE0938074F76A606BF5E6471A1A36213
Requests: 18 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&dcc=t
Frame ID: 95C587B4C7ADA8EC098470FCA55FA120
Requests: 1 HTTP requests in this frame

Frame: https://9ab1a5e59a6ae4f1c380e4ad20393179.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 6BF258618653D7855F6FF6628FE06D57
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Frame ID: 7A9237170988924E429A438B9588B927
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: F6E493E47BA5DE2FB3DDDA3F81DAE40C
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Frame ID: EF13CB0281BFF0E25F1CC5534960B880
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: 5D3038F8823ED08FCC460AFBA3E9269F
Requests: 11 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: E5EEBA24A8FF8FD5C24A4BE496CECD80
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=6020183768421938910&ex=districtm
Frame ID: 8DD01D96B72088603B6E95424B14AA99
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=6020183768421938910&ex=appnexus.com
Frame ID: B248CA399E5C394BD7C697E0E86B1FAE
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Frame ID: FF859EA85857B6CB13B573C151B201E2
Requests: 7 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
Frame ID: F6D080322AFCF0A1065490520981A851
Requests: 3 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=786745617440568970889
Frame ID: 6BBC6D09632858F36A2568BC924EC645
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=AC76E529-C2E3-4CA5-986B-00E047C2FEE7
Frame ID: 1D8CB9AFE6E9832587AA590AE18BF7B0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YfhJcQACw9fZHgBB&gdpr=0&gdpr_consent=
Frame ID: 8F2387FE6562E5C3DB88A72D2F79E3DE
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=AC76E529-C2E3-4CA5-986B-00E047C2FEE7&ex=pubmatic.com
Frame ID: 5932E2B19E6206B6850C1D953F1B54B5
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 7273B52E31C46093C3E8B963A7F7E104
Requests: 1 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=928934&campId=300x250&pubId=4811995650&chanId=165440461&placementId=5887583179&pubCreative=138378607954&pubOrder=2967187390&cb=275399176&custom=index&custom2=1&adsafe_par&impId=255481cb-82d6-11ec-8962-0a6f860e8f41
Frame ID: CB4A8A56CB79795810B7D21A57B7E2CE
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuUGmHu0N74ydipp1T-LTAFG5rWcPhSig2CaYLAkglddK_IDoELB-9Pqh3Td57ncgd6cl1DvelUEJhNyxZF-UdYdGiCtM70QAAIEgzJHPeXgQtRx0CzWBrQh-bnbcGCT479izoGJG6BPIytQTvAfw69cp0VPdkCghS-nC5pPFgbk4-Qkhg9PMAe-QPKkjAHatN2TJD1HXHBrXequkBld2c8LIJFcHRd0AfKzxB3qObOnGhraxmTYHweB2D7MDdndk7Qa5oQNlptrG680D1_yR5LBz-tJRxps0oFq5_oAOLGOUay01xaQ9cYIa4EFA8Ci-MTziIIbz0mpUWopBZwLF5zqRj62qZcZBiyemK0VBE&sai=AMfl-YTk4fZkRkzsYOAaMbBcQSGLbNv6iN2qKC0hM8tE3myc3VxXGfRPhiaEUN4C4vCTDm_oYp4XelIUz4vjVTW5iWoradtbXpFCUTqgQrKfaEpYq_fgQi-L6IBkm2Ap7dmUkUHI8mOKlZOrD7FMReGw&sig=Cg0ArKJSzLcu3k8AA6oUEAE&uach_m=[UACH]&adurl=
Frame ID: 27B0F403C02577D28A193260814B654A
Requests: 8 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: E4BAE6A5B03B5981989618C6A35BD7EF
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 88D9614DCDFE3BAB41EA8DAFA64551FC
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Frame ID: 6E2F74FF1387154F344BE561417A9EEA
Requests: 13 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 2BC03E498DF5A5303DB831283BFF058B
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=10&ph=eda0710e-2847-4e25-9f9c-d56d6d9d553e&gdpr=0
Frame ID: 5F1A7F9EACFE77CB0949E889DD851D98
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 4A46910A8CEA2826E7DA4193F3CD9F25
Requests: 2 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c28761f8-4971-4d00-9689-a84a9b360c6f&gdpr=0&gdpr_consent=
Frame ID: 584EEE434A2C7CAD467F8C67755A11AE
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADdZ07D8JMAAAwmlnCr5Q
Frame ID: 695C47B529571BE92B86BD0EC277B834
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 73DEACB6778EC6A0F72AF0660A11E18B
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 3EBAC2F5D00FEFD293CA7A94AB6C01B1
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://cheet-4549-torontosun.gdev.postmedia.digital/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 851ACFB309D1C1C6E4A81B724C06D413
Requests: 10 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=cheet-4549-torontosun.gdev.postmedia.digital
Frame ID: 735EB27A091C30EC3CD4C94705AB1E9A
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 139D7DE94CBFC90FC15622A724A849DA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 92F2460D8269AFDFA69DBB36B562E034
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home | Toronto Sun Home Page | Toronto SunToronto SunUserToggle menuClose menu

Page URL History Show full URLs

  1. http://cheet-4549-torontosun.gdev.postmedia.digital/ HTTP 308
    https://cheet-4549-torontosun.gdev.postmedia.digital/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

363
Requests

80 %
HTTPS

29 %
IPv6

82
Domains

135
Subdomains

88
IPs

7
Countries

2295 kB
Transfer

7150 kB
Size

140
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cheet-4549-torontosun.gdev.postmedia.digital/ HTTP 308
    https://cheet-4549-torontosun.gdev.postmedia.digital/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 166
  • https://sb.scorecardresearch.com/b?c1=2&c2=10276888&ns__t=1643661680636&ns_c=UTF-8&c8=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&c7=https%3A%2F%2Fcheet-4549-torontosun.gdev.postmedia.digital%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=10276888&ns__t=1643661680636&ns_c=UTF-8&c8=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&c7=https%3A%2F%2Fcheet-4549-torontosun.gdev.postmedia.digital%2F&c9=
Request Chain 172
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1747836&time=1643661680842&url=https%3A%2F%2Fcheet-4549-torontosun.gdev.postmedia.digital%2F HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1747836&time=1643661680842&url=https%3A%2F%2Fcheet-4549-torontosun.gdev.postmedia.digital%2F&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1747836%26time%3D1643661680842%26url%3Dhttps%253A%252F%252Fcheet-4549-torontosun.gdev.postmedia.digital%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1747836&time=1643661680842&url=https%3A%2F%2Fcheet-4549-torontosun.gdev.postmedia.digital%2F&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1747836&time=1643661680842&url=https%3A%2F%2Fcheet-4549-torontosun.gdev.postmedia.digital%2F&cookiesTest=true&liSync=true&e_ipv6=AQIxtelufCYAngAAAX6x3uJpLlbNYEbQcu97zwCEGXzOSnD6-E3eAPcNHZm9PiEwLWmxdRiUDg HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=fdf60331-5a70-40e1-88ff-aa1758d7ec96 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=fdf60331-5a70-40e1-88ff-aa1758d7ec96&_expected_cookie=02ee4c07a41c984ad9052c91d3adb5d6
Request Chain 180
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&dcc=t
Request Chain 190
  • https://sync-tm.everesttech.net/upi/pid/1477?redir=https%3A//dmx.us-east-34.districtm.io/s/10016/$%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/1477?redir=https%3A//dmx.us-east-34.districtm.io/s/10016/$%7BTM_USER_ID%7D&_test=YfhJcQACw9fZHgBB HTTP 302
  • https://dmx.us-east-34.districtm.io/s/10016/YfhJcQACw9fZHgBB&_test=YfhJcQACw9fZHgBB
Request Chain 191
  • https://x.bidswitch.net/sync?ssp=districtm&user_id=24Tjt4JybcWXBsrrd5EmPztnBGB HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=districtm&user_id=24Tjt4JybcWXBsrrd5EmPztnBGB HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=districtm&bsw_param=e8fe28ba-6592-4d87-837c-0ea289d44de3&google_hm=ZThmZTI4YmEtNjU5Mi00ZDg3LTgzN2MtMGVhMjg5ZDQ0ZGUz HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEFj6FfvM_DEsVe0jp7HXm3E&google_cver=1&ssp=districtm&bsw_param=e8fe28ba-6592-4d87-837c-0ea289d44de3 HTTP 302
  • https://dmx.districtm.io/s/10009/e8fe28ba-6592-4d87-837c-0ea289d44de3
Request Chain 192
  • https://ups.analytics.yahoo.com/ups/58377/occ?gdpr=&gdpr_consent= HTTP 302
  • https://dmx.districtm.io/s/10057/y-qxTTj8RE2uFOTRREZifQOxQRa8eTamDQTeLTixk-~A
Request Chain 193
  • https://ums.acuityplatform.com/tum?umid=137&rurl=https%3A%2F%2Fdmx.districtm.io%2Fs%2F10022%2F___AUID___ HTTP 302
  • https://dmx.districtm.io/s/10022/643968922486
Request Chain 194
  • https://sync.srv.stackadapt.com/sync?nid=132 HTTP 302
  • https://dmx.districtm.io/s/10026/LxJsYf5HSBhif2Rjj2-VSpU4mb0
Request Chain 195
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/580448699/?random=2043507900&cv=9&fst=1643661680956&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1q0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fcheet-4549-torontosun.gdev.postmedia.digital%2F&tiba=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&auid=1788810653.1643661681&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=cEn4YejwO4GYxAPvmoKoDw&sscte=1&crd=CNPgGw&eitems=ChAIgK7ejwYQptXfr_213t8rEh0AkHH0nDc4bpo6RGfpKwlgpSjFLkJEsF76clCQPg HTTP 302
  • https://www.google.com/pagead/1p-conversion/580448699/?random=2043507900&cv=9&fst=1643661680956&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1q0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fcheet-4549-torontosun.gdev.postmedia.digital%2F&tiba=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&auid=1788810653.1643661681&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=cEn4YejwO4GYxAPvmoKoDw&cid=CAQSKQCNIrLMYW_KT8tF64ZP32WMDzCuJBnRmB2I4eXzFOX9hdm6lLB5lh1e&eitems=ChAIgK7ejwYQptXfr_213t8rEh0AkHH0nF594-LhhNGNY9zYvZo1XyZ1oBAcbl4kCQ&random=2270932012&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.ca/pagead/1p-conversion/580448699/?random=2043507900&cv=9&fst=1643661680956&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1q0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fcheet-4549-torontosun.gdev.postmedia.digital%2F&tiba=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&auid=1788810653.1643661681&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=cEn4YejwO4GYxAPvmoKoDw&cid=CAQSKQCNIrLMYW_KT8tF64ZP32WMDzCuJBnRmB2I4eXzFOX9hdm6lLB5lh1e&eitems=ChAIgK7ejwYQptXfr_213t8rEh0AkHH0nF594-LhhNGNY9zYvZo1XyZ1oBAcbl4kCQ&random=2270932012&resp=GooglemKTybQhCsO&ipr=y&prhg=0
Request Chain 206
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=districtm HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=6020183768421938910&ex=districtm
Request Chain 207
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=6020183768421938910&ex=appnexus.com
Request Chain 208
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com HTTP 302
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Request Chain 209
  • https://cdn.districtm.io/ids/?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D HTTP 301
  • https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
Request Chain 210
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=786745617440568970889
Request Chain 213
  • https://usermatch.krxd.net/um/v2?partner=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=T29wcWxoUjI HTTP 302
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESECAO_ZIZoSMhiV4fs1RVpok&google_cver=1
Request Chain 214
  • https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=T29wcWxoUjI HTTP 302
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESECAO_ZIZoSMhiV4fs1RVpok&google_cver=1
Request Chain 216
  • https://stags.bluekai.com/site/26357?id=OopqlhR2&redir=https://beacon.krxd.net/usermatch.gif?_kuid%3DOopqlhR2%26partner%3Dbluekai%26bk_uuid%3D%24_BK_UUID HTTP 302
  • https://beacon.krxd.net/usermatch.gif?_kuid=OopqlhR2&partner=bluekai&bk_uuid=$_BK_UUID
Request Chain 218
  • https://sync-tm.everesttech.net/upi/pid/NC4WTmcy?redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner_id%3Dcb276571-e0d9-4438-9fd4-80a1ff034b01%26puid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner_id=cb276571-e0d9-4438-9fd4-80a1ff034b01&puid=YfhJcQACw9fZHgBB
Request Chain 219
  • https://usermatch.krxd.net/um/v2?partner=beeswax HTTP 302
  • https://match.prod.bidr.io/cookie-sync/krux?partner_user_id=OopqlhR2 HTTP 303
  • https://match.prod.bidr.io/cookie-sync/krux?partner_user_id=OopqlhR2&_bee_ppp=1 HTTP 303
  • https://beacon.krxd.net/usermatch.gif?partner=beeswax&partner_uid=AADdZ07D8JMAAAwmlnCr5Q
Request Chain 221
  • https://usermatch.krxd.net/um/v2?partner=neustar HTTP 302
  • https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=OopqlhR2
Request Chain 222
  • https://ssum-sec.casalemedia.com/usermatchredir?s=183716&cb=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcasale%26partner_uid%3D__UID__ HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcasale%26partner_uid%3D__UID__&s=183716&C=1 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=casale&partner_uid=YfhJceVlWSGxaq.ssoN7ZAAA%26461
Request Chain 223
  • https://sync.srv.stackadapt.com/sync?nid=salesforce HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=stackadapt&partner_uid=LxJsYf5HSBhif2Rjj2-VSpU4mb0
Request Chain 224
  • https://usermatch.krxd.net/um/v2?partner=triplelift&gdpr=0&cmp_cs=&us_privacy=undefined HTTP 302
  • https://eb2.3lift.com/xuid?mid=3587&xuid=OopqlhR2&dongle=13b2&rdir=https://beacon.krxd.net/usermatch.gif?partner%3Dtriplelift%26partner_uid%3D$UID&gdpr=0&cmp_cs=&us_privacy=undefined HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=triplelift&partner_uid=786745617440568970889
Request Chain 227
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YfhJcQACw9fZHgBB
Request Chain 229
  • https://match.adsrvr.org/track/cmf/openx?oxid=7f43c7ae-f77e-3d7b-6ad3-f45c75fe56f6&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=7f43c7ae-f77e-3d7b-6ad3-f45c75fe56f6&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=cd1d4203-2ece-4cd3-a1e0-da4cd49066e2&ttd_puid=7f43c7ae-f77e-3d7b-6ad3-f45c75fe56f6
Request Chain 231
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGDJmOtNotPdPvQj3HIx31I&google_cver=1
Request Chain 233
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1 HTTP 302
  • https://bttrack.com/pixel/cookiesync?source=d0afdff5-c51e-4a8d-b07b-b52a29015170&secure=1 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=FGhqNjC2WnFmmvNpTL32LMME&source_user_id=a506bad1-a9d1-49fb-bc85-22eebd4389ea
Request Chain 234
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sharethrough&ttd_tpi=1 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=cd1d4203-2ece-4cd3-a1e0-da4cd49066e2&gdpr=0&gdpr_consent=
Request Chain 235
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3 HTTP 302
  • https://u.openx.net/w/1.0/cm?id=7ead435e-a2cd-4cbf-8876-adb66822613f&ph=c6b01e12-aa62-4ae6-9e10-71346e597c31&r=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DF2Stothm3wg5g6opTuaPadz9%26source_user_id%3D HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=F2Stothm3wg5g6opTuaPadz9&source_user_id=b1203293-453a-0096-2f78-d2167f35f49e
Request Chain 236
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4 HTTP 302
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&source_user_id=$UID HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&source_user_id=6020183768421938910
Request Chain 239
  • https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=09afbc539a74a362701db9af&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=3&3pid=c28761f8-4971-4d00-9689-a84a9b360c6f&gdpr=0&gdpr_consent=
Request Chain 240
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1 HTTP 302
  • https://ce.lijit.com/merge?pid=86&3pid=0IOAgJ5SJ5taCjcHuGcj&pi=sovrn&gdpr_consent=&gdpr=0&tc=1
Request Chain 241
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=09afbc539a74a362701db9af&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=84&3pid=c:5a4b023959421b5a5a2e9b1c479f109d
Request Chain 242
  • https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=27&3pid=cd1d4203-2ece-4cd3-a1e0-da4cd49066e2&gdpr=0&gdpr_consent=
Request Chain 243
  • https://sync.1rx.io/usersync2/sovrn?gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/sovrn?zcc=1&cb=1643661681568 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4208365887 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/cd1d4203-2ece-4cd3-a1e0-da4cd49066e2 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-012edfff-d40f-49f1-b994-f8a8f3f5de2d-005?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D56%263pid%3DRX-012edfff-d40f-49f1-b994-f8a8f3f5de2d-005 HTTP 302
  • https://ce.lijit.com/merge?pid=56&3pid=RX-012edfff-d40f-49f1-b994-f8a8f3f5de2d-005
Request Chain 245
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=KZ35Q5J6-2-LCD3 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=KZ35Q5J6-2-LCD3&ex=d-rubiconproject.com&status=ok
Request Chain 248
  • https://dmx.districtm.io/s/v1/users/10002 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=dmx.com&id=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAyLCJ1c3IiOiJxZ1llc2dZYk1qUlVhblEwU25saVkxZFlRbk55Y21RMVJXMVFlblJ1UWtkQyJ9.BBkSBjeHclj6-vpg4foTEfMVosQY7CR0pyqyxQJFe04F6hWXPWYIY47fYTBR7rqZA34z798ws3cYMH70P5YD8g
Request Chain 250
  • https://c1.adform.net/serving/cookie/match?party=14&cid=AC76E529-C2E3-4CA5-986B-00E047C2FEE7 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=AC76E529-C2E3-4CA5-986B-00E047C2FEE7
Request Chain 251
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YfhJcQACw9fZHgBB&gdpr=0&gdpr_consent=
Request Chain 253
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=rHblKcLjTKWYawDgR8L-5w%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 254
  • https://idsync.rlcdn.com/420486.gif?partner_uid=AC76E529-C2E3-4CA5-986B-00E047C2FEE7 HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=ba0748a75a03dff6c76410920e5044e03291fc07159aff76cec6463c0a983d42791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBiYTA3NDhhNzVhMDNkZmY2Yzc2NDEwOTIwZTUwNDRlMDMyOTFmYzA3MTU5YWZmNzZjZWM2NDYzYzBhOTgzZDQyNzkxNDI2YjU0MTdkY2UyMRAAGgwI8ZLhjwYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBiYTA3NDhhNzVhMDNkZmY2Yzc2NDEwOTIwZTUwNDRlMDMyOTFmYzA3MTU5YWZmNzZjZWM2NDYzYzBhOTgzZDQyNzkxNDI2YjU0MTdkY2UyMRAAGgwI8ZLhjwYSBAgCEABCAEoA&google_gid=CAESENiDZApWpzYCnN6ljQUDByo&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=83453d62-f231-4982-8932-9b7e400e0cb6
Request Chain 255
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c28761f8-4971-4d00-9689-a84a9b360c6f
Request Chain 256
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QUM3NkU1MjktQzJFMy00Q0E1LTk4NkItMDBFMDQ3QzJGRUU3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 257
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFyOPctYvR5dqMZ_ZF9naQo&google_cver=1
Request Chain 258
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:CE8E56F9F9584FAD9E4F9985CF887D49
Request Chain 259
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2859497471008174543&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 260
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=fd377101-0354-4b3f-ba0f-c14800c651a0
Request Chain 261
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=c28761f8-4971-4d00-9689-a84a9b360c6f&expires=28
Request Chain 262
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ozNVE1SjYtMi1MQ0Qz
Request Chain 263
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIUte1vEnwhm7Nx3Uk9AqTM&google_cver=1
Request Chain 264
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=cd1d4203-2ece-4cd3-a1e0-da4cd49066e2&gdpr=0&gdpr_consent=&expires=30
Request Chain 266
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=M2ZhZWUwMmVmMjQ2OTg5NzM3ZWU2ZmM5YzY1MjMwODNlMDlhNTVmZA
Request Chain 267
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YfhJcQACw9fZHgBB
Request Chain 268
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/S1dQeuVaIFJW7bD0NbLxew?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5193203963314267733
Request Chain 269
  • https://ml314.com/csync.ashx?fp=OopqlhR2&person_id=3624816913356947499&eid=748&return=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dmadisonlogic%26partner_uid%3D3624816913356947499 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=madisonlogic&partner_uid=3624816913356947499
Request Chain 308
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=oBVNkl74hFWMp7jrpudsTA==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 309
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=536872786&val=c28761f8-4971-4d00-9689-a84a9b360c6f
Request Chain 310
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID} HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=28ca4745-82d6-11ec-8a96-67f41156c3d5
Request Chain 311
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=4&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=cb10bfa0-8a43-4be7-b111-742947030d35-61f84976-4341&gdpr=0&gdpr_consent=
Request Chain 312
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=793db452-ac79-00fc-2032-6c8a467297fa HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1955&partner_device_id=793db452-ac79-00fc-2032-6c8a467297fa
Request Chain 313
  • https://us-u.openx.net/w/1.0/cm?id=9e0a35ea-c8e3-4b1b-9efa-4af6f54a373e&r=https://pixel.advertising.com/ups/58294/sync?_origin=1&uid={OPENX_ID} HTTP 302
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&uid=51874427-2f14-0732-39f4-3556e25da29f HTTP 302
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&uid=51874427-2f14-0732-39f4-3556e25da29f&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=51874427-2f14-0732-39f4-3556e25da29f&apid=UP28cb0a25-82d6-11ec-ab1d-02694ef55315
Request Chain 314
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=2a85b8c8-3a39-0b1b-35aa-74af4c65372e HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=ba0748a75a03dff6c76410920e5044e03291fc07159aff76cec6463c0a983d42791426b5417dce21&_=2 HTTP 307
  • https://p.adsymptotic.com/d/px?_pid=13553&_psign=9e62e5c043ecadc9479a0ccac401dd7d
Request Chain 315
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=6020183768421938910
Request Chain 317
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2859497471008174543&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 319
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c28761f8-4971-4d00-9689-a84a9b360c6f&gdpr=0&gdpr_consent=
Request Chain 320
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEZFowN0Q4Sk1BQUF3bWxuQ3I1UQ&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AADdZ07D8JMAAAwmlnCr5Q&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Csyn%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Csyn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AADdZ07D8JMAAAwmlnCr5Q&pid=558502&do=add HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADdZ07D8JMAAAwmlnCr5Q&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsyn%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=syn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=7386982843298969964 HTTP 303
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AADdZ07D8JMAAAwmlnCr5Q&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D7386982843298969964%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?userid=7386982843298969964&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADdZ07D8JMAAAwmlnCr5Q
Request Chain 323
  • https://pixel.onaudience.com/?partner=214&mapped=AC76E529-C2E3-4CA5-986B-00E047C2FEE7 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=3b802ca9b379a15cd3a325e41baf630d HTTP 302
  • https://pixel.onaudience.com/?partner=109&icm&cver&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
  • https://tags.bluekai.com/site/33141?&id=0c4dc9d44e179db8
Request Chain 324
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=AC76E529-C2E3-4CA5-986B-00E047C2FEE7&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=AC76E529-C2E3-4CA5-986B-00E047C2FEE7&gdpr=&fbounce=1
Request Chain 326
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:AC76E529-C2E3-4CA5-986B-00E047C2FEE7 HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=28d5b871-82d6-11ec-9141-120bff9cc4e7&companyId=673&id=pubmatic_id:AC76E529-C2E3-4CA5-986B-00E047C2FEE7
Request Chain 328
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=AC76E529-C2E3-4CA5-986B-00E047C2FEE7&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-G3uadC5E2uVaD.5LgbA5o6FCV97NLcI-~A&gdpr=0&gdpr_consent=
Request Chain 329
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6020183768421938910&gdpr=0&gdpr_consent=
Request Chain 330
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=AC76E529-C2E3-4CA5-986B-00E047C2FEE7&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=79692ead5a831219&is_secure=true&networkId=17100&version=1&nuid=AC76E529-C2E3-4CA5-986B-00E047C2FEE7&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGbf6waz78ZQM3vB-yAAAAAAA&expiration=1643748086&nuid=AC76E529-C2E3-4CA5-986B-00E047C2FEE7&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 331
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=28d1c1a1-82d6-11ec-a9bf-a10e15a78249&gdpr=0&gdpr_consent=
Request Chain 334
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=cd1d4203-2ece-4cd3-a1e0-da4cd49066e2&expiration=1646253686&gdpr=0&gdpr_consent=
Request Chain 335
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YfhJceVlWSGxaq.ssoN7ZAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGyV0MKIi9RMIumtmHRz8gs&google_cver=1&google_hm=2
Request Chain 336
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YfhJceVlWSGxaq-ssoN7ZAAAAc0AAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENc8DQc9zim7ZaFKWbt0vwU&google_cver=1
Request Chain 338
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YfhJcQACw9fZHgBB
Request Chain 339
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=3ad77a2f-a7b8-4205-8f5c-5870f697b496
Request Chain 340
  • https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1 HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=a506bad1-a9d1-49fb-bc85-22eebd4389ea
Request Chain 341
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=c28761f8-4971-4d00-9689-a84a9b360c6f
Request Chain 352
  • https://sb.scorecardresearch.com/c2/10276888/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
Request Chain 362
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=postmedia.digital&sn=ChromeSyncframe&so=0&topUrl=cheet-4549-torontosun.gdev.postmedia.digital&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=6j7CyHxUcWljaHlYS0llKy80UVVCZEsybzhPb0dscktPQzE0KzNQMlZERlVoeG5qQ1FoNGt2MHVQdHVwdWFEdUppbUF0aTBLRDY2TkpYaEt2b1FXVFVWN3podkFJdlkwVllNcXJydTZ0dWREUWNaODE0M0tjR0p5SXdhdVI1SjFRMElUK05tdUdVK3JSblBJYmFzLzEvRWFkQTErS3V2Mm4wZVhEQWNndnFNS1RFREJ1MUg1ZWQzZXRUU3RpemVzVnRTSGd2WGo5ZGlHWVcraFpuNGljVmpPNUp6OVZLcE5icENVVFhsTXk1UDNqVmNYbHB4Ui8zQk05MnRPa3N4YkZuZW1ic2FkOXpDVWhjQlM5Y2VtSlVON1cwUT09fA&cppv=2

363 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
cheet-4549-torontosun.gdev.postmedia.digital/
Redirect Chain
  • http://cheet-4549-torontosun.gdev.postmedia.digital/
  • https://cheet-4549-torontosun.gdev.postmedia.digital/
557 KB
63 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
b414248bbcf7e8ecb52bb264ef9b47cbb5849d78cd7567262c8a44f6d53c4c6b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

date
Mon, 31 Jan 2022 20:41:19 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding user-agent
expires
Mon, 31 Jan 2022 20:46:12 GMT
cache-control
max-age=300
x-frame-options
SAMEORIGIN
x-pmd-backend
cheetah-nginx
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains

Redirect headers

Date
Mon, 31 Jan 2022 20:41:18 GMT
Content-Type
text/html
Content-Length
164
Connection
keep-alive
Location
https://cheet-4549-torontosun.gdev.postmedia.digital
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
sffe /
Resource Hash
27f01048ffdbc31ca37d71e9457adb9470bb379b31ed7e4f3799b79fd8887646
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27238
x-xss-protection
0
server
sffe
etag
"1118 / 6 of 1000 / last-modified: 1643638952"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 31 Jan 2022 20:41:19 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.137.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-137-197.ewr52.r.cloudfront.net
Software
Server /
Resource Hash
c7360a9b46fde11845b3090ca0034fb409d92398a71f3ae15fac3a2fa29ae6cc

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
geSt9cz1lsAtYP61GkP_lJF1zC5l7T_2
content-encoding
gzip
etag
a89a0f9aa62d9c46ee287cd1f0b6423d
age
81076
x-cache
Hit from cloudfront
server
Server
x-amz-rid
0HJ7PKWS3M5T362DTSV5
date
Sun, 30 Jan 2022 22:10:03 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 26bf46825c6bd12542772bad5a4d97b4.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
EWR52-C2
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
LnLmq_gE45ed0mUVD_EyzHpnBDIefRSBfY93jQxrGVm3VegCALKwAg==
14648.js
micro.rubiconproject.com/prebid/dynamic/ 		713 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://micro.rubiconproject.com/prebid/dynamic/14648.js
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.57.136.222 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-57-136-222.deploy.static.akamaitechnologies.com
Software
Apache / PHP/5.3.3
Resource Hash
21c95fcafee5a9e9b8930a8f4a9f5251aece00d59d493ed8e8ecae9a295fe613

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:19 GMT
content-encoding
gzip
last-modified
Mon, 31 Jan 2022 02:41:17 GMT
server
Apache
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
edge-cache-tag
prod-prebid-14648_postmedia_pbjs.js
content-type
text/plain; charset=UTF-8
access-control-expose-headers
x-trp-pba
cache-control
public, must-revalidate, max-age=14400
content-length
136098
x-trp-pba
{"ruleId":"1","rulePos":0,"ruleName":"Catch All Rule","wrapperName":"14648_postmedia_pbjs","isPrimary":true,"randomProb":63,"account":14648,"device":"desktop","country":"CA","host":"cheet-4549-torontosun.gdev.postmedia.digital","isMobile":false,"isTablet":false,"reqHost":"micro.rubiconproject.com","referrer":["https://cheet-4549-torontosun.gdev.postmedia.digital/"],"xForwardedFor":"","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36","query":"","ranAt":"2022-01-31T20:41:19.649Z","runId":"1643661679649-466","wrapperPath":"/prebid/14648_postmedia_pbjs.js","redirectUrl":"/prebid/get-wrapper/Catch%20All%20Rule/14648_postmedia_pbjs.js"}
expires
Tue, 01 Feb 2022 02:47:27 GMT
all.postmedia.js
hb.districtm.io/prod/100549/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.districtm.io/prod/100549/all.postmedia.js
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5f7c1c0cbec2c27d4165db4cd06b7780f477fc9161008bde67c7a9d62b223aa

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:19 GMT
via
1.1 3500217a9615be8281152e7c88016d27.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
5950
x-cache
Miss from cloudfront
cf-bgj
minify
content-encoding
br
last-modified
Thu, 10 Dec 2020 10:37:54 GMT
server
cloudflare
etag
W/"5f2e83162e71fb84bb30df8f49e91eee"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=43200
x-amz-cf-pop
YTO50-C3
cf-ray
6d65c299c9f85401-YYZ
x-amz-cf-id
oMLzit6jFwj77cuISbncmYKu6Otu__klaSHlOdizxtKrKjCVudcWUg==
expires
Tue, 01 Feb 2022 08:41:19 GMT
iasPET.1.js
cdn.adsafeprotected.com/ 		22 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.125.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-125-32.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 25 Jan 2022 23:34:42 GMT
Via
1.1 b45a69a5045b8813964c4110841f77f6.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Wed, 02 Jun 2021 17:38:57 GMT
Server
AmazonS3
Age
507998
ETag
"51636de3ce868a2172f9e6996c2934e0"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Cache-Control
max-age=604800
X-Amz-Cf-Pop
EWR52-C3
Accept-Ranges
bytes
Content-Length
22521
X-Amz-Cf-Id
G7ubbRW6v01N0OlQfkcqkjV7gDVhCHIVQLC3SrZ1JtVPl3Dm5KAFrw==
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3190a1bc7e5a6ac296dec0bc7e35476d8924f743968dbe480413bdbcabc5cc87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 31 Jan 2022 20:23:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 31 Jan 2022 20:41:19 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 31 Jan 2022 20:41:19 GMT
advertising.js
www.npttech.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.npttech.com/advertising.js
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:3c3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:19 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
511
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
JNMEQGQ9NJ9E6X1S
x-amz-id-2
fxImh/8M8kos4PfArLZQ66EMsMP9XUBIudAFPFkNaHH9tQrUf3+tzsmbOphXS4daZ7ig6eUbrKc=
last-modified
Wed, 19 Jun 2019 08:25:01 GMT
server
cloudflare
etag
W/"3d6f80c860866175f58a84bbbc9217c6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e2vVCIerIMVydDSMSMA6%2FeLzByqrY%2BbJwjSzQXnOqBE9ZbxdJm8l6drX0L9Jg1kIM04ncSp2PWhEysLGgViinTHPfgdNtqWhPq0Cbc5ruHFIgHSAWoD17xoUkelmvz72rBZAzTH7hjfmktqG0lw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=28800
x-amz-version-id
hXQWgdpwSBM26VgKOeTSlm.4VT89.h9w
cf-ray
6d65c29a6c897154-YUL
LoginRadiusV2.js
auth.lrcontent.com/v2/js/ 		199 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.lrcontent.com/v2/js/LoginRadiusV2.js
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:48e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68a335c0d87dce935fee1811892070e78c514828d50bfe2ae21fde739ec1002c
Security Headers
Name Value
Strict-Transport-Security max-age= 63072000; includeSubdomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:19 GMT
via
1.1 c1c976b1b60b605adb44f62da9e0bb8a.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
age
3326
cf-polished
origSize=1238069
x-cache
Miss from cloudfront
content-encoding
gzip
last-modified
Mon, 13 Dec 2021 05:19:58 GMT
server
cloudflare
etag
W/"ae3463c4a59ae100b160ed4dd5dbf4b8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age= 63072000; includeSubdomains; preload
content-type
application/javascript
cache-control
max-age=14400
x-amz-cf-pop
EWR52-C3
cf-ray
6d65c299c8e2ca4b-YUL
x-amz-cf-id
UKx_SLTr25mJR9OxZ3Jl1iZpjZMyCaPjbVBPFMpyn7yVrNt_E6CAIg==
cf-bgj
minify
spm.v1.min.js
ak.sail-horizon.com/spm/ 		121 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.42.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-42-98.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d06ae5e97e495832fc4526c3e93d7e9440f1faf5f77669b41678c9d564a25faf

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:37:02 GMT
content-encoding
gzip
last-modified
Tue, 08 Jun 2021 04:22:34 GMT
server
AmazonS3
age
258
etag
W/"b22b4f4738e8722be1636447be239da2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 bb784f1db0a47d55a8953c84e49cfa34.cloudfront.net (CloudFront)
cache-control
max-age=600; must-revalidate
x-amz-cf-pop
EWR52-C4
x-amz-cf-id
6D9H2N_KOryqVWdVDhmHb7TmBsT5QiG8g4ILGsXc8uBCUYQJWa9slA==
fem.js
fem.prod.postmedia.digital/v49.3/ 		278 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fem.prod.postmedia.digital/v49.3/fem.js
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.46.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-46-72.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dfdc1f05ccfc2cb2352ee1b2a6a0988d1525f7c67cb966dce430ae8c4231245d

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Origin
https://cheet-4549-torontosun.gdev.postmedia.digital
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:14 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
6
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Fri, 07 Jan 2022 18:28:01 GMT
server
AmazonS3
etag
W/"708d585ae8d9402a0a8a0f2ba56ac386"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 71963481e8787829babadbbb735376ee.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR52-C1
x-amz-cf-id
VwD5jKt5GGYwI4yeSY9nZ-hZ7PSuIVUsxKn-D6pck_nNqg22InQMxQ==
Riyaz-Hussein-2-e1642200533883.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/01/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/01/Riyaz-Hussein-2-e1642200533883.jpg?quality=90&strip=all&w=466&type=webp
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
35d35d4471641e28e9ca6e26a9a0b396fd61a8779a4e482eec5929e8f087b120

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 31 Jan 2022 06:06:42 GMT
via
1.1 google
server
nginx/1.19.10
cache-control
max-age=2592000,public
age
52477
etag
"71fbef935ce2428c732f2d33901d9052727ec7ce"
vary
Accept
content-type
image/webp
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-64c799cd7-9smrp
alt-svc
clear
content-length
18540
RODPHILLIPS-2020-12-30.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2020/12/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2020/12/RODPHILLIPS-2020-12-30.jpg?quality=90&strip=all&w=466&type=webp
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
9f24266c169705d9f255e52ea5880db34227b8e51f91f43cbd3e8ed5189bdf46

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 31 Jan 2022 06:06:42 GMT
via
1.1 google
server
nginx/1.19.10
cache-control
max-age=2592000,public
age
52477
etag
"10b50e7f482d3bbb8cf193ee95af03f9434b8c15"
vary
Accept
content-type
image/webp
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-64c799cd7-9smrp
alt-svc
clear
content-length
22436
man-hospital-e1578933678603.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2020/01/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2020/01/man-hospital-e1578933678603.jpg?quality=90&strip=all&w=466&type=webp
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
5a153dffcc7ded503310674cf4cf17b9de088da93dc1403a3065cbd416aedf29

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 31 Jan 2022 06:06:43 GMT
via
1.1 google
server
nginx/1.19.10
cache-control
max-age=2592000,public
age
52476
etag
"8d0373c7bef3e6f64de07ae7ae938d4d350af585"
vary
Accept
content-type
image/webp
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-64c799cd7-9smrp
alt-svc
clear
content-length
19560
BarbWP.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/01/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/01/BarbWP.jpg?quality=90&strip=all&w=466&type=webp
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
d11344d92d75aa78f523fc29ccd95ebc92af0012fe6e9bee839fd21534ef76c0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 31 Jan 2022 06:06:43 GMT
via
1.1 google
server
nginx/1.19.10
cache-control
max-age=2592000,public
age
52476
etag
"7d88d87335a3dfec17dc7d85fc42d69971769d92"
vary
Accept
content-type
image/webp
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-64c799cd7-9smrp
alt-svc
clear
content-length
41000
thumbnail_Image-e1642206338729.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/01/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/01/thumbnail_Image-e1642206338729.jpg?quality=90&strip=all&w=466&type=webp
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
53e2af5fe00ca353f3b981c50476e19bf9c7e962bea84d79bf88926e5e406b0f

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 31 Jan 2022 06:06:42 GMT
via
1.1 google
server
nginx/1.19.10
cache-control
max-age=2592000,public
age
52477
etag
"a0e43dc123c4f234bf90f8ec14cee47554b5a20a"
vary
Accept
content-type
image/webp
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-64c799cd7-6v79r
alt-svc
clear
content-length
30028
ICU-WP.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/01/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/01/ICU-WP.jpg?quality=90&strip=all&w=466&type=webp
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
92cb2b2123d5c0519ab7f0abec431ee733fdc4d69cf371f9a55e3012fea614c1

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 31 Jan 2022 06:06:43 GMT
via
1.1 google
server
nginx/1.19.10
cache-control
max-age=2592000,public
age
52476
etag
"6dfe5cb0e982bc1cde79694e48868e6fe16d98ab"
vary
Accept
content-type
image/webp
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-64c799cd7-9rpnw
alt-svc
clear
content-length
39416
MAXWELL-1-1-scaled-e1638980158843.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2021/12/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2021/12/MAXWELL-1-1-scaled-e1638980158843.jpg?quality=90&strip=all&w=466&type=webp
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
ace6a6b223be65a6a6ac22512a85447756c91e3e7c9de77ebf5bc1ed029ab510

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 31 Jan 2022 20:41:21 GMT
via
1.1 google
server
nginx/1.19.10
cache-control
max-age=2592000,public
etag
"46aa1b4ca254603ed3fb19e13e07d036e3ccda12"
vary
Accept
content-type
image/webp
x-cache-hit
miss
x-pmd-smart-cdn-proxy
thumbor-proxy-64c799cd7-795nk
alt-svc
clear
content-length
50064
running-water-tap-getty-jan14.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/01/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/01/running-water-tap-getty-jan14.jpg?quality=90&strip=all&w=466&type=webp
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
ce50c41dcedcc5d4e7de786be4cef33a86d902d1255aa6125c1815d94ac827fe

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 31 Jan 2022 20:41:28 GMT
via
1.1 google
server
nginx/1.19.10
cache-control
max-age=2592000,public
etag
"6a97309fd20d0813a68aa2fb530163a01e7bb63a"
vary
Accept
content-type
image/webp
x-cache-hit
miss
x-pmd-smart-cdn-proxy
thumbor-proxy-64c799cd7-795nk
alt-svc
clear
content-length
11140
KOREAMISSILE-2022-01-14.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/01/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/01/KOREAMISSILE-2022-01-14.jpg?quality=90&strip=all&w=466&type=webp
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
17c0bebd31068ed4e5257fe396e8d332921e328deaba0a1588d961130571b5af

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 31 Jan 2022 20:41:22 GMT
via
1.1 google
server
nginx/1.19.10
cache-control
max-age=2592000,public
etag
"d819ee82c4fcd1393999cc0e61b8e9e65a203b48"
vary
Accept
content-type
image/webp
x-cache-hit
miss
x-pmd-smart-cdn-proxy
thumbor-proxy-64c799cd7-9smrp
alt-svc
clear
content-length
38518
business-wire-logo.svg
cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/websites/images/common/ 		11 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/websites/images/common/business-wire-logo.svg
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
7fb15552a88b764ca42963e71136255cecf99c6bccc6fdc68fbe0f930a516cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
public
date
Mon, 31 Jan 2022 20:41:19 GMT
content-encoding
gzip
last-modified
Mon, 31 Jan 2022 20:23:08 GMT
etag
W/"61f8452c-2b6a"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Thu, 26 Jan 2023 20:41:19 GMT
globe-newswire.svg
cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/websites/images/common/ 		14 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/websites/images/common/globe-newswire.svg
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
ca157b8a9c98a19c0446a974ea642d13e3b3398f328d312fd474df9f63c45fe9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
public
date
Mon, 31 Jan 2022 20:41:19 GMT
content-encoding
gzip
last-modified
Mon, 31 Jan 2022 20:23:08 GMT
etag
W/"61f8452c-3750"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Thu, 26 Jan 2023 20:41:19 GMT
icon-soc-fb.svg
cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/websites/images/share-icons/ 		775 B
692 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/websites/images/share-icons/icon-soc-fb.svg
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
40e562e806ce113ae7879d0dd76db82797b5c274794751c260381f2c8b283641
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
public
date
Mon, 31 Jan 2022 20:41:19 GMT
content-encoding
gzip
last-modified
Mon, 31 Jan 2022 20:23:08 GMT
etag
W/"61f8452c-307"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Thu, 26 Jan 2023 20:41:19 GMT
icon-soc-tw.svg
cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/websites/images/share-icons/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/websites/images/share-icons/icon-soc-tw.svg
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
975a64dc9bbc5e1884ba8ca2e76d9b2791d16d5c9f3619bf30477cd21a8636d2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
public
date
Mon, 31 Jan 2022 20:41:19 GMT
content-encoding
gzip
last-modified
Mon, 31 Jan 2022 20:23:08 GMT
etag
W/"61f8452c-6a2"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Thu, 26 Jan 2023 20:41:19 GMT
icon-soc-yt.svg
cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/websites/images/share-icons/ 		744 B
688 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/websites/images/share-icons/icon-soc-yt.svg
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
99394b0f6e9f0aefd71dd6a9ad59129ff7852e7734905bead2f2cec5789e3436
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
public
date
Mon, 31 Jan 2022 20:41:19 GMT
content-encoding
gzip
last-modified
Mon, 31 Jan 2022 20:23:08 GMT
etag
W/"61f8452c-2e8"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Thu, 26 Jan 2023 20:41:19 GMT
icon-soc-ig.svg
cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/websites/images/share-icons/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/websites/images/share-icons/icon-soc-ig.svg
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
179f43e8abd5e7bd49d05571dc29d22c9f5044eb17ca8253a49e3e28e716af61
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
public
date
Mon, 31 Jan 2022 20:41:19 GMT
content-encoding
gzip
last-modified
Mon, 31 Jan 2022 20:23:08 GMT
etag
W/"61f8452c-76a"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Thu, 26 Jan 2023 20:41:19 GMT
truncated
/ 		256 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3fde76cacc186420d0405496f66f9cd00a7c14a38a9ffa4b626a09affe83cc2a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cheet-4549-torontosun.gdev.postmedia.digital
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 29 Jan 2022 07:38:42 GMT
x-content-type-options
nosniff
age
219757
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sun, 29 Jan 2023 07:38:42 GMT
icon-generic-play.svg
cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/websites/images/common-icon/ 		1 KB
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/websites/images/common-icon/icon-generic-play.svg?604c0e80ab1f
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
2f28c008f0ce667d697ccc95a07377e8562c0c28dd910f864724a265f75671e4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
public
date
Mon, 31 Jan 2022 20:41:19 GMT
content-encoding
gzip
last-modified
Mon, 31 Jan 2022 20:23:08 GMT
etag
W/"61f8452c-443"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Thu, 26 Jan 2023 20:41:19 GMT
NGSpv5_NC0k9P_v6ZUCbLRAHxK1EbiusdUmm.woff2
fonts.gstatic.com/s/heebo/v15/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/heebo/v15/NGSpv5_NC0k9P_v6ZUCbLRAHxK1EbiusdUmm.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d39d2581b21c1ba1194c85d32940c69e206e48f8fc8834306682824e3ee5d487
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cheet-4549-torontosun.gdev.postmedia.digital
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 14:32:49 GMT
x-content-type-options
nosniff
age
367710
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10340
x-xss-protection
0
last-modified
Wed, 15 Dec 2021 03:01:33 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 27 Jan 2023 14:32:49 GMT
carousel-previous.svg
cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/websites/images/common-icon/ 		1 KB
873 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/websites/images/common-icon/carousel-previous.svg?604c0e80ab1f
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
e5bab9427ec1d36c811e3ca40b2a1014b330dea0fc48b787041c572e1fdc4f28
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
public
date
Mon, 31 Jan 2022 20:41:19 GMT
content-encoding
gzip
last-modified
Mon, 31 Jan 2022 20:23:08 GMT
etag
W/"61f8452c-4b4"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Thu, 26 Jan 2023 20:41:19 GMT
carousel-next.svg
cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/websites/images/common-icon/ 		1 KB
872 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/websites/images/common-icon/carousel-next.svg?604c0e80ab1f
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
b510ee91066f77f938f78422378a73f44818d0ee661c0ccb5ad398cc7dd6b080
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
public
date
Mon, 31 Jan 2022 20:41:19 GMT
content-encoding
gzip
last-modified
Mon, 31 Jan 2022 20:23:08 GMT
etag
W/"61f8452c-4b4"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Thu, 26 Jan 2023 20:41:19 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cheet-4549-torontosun.gdev.postmedia.digital
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:30:30 GMT
x-content-type-options
nosniff
age
389449
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 27 Jan 2023 08:30:30 GMT
PN_xRfK9oXHga0XdZsg_.woff2
fonts.gstatic.com/s/martel/v9/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/martel/v9/PN_xRfK9oXHga0XdZsg_.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b52af4f6849257bb609f2078d51dc45ad49c0f9b5ff217cf6f9c1c8afcb9a8df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cheet-4549-torontosun.gdev.postmedia.digital
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 00:10:59 GMT
x-content-type-options
nosniff
age
419420
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18860
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:10:38 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 27 Jan 2023 00:10:59 GMT
postmedia-image-fallback.webp
cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/websites/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/websites/images/postmedia-image-fallback.webp
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
179c493864283938999b1e6cfb14839f78f9b25d1ec30faabbf9ea18216b23e5
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
public
date
Mon, 31 Jan 2022 20:41:19 GMT
last-modified
Mon, 31 Jan 2022 20:23:08 GMT
etag
"61f8452c-b76"
x-pmd-backend
cheetah-nginx
strict-transport-security
max-age=15724800; includeSubDomains
content-type
image/webp
cache-control
max-age=31104000, public
accept-ranges
bytes
content-length
2934
expires
Thu, 26 Jan 2023 20:41:19 GMT
shared.d34f1f5b282b.js
cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/CACHE/js/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/CACHE/js/shared.d34f1f5b282b.js
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
d34f1f5b282bd8ea254ef40e7f6d7a4ba4399e5e71324f45619ba0034cfddac7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Origin
https://cheet-4549-torontosun.gdev.postmedia.digital
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
public
date
Mon, 31 Jan 2022 20:41:19 GMT
content-encoding
gzip
last-modified
Mon, 31 Jan 2022 20:23:13 GMT
etag
W/"61f84531-5e02"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Thu, 26 Jan 2023 20:41:19 GMT
main.9f8ffd0b38bc.js
cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/CACHE/js/ 		95 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/CACHE/js/main.9f8ffd0b38bc.js
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
9f8ffd0b38bc5e22245c02bdf6c4f492fc20bbd187186f9c707a202f44f6eef9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Origin
https://cheet-4549-torontosun.gdev.postmedia.digital
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
public
date
Mon, 31 Jan 2022 20:41:19 GMT
content-encoding
gzip
last-modified
Mon, 31 Jan 2022 20:23:13 GMT
etag
W/"61f84531-17bd2"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Thu, 26 Jan 2023 20:41:19 GMT
xd.html
d395dw5zk780j2.cloudfront.net/v49.3/ Frame 35CD 		167 B
517 B 		Document
General
Check archive.org
Download Go to
Full URL
https://d395dw5zk780j2.cloudfront.net/v49.3/xd.html
Requested by
Host: fem.prod.postmedia.digital
URL: https://fem.prod.postmedia.digital/v49.3/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2140:c000:8:f216:eb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0fbc907061b6169dcb1fb510d8e037414886f7c2d0782747392db7c423b89116

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/

Response headers

content-type
text/html
content-length
167
date
Mon, 10 Jan 2022 07:00:26 GMT
last-modified
Fri, 07 Jan 2022 18:28:01 GMT
etag
"2b729af275b2d9cef65cdefa704be2dd"
cache-control
max-age=31536000
accept-ranges
bytes
server
AmazonS3
x-cache
Hit from cloudfront
via
1.1 1bbfa275cce73ba7a423bc907239dede.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C1
x-amz-cf-id
bjqeo5FkMwRfsIiSUdhELcRV1BYoq3f4Kb18_pbR6tBSVvevdNV-8g==
age
1863655
4db686234b10f4e96bda.js
d395dw5zk780j2.cloudfront.net/v49.3/chunks/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d395dw5zk780j2.cloudfront.net/v49.3/chunks/4db686234b10f4e96bda.js
Requested by
Host: fem.prod.postmedia.digital
URL: https://fem.prod.postmedia.digital/v49.3/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2140:c000:8:f216:eb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
be12dbeb382f6fc2d39357443b3b916558e51163e8791329ec55d5ac9d75dca8

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 07:00:26 GMT
content-encoding
gzip
last-modified
Fri, 07 Jan 2022 18:28:02 GMT
server
AmazonS3
age
1863655
etag
W/"cf9de553a10070be7980e2ccb4e5087c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 1bbfa275cce73ba7a423bc907239dede.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR52-C1
x-amz-cf-id
y1d3gsCiiPj7luWmIzVclnuieGPRvTdwUOt6JYBkZ1JJkMRuz_mOrQ==
gtm.js
www.googletagmanager.com/ 		472 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer
Requested by
Host: fem.prod.postmedia.digital
URL: https://fem.prod.postmedia.digital/v49.3/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ecccf884df25a44192c5c63c92604d1e5fb131446606c63dd42146373469bc52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
107887
x-xss-protection
0
last-modified
Mon, 31 Jan 2022 18:57:42 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 31 Jan 2022 20:41:20 GMT
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: fem.prod.postmedia.digital
URL: https://fem.prod.postmedia.digital/v49.3/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.46.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-46-48.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 08:41:46 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
55777
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d57e92f55da6364b30f6b45e435b7b20.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C1
x-amz-cf-id
09w_r1ppKd0ADevlmKqA6a7Tmdjsh7VJH91PjSwmOZUKNa-l4NOb7Q==
mparticle.js
jssdkcdns.mparticle.com/js/v2/us1-a9588c0ddc27594cabd152e47ffe27ee/ 		184 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jssdkcdns.mparticle.com/js/v2/us1-a9588c0ddc27594cabd152e47ffe27ee/mparticle.js
Requested by
Host: fem.prod.postmedia.digital
URL: https://fem.prod.postmedia.digital/v49.3/fem.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
34c4351e0ce42542bb0657355bfd91b4cb376ffce3bfc7de9ab1be8652124e3e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
via
1.1 varnish, 1.1 varnish
age
1320
x-origin-name
fastlyshield--shield_ssl_cache_iad_kcgs7200048_IAD
x-cache
HIT, HIT
x-cache-hits
1, 1
content-encoding
gzip
content-length
48359
x-served-by
cache-iad-kcgs7200048-IAD, cache-yul12822-YUL
server
Kestrel
x-timer
S1643661680.077769,VS0,VE1
vary
Accept, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 31 Jan 2022 21:19:19 GMT
uep0921xz.js
cdn.krxd.net/controltag/ 		26 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/controltag/uep0921xz.js
Requested by
Host: fem.prod.postmedia.digital
URL: https://fem.prod.postmedia.digital/v49.3/fem.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
db8b7bd8e3b47a8bf8cbd86926a7ca3e25ba931575b0d0148c66da50cbc2e763

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Mon, 31 Jan 2022 20:41:20 GMT
via
1.1 varnish, 1.1 varnish
age
525
x-cache
MISS, HIT, HIT
x-app-cache
HIT
x-age
0
content-encoding
gzip
content-length
5903
x-served-by
config-service-a005-ash-prod.krxd.net, cache-iad-kcgs7200157-IAD, cache-yul12827-YUL
x-response-time
0
x-do-esi
esi
x-timer
S1643661680.085126,VS0,VE0
etag
"846ce8ae9b8beb7ffe4e3ce35fef56e9639ac55f"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 1, 21
gtm.js
www.googletagmanager.com/ 		115 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer
Requested by
Host: fem.prod.postmedia.digital
URL: https://fem.prod.postmedia.digital/v49.3/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
49192dffcb73e397680434bf06974fbe1db8db0c7e3eacfcf94f4d8dfa0c490d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42914
x-xss-protection
0
last-modified
Mon, 31 Jan 2022 18:57:42 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 31 Jan 2022 20:41:20 GMT
pubads_impl_2022012701.js
securepubads.g.doubleclick.net/gpt/ 		355 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
sffe /
Resource Hash
97f59ccead873800701418302300e1c43fc7d41efe5aeb412d8279fefd5cd913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 11:31:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
378618
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122333
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 09:34:36 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 27 Jan 2023 11:31:02 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		123 B
136 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=cheet-4549-torontosun.gdev.postmedia.digital
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
cafe /
Resource Hash
8805c0ffda96c3ce16da3cb3a665ad3cc32d162e3cf6b6ff969904bf3dec6be5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 20:41:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
111
x-xss-protection
0
expires
Mon, 31 Jan 2022 20:41:20 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		0
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3528&u=https%3A%2F%2Fcheet-4549-torontosun.gdev.postmedia.digital
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.137.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-137-197.ewr52.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:13 GMT
via
1.1 26bf46825c6bd12542772bad5a4d97b4.cloudfront.net (CloudFront)
server
Server
age
6
x-cache
Hit from cloudfront
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
EWR52-C2
x-amz-cf-id
P3f2zoxdNtGU4QiQTYBicOZrB3BYOoLn7anpldpNMbtbL7aUSEO79w==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.137.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-137-197.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:21 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
x-amz-cf-pop
EWR52-C2
x-cache
Miss from cloudfront
access-control-allow-origin
*
last-modified
Fri, 21 Jan 2022 02:54:57 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
eaU6ir6qmGswM2SGRmLi7PKhBcBrRdvn
via
1.1 b4396731a9663e6ea5f94926a9a70198.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
content-type
application/javascript
x-amz-cf-id
5VW7Ump2IKUnjQ6qKRGfgnPgS_QC11u9eKyP15jn-y76bWA_cJnEhA==
14648-pbjs-floors.json
ads.rubiconproject.com/floors/ 		43 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/floors/14648-pbjs-floors.json
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.57.136.222 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-57-136-222.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2b32962e9a9201051cf83d13035f3595c28be101477a26abc9b70b93050b1a3d

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
content-encoding
gzip
last-modified
Mon, 31 Jan 2022 19:41:01 GMT
server
Apache
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1500
access-control-allow-credentials
true
accept-ranges
bytes
content-length
3174
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220131
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e17015d0c998495d78087eec7a8017798a0137a15dc8487adf936e81522dd116
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
20399
x-jsd-version
1.0.1239
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19133-FRA, cache-yyz4520-YYZ
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"69d-K3MOFkCoAd0yNe1cWrUcd8LOf1o"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6d65c29d3c6aece6-YUL
pub
pixel.adsafeprotected.com/services/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=928934&slot=%7Bid:ad-1,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-2,ss:%5B6.6,1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-1,ss:%5B5.5%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-3,ss:%5B7.7,1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-2,ss:%5B5.5%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-4,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-3,ss:%5B5.5%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-5,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-6,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-7,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-6,ss:%5B5.5%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-8,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-7,ss:%5B5.5%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-9,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-10,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-11,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=3dd8a1c5-3caa-7528-53ee-a468c60a3733&url=https%253A%252F%252Fcheet-4549-torontosun.gdev.postmedia.digital%252F
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.164.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-164-51.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e115819eef9b2147d3ad8b3ef40487ede44852e4a63d9062cb1980eb41b7cd27

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
x-server-name
app36.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
server
nginx
index.html
cdn.districtm.io/ids/ Frame 7CD2 		116 B
318 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: hb.districtm.io
URL: https://hb.districtm.io/prod/100549/all.postmedia.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
content-type
text/html
cf-ray
6d65c29d6a495401-YYZ
age
30997
last-modified
Thu, 20 May 2021 02:18:27 GMT
via
1.1 329208680898f32bb765f36259ee06fe.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-cf-id
eyPbn2_Pyel0vY5apdhty5_XGcp0-Tbh8Rco8YnY6YPlRFSMVsEk4g==
x-amz-cf-pop
YTO50-C3
x-cache
Hit from cloudfront
vary
Accept-Encoding
server
cloudflare
content-encoding
br
v1
dmx.districtm.io/b/ 		0
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: hb.districtm.io
URL: https://hb.districtm.io/prod/100549/all.postmedia.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6d65c29d7a535401-YYZ
access-control-allow-headers
origin, content-type
v1
dmx.districtm.io/b/ 		0
38 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: hb.districtm.io
URL: https://hb.districtm.io/prod/100549/all.postmedia.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6d65c29d7a565401-YYZ
access-control-allow-headers
origin, content-type
3cd4e818e7f4b1f27650.js
d395dw5zk780j2.cloudfront.net/v49.3/chunks/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d395dw5zk780j2.cloudfront.net/v49.3/chunks/3cd4e818e7f4b1f27650.js
Requested by
Host: fem.prod.postmedia.digital
URL: https://fem.prod.postmedia.digital/v49.3/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2140:c000:8:f216:eb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
056439f728742942ff97ce79aab564484cc5280e730c29c451156d448a6f0962

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 07:00:26 GMT
content-encoding
gzip
last-modified
Fri, 07 Jan 2022 18:28:02 GMT
server
AmazonS3
age
1863655
etag
W/"813689e415eca3625c61b16cfc06564f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 1bbfa275cce73ba7a423bc907239dede.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR52-C1
x-amz-cf-id
RXNzvac630wn78gENBGatRnepIg_gS03QKVMyoMEbg5ZrXDY-7ii4w==
xd.js
d395dw5zk780j2.cloudfront.net/v49.3/ Frame 35CD 		37 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d395dw5zk780j2.cloudfront.net/v49.3/xd.js
Requested by
Host: d395dw5zk780j2.cloudfront.net
URL: https://d395dw5zk780j2.cloudfront.net/v49.3/xd.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2140:c000:8:f216:eb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ea24837103070968a4b29ff947900cc3595204a8164ab822e53e0731074989ed

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://d395dw5zk780j2.cloudfront.net/v49.3/xd.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 07:00:26 GMT
content-encoding
gzip
last-modified
Fri, 07 Jan 2022 18:28:01 GMT
server
AmazonS3
age
1863655
etag
W/"d63a090c49f5bb7aa243819754d5445c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 1bbfa275cce73ba7a423bc907239dede.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR52-C1
x-amz-cf-id
zZrogGvRfgjHRSYiW8Eu-NC9Pa0j0bZYE0WPf0X0E8pwcrMiH06N3A==
884f8a63d4124a85c5dd0.js
cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/websites/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/websites/js/884f8a63d4124a85c5dd0.js
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/CACHE/js/shared.d34f1f5b282b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
8efc268132d526206d433febe50d279a657513bcf23a6b6a527f84811c6ba6c8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
public
date
Mon, 31 Jan 2022 20:41:20 GMT
content-encoding
gzip
last-modified
Mon, 31 Jan 2022 20:21:28 GMT
etag
W/"61f844c8-1cff"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Thu, 26 Jan 2023 20:41:20 GMT
fc26f765ecbbcf90e0f11.js
cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/websites/js/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/websites/js/fc26f765ecbbcf90e0f11.js
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/CACHE/js/shared.d34f1f5b282b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
2a57c084ba5fc039d4bc2f41ebe757f1aa7db0b6e3a001d4ebba63b4fc173a77
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
public
date
Mon, 31 Jan 2022 20:41:20 GMT
content-encoding
gzip
last-modified
Mon, 31 Jan 2022 20:21:28 GMT
etag
W/"61f844c8-45ff"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Thu, 26 Jan 2023 20:41:20 GMT
360d8cc91f278aa230437.js
cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/websites/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/websites/js/360d8cc91f278aa230437.js
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/CACHE/js/shared.d34f1f5b282b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
54f99710ea6dfde67c874d6f4d5e1ad6364cf81c89fceca1ae35967fd3b03855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
public
date
Mon, 31 Jan 2022 20:41:20 GMT
content-encoding
gzip
last-modified
Mon, 31 Jan 2022 20:21:28 GMT
etag
W/"61f844c8-2ea9"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Thu, 26 Jan 2023 20:41:20 GMT
319134f8edfeb15b070c18.js
cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/websites/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/websites/js/319134f8edfeb15b070c18.js
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/CACHE/js/shared.d34f1f5b282b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
a1f4086973dc8059c20b2a680c1e4cfae4069ff3a4a063a297bbcd9281115dab
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
public
date
Mon, 31 Jan 2022 20:41:20 GMT
content-encoding
gzip
last-modified
Mon, 31 Jan 2022 20:21:28 GMT
etag
W/"61f844c8-2e3e"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Thu, 26 Jan 2023 20:41:20 GMT
2b8b86e084d1ab65e2064.js
cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/websites/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/websites/js/2b8b86e084d1ab65e2064.js
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/CACHE/js/shared.d34f1f5b282b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
9034335635758d7a2b0d8f6f94a42f45ca55f3a87ed38929c7ab89800036e708
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
public
date
Mon, 31 Jan 2022 20:41:20 GMT
content-encoding
gzip
last-modified
Mon, 31 Jan 2022 20:21:28 GMT
etag
W/"61f844c8-1eaa"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Thu, 26 Jan 2023 20:41:20 GMT
9b98b91c7967b0fa07196.js
cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/websites/js/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/websites/js/9b98b91c7967b0fa07196.js
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/CACHE/js/shared.d34f1f5b282b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
190bc6bf64a88996a8505f258adba28cba4c993a6b1b446abd3d3ff552286a1c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
public
date
Mon, 31 Jan 2022 20:41:20 GMT
content-encoding
gzip
last-modified
Mon, 31 Jan 2022 20:21:28 GMT
etag
W/"61f844c8-4c4a"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Thu, 26 Jan 2023 20:41:20 GMT
4e3abf0a5d0557e6057413.js
cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/websites/js/ 		51 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/websites/js/4e3abf0a5d0557e6057413.js
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/CACHE/js/shared.d34f1f5b282b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
46ba5f0b3b0f72884e66f3f7c8ac6c6195741a4e77f15f55ae16927c6c913da4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
public
date
Mon, 31 Jan 2022 20:41:20 GMT
content-encoding
gzip
last-modified
Mon, 31 Jan 2022 20:21:28 GMT
etag
W/"61f844c8-ca31"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Thu, 26 Jan 2023 20:41:20 GMT
db17bce7ef9476ceda412.js
cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/websites/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/websites/js/db17bce7ef9476ceda412.js
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/CACHE/js/shared.d34f1f5b282b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
39a95bd7f8ff911c8a36dc1ae3b37f85d4684fd3897ab3df6dca5f8c3cd9b422
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
public
date
Mon, 31 Jan 2022 20:41:20 GMT
content-encoding
gzip
last-modified
Mon, 31 Jan 2022 20:21:28 GMT
etag
W/"61f844c8-19d5"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Thu, 26 Jan 2023 20:41:20 GMT
99570a8661cf974c335a3.js
cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/websites/js/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/websites/js/99570a8661cf974c335a3.js
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/CACHE/js/shared.d34f1f5b282b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
e2cf23246faa8dc51d53f8194af77082ccfa8dff6a73596ea98c0ded52fb3a39
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
public
date
Mon, 31 Jan 2022 20:41:20 GMT
content-encoding
gzip
last-modified
Mon, 31 Jan 2022 20:21:28 GMT
etag
W/"61f844c8-3fb0"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Thu, 26 Jan 2023 20:41:20 GMT
38f433b6a6367d1711665.js
cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/websites/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/websites/js/38f433b6a6367d1711665.js
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/CACHE/js/shared.d34f1f5b282b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
b40fffdca8df7dcf6a825dc35de6f3ee8bca5119730c8938e77e805d8016cb78
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
public
date
Mon, 31 Jan 2022 20:41:20 GMT
content-encoding
gzip
last-modified
Mon, 31 Jan 2022 20:21:28 GMT
etag
W/"61f844c8-38bc"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Thu, 26 Jan 2023 20:41:20 GMT
0c3df80a51de2ab6e84c9.js
cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/websites/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/websites/js/0c3df80a51de2ab6e84c9.js
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/CACHE/js/shared.d34f1f5b282b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
f79e1f14cff6f380ebbbea645bb159978ead5447a33a0ced34534b2271eb4019
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
public
date
Mon, 31 Jan 2022 20:41:20 GMT
content-encoding
gzip
last-modified
Mon, 31 Jan 2022 20:21:28 GMT
etag
W/"61f844c8-32f4"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Thu, 26 Jan 2023 20:41:20 GMT
0c201cfbaeab033b467f14.js
cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/websites/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/websites/js/0c201cfbaeab033b467f14.js
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/CACHE/js/shared.d34f1f5b282b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
c5bfe7e837984f45a4b301978ceb06a03fea2e60a15b937d99fd5b30d6ae9946
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
public
date
Mon, 31 Jan 2022 20:41:20 GMT
content-encoding
gzip
last-modified
Mon, 31 Jan 2022 20:21:28 GMT
etag
W/"61f844c8-24f2"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Thu, 26 Jan 2023 20:41:20 GMT
e330ec2ee9969165019715.js
cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/websites/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/websites/js/e330ec2ee9969165019715.js
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/CACHE/js/shared.d34f1f5b282b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
7a8eeaf2b963d18188f07f3e78982938224c9e58b5fab050989e51cbf44a3d6c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
public
date
Mon, 31 Jan 2022 20:41:20 GMT
content-encoding
gzip
last-modified
Mon, 31 Jan 2022 20:21:28 GMT
etag
W/"61f844c8-1a84"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Thu, 26 Jan 2023 20:41:20 GMT
3b3f819d1ffe0e05145e10.js
cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/websites/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/websites/js/3b3f819d1ffe0e05145e10.js
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/CACHE/js/shared.d34f1f5b282b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
9008ac843d4735e349bdde45c352caeb6d5c1517622730fa602d6b56cf5e4b3a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
public
date
Mon, 31 Jan 2022 20:41:20 GMT
content-encoding
gzip
last-modified
Mon, 31 Jan 2022 20:21:28 GMT
etag
W/"61f844c8-2ab4"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Thu, 26 Jan 2023 20:41:20 GMT
7cf4d25d2e47a8e0a18e28.js
cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/websites/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/websites/js/7cf4d25d2e47a8e0a18e28.js
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/9.4.0/CACHE/js/shared.d34f1f5b282b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
42d28b968b79182a5ce39cb1bfb0a1f62441f1fb1a5d233162712097967aa6cd
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
public
date
Mon, 31 Jan 2022 20:41:20 GMT
content-encoding
gzip
last-modified
Mon, 31 Jan 2022 20:21:28 GMT
etag
W/"61f844c8-25d9"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Thu, 26 Jan 2023 20:41:20 GMT
KOREAMISSILE-2022-01-14.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/01/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/01/KOREAMISSILE-2022-01-14.jpg?quality=90&strip=all&w=344&type=webp
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
89b21ab23b44acc94ee9d2f9718d2d7755b3c52e2787b469aa45aa717da3983e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 31 Jan 2022 06:06:45 GMT
via
1.1 google
server
nginx/1.19.10
cache-control
max-age=2592000,public
age
52475
etag
"5d3054dfe21d9a9202c2d19e9fb81104dfd64388"
vary
Accept
content-type
image/webp
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-64c799cd7-9smrp
alt-svc
clear
content-length
23428
Riyaz-Hussein-2-e1642200533883.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/01/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/01/Riyaz-Hussein-2-e1642200533883.jpg?quality=90&strip=all&w=344&type=webp
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
1bf3e4860d8c6caf4f0363f9c1af156076d961b599095887b4d564a622679f53

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 31 Jan 2022 06:06:35 GMT
via
1.1 google
server
nginx/1.19.10
cache-control
max-age=2592000,public
age
52485
etag
"a0f70a6a92f3f8b858f6d42e16430b3bdeef0649"
vary
Accept
content-type
image/webp
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-64c799cd7-zsvbf
alt-svc
clear
content-length
13104
bid
c.amazon-adsystem.com/e/dtb/ 		194 B
685 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3528&u=https%3A%2F%2Fcheet-4549-torontosun.gdev.postmedia.digital%2F&pid=wJeeMYNvV4rNu&cb=0&ws=1600x1200&v=7.72.0&t=2000&slots=%5B%7B%22sd%22%3A%22ad-1%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-2%22%2C%22s%22%3A%5B%226x6%22%2C%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-1%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-3%22%2C%22s%22%3A%5B%227x7%22%2C%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-2%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-4%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-3%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-5%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-6%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-7%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-6%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-8%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-7%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-9%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-10%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-11%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.137.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-137-197.ewr52.r.cloudfront.net
Software
Server /
Resource Hash
61a9435112cb68acc5f8da27798416ac4082a71a8ee5d392fb39c30185e4bc73
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
via
1.1 26bf46825c6bd12542772bad5a4d97b4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR52-C2
x-amz-rid
VNWSX1YEJ5R1ZV7TMYTH
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
194
x-amz-cf-id
68lYbx-A4P3tgRNELos-vzdUfDEPFVhXPVul-FNDbLKFGLVMj6UE2A==
translator
hbopenbid.pubmatic.com/ 		0
136 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.98 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
date
Mon, 31 Jan 2022 20:41:20 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cygnus
htlb.casalemedia.com/ 		37 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=613230&v=7.2&ac=j&sd=1&sn=0&r=%7B%22id%22%3A%22131ca3f69087726%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fcheet-4549-torontosun.gdev.postmedia.digital%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A11%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A11%2C%22ren%22%3Afalse%2C%22version%22%3A%225.20.0%22%2C%22userIds%22%3A%5B%5D%2C%22sn%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2214fc1da5bf60069%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%7D%7D%2C%7B%22id%22%3A%22211860d1946ac0b%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%7D%7D%2C%7B%22id%22%3A%22287a73dd3a113ff%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%7D%7D%2C%7B%22id%22%3A%223507cbe93e62441%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%7D%7D%2C%7B%22id%22%3A%22423521f563cea19%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%7D%7D%2C%7B%22id%22%3A%2249663e2534f8c04%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%7D%7D%2C%7B%22id%22%3A%22562c2b2e94e1a98%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%7D%7D%5D%2C%22at%22%3A1%7D
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.94.205.31 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-94-205-31.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d9a093aaa6bf60bcc9caad8031ae1878332f5bc6b2fbd718404c77ec16f63d57

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:20 GMT
x-ak-initial-geo
CC:[CA], RC:[QC], CN:[NA], CIP:[149.56.153.189], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
x-cs-client-geo
19
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
19
expires
Mon, 31 Jan 2022 20:41:20 GMT
cygnus
htlb.casalemedia.com/ 		37 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=613230&v=7.2&ac=j&sd=1&sn=1&r=%7B%22id%22%3A%22131ca3f69087726%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fcheet-4549-torontosun.gdev.postmedia.digital%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A11%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A11%2C%22ren%22%3Afalse%2C%22version%22%3A%225.20.0%22%2C%22userIds%22%3A%5B%5D%2C%22sn%22%3A1%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2263941ccee80a688%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%7D%7D%2C%7B%22id%22%3A%2270e58e1edc9d156%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%7D%7D%2C%7B%22id%22%3A%227754651f0865bde%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%7D%7D%2C%7B%22id%22%3A%22847f5e3a3584ad5%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%7D%7D%5D%2C%22at%22%3A1%7D
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.94.205.31 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-94-205-31.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d9a093aaa6bf60bcc9caad8031ae1878332f5bc6b2fbd718404c77ec16f63d57

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:20 GMT
x-ak-initial-geo
CC:[CA], RC:[QC], CN:[NA], CIP:[149.56.153.189], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
x-cs-client-geo
19
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
19
expires
Mon, 31 Jan 2022 20:41:20 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9690dc0177773e92cc3f89a2a30123&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
78695c1f9936cc52cebe8f4438ce1008076f1dd3d3ddbaa7813df6f1623c2db1

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9699450177773e8e3a3f8e631601fc&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
da370af4691e19f146ac8e77da8032712c3b1d3f54952f944df74b1595122202

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9699450177773e8e3a3f89a014012d&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e70ffc4d01cfe4313b5fe6d1ec876d1e8c6a638f1ede2b7ba0cb236f5026de25

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9694560177773e96643f8e61ff01f0&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
1d9286445228adc3e7a110357a424f822d6aacdc24751e7ce2355c36b9f8fc59

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9694560177773e96643f899e820119&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
bd368567408cb7952e868529211f6939acd670fc85c7abaf4a97632078169c21

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9694560177773e96643f899ade0118&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
a9ee9306de2291e605f8344abf097ba6a9e5b609c7a30970ade937cb73819037

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9699450177773e8e3a3f899c79012c&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
fb96ae562aee53baf3a0543cacbd63ee3802ae42cadef2586b1c9f79296c54d9

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9690dc0177773e92cc3f89a2a30123&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
61b2a318a5cad9a09b5ec4376e3fd66765e911b7632bcb4703ddcb6b2ddb3c4e

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9699450177773e8e3a3f8e631601fc&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e60fc30093f72426cdcfb66adc7766c4ef5265fc595689d7ba2e56180c919bd0

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9699450177773e8e3a3f89a014012d&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
0d2ac764cf2fb229cb99ff93f216bd04d62b564384adbcc9f89491d858c56e41

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9694560177773e96643f8e61ff01f0&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
db2f644dfaf9dc0cb27da57f2857a2936d25b771ba1619473dbcba889b7907f2

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9694560177773e96643f899e820119&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
2877cbf1f32a602472230deee3f3406e27984a0ad738c0a47d48da01dc5e2fc9

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9694560177773e96643f899ade0118&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
2c3ab80bcb2a42bc903c0b6ecc8da9d2fbb8cb97b300a5015bac9b7127687cf7

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9699450177773e8e3a3f899c79012c&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
6b8c2ee9a70dc83322a4425b31b8249958dfbced9e1c782963143dead9c523fc

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9690dc0177773e92cc3f89a2a30123&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
94063385884ca850a6a50a6169726ae9a468dae143f872f920aee0d1a304109e

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9699450177773e8e3a3f8e631601fc&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
d3d03246e614a6cd3ea3de89e84f8352795658122c1880c526279c175a21ab5f

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9699450177773e8e3a3f89a014012d&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
f81cffaea52b9980ed58c8ecccda3aa040c8ac55ea4a79c1a83ebd810944b36e

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9694560177773e96643f8e61ff01f0&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
5efed851f2a72ac448d9d98b3bb28cc06eb7d333a66f6f80901f2558842df0b3

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9694560177773e96643f899e820119&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
9502266edf21088cb878db8fc0b004c01b65ec4ce32a13779c8568d97e7aaa5c

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9694560177773e96643f899ade0118&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
49304a48f04f4b463cf89198bd2038b27e1bca87293a37360ffa2e3f8e22c3e5

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9699450177773e8e3a3f899c79012c&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
2aab9961b950f52ec394aa4cbed5a13d24affd2ee3f20df02e79dc0f7e2e3d65

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9690dc0177773e92cc3f89a2a30123&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
c42854521587191dba79c0cb0721daf9804911b9d3f7168b1753d261c00080b2

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9699450177773e8e3a3f8e631601fc&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
aac8a51d86b9c8a821060b6c47348fda753abb9c1e79641c76cef8c8e4a46817

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9699450177773e8e3a3f89a014012d&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
7774f1ce9e972657a8e5b09981ac79b312ffe3e0be2a4bb23e5152e01c9b2269

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9694560177773e96643f8e61ff01f0&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
f659cdc6729e13e2604692492c7a3a4dcdd7aac6a18f0648c1492ecd200a5633

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9694560177773e96643f899e820119&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
9dbada7aabb253e1200878d3d804741d13832c218643685d5c98a9b6033552df

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9694560177773e96643f899ade0118&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
eb73d9ce5ff4f99173940e81a1d9ac4242340f8e262ba3933b95fd53a753dd2d

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9699450177773e8e3a3f899c79012c&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
6b49bbb468c94bde753359eff3fedd1473f25a363c4153a6acca7c795685d259

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9690dc0177773e92cc3f89a2a30123&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
88cb82fbb15f064858767d23d38939e903f51391ead1281181f30ce735276a45

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9699450177773e8e3a3f8e631601fc&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
6a81568f55ae9d3d6e7442d0b2c592acca8a1d57f6c7741aa1b563c316ca73b8

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9699450177773e8e3a3f89a014012d&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
50d1b097304df7c128ca9fd7a3442c0314aa313eb5e0642fc511be4b8b482fe4

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9694560177773e96643f8e61ff01f0&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
a1dae8ed2e18a113c1c1c8b4922683a296ab40349c8eb4e2514ccc5e9f3ed397

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9694560177773e96643f899e820119&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
2bb50a86a0b357d2f5c825a1c592fb7c249dba866603cb27742ad5a3f8a5ba8e

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9694560177773e96643f899ade0118&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
5b47cd47cde0e419e5d1c013d143e71eddcf24eacf7dfde163764ace43a4a713

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9699450177773e8e3a3f899c79012c&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
51abf473db4bdc212b1524d4099382a230684908bffe41cf4a1a41b9da9f2568

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9690dc0177773e92cc3f89a2a30123&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
ed6c88b024f26f59ef35e4d63d27c48e24f1953426a969426f6c77853e3e1b22

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9699450177773e8e3a3f8e631601fc&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
effe3bd735d8ab5d0c9a8554f2ad8d4a344bbd602d0ac938e50ac5bb53beea66

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
353 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9699450177773e8e3a3f89a014012d&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
ba7cec6d75f86ee49f09fcfb4b547cc4e4906cb4b20905bd610500e5011bcda9

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9694560177773e96643f8e61ff01f0&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
a91e60b554f9b9a46e69555f0e6ef5db2772b3a96df2bc91a775fedc07a51de3

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9694560177773e96643f899e820119&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
f2029c9ff998a7b7f40597b81b9e3c88b7d090ceec3eeac8381a0b3a3845225b

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9694560177773e96643f899ade0118&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e23a61fdaf1449a6571008664b9d20bf10cc7149b6ab7fe96bed391616303f00

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9699450177773e8e3a3f899c79012c&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
38fef3749610f8d3262b39e38896b5bd7c0261937c141d6acdce8d0d7b08bc09

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9690dc0177773e92cc3f89a2a30123&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
ee3eb4db98e43c96181e4603d67eabf5d680a95ddca89839334e3cb93a22276b

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9699450177773e8e3a3f8e631601fc&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
4d98426c457804c2ba98c2675b8204c5d14b2f46e3bb46d612fa7b0ee8e3f04a

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9699450177773e8e3a3f89a014012d&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
84cbc6e5a7606e731a65362dde756bd1bc219b01c82367e758fa631c57ab78cf

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9694560177773e96643f8e61ff01f0&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
c3414c73d546ab87194a785bc8091b8449605760c26699f32172a154f033c3c5

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
353 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9694560177773e96643f899e820119&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
f90f454ad17cf420c25c421cedb528e671d19f1c322f36a4ba7f91de378f9825

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9694560177773e96643f899ade0118&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
4a0121b5684d43090a4bf15541f701d6381129cee91890842595651bc41baad2

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9699450177773e8e3a3f899c79012c&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
027c960b439be277f5dd907e5629be7a4360eecb943c8c2d75e5b6a0e2157aaf

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
353 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9690dc0177773e92cc3f89a2a30123&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
fcc9ba79def68dcbac6bfe3b08a16e6002baa3ecc018252d840d58cf8bb8bc9d

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9699450177773e8e3a3f8e631601fc&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
475edb49d60d0840a58c427173057a72466cc0f140b5b0fd5b5757ce113f3000

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9699450177773e8e3a3f89a014012d&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
6694db916a152e687af7a0d1cf247950921409f4a8e80bee707a3a61f56621d7

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9694560177773e96643f8e61ff01f0&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
4d259af91ef9cf72737cb738f97fe8a8701ba61ec0ecdb8f394fb4e754d895d7

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9694560177773e96643f899e820119&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
42d3a8cf89f5eb746b28d80f863f0e6024d7ab4d347f028737ab8ff4b9b94dfe

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9694560177773e96643f899ade0118&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
486ddaa8f86b230c5fff946591e9f92a54ca035a78b69a0597d808bbffde4be9

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
353 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9699450177773e8e3a3f899c79012c&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
cdc4bfeb56b07215f2a7434e814b9406a1e9e703b13111cf01bf5de20a61f502

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
353 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9690dc0177773e92cc3f89a2a30123&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
74e869f36cb8b26f9624b85bb38386c2352f48fb91efee3bb3c3234542576f3e

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9699450177773e8e3a3f8e631601fc&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
7479f164f844624f9b1dac45d157cfea71a5798f0d0009093d346052f1e6710d

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
353 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9699450177773e8e3a3f89a014012d&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
ab8a0b1e7521c7e845e6d54dfa453ff711353b7378ef9a99ed5df38df4383c85

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9694560177773e96643f8e61ff01f0&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
bab4cb9332bd672a87079c460f6b3036e9494d13e0fb75d900fd702d6b8ade05

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9694560177773e96643f899e820119&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
78db1f6524482d30a123613ea871ce83370e9243850d775e30d813550383eaba

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9694560177773e96643f899ade0118&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
f35e7e284c5a379b487f0fb6f28f87a65b92dd6ed268468c091b261cdb4fb09f

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9699450177773e8e3a3f899c79012c&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
8048aec50f28319317fb1a67a6873e93f75eaf5ce6dc27f8cdec10faf4d7c5b3

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9690dc0177773e92cc3f89a2a30123&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
12f0953fbf4ce674601749cec412a67ded53cdc891bafdf11ae0ac87bf4a776f

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9699450177773e8e3a3f8e631601fc&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
9295ee67ad7300bd039b63b5335a442fb5ab74ccd52e3378922fe7a2b4dfed73

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9699450177773e8e3a3f89a014012d&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
f0830aa3f60c61a18b02cbf261bb7fccc5e8844ddf75c5072d865b1b76c103f6

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9694560177773e96643f8e61ff01f0&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
b3e6b5af5e646986ac2345c48bd90b6ebec6efea81cd055d28fbfa73de052405

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9694560177773e96643f899e820119&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
ce912e6d3b543995e5d01accdc7e4c700d32e05acc2c618249c3e1634c494e74

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9694560177773e96643f899ade0118&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
93edcc6bac0b2774959f930af27397d7be8c1087e1564b856c20ef9e506f23e3

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9699450177773e8e3a3f899c79012c&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
7d7c70e420417ec47253579e534c3f38a1e8b7472aecaab31fc0095902ac710c

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9690dc0177773e92cc3f89a2a30123&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
9923905127ccbd0c0a2b41dc73cdcac7ee3331ad5cedc2a63c2a002278fde404

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9699450177773e8e3a3f8e631601fc&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
6c4679c8b1bd388439663a88bc62c7dac11d6cd781193e372a2d7590c153ecdc

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
353 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9699450177773e8e3a3f89a014012d&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
f439f7a4f961828a48fc8abf9d6360685b86a53775d2339a002f2a454d5991b4

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9694560177773e96643f8e61ff01f0&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
d36e3b90b1f0f4b75a3777737e067adc48424b60cd7e4c6fcd7d7a59c509ec4b

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
353 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9694560177773e96643f899e820119&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
b751ee3a23f68aa0e2eab665232c87f14813f37379e92ea4c94c976ff6336637

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9694560177773e96643f899ade0118&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
15e347a885fcabbbde879ac9aad37df68456936a60647804620de8312eade388

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
353 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208761c83f097b&pos=8a9699450177773e8e3a3f899c79012c&cmd=bid&secure=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
8d0e9de7fc623b08bd0f2efbad9e9653b5892733a02f39a7867ffddd4fed5a4c

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
prebid
ib.adnxs.com/ut/v3/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.117 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
8152bef8897cebce5cb8777ee9d0d13037b045802bd125507b2821c2a612f931
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 31 Jan 2022 20:41:20 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 676.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
3d885abb-72db-41b7-9860-0c84153fc883
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://cheet-4549-torontosun.gdev.postmedia.digital
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		0
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.20.0&cb=88877469399
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
arj
postmedia-d.openx.net/w/1.0/ 		173 B
610 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://postmedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fcheet-4549-torontosun.gdev.postmedia.digital%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=5b672a3a-c324-4c6b-af94-34407bbbe8e9%2C517f72d6-0e9c-44d7-ad56-3d96d7a35ee4%2Ca69e90ef-e02c-4208-adc5-ba7e37c2d876%2Ccc7e8d41-fc2f-4ab9-97b8-fe3fab185091%2C254efb23-2c8a-4ee0-b88c-d34dfa522f4b%2C2bf22a8c-d83b-4a3a-82d1-1382636e22ee%2C03b968bb-3af7-41bc-b18a-e3ace6b61c93%2C5c6a9835-35cd-4ed8-95c5-b0c9315b5b6e%2Cf04bbfdc-126d-4b11-be7c-d2c9e5866a77%2Cdf79fe39-b24c-4e8f-9b37-66b234f75650%2C8a1c865a-04e3-4be3-9b42-ca3cfdd2e1f0&nocache=1643661680425&aus=970x90%2C970x250%2C728x90%2C300x250%7C970x90%2C970x250%2C728x90%2C300x250%7C970x90%2C970x250%2C728x90%2C300x250%7C970x90%2C970x250%2C728x90%2C300x250%7C970x90%2C970x250%2C728x90%2C300x250%7C970x90%2C970x250%2C728x90%2C300x250%7C970x90%2C970x250%2C728x90%2C300x250%7C970x90%2C970x250%2C728x90%2C300x250%7C970x90%2C970x250%2C728x90%2C300x250%7C970x90%2C970x250%2C728x90%2C300x250%7C970x90%2C970x250%2C728x90%2C300x250&divids=ad-1%2Cad-2%2Cad-3%2Cad-4%2Cad-5%2Cad-6%2Cad-7%2Cad-8%2Cad-9%2Cad-10%2Cad-11&aucs=%252F3081%252FSMCO_ENUR_TSUN_EN_WEB%252Findex%2C%252F3081%252FSMCO_ENUR_TSUN_EN_WEB%252Findex%2C%252F3081%252FSMCO_ENUR_TSUN_EN_WEB%252Findex%2C%252F3081%252FSMCO_ENUR_TSUN_EN_WEB%252Findex%2C%252F3081%252FSMCO_ENUR_TSUN_EN_WEB%252Findex%2C%252F3081%252FSMCO_ENUR_TSUN_EN_WEB%252Findex%2C%252F3081%252FSMCO_ENUR_TSUN_EN_WEB%252Findex%2C%252F3081%252FSMCO_ENUR_TSUN_EN_WEB%252Findex%2C%252F3081%252FSMCO_ENUR_TSUN_EN_WEB%252Findex%2C%252F3081%252FSMCO_ENUR_TSUN_EN_WEB%252Findex%2C%252F3081%252FSMCO_ENUR_TSUN_EN_WEB%252Findex&auid=543843952%2C543843952%2C543843952%2C543843952%2C543843952%2C543843952%2C543843952%2C543843952%2C543843952%2C543843952%2C543843952
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
2b50b46e9fff24bc7548538f3b19bc6857f243a5c4155ce88017892b839f7e3e

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:20 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		1 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14648&site_id=359816&zone_id=1939012&size_id=15&alt_size_ids=2%2C55%2C57&rf=https%3A%2F%2Fcheet-4549-torontosun.gdev.postmedia.digital%2F&tg_i.aupname=%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex&tg_i.dfp_ad_unit_code=3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex&tg_i.pbadslot=3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex&tk_flint=dmpbjs_v5.20.0&x_source.tid=5b672a3a-c324-4c6b-af94-34407bbbe8e9%3B517f72d6-0e9c-44d7-ad56-3d96d7a35ee4%3Ba69e90ef-e02c-4208-adc5-ba7e37c2d876%3Bcc7e8d41-fc2f-4ab9-97b8-fe3fab185091%3B254efb23-2c8a-4ee0-b88c-d34dfa522f4b%3B2bf22a8c-d83b-4a3a-82d1-1382636e22ee%3B03b968bb-3af7-41bc-b18a-e3ace6b61c93%3B5c6a9835-35cd-4ed8-95c5-b0c9315b5b6e%3Bf04bbfdc-126d-4b11-be7c-d2c9e5866a77%3Bdf79fe39-b24c-4e8f-9b37-66b234f75650&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=10&rand=0.7208898185058357
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c002:200::41 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
a8f3d9e4b35c52b61d73041f0707384aaddc048436f542fe3459185486b2d709

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 20:41:20 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://cheet-4549-torontosun.gdev.postmedia.digital
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
494
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		422 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14648&site_id=359816&zone_id=1939012&size_id=15&alt_size_ids=2%2C55%2C57&rf=https%3A%2F%2Fcheet-4549-torontosun.gdev.postmedia.digital%2F&tg_i.aupname=%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex&tg_i.dfp_ad_unit_code=3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex&tg_i.pbadslot=3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex&tk_flint=dmpbjs_v5.20.0&x_source.tid=8a1c865a-04e3-4be3-9b42-ca3cfdd2e1f0&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9188760147405473
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c002:200::41 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
5958e4b9c33a2c112d383aa30e6642e00a7a69da276e5fdecf3d807ec33ad8eb

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 20:41:20 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://cheet-4549-torontosun.gdev.postmedia.digital
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
422
Expires
Wed, 17 Sep 1975 21:32:10 GMT
controltag.js.a1705c5ac5f06cf0c202ff70908fc042
cdn.krxd.net/ctjs/ 		259 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/uep0921xz.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Mon, 31 Jan 2022 20:41:20 GMT
content-encoding
gzip
age
15754990
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
8023109
content-length
84509
x-served-by
cache-yul12827-YUL
last-modified
Mon, 02 Aug 2021 12:06:17 GMT
x-timer
S1643661680.450891,VS0,VE0
etag
"a1705c5ac5f06cf0c202ff70908fc042"
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Thu, 31 Jul 2031 12:06:16 GMT
identify
identity.mparticle.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-mp-key
Origin
https://cheet-4549-torontosun.gdev.postmedia.digital
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Kestrel
access-control-allow-headers
content-type,x-mp-key
access-control-allow-methods
POST
access-control-allow-origin
*
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
accept-ranges
bytes
date
Mon, 31 Jan 2022 20:41:20 GMT
via
1.1 varnish
age
1304
x-served-by
cache-yul12820-YUL
x-cache
HIT
x-cache-hits
928
x-timer
S1643661681.516949,VS0,VE0
strict-transport-security
max-age=900
identify
identity.mparticle.com/v1/ 		176 B
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-a9588c0ddc27594cabd152e47ffe27ee/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
47d0d9481b5ba541cd66b7d69f914f00da176e7932394e3c9c3d82b14dec6ff0
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

x-mp-key
us1-a9588c0ddc27594cabd152e47ffe27ee
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
content-encoding
gzip
server
Kestrel
x-timer
S1643661681.531411,VS0,VE32
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by
cache-yul12820-YUL
vary
Accept-Encoding
x-cache
MISS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
strict-transport-security
max-age=900
accept-ranges
bytes
via
1.1 varnish
x-cache-hits
0
p.js
cdn.parsely.com/keys/sandbox.torontosun.com/ 		56 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/sandbox.torontosun.com/p.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.40.238 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-40-238.ewr52.r.cloudfront.net
Software
nginx /
Resource Hash
4959a941954a0161eac86159932892dd4d12dc515d17ba38023e0fd472bf8787

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
public
date
Mon, 31 Jan 2022 14:15:34 GMT
content-encoding
gzip
last-modified
Fri, 29 Oct 2021 19:37:31 GMT
server
nginx
age
23146
etag
W/"617c4d7b-df4a"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 fc07a3272275b95dac262d5ece1fcdf8.cloudfront.net (CloudFront)
cache-control
max-age=86400, public
x-amz-cf-pop
EWR52-C4
x-amz-cf-id
awOr0VPARI2IFlvaYwA2t1q7KgSdUO0CAc7Wx6ghvR7cwmrw1EEDoQ==
expires
Tue, 01 Feb 2022 14:15:34 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
cafe /
Resource Hash
73b783357e1ed270e36ebc7846a8477f3d0d44e457405f46926ee2dc2a7db692
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14860
x-xss-protection
0
server
cafe
etag
9607039154328110559
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 31 Jan 2022 20:41:20 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:3d::17dc:f9cb Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 20:41:20 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 Sep 2021 19:17:49 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=10982
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2036
fbevents.js
connect.facebook.net/en_US/ 		99 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
26236
x-xss-protection
0
pragma
public
x-fb-debug
FbJTNmRc1HLJEsJjYGycVXM2X49oqga1lhtKwJj8z5mSv/e9AqiU1Ri25tR03EESyb0gflbVhBYkcMFfVEXxmQ==
x-fb-trip-id
2050670934
x-frame-options
DENY
date
Mon, 31 Jan 2022 20:41:20 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
uwt.js
static.ads-twitter.com/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.28.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
content-encoding
gzip
last-modified
Thu, 16 Sep 2021 23:12:14 GMT
etag
"8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache
x-cache
HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
5410
x-served-by
cache-iad-kiad7000054-IAD
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=10276888&ns__t=1643661680636&ns_c=UTF-8&c8=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&c7=https%3A%2F%2Fcheet-4549-torontosun.gdev.post...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=10276888&ns__t=1643661680636&ns_c=UTF-8&c8=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&c7=https%3A%2F%2Fcheet-4549-torontosun.gdev.pos...
0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=10276888&ns__t=1643661680636&ns_c=UTF-8&c8=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&c7=https%3A%2F%2Fcheet-4549-torontosun.gdev.postmedia.digital%2F&c9=
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Server
13.33.46.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-46-48.ewr52.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
via
1.1 d57e92f55da6364b30f6b45e435b7b20.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C1
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
CAww66puYm73J1A07uSq4FJPx0mTdx6bXLluXRM6p9RVFDAWqRwMbg==
x-cache
Miss from cloudfront

Redirect headers

date
Mon, 31 Jan 2022 20:41:20 GMT
via
1.1 d57e92f55da6364b30f6b45e435b7b20.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=10276888&ns__t=1643661680636&ns_c=UTF-8&c8=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&c7=https%3A%2F%2Fcheet-4549-torontosun.gdev.postmedia.digital%2F&c9=
content-length
240
x-amz-cf-id
6QyeaYZrzPNbR53ymrFtelruJ3710_kgfAfKWFEFOnbiwmeA1yklJQ==
idsync.d5cb6b96.js
cdn.districtm.io/ids/ Frame 7CD2 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/ids/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
via
1.1 a20436c6d109fe9002d093f519ad4399.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
65133
cf-polished
origSize=3302
x-cache
Hit from cloudfront
cf-bgj
minify
content-encoding
br
last-modified
Thu, 20 May 2021 02:18:27 GMT
server
cloudflare
etag
W/"74ede07ef946dc2316f86b2661cf2dd3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=172800
x-amz-cf-pop
IAD89-C2
cf-ray
6d65c2a0b9df5401-YYZ
x-amz-cf-id
1eRSpWhdVAkBadFJp4F5rFN7MnzWD6LrYuBkp7TuCOeRux1TRVDlcg==
expires
Wed, 02 Feb 2022 20:41:20 GMT
load
sandbox.tinypass.com/xbuilder/experience/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sandbox.tinypass.com/xbuilder/experience/load?aid=MmGB73tzsu
Requested by
Host: fem.prod.postmedia.digital
URL: https://fem.prod.postmedia.digital/v49.3/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89d5260a69bbdaea62ddf6b3b24247fccd2856e510a614cd00c2320721b00f3a
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
content-encoding
br
vary
accept-encoding
cf-cache-status
HIT
age
1165
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
Cjkcl6rXJIY
pragma
wn
sandbox-vx-dash-10-13-139-143
last-modified
Mon, 31 Jan 2022 18:58:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/javascript;charset=utf-8
server-time
0.019
cache-control
public, max-age=1800
cf-ray
6d65c2a12bb14bbf-YUL
expires
Mon, 31 Jan 2022 21:11:20 GMT
identify
identity.mparticle.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-mp-key
Origin
https://cheet-4549-torontosun.gdev.postmedia.digital
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Kestrel
access-control-allow-headers
content-type,x-mp-key
access-control-allow-methods
POST
access-control-allow-origin
*
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
accept-ranges
bytes
date
Mon, 31 Jan 2022 20:41:20 GMT
via
1.1 varnish
age
1305
x-served-by
cache-yul12820-YUL
x-cache
HIT
x-cache-hits
929
x-timer
S1643661681.801074,VS0,VE0
strict-transport-security
max-age=900
identify
identity.mparticle.com/v1/ 		176 B
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-a9588c0ddc27594cabd152e47ffe27ee/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
48414eb96ed9b9f38db15a67d7c8646effcf015813cd2d72c50c86b8ff1de149
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

x-mp-key
us1-a9588c0ddc27594cabd152e47ffe27ee
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
content-encoding
gzip
server
Kestrel
x-timer
S1643661681.825122,VS0,VE41
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by
cache-yul12820-YUL
vary
Accept-Encoding
x-cache
MISS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
strict-transport-security
max-age=900
accept-ranges
bytes
via
1.1 varnish
x-cache-hits
0
/
p1.parsely.com/plogger/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1643661680810&plid=5190097&idsite=sandbox.torontosun.com&url=https%3A%2F%2Fcheet-4549-torontosun.gdev.postmedia.digital%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fcheet-4549-torontosun.gdev.postmedia.digital%2F&sref=&sts=1643661680802&slts=0&title=Home+%7C+Toronto+Sun+Home+Page+%7C+Toronto+Sun&date=Mon+Jan+31+2022+20%3A41%3A20+GMT%2B0000+(GMT)&action=pageview&pvid=28130733&u=pid%3Da9594369b75ffeaaa3f33fd736281e59
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.144.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-144-142.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 20:41:20 GMT
Cache-Control
no-cache
Last-Modified
Monday, 31-Jan-2022 20:41:20 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
p.adsymptotic.com/d/px/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1747836&time=1643661680842&url=https%3A%2F%2Fcheet-4549-torontosun.gdev.postmedia.digital%2F
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1747836&time=1643661680842&url=https%3A%2F%2Fcheet-4549-torontosun.gdev.postmedia.digital%2F&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1747836%26time%3D1643661680842%26url%3Dhttps%253A%252F%252Fcheet-4549-torontosun....
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1747836&time=1643661680842&url=https%3A%2F%2Fcheet-4549-torontosun.gdev.postmedia.digital%2F&cookiesTest=true&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1747836&time=1643661680842&url=https%3A%2F%2Fcheet-4549-torontosun.gdev.postmedia.digital%2F&cookiesTest=true&liSync=true&e_ipv6=AQIxtelufCYAngAA...
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=fdf60331-5a70-40e1-88ff-aa1758d7ec96
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=fdf60331-5a70-40e1-88ff-aa1758d7ec96&_expected_cookie=02ee4c07a41c984ad9052c91...
43 B
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=fdf60331-5a70-40e1-88ff-aa1758d7ec96&_expected_cookie=02ee4c07a41c984ad9052c91d3adb5d6
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Server
104.18.101.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:21 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6d65c2a5dd0b5473-YYZ
p3p
CP='NON DSP COR CONi OUR BUS CNT'
content-type
image/gif
content-length
43

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=fdf60331-5a70-40e1-88ff-aa1758d7ec96&_expected_cookie=02ee4c07a41c984ad9052c91d3adb5d6
date
Mon, 31 Jan 2022 20:41:21 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6d65c2a58c645473-YYZ
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
1685973801652415
connect.facebook.net/signals/config/ 		308 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1685973801652415?v=2.9.52&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d97ba2bfcb1ab988ae9b0a822be6ca7390d9de0dc50003c8768c7f9e1877bdf3
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
89996
x-xss-protection
0
pragma
public
x-fb-debug
UaaUD8BddW2NWZFGq9L/LLtT12un1kVBOnmQOMqtM7pQuWuNeH1MSEUw99cpE5JX17FZ4Q+MCjaLvUcxySfWug==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 31 Jan 2022 20:41:20 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
proxy.3d2100fd7107262ecb55ce6847f01fa5.html
cdn.krxd.net/partnerjs/xdi/ Frame AE09 		805 B
827 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/

Response headers

last-modified
Tue, 21 Feb 2017 17:50:54 GMT
etag
"3d2100fd7107262ecb55ce6847f01fa5"
cache-control
public, max-age=315360000
expires
Fri, 19 Feb 2027 17:50:50 GMT
content-type
text/html
x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
content-encoding
gzip
accept-ranges
bytes
date
Mon, 31 Jan 2022 20:41:20 GMT
via
1.1 varnish
age
20512200
x-served-by
cache-yul12827-YUL
x-cache
HIT
x-cache-hits
2762602
x-timer
S1643661681.889790,VS0,VE0
vary
Accept-Encoding
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length
525
simple
api.sail-personalize.com/v1/personalize/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-lib-version,x-referring-url
Origin
https://cheet-4549-torontosun.gdev.postmedia.digital
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 31 Jan 2022 20:41:21 GMT
content-type
text/plain
content-length
18
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
OPTIONS,GET,POST,PUT,DELETE
access-control-allow-headers
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
allow
HEAD,GET,OPTIONS
simple
api.sail-personalize.com/v1/personalize/ 		256 B
474 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Requested by
Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash
ae23ddec6ff84e1b00b1049467da16f185e82853c2c89285fba783863f400999

Request headers

x-lib-version
v1.0.1
Accept-Language
en-CA,en;q=0.9
authorization
Bearer b9d3df2fccd108b5eff3c44f573b2cd6
content-type
application/json
accept
application/json
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
x-referring-url
https://cheet-4549-torontosun.gdev.postmedia.digital/

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:21 GMT
content-encoding
gzip
allowedorigins
*
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
allowedheaders
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length
173
allowedmethods
GET,OPTIONS
expires
-1
/
www.googleadservices.com/pagead/conversion/580448699/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/580448699/?random=1643661680956&cv=9&fst=1643661680956&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1q0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fcheet-4549-torontosun.gdev.postmedia.digital%2F&tiba=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&auid=1788810653.1643661681&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
cafe /
Resource Hash
d43002ad5e39848ef1eb51f82cfa32fbec8514a48a628287ad3bfa63f6ba9a17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1235
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/990309138/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/990309138/?random=1643661680964&cv=9&fst=1643661680964&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1q0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fcheet-4549-torontosun.gdev.postmedia.digital%2F&tiba=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f36e32e465ea097161710b2aa52cc6c864110698cc16cea1b956f633db2c4886
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1032
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
buyers
dmx.districtm.io/s/v1/ Frame 7CD2 		566 B
807 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/buyers
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbb21b341144342355faeea96404c113bba9071320ed0d6c5004c2e65e0e9de5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:21 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
DELETE, GET, OPTIONS, POST
content-type
application/json
access-control-allow-origin
https://cdn.districtm.io
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6d65c2a21cf55401-YYZ
access-control-allow-headers
Origin, Content-Type
iu3
s.amazon-adsystem.com/ Frame 95C5
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&dcc=t
275 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
5bfee1a430ede5828fcb00547e58f4121e6758b35517b4ee1b5387067a2e65e9
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/

Response headers

Server
Server
Date
Mon, 31 Jan 2022 20:41:21 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
275
Connection
keep-alive
x-amz-rid
WQ7HMWJSZCBJA4CQA2QG
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

Server
Server
Date
Mon, 31 Jan 2022 20:41:21 GMT
Content-Length
0
Connection
keep-alive
x-amz-rid
NQBQEZM28SK8P7YKK08H
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&dcc=t
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()
integrator.js
adservice.google.ca/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=cheet-4549-torontosun.gdev.postmedia.digital
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 20:41:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cheet-4549-torontosun.gdev.postmedia.digital
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 20:41:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
adsct
analytics.twitter.com/i/ 		31 B
457 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o01de&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=f01d89cd-380a-4cbc-bee6-ca34c046275c&tw_document_href=https%3A%2F%2Fcheet-4549-torontosun.gdev.postmedia.digital%2F&tpx_cb=twttr.conversion.loadPixels
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-response-time
7
date
Mon, 31 Jan 2022 20:41:20 GMT
content-encoding
gzip
server
tsa_b
strict-transport-security
max-age=631138519
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0
x-connection-hash
97b33f21a2e12c96091d96ea22a1bd896b0a346c37940964e1b0dd4ed7a8b2f3
content-type
application/javascript;charset=utf-8
content-length
57
adsct
t.co/i/ 		43 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o01de&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=f01d89cd-380a-4cbc-bee6-ca34c046275c&tw_document_href=https%3A%2F%2Fcheet-4549-torontosun.gdev.postmedia.digital%2F
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-response-time
8
date
Mon, 31 Jan 2022 20:41:20 GMT
server
tsa_b
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
97e9b66ca63a3ac2075c66d5fccfc0719e9a196a59f3b32989bcc9c7af52e1ae
content-length
43
42fb57ac-2013-45a6-8dad-332d53e17c1b
consumer.krxd.net/consent/get/ 		239 B
432 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/42fb57ac-2013-45a6-8dad-332d53e17c1b?idt=device&dt=kxcookie&callback=Krux.ns.postmedia.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8ddf9e8fa96d1bbbeaf292ca94fc082dde61e4a6be90c87f8b2609fd88edbd4d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:21 GMT
via
1.1 varnish
age
1165
x-served-by
consumer-a009-ash-prod.krxd.net, cache-yul12822-YUL
vary
Accept-Encoding
x-cache
MISS, HIT
content-type
text/javascript; charset=UTF-8
content-encoding
gzip
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1643661681.064481,VS0,VE0
content-length
193
x-cache-hits
0, 1
ads
securepubads.g.doubleclick.net/gampad/ 		643 KB
71 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1959898311638529&correlator=2854269458287555&output=ldjh&impl=fifs&eid=31063224%2C31060545%2C31063877&vrg=2022012701&ptt=17&sc=1&sfv=1-0-38&ecs=20220131&iu_parts=3081%2CSMCO_ENUR_TSUN_EN_WEB%2Cindex&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C6x6%7C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C7x7%7C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250&ppid=00000000ppidn6290370058898212161&prev_scp=loc%3D1%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D255481cb-82d6-11ec-8962-0a6f860e8f41%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%26pub%3D40%2C50%7Cloc%3D2%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D255481cc-82d6-11ec-8962-0a6f860e8f41%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%26pub%3D40%2C50%7Cloc%3D1%26amznbid%3D2%26amznp%3D2%26id%3D255481cd-82d6-11ec-8962-0a6f860e8f41%7Cloc%3D3%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D255481ce-82d6-11ec-8962-0a6f860e8f41%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%26pub%3D40%2C50%7Cloc%3D2%26amznbid%3D2%26amznp%3D2%26id%3D255481cf-82d6-11ec-8962-0a6f860e8f41%7Cloc%3D4%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D255481d0-82d6-11ec-8962-0a6f860e8f41%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%2C50%2C60%7Cloc%3D3%26amznbid%3D2%26amznp%3D2%26id%3D255481d1-82d6-11ec-8962-0a6f860e8f41%7Cloc%3D5%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D255481d2-82d6-11ec-8962-0a6f860e8f41%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%2C50%7Cloc%3D6%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D255481d3-82d6-11ec-8962-0a6f860e8f41%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%26pub%3D40%2C50%7Cloc%3D7%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D255481d4-82d6-11ec-8962-0a6f860e8f41%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%26pub%3D40%2C50%7Cloc%3D6%26amznbid%3D2%26amznp%3D2%26id%3D255481d5-82d6-11ec-8962-0a6f860e8f41%7Cloc%3D8%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D255481d6-82d6-11ec-8962-0a6f860e8f41%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%26pub%3D40%2C50%7Cloc%3D7%26amznbid%3D2%26amznp%3D2%26id%3D255481d7-82d6-11ec-8962-0a6f860e8f41%7Cloc%3D9%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D255481d8-82d6-11ec-8962-0a6f860e8f41%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%26pub%3D40%2C50%7Cloc%3D10%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D255481d9-82d6-11ec-8962-0a6f860e8f41%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%26pub%3D40%2C50%7Cloc%3D11%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D255481da-82d6-11ec-8962-0a6f860e8f41%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%26pub%3D40%2C50&eri=1&cust_params=no_pol%3Dtrue%26page%3Dindex%26pr%3Dtsun%26sensitive%3Dn%26negative%3Dn%26ck%3Dindex%26imp%3Dindex%26kuid%3D%26amznbid%3D0%26amznp%3D0%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3DIAS_UNSCORED_PG&cookie_enabled=1&bc=31&abxe=1&dt=1643661681048&lmt=1643661681&dlt=1643661679557&idt=729&frm=20&biw=1600&bih=1200&oid=2&adxs=200%2C797%2C765%2C797%2C765%2C200%2C765%2C200%2C200%2C200%2C765%2C200%2C765%2C200%2C200%2C200&adys=277%2C2457%2C3099%2C3537%2C4390%2C4395%2C4959%2C4968%2C5309%2C5650%2C6192%2C5991%2C6555%2C6332%2C6673%2C7014&adks=225519801%2C1205333068%2C2520642919%2C4150895342%2C2520642904%2C225519802%2C2520642905%2C225519797%2C225519796%2C225519799%2C2520642908%2C225519798%2C2520642909%2C225519793%2C3169864135%2C3169864134&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fcheet-4549-torontosun.gdev.postmedia.digital%2F&vis=1&scr_x=0&scr_y=0&psz=1600x250%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C1600x250%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C1600x250%7C1600x250&msz=1600x250%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C1600x250%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C1600x250%7C1600x250&ga_vid=2104720726.1643661681&ga_sid=1643661681&ga_hid=621403647&ga_fc=false&fws=4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4&ohw=1600%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C1600%2C1600%2C628%2C1600%2C628%2C1600%2C1600%2C1600&btvi=0%7C1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7C10%7C11%7C12%7C13%7C14%7C15&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
cafe /
Resource Hash
1fdd2eb3b9e7c8002d686f3d0ba7cec47176e28bbaba026fb72f2f48219e10c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:21 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,71397,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73071
x-xss-protection
0
google-lineitem-id
5887583179,-1,5871502249,5690567695,5865062061,-1,5819687022,5877340208,-1,5845703252,5884390241,-1,5865062061,5680797315,5840029887,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138378607954,-1,138377312214,138349689685,138375922465,-1,138377906811,138377672653,-1,138373530415,138375076073,-1,138366614255,138347720375,138376762697,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
9ab1a5e59a6ae4f1c380e4ad20393179.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6BF2 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9ab1a5e59a6ae4f1c380e4ad20393179.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 31 Jan 2022 20:41:21 GMT
expires
Tue, 31 Jan 2023 20:41:21 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
tinypass.min.js
sandbox.tinypass.com/api/ 		275 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sandbox.tinypass.com/api/tinypass.min.js
Requested by
Host: sandbox.tinypass.com
URL: https://sandbox.tinypass.com/xbuilder/experience/load?aid=MmGB73tzsu
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1cc6855c1158a93a504ae865356e6274c236c7f81c2ba7654156c0c7761360a
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:21 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
4125
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wn
sandbox-vx-dash-10-13-139-143
last-modified
Mon, 31 Jan 2022 05:41:35 GMT
server
cloudflare
etag
W/"281413-1643607695000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/javascript
server-time
0.001
cache-control
public, max-age=1200
cf-ray
6d65c2a31ec97144-YUL
expires
Mon, 31 Jan 2022 21:01:21 GMT
/
www.facebook.com/tr/ 		44 B
406 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1685973801652415&ev=PageView&dl=https%3A%2F%2Fcheet-4549-torontosun.gdev.postmedia.digital%2F&rl=&if=false&ts=1643661681094&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22514537319740368%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22CAD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22503487844400487%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22CAD%22%7D%7D%7D&par[2]=%7B%22extractorID%22%3A%221042784969583558%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22CAD%22%7D%7D%7D&par[3]=%7B%22extractorID%22%3A%22858678751523779%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[4]=%7B%22extractorID%22%3A%221127243281129742%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[5]=%7B%22extractorID%22%3A%22497819211464386%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1643661681093.117870405&it=1643661680851&coo=false&exp=p0&rqm=GET
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:21 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Mon, 31 Jan 2022 20:41:21 GMT
YfhJcQACw9fZHgBB&_test=YfhJcQACw9fZHgBB
dmx.us-east-34.districtm.io/s/10016/ Frame 7CD2
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/1477?redir=https%3A//dmx.us-east-34.districtm.io/s/10016/$%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/1477?redir=https%3A//dmx.us-east-34.districtm.io/s/10016/$%7BTM_USER_ID%7D&_test=YfhJcQACw9fZHgBB
  • https://dmx.us-east-34.districtm.io/s/10016/YfhJcQACw9fZHgBB&_test=YfhJcQACw9fZHgBB
95 B
232 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.us-east-34.districtm.io/s/10016/YfhJcQACw9fZHgBB&_test=YfhJcQACw9fZHgBB
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Server
34.73.194.24 North Charleston, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
24.194.73.34.bc.googleusercontent.com
Software
/
Resource Hash
9ae2ed71471622dfee098ecab578b44e0ade9089726f69607eec40e1cd40dca7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:21 GMT
content-length
95
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:21 GMT
via
1.1 varnish
server
Varnish
x-timer
S1643661681.166484,VS0,VE0
x-served-by
cache-yul12820-YUL
x-cache
HIT
location
https://dmx.us-east-34.districtm.io/s/10016/YfhJcQACw9fZHgBB&_test=YfhJcQACw9fZHgBB
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
e8fe28ba-6592-4d87-837c-0ea289d44de3
dmx.districtm.io/s/10009/ Frame 7CD2
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=districtm&user_id=24Tjt4JybcWXBsrrd5EmPztnBGB
  • https://x.bidswitch.net/ul_cb/sync?ssp=districtm&user_id=24Tjt4JybcWXBsrrd5EmPztnBGB
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=districtm&bsw_param=e8fe28ba-6592-4d87-837c-0ea289d44de3&google_hm=ZThmZTI4YmEtNjU5Mi00ZDg3LTgzN2MtMGVhMjg5ZDQ0ZGUz
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEFj6FfvM_DEsVe0jp7HXm3E&google_cver=1&ssp=districtm&bsw_param=e8fe28ba-6592-4d87-837c-0ea289d44de3
  • https://dmx.districtm.io/s/10009/e8fe28ba-6592-4d87-837c-0ea289d44de3
92 B
142 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10009/e8fe28ba-6592-4d87-837c-0ea289d44de3
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65eccb74c20a5efab571a8cbfdbd4ada1792012b8965f9e41f25b471a6c5b49f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Mon, 31 Jan 2022 20:41:21 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6d65c2a53b645401-YYZ

Redirect headers

Location
//dmx.districtm.io/s/10009/e8fe28ba-6592-4d87-837c-0ea289d44de3
Date
Mon, 31 Jan 2022 20:41:21 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
y-qxTTj8RE2uFOTRREZifQOxQRa8eTamDQTeLTixk-~A
dmx.districtm.io/s/10057/ Frame 7CD2
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58377/occ?gdpr=&gdpr_consent=
  • https://dmx.districtm.io/s/10057/y-qxTTj8RE2uFOTRREZifQOxQRa8eTamDQTeLTixk-~A
100 B
180 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10057/y-qxTTj8RE2uFOTRREZifQOxQRa8eTamDQTeLTixk-~A
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
682a41ba5f93cba21b95b8a413bd5d5733e2f9786db7307e449b54cbd750c20f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Mon, 31 Jan 2022 20:41:21 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6d65c2a3afe65401-YYZ

Redirect headers

location
https://dmx.districtm.io/s/10057/y-qxTTj8RE2uFOTRREZifQOxQRa8eTamDQTeLTixk-~A
date
Mon, 31 Jan 2022 20:41:21 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
643968922486
dmx.districtm.io/s/10022/ Frame 7CD2
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=137&rurl=https%3A%2F%2Fdmx.districtm.io%2Fs%2F10022%2F___AUID___
  • https://dmx.districtm.io/s/10022/643968922486
68 B
125 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10022/643968922486
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
297bd887c6a333c8ad5d564d691e212afb2bcc0c6f22d38688b7bc2d36fc5b82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Mon, 31 Jan 2022 20:41:21 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6d65c2a3b8155401-YYZ

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://dmx.districtm.io/s/10022/643968922486
LxJsYf5HSBhif2Rjj2-VSpU4mb0
dmx.districtm.io/s/10026/ Frame 7CD2
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=132
  • https://dmx.districtm.io/s/10026/LxJsYf5HSBhif2Rjj2-VSpU4mb0
83 B
139 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10026/LxJsYf5HSBhif2Rjj2-VSpU4mb0
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cded44acd60feacae552415437e108c16bbfaaea8294ff0d9a2ed81dc8ce2d13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Mon, 31 Jan 2022 20:41:21 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6d65c2a3b81a5401-YYZ

Redirect headers

Location
https://dmx.districtm.io/s/10026/LxJsYf5HSBhif2Rjj2-VSpU4mb0
Date
Mon, 31 Jan 2022 20:41:21 GMT
Connection
keep-alive
Content-Length
83
Content-Type
text/html; charset=utf-8
/
www.google.ca/pagead/1p-conversion/580448699/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/580448699/?random=2043507900&cv=9&fst=1643661680956&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&...
  • https://www.google.com/pagead/1p-conversion/580448699/?random=2043507900&cv=9&fst=1643661680956&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_...
  • https://www.google.ca/pagead/1p-conversion/580448699/?random=2043507900&cv=9&fst=1643661680956&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_a...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-conversion/580448699/?random=2043507900&cv=9&fst=1643661680956&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1q0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fcheet-4549-torontosun.gdev.postmedia.digital%2F&tiba=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&auid=1788810653.1643661681&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=cEn4YejwO4GYxAPvmoKoDw&cid=CAQSKQCNIrLMYW_KT8tF64ZP32WMDzCuJBnRmB2I4eXzFOX9hdm6lLB5lh1e&eitems=ChAIgK7ejwYQptXfr_213t8rEh0AkHH0nF594-LhhNGNY9zYvZo1XyZ1oBAcbl4kCQ&random=2270932012&resp=GooglemKTybQhCsO&ipr=y&prhg=0
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H3
Server
2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:21 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.ca/pagead/1p-conversion/580448699/?random=2043507900&cv=9&fst=1643661680956&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1q0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fcheet-4549-torontosun.gdev.postmedia.digital%2F&tiba=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&auid=1788810653.1643661681&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=cEn4YejwO4GYxAPvmoKoDw&cid=CAQSKQCNIrLMYW_KT8tF64ZP32WMDzCuJBnRmB2I4eXzFOX9hdm6lLB5lh1e&eitems=ChAIgK7ejwYQptXfr_213t8rEh0AkHH0nF594-LhhNGNY9zYvZo1XyZ1oBAcbl4kCQ&random=2270932012&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
uep0921xz.js
cdn.krxd.net/controltag/ Frame AE09 		26 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/controltag/uep0921xz.js
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
db8b7bd8e3b47a8bf8cbd86926a7ca3e25ba931575b0d0148c66da50cbc2e763

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Mon, 31 Jan 2022 20:41:21 GMT
via
1.1 varnish, 1.1 varnish
age
526
x-cache
MISS, HIT, HIT
x-app-cache
HIT
x-age
0
content-encoding
gzip
content-length
5903
x-served-by
config-service-a005-ash-prod.krxd.net, cache-iad-kcgs7200157-IAD, cache-yul12827-YUL
x-response-time
0
x-do-esi
esi
x-timer
S1643661681.115452,VS0,VE0
etag
"846ce8ae9b8beb7ffe4e3ce35fef56e9639ac55f"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 1, 22
/
www.google.com/pagead/1p-user-list/990309138/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/990309138/?random=1643661680964&cv=9&fst=1643659200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1q0&sendb=1&frm=0&url=https%3A%2F%2Fcheet-4549-torontosun.gdev.postmedia.digital%2F&tiba=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&async=1&fmt=3&is_vtc=1&random=701103584&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ca/pagead/1p-user-list/990309138/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/990309138/?random=1643661680964&cv=9&fst=1643659200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1q0&sendb=1&frm=0&url=https%3A%2F%2Fcheet-4549-torontosun.gdev.postmedia.digital%2F&tiba=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&async=1&fmt=3&is_vtc=1&random=701103584&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
controltag.js.a1705c5ac5f06cf0c202ff70908fc042
cdn.krxd.net/ctjs/ Frame AE09 		259 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/uep0921xz.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Mon, 31 Jan 2022 20:41:21 GMT
content-encoding
gzip
age
15754991
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
8023118
content-length
84509
x-served-by
cache-yul12827-YUL
last-modified
Mon, 02 Aug 2021 12:06:17 GMT
x-timer
S1643661681.151614,VS0,VE0
etag
"a1705c5ac5f06cf0c202ff70908fc042"
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Thu, 31 Jul 2031 12:06:16 GMT
pr
s.amazon-adsystem.com/v3/ Frame 7A92 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
b8bf1ce94288681edefbce3053bacc05d1a5081dd4ad962da2e8cf734d044d40
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&dcc=t

Response headers

Server
Server
Date
Mon, 31 Jan 2022 20:41:21 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
2042
Connection
keep-alive
x-amz-rid
TKYBRCFN6FRJ5MER0RZ4
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()
42fb57ac-2013-45a6-8dad-332d53e17c1b
consumer.krxd.net/consent/get/ Frame AE09 		224 B
304 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/42fb57ac-2013-45a6-8dad-332d53e17c1b?idt=device&dt=kxcookie&callback=Krux.ns.postmedia.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
70cb94500dc1d2baceb071b38702219e643fed9a4fb62316e33a7b3ad91c5b5f

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:21 GMT
via
1.1 varnish
age
0
x-served-by
consumer-a010-ash-prod.krxd.net, cache-yul12822-YUL
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
content-encoding
gzip
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1643661681.195241,VS0,VE21
content-length
186
x-cache-hits
0, 0
/
match.sharethrough.com/jwumXNuB/v1/ Frame F6E4 		427 B
612 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.61.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-61-226.compute-1.amazonaws.com
Software
/
Resource Hash
f8a26a2d7b8e9ff2d1fb982edf86999e28e1a3fb66266178ef03d190c0523dfd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

date
Mon, 31 Jan 2022 20:41:21 GMT
content-length
427
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EF13 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-197.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=168806
expires
Wed, 02 Feb 2022 19:34:47 GMT
date
Mon, 31 Jan 2022 20:41:21 GMT
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 5D30 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.57.136.222 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-57-136-222.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

server
Apache/2.2.15 (CentOS)
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
etag
"402b2-119-5d32342a551c0"
accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Mon, 31 Jan 2022 20:41:21 GMT
vary
Accept-Encoding
cm
u.openx.net/w/1.0/ Frame E5EE 		722 B
770 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
9c3b6628ead9c3d14e03537e8a004ff6b24d1236cce73c97a9ce1809f391c508

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.1.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Mon, 31 Jan 2022 20:41:21 GMT
content-type
text/html
content-length
460
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ecm3
s.amazon-adsystem.com/ Frame 8DD0
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=districtm
  • https://s.amazon-adsystem.com/ecm3?id=6020183768421938910&ex=districtm
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=6020183768421938910&ex=districtm
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Server
Server
Date
Mon, 31 Jan 2022 20:41:21 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
0X7PCJBS9EQR0BKV6JBE
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

Server
nginx/1.17.9
Date
Mon, 31 Jan 2022 20:41:21 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=6020183768421938910&ex=districtm
AN-X-Request-Uuid
9f39c490-6d6f-4fcc-b307-3423c372b8f5
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 676.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
ecm3
s.amazon-adsystem.com/ Frame B248
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=6020183768421938910&ex=appnexus.com
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=6020183768421938910&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Server
Server
Date
Mon, 31 Jan 2022 20:41:21 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
0D7BJ9RA7HQ6JXN2VRHC
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

Server
nginx/1.17.9
Date
Mon, 31 Jan 2022 20:41:21 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=6020183768421938910&ex=appnexus.com
AN-X-Request-Uuid
eb77bf09-72a6-454d-9fd1-43dcda6d5f50
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 676.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
amazon
ap.lijit.com/beacon/ Frame FF85
Redirect Chain
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.136 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
ec636790224fbf496a3a0057578ebb57e55b7abfafd47f0029c906f84560cceb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Server
nginx
Date
Mon, 31 Jan 2022 20:41:21 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Vary
Accept-Encoding
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
Content-Encoding
gzip
X-Sovrn-Pod
ad_ap5ewr1

Redirect headers

Server
nginx
Date
Mon, 31 Jan 2022 20:41:21 GMT
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap5ewr1
index.html
cdn.districtm.io/ids/ Frame F6D0
Redirect Chain
  • https://cdn.districtm.io/ids/?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
  • https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
116 B
252 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

date
Mon, 31 Jan 2022 20:41:21 GMT
content-type
text/html
cf-ray
6d65c2a3f8a75401-YYZ
age
30998
last-modified
Thu, 20 May 2021 02:18:27 GMT
via
1.1 3fafcbf85ed8a278f6ba6a40ae7d8a3c.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-cf-id
ntOKlGAc6xHCLY7z4G6OJWFhtSMFyeRq-ng8JVbPU1c1E_o0hoDUsg==
x-amz-cf-pop
YTO50-C3
x-cache
Hit from cloudfront
vary
Accept-Encoding
server
cloudflare
content-encoding
br

Redirect headers

date
Mon, 31 Jan 2022 20:41:21 GMT
location
https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
cf-ray
6d65c2a3c8495401-YYZ
cache-control
max-age=3600
expires
Mon, 31 Jan 2022 21:41:21 GMT
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
ecm3
s.amazon-adsystem.com/ Frame 6BBC
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=786745617440568970889
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=786745617440568970889
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Server
Server
Date
Mon, 31 Jan 2022 20:41:21 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
RKD8AMKWJADCD0P60KTC
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

date
Mon, 31 Jan 2022 20:41:21 GMT
content-length
0
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=786745617440568970889
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
get.js
sandbox.tinypass.com/api/v3/anon/captcha/ 		153 B
548 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sandbox.tinypass.com/api/v3/anon/captcha/get.js?callback=jsonpCallback&aid=MmGB73tzsu
Requested by
Host: sandbox.tinypass.com
URL: https://sandbox.tinypass.com/api/tinypass.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f750fbf94a80f0d331b9f83f24eb008b527b8e8e1c4ee504cbb0e52151ff206
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:21 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
6
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
Crgdl6rHopI
pragma
wn
sandbox-vx-dash-10-13-139-143
last-modified
Mon, 31 Jan 2022 20:21:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/javascript
server-time
0.007
cache-control
public, max-age=1200
cf-ray
6d65c2a3f8ee7144-YUL
expires
Mon, 31 Jan 2022 21:01:21 GMT
execute
c2-sandbox.piano.io/xbuilder/experience/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2-sandbox.piano.io/xbuilder/experience/execute?aid=MmGB73tzsu
Requested by
Host: sandbox.tinypass.com
URL: https://sandbox.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e5a2c4d3f80fc95a86188a2d21ffa09431d89b967b6a5fa34b5901709793d75
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 31 Jan 2022 20:41:21 GMT
content-encoding
gzip
vary
Accept-Encoding, Origin
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
u86ueqvt5e
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
6d65c2a479edca6f-YUL
usermatch.gif
beacon.krxd.net/ Frame AE09
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=google
  • https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=T29wcWxoUjI
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESECAO_ZIZoSMhiV4fs1RVpok&google_cver=1
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?google_gid=CAESECAO_ZIZoSMhiV4fs1RVpok&google_cver=1
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Server
3.223.182.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-182-225.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:21 GMT
cache-control
private, no-cache, no-store
x-request-time
D=28 t=1643661681
x-served-by
beacon-n018-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:21 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://beacon.krxd.net/usermatch.gif?google_gid=CAESECAO_ZIZoSMhiV4fs1RVpok&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
291
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame AE09
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=T29wcWxoUjI
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESECAO_ZIZoSMhiV4fs1RVpok&google_cver=1
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?google_gid=CAESECAO_ZIZoSMhiV4fs1RVpok&google_cver=1
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Server
3.223.182.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-182-225.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:21 GMT
cache-control
private, no-cache, no-store
x-request-time
D=28 t=1643661682
x-served-by
beacon-n020-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:21 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://beacon.krxd.net/usermatch.gif?google_gid=CAESECAO_ZIZoSMhiV4fs1RVpok&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
291
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
379708.gif
idsync.rlcdn.com/ Frame AE09 		42 B
447 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/379708.gif?partner_uid=OopqlhR2
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 20:41:21 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
usermatch.gif
beacon.krxd.net/ Frame AE09
Redirect Chain
  • https://stags.bluekai.com/site/26357?id=OopqlhR2&redir=https://beacon.krxd.net/usermatch.gif?_kuid%3DOopqlhR2%26partner%3Dbluekai%26bk_uuid%3D%24_BK_UUID
  • https://beacon.krxd.net/usermatch.gif?_kuid=OopqlhR2&partner=bluekai&bk_uuid=$_BK_UUID
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?_kuid=OopqlhR2&partner=bluekai&bk_uuid=$_BK_UUID
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Server
3.223.182.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-182-225.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:21 GMT
cache-control
private, no-cache, no-store
x-request-time
D=21 t=1643661681
x-served-by
beacon-n029-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://beacon.krxd.net/usermatch.gif?_kuid=OopqlhR2&partner=bluekai&bk_uuid=$_BK_UUID
Date
Mon, 31 Jan 2022 20:41:21 GMT
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
p
sb.scorecardresearch.com/ Frame AE09 		64 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=9&c2=8188709&cs_xi=OopqlhR2&rn=1643661681
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.46.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-46-48.ewr52.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:21 GMT
via
1.1 d57e92f55da6364b30f6b45e435b7b20.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
IEaoBOsBfJiIYwSUs2w1ET3dTVfL_-9R5oALs-6NiZ8MnYi6IDcg1Q==
usermatch.gif
beacon.krxd.net/ Frame AE09
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/NC4WTmcy?redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner_id%3Dcb276571-e0d9-4438-9fd4-80a1ff034b01%26puid%3D%24%7BTM_USER_ID%7D
  • https://beacon.krxd.net/usermatch.gif?partner_id=cb276571-e0d9-4438-9fd4-80a1ff034b01&puid=YfhJcQACw9fZHgBB
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner_id=cb276571-e0d9-4438-9fd4-80a1ff034b01&puid=YfhJcQACw9fZHgBB
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Server
3.223.182.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-182-225.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:21 GMT
cache-control
private, no-cache, no-store
x-request-time
D=85 t=1643661681
x-served-by
beacon-n036-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:21 GMT
via
1.1 varnish
server
Varnish
x-timer
S1643661681.356009,VS0,VE0
x-served-by
cache-yul12820-YUL
x-cache
HIT
location
https://beacon.krxd.net/usermatch.gif?partner_id=cb276571-e0d9-4438-9fd4-80a1ff034b01&puid=YfhJcQACw9fZHgBB
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
usermatch.gif
beacon.krxd.net/ Frame AE09
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=beeswax
  • https://match.prod.bidr.io/cookie-sync/krux?partner_user_id=OopqlhR2
  • https://match.prod.bidr.io/cookie-sync/krux?partner_user_id=OopqlhR2&_bee_ppp=1
  • https://beacon.krxd.net/usermatch.gif?partner=beeswax&partner_uid=AADdZ07D8JMAAAwmlnCr5Q
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=beeswax&partner_uid=AADdZ07D8JMAAAwmlnCr5Q
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Server
3.223.182.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-182-225.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:21 GMT
cache-control
private, no-cache, no-store
x-request-time
D=45 t=1643661681
x-served-by
beacon-n023-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=beeswax&partner_uid=AADdZ07D8JMAAAwmlnCr5Q
Date
Mon, 31 Jan 2022 20:41:21 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
tag.aspx
ml314.com/ Frame AE09 		27 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ml314.com/tag.aspx?3102022
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.224.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-224-115.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
300b9ba11e041384aafe746b81adbac891f04890e6d71728d572df9073610076

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 20:41:20 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=86400
Connection
keep-alive
Content-Length
11606
g.js
aa.agkn.com/adscores/ Frame AE09
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=neustar
  • https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=OopqlhR2
43 B
684 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=OopqlhR2
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
HTTP/1.1
Server
156.154.202.36 , United States, ASN19907 (NEUSTAR-AS6, US),
Reverse DNS
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 20:41:21 GMT
Server
AAWebServer
Access-Control-Allow-Methods
GET, POST, OPTIONS
P3P
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
close
Content-Type
image/gif
Access-Control-Allow-Headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
Content-Length
43
Expires
0

Redirect headers

location
https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=OopqlhR2
date
Mon, 31 Jan 2022 20:41:21 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a009-ash-prod.krxd.net
usermatch.gif
beacon.krxd.net/ Frame AE09
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=183716&cb=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcasale%26partner_uid%3D__UID__
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcasale%26partner_uid%3D__UID__&s=183716&C=1
  • https://beacon.krxd.net/usermatch.gif?partner=casale&partner_uid=YfhJceVlWSGxaq.ssoN7ZAAA%26461
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=casale&partner_uid=YfhJceVlWSGxaq.ssoN7ZAAA%26461
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Server
3.223.182.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-182-225.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:21 GMT
cache-control
private, no-cache, no-store
x-request-time
D=38 t=1643661681
x-served-by
beacon-n019-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 20:41:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://beacon.krxd.net/usermatch.gif?partner=casale&partner_uid=YfhJceVlWSGxaq.ssoN7ZAAA%26461
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
283
Expires
Mon, 31 Jan 2022 20:41:21 GMT
usermatch.gif
beacon.krxd.net/ Frame AE09
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=salesforce
  • https://beacon.krxd.net/usermatch.gif?partner=stackadapt&partner_uid=LxJsYf5HSBhif2Rjj2-VSpU4mb0
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=stackadapt&partner_uid=LxJsYf5HSBhif2Rjj2-VSpU4mb0
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Server
3.223.182.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-182-225.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:21 GMT
cache-control
private, no-cache, no-store
x-request-time
D=36 t=1643661681
x-served-by
beacon-n030-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://beacon.krxd.net/usermatch.gif?partner=stackadapt&partner_uid=LxJsYf5HSBhif2Rjj2-VSpU4mb0
Date
Mon, 31 Jan 2022 20:41:21 GMT
Connection
keep-alive
Content-Length
123
Content-Type
text/html; charset=utf-8
usermatch.gif
beacon.krxd.net/ Frame AE09
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=triplelift&gdpr=0&cmp_cs=&us_privacy=undefined
  • https://eb2.3lift.com/xuid?mid=3587&xuid=OopqlhR2&dongle=13b2&rdir=https://beacon.krxd.net/usermatch.gif?partner%3Dtriplelift%26partner_uid%3D$UID&gdpr=0&cmp_cs=&us_privacy=undefined
  • https://beacon.krxd.net/usermatch.gif?partner=triplelift&partner_uid=786745617440568970889
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=triplelift&partner_uid=786745617440568970889
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Server
3.223.182.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-182-225.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:21 GMT
cache-control
private, no-cache, no-store
x-request-time
D=24 t=1643661681
x-served-by
beacon-n032-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=triplelift&partner_uid=786745617440568970889
date
Mon, 31 Jan 2022 20:41:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
usync.js
eus.rubiconproject.com/ Frame 5D30 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.57.136.222 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-57-136-222.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a6010d4fbbdf8ee64f9dd0d7e18ceef9edeabb9ba4620b5eba658a9eff5c220f

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:21 GMT
content-encoding
gzip
last-modified
Wed, 15 Dec 2021 23:04:16 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=63697
content-type
text/html; charset=UTF-8
content-length
9703
expires
Tue, 01 Feb 2022 14:22:58 GMT
ecm3
s.amazon-adsystem.com/ Frame E5EE 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=2795bbd3-ebd4-8681-aadd-76cb1dcd9d16
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 20:41:21 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
GV7T5RJWX15B550FEV4J
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame E5EE
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YfhJcQACw9fZHgBB
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YfhJcQACw9fZHgBB
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:21 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:21 GMT
via
1.1 varnish
server
Varnish
x-timer
S1643661681.420280,VS0,VE0
x-served-by
cache-yul12820-YUL
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YfhJcQACw9fZHgBB
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
eb84a1ea-67d2-af32-5b04-e2a98aa99bbf
pr-bh.ybp.yahoo.com/sync/openx/ Frame E5EE 		43 B
984 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/eb84a1ea-67d2-af32-5b04-e2a98aa99bbf?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:1f9d:78fd:b4f5:2185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:21 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
sd
us-u.openx.net/w/1.0/ Frame E5EE
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=7f43c7ae-f77e-3d7b-6ad3-f45c75fe56f6&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=7f43c7ae-f77e-3d7b-6ad3-f45c75fe56f6&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=cd1d4203-2ece-4cd3-a1e0-da4cd49066e2&ttd_puid=7f43c7ae-f77e-3d7b-6ad3-f45c75fe56f6
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=cd1d4203-2ece-4cd3-a1e0-da4cd49066e2&ttd_puid=7f43c7ae-f77e-3d7b-6ad3-f45c75fe56f6
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:21 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:21 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=cd1d4203-2ece-4cd3-a1e0-da4cd49066e2&ttd_puid=7f43c7ae-f77e-3d7b-6ad3-f45c75fe56f6
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
293
pixel
cm.g.doubleclick.net/ Frame E5EE 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTMyYzE0NjQtM2UwOS02M2RmLTdmMzMtYWVlNWJmMWM5ODk2
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.81.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame E5EE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGDJmOtNotPdPvQj3HIx31I&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGDJmOtNotPdPvQj3HIx31I&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:21 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:21 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGDJmOtNotPdPvQj3HIx31I&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame F6E4 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=ac4a18e0-7e91-4150-9b03-ea7949669a20
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 20:41:21 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
HE2RD0WF613CXKNTHFPD
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame F6E4
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1
  • https://bttrack.com/pixel/cookiesync?source=d0afdff5-c51e-4a8d-b07b-b52a29015170&secure=1
  • https://match.sharethrough.com/sync/v1?source_id=FGhqNjC2WnFmmvNpTL32LMME&source_user_id=a506bad1-a9d1-49fb-bc85-22eebd4389ea
68 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=FGhqNjC2WnFmmvNpTL32LMME&source_user_id=a506bad1-a9d1-49fb-bc85-22eebd4389ea
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
3.212.61.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-61-226.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:21 GMT
content-length
68
content-type
image/png

Redirect headers

X-ServerName
Track001-dc3
Pragma
no-cache
Date
Mon, 31 Jan 2022 20:41:21 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Location
https://match.sharethrough.com/sync/v1?source_id=FGhqNjC2WnFmmvNpTL32LMME&source_user_id=a506bad1-a9d1-49fb-bc85-22eebd4389ea
Cache-Control
private,no-cache
Content-Type
text/html; charset=utf-8
Content-Length
246
Expires
-1
v1
match.sharethrough.com/sync/ Frame F6E4
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sharethrough&ttd_tpi=1
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=cd1d4203-2ece-4cd3-a1e0-da4cd49066e2&gdpr=0&gdpr_consent=
68 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=cd1d4203-2ece-4cd3-a1e0-da4cd49066e2&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
3.212.61.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-61-226.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:21 GMT
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:21 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=cd1d4203-2ece-4cd3-a1e0-da4cd49066e2&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
v1
match.sharethrough.com/sync/ Frame F6E4
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3
  • https://u.openx.net/w/1.0/cm?id=7ead435e-a2cd-4cbf-8876-adb66822613f&ph=c6b01e12-aa62-4ae6-9e10-71346e597c31&r=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DF2Stothm3wg5g6opTuaPadz...
  • https://match.sharethrough.com/sync/v1?source_id=F2Stothm3wg5g6opTuaPadz9&source_user_id=b1203293-453a-0096-2f78-d2167f35f49e
68 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=F2Stothm3wg5g6opTuaPadz9&source_user_id=b1203293-453a-0096-2f78-d2167f35f49e
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
3.212.61.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-61-226.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:21 GMT
content-length
68
content-type
image/png

Redirect headers

date
Mon, 31 Jan 2022 20:41:21 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://match.sharethrough.com/sync/v1?source_id=F2Stothm3wg5g6opTuaPadz9&source_user_id=b1203293-453a-0096-2f78-d2167f35f49e
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
v1
match.sharethrough.com/sync/ Frame F6E4
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&source_user_id=$UID
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&source_user_id=6020183768421938910
68 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&source_user_id=6020183768421938910
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
3.212.61.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-61-226.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:21 GMT
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 20:41:21 GMT
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 798.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
a6345edf-103d-43f1-b628-7c3991994828
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&source_user_id=6020183768421938910
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
idsync.d5cb6b96.js
cdn.districtm.io/ids/ Frame F6D0 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:21 GMT
via
1.1 a20436c6d109fe9002d093f519ad4399.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
65134
cf-polished
origSize=3302
x-cache
Hit from cloudfront
cf-bgj
minify
content-encoding
br
last-modified
Thu, 20 May 2021 02:18:27 GMT
server
cloudflare
etag
W/"74ede07ef946dc2316f86b2661cf2dd3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=172800
x-amz-cf-pop
IAD89-C2
cf-ray
6d65c2a50b015401-YYZ
x-amz-cf-id
1eRSpWhdVAkBadFJp4F5rFN7MnzWD6LrYuBkp7TuCOeRux1TRVDlcg==
expires
Wed, 02 Feb 2022 20:41:21 GMT
ecm3
s.amazon-adsystem.com/ Frame FF85 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=09afbc539a74a362701db9af&ex=sovrn.com&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 20:41:21 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
4ZZ1XP970C4B8NHWMH5G
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame FF85
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=09afbc539a74a362701db9af&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=3&3pid=c28761f8-4971-4d00-9689-a84a9b360c6f&gdpr=0&gdpr_consent=
43 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=3&3pid=c28761f8-4971-4d00-9689-a84a9b360c6f&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
23.92.190.68 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 20:41:21 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Mon, 31 Jan 2022 20:41:21 GMT
Server
MT3 4133 baa842e master iad-pixel-x31 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ce.lijit.com/merge?pid=3&3pid=c28761f8-4971-4d00-9689-a84a9b360c6f&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 31 Jan 2022 20:41:20 GMT
merge
ce.lijit.com/ Frame FF85
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1
  • https://ce.lijit.com/merge?pid=86&3pid=0IOAgJ5SJ5taCjcHuGcj&pi=sovrn&gdpr_consent=&gdpr=0&tc=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=86&3pid=0IOAgJ5SJ5taCjcHuGcj&pi=sovrn&gdpr_consent=&gdpr=0&tc=1
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
23.92.190.68 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 20:41:21 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=86&3pid=0IOAgJ5SJ5taCjcHuGcj&pi=sovrn&gdpr_consent=&gdpr=0&tc=1
pragma
no-cache
date
Mon, 31 Jan 2022 20:41:21 GMT, Mon, 31 Jan 2022 20:41:21 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame FF85
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=09afbc539a74a362701db9af&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=84&3pid=c:5a4b023959421b5a5a2e9b1c479f109d
43 B
860 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=84&3pid=c:5a4b023959421b5a5a2e9b1c479f109d
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
23.92.190.68 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 20:41:21 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Mon, 31 Jan 2022 20:41:21 GMT
server
Aorta/20220111.bd45b0b
access-control-allow-origin
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
Location
https://ce.lijit.com/merge?pid=84&3pid=c:5a4b023959421b5a5a2e9b1c479f109d
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
X-Aorta-Region
us-east-1
Connection
keep-alive
X-Aorta-Host
ip-10-42-16-161.ec2.internal
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
Content-Length
0
merge
ce.lijit.com/ Frame FF85
Redirect Chain
  • https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=27&3pid=cd1d4203-2ece-4cd3-a1e0-da4cd49066e2&gdpr=0&gdpr_consent=
43 B
862 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=27&3pid=cd1d4203-2ece-4cd3-a1e0-da4cd49066e2&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
23.92.190.68 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 20:41:21 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:21 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ce.lijit.com/merge?pid=27&3pid=cd1d4203-2ece-4cd3-a1e0-da4cd49066e2&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
223
merge
ce.lijit.com/ Frame FF85
Redirect Chain
  • https://sync.1rx.io/usersync2/sovrn?gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/sovrn?zcc=1&cb=1643661681568
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4208365887
  • https://sync.1rx.io/usersync/tradedesk/cd1d4203-2ece-4cd3-a1e0-da4cd49066e2
  • https://sync.targeting.unrulymedia.com/csync/RX-012edfff-d40f-49f1-b994-f8a8f3f5de2d-005?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D56%263pid%3DRX-012edfff-d40f-49f1-b994-f8a8f3f5de2d-005
  • https://ce.lijit.com/merge?pid=56&3pid=RX-012edfff-d40f-49f1-b994-f8a8f3f5de2d-005
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=56&3pid=RX-012edfff-d40f-49f1-b994-f8a8f3f5de2d-005
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
23.92.190.68 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 20:41:21 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Mon, 31 Jan 2022 20:41:21 GMT
Server
Tengine
ETag
RX012edfffd40f49f1b994f8a8f3f5de2d005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://ce.lijit.com/merge?pid=56&3pid=RX-012edfff-d40f-49f1-b994-f8a8f3f5de2d-005
Connection
keep-alive
Content-Type
text/html
PugMaster
image6.pubmatic.com/AdServer/ Frame EF13 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=58922431&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
f170d29486321587cadb0935b5538eeb97db6838b509c791f8e603162671b22e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
1569
content-type
text/html; charset=UTF-8
ecm3
s.amazon-adsystem.com/ Frame 5D30
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=KZ35Q5J6-2-LCD3
  • https://s.amazon-adsystem.com/ecm3?id=KZ35Q5J6-2-LCD3&ex=d-rubiconproject.com&status=ok
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=KZ35Q5J6-2-LCD3&ex=d-rubiconproject.com&status=ok
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 20:41:21 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
AN5GQBCQ9NRB8YJ4H9DS
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://s.amazon-adsystem.com/ecm3?id=KZ35Q5J6-2-LCD3&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
9a0c641c0479142b55591fdf2031b15f
Expires
0
users
dmx.districtm.io/s/v1/ Frame 7CD2 		0
584 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/users
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://cdn.districtm.io/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 31 Jan 2022 20:41:21 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-allow-origin
https://cdn.districtm.io
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6d65c2a62d685401-YYZ
access-control-allow-headers
Origin, Content-Type
users
dmx.districtm.io/s/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://cdn.districtm.io
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 31 Jan 2022 20:41:21 GMT
cf-ray
6d65c2a5bada8111-ORD
access-control-allow-origin
https://cdn.districtm.io
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-max-age
14400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
ecm3
s.amazon-adsystem.com/ Frame F6D0
Redirect Chain
  • https://dmx.districtm.io/s/v1/users/10002
  • https://s.amazon-adsystem.com/ecm3?ex=dmx.com&id=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAyLCJ1c3IiOiJxZ1llc2dZYk1qUlVhblEwU25saVkxZFlRbk55Y21RMVJXMVFlblJ1UWtkQyJ9.BBkSBjeHclj6-vpg4foTEf...
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=dmx.com&id=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAyLCJ1c3IiOiJxZ1llc2dZYk1qUlVhblEwU25saVkxZFlRbk55Y21RMVJXMVFlblJ1UWtkQyJ9.BBkSBjeHclj6-vpg4foTEfMVosQY7CR0pyqyxQJFe04F6hWXPWYIY47fYTBR7rqZA34z798ws3cYMH70P5YD8g
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
Protocol
HTTP/1.1
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 20:41:21 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
6XZPH0GEWM3Z1JWJVVWG
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Mon, 31 Jan 2022 20:41:21 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://s.amazon-adsystem.com/ecm3?ex=dmx.com&id=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAyLCJ1c3IiOiJxZ1llc2dZYk1qUlVhblEwU25saVkxZFlRbk55Y21RMVJXMVFlblJ1UWtkQyJ9.BBkSBjeHclj6-vpg4foTEfMVosQY7CR0pyqyxQJFe04F6hWXPWYIY47fYTBR7rqZA34z798ws3cYMH70P5YD8g
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-allow-origin
https://cdn.districtm.io
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6d65c2a55b9d5401-YYZ
access-control-allow-headers
Origin, Content-Type
content-length
0
utsync.ashx
ml314.com/ Frame AE09 		270 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=748&ct=js&pi=&fp=&clid=&if=1&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fcdn.krxd.net%2Fpartnerjs%2Fxdi%2Fproxy.3d2100fd7107262ecb55ce6847f01fa5.html%23!kxcid%3Duep0921xz%26kxt%3Dhttps%253A%252F%252Fcheet-4549-torontosun.gdev.postmedia.digital%26kxcl%3Dcdn%26kxp%3D&pv=1643661681528_z78chz6k8&bl=en-us&cb=6654793&return=https%3A%2F%2Fml314.com%2Fcsync.ashx%3Ffp%3DOopqlhR2%26person_id%3D%5BPersonID%5D%26eid%3D748%26return%3Dhttps%253A%252F%252Fbeacon.krxd.net%252Fusermatch.gif%253Fpartner%253Dmadisonlogic%2526partner_uid%253D%5BPersonID%5D&ht=&d=&dc=&si=1643661681528_z78chz6k8&cid=&s=1600x1200&rp=https%3A%2F%2Fcheet-4549-torontosun.gdev.postmedia.digital%2F
Requested by
Host: ml314.com
URL: https://ml314.com/tag.aspx?3102022
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.224.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-224-115.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9d24b403bcbe2d72c372a0b5734d06c846de0c30a73a75d9ea7e36adef151aab

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 20:41:20 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
p3P
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control
private
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
334
Expires
0
match
c1.adform.net/serving/cookie/ Frame 1D8C
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=AC76E529-C2E3-4CA5-986B-00E047C2FEE7
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=AC76E529-C2E3-4CA5-986B-00E047C2FEE7
35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=AC76E529-C2E3-4CA5-986B-00E047C2FEE7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.37 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 31 Jan 2022 20:41:21 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Mon, 31 Jan 2022 20:41:21 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=AC76E529-C2E3-4CA5-986B-00E047C2FEE7
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 8F23
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YfhJcQACw9fZHgBB&gdpr=0&gdpr_consent=
1 B
256 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YfhJcQACw9fZHgBB&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 31 Jan 2022 20:41:21 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
njrpug001:0:473
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Varnish
retry-after
0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YfhJcQACw9fZHgBB&gdpr=0&gdpr_consent=
accept-ranges
bytes
date
Mon, 31 Jan 2022 20:41:21 GMT
via
1.1 varnish
x-served-by
cache-yul12820-YUL
x-cache
HIT
x-cache-hits
0
x-timer
S1643661682.546679,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 5932 		43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=AC76E529-C2E3-4CA5-986B-00E047C2FEE7&ex=pubmatic.com
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Server
Server
Date
Mon, 31 Jan 2022 20:41:21 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
TWNH8NWMJ24YV3PZ04D7
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EF13
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=rHblKcLjTKWYawDgR8L-5w%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Server
23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-197.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:21 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=168806
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Wed, 02 Feb 2022 19:34:47 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:21 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
458249.gif
idsync.rlcdn.com/ Frame EF13
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=AC76E529-C2E3-4CA5-986B-00E047C2FEE7
  • https://pippio.com/api/sync?pid=5324&it=1&iv=ba0748a75a03dff6c76410920e5044e03291fc07159aff76cec6463c0a983d42791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBiYTA3NDhhNzVhMDNkZmY2Yzc2NDEwOTIwZTUwNDRlMDMyOTFmYzA3MTU5YWZmNzZjZWM2NDYzYzBhOTgzZDQyNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBiYTA3NDhhNzVhMDNkZmY2Yzc2NDEwOTIwZTUwNDRlMDMyOTFmYzA3MTU5YWZmNzZjZWM2NDYzYzBhOTgzZDQyNzkxNDI2YjU0MTdkY2UyMRAAGgwI8ZLhjwYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=83453d62-f231-4982-8932-9b7e400e0cb6
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=83453d62-f231-4982-8932-9b7e400e0cb6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 20:41:21 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=83453d62-f231-4982-8932-9b7e400e0cb6
date
Mon, 31 Jan 2022 20:41:21 GMT
via
1.1 google
x-samesite
secure
alt-svc
clear
content-length
111
content-type
text/html; charset=utf-8
SPug
image4.pubmatic.com/AdServer/ Frame EF13
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c28761f8-4971-4d00-9689-a84a9b360c6f
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c28761f8-4971-4d00-9689-a84a9b360c6f
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Server
104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:20 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 31 Jan 2022 20:41:21 GMT
Server
MT3 4133 baa842e master iad-pixel-x23 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c28761f8-4971-4d00-9689-a84a9b360c6f
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 31 Jan 2022 20:41:20 GMT
Pug
image2.pubmatic.com/AdServer/ Frame EF13
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QUM3NkU1MjktQzJFMy00Q0E1LTk4NkItMDBFMDQ3QzJGRUU3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 16:23:45 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug021:0:356
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:21 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame EF13
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFyOPctYvR5dqMZ_ZF9naQo&google_cver=1
42 B
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFyOPctYvR5dqMZ_ZF9naQo&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:21 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug004:0:3346
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:21 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFyOPctYvR5dqMZ_ZF9naQo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame EF13
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:CE8E56F9F9584FAD9E4F9985CF887D49
42 B
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:CE8E56F9F9584FAD9E4F9985CF887D49
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:21 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug008:0:491
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Mon, 31 Jan 2022 20:41:21 GMT
x-content-type-options
nosniff
server
nginx
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:CE8E56F9F9584FAD9E4F9985CF887D49
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Sun, 30 Jan 2022 20:41:21 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame EF13
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2859497471008174543&gdpr=0&gdpr_consent=&us_privacy=
1 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2859497471008174543&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 17:29:33 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug030:0:389
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2859497471008174543&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 31 Jan 2022 20:41:21 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame EF13
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=fd377101-0354-4b3f-ba0f-c14800c651a0
42 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=fd377101-0354-4b3f-ba0f-c14800c651a0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:21 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug002:0:390
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:21 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=fd377101-0354-4b3f-ba0f-c14800c651a0
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
tap.php
pixel.rubiconproject.com/ Frame 5D30
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=c28761f8-4971-4d00-9689-a84a9b360c6f&expires=28
42 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=c28761f8-4971-4d00-9689-a84a9b360c6f&expires=28
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/gif

Redirect headers

Date
Mon, 31 Jan 2022 20:41:21 GMT
Server
MT3 4133 baa842e master iad-pixel-x13 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=c28761f8-4971-4d00-9689-a84a9b360c6f&expires=28
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 31 Jan 2022 20:41:20 GMT
pixel
cm.g.doubleclick.net/ Frame 5D30
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ozNVE1SjYtMi1MQ0Qz
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ozNVE1SjYtMi1MQ0Qz
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
142.250.81.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ozNVE1SjYtMi1MQ0Qz
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 5D30
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIUte1vEnwhm7Nx3Uk9AqTM&google_cver=1
42 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIUte1vEnwhm7Nx3Uk9AqTM&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:21 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIUte1vEnwhm7Nx3Uk9AqTM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 5D30
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=cd1d4203-2ece-4cd3-a1e0-da4cd49066e2&gdpr=0&gdpr_consent=&expires=30
42 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=cd1d4203-2ece-4cd3-a1e0-da4cd49066e2&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:21 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=cd1d4203-2ece-4cd3-a1e0-da4cd49066e2&gdpr=0&gdpr_consent=&expires=30
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
289
709414.gif
id.rlcdn.com/ Frame 5D30 		42 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 20:41:21 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
pixel
cm.g.doubleclick.net/ Frame 5D30
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=M2ZhZWUwMmVmMjQ2OTg5NzM3ZWU2ZmM5YzY1MjMwODNlMDlhNTVmZA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=M2ZhZWUwMmVmMjQ2OTg5NzM3ZWU2ZmM5YzY1MjMwODNlMDlhNTVmZA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
142.250.81.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=M2ZhZWUwMmVmMjQ2OTg5NzM3ZWU2ZmM5YzY1MjMwODNlMDlhNTVmZA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 5D30
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YfhJcQACw9fZHgBB
42 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YfhJcQACw9fZHgBB
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:21 GMT
via
1.1 varnish
server
Varnish
x-timer
S1643661682.571779,VS0,VE0
x-served-by
cache-yul12820-YUL
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YfhJcQACw9fZHgBB
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tap.php
pixel.rubiconproject.com/ Frame 5D30
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/S1dQeuVaIFJW7bD0NbLxew?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5193203963314267733
42 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5193203963314267733
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/gif

Redirect headers

date
Mon, 31 Jan 2022 20:41:21 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5193203963314267733
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
usermatch.gif
beacon.krxd.net/ Frame AE09
Redirect Chain
  • https://ml314.com/csync.ashx?fp=OopqlhR2&person_id=3624816913356947499&eid=748&return=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dmadisonlogic%26partner_uid%3D3624816913356947499
  • https://beacon.krxd.net/usermatch.gif?partner=madisonlogic&partner_uid=3624816913356947499
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=madisonlogic&partner_uid=3624816913356947499
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Server
3.223.182.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-182-225.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:21 GMT
cache-control
private, no-cache, no-store
x-request-time
D=25 t=1643661681
x-served-by
beacon-n034-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Mon, 31 Jan 2022 20:41:21 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/html; charset=utf-8
Location
https://beacon.krxd.net/usermatch.gif?partner=madisonlogic&partner_uid=3624816913356947499
Cache-Control
private
Connection
keep-alive
Content-Length
211
Expires
Tue, 01 Feb 2022 15:41:21 GMT
/
www.facebook.com/tr/ Frame 7273 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
Origin
https://cheet-4549-torontosun.gdev.postmedia.digital
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/

Response headers

content-type
text/plain
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=0
date
Mon, 31 Jan 2022 20:41:21 GMT
users
dmx.districtm.io/s/v1/ Frame 7CD2 		0
589 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/users
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://cdn.districtm.io/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 31 Jan 2022 20:41:21 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-allow-origin
https://cdn.districtm.io
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6d65c2a71f4b5401-YYZ
access-control-allow-headers
Origin, Content-Type
users
dmx.districtm.io/s/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://cdn.districtm.io
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 31 Jan 2022 20:41:21 GMT
cf-ray
6d65c2a6bc828111-ORD
access-control-allow-origin
https://cdn.districtm.io
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-max-age
14400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
jload
pixel.adsafeprotected.com/ Frame CB4A 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=928934&campId=300x250&pubId=4811995650&chanId=165440461&placementId=5887583179&pubCreative=138378607954&pubOrder=2967187390&cb=275399176&custom=index&custom2=1&adsafe_par&impId=255481cb-82d6-11ec-8962-0a6f860e8f41
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.164.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-164-51.compute-1.amazonaws.com
Software
/
Resource Hash
89ce57221f8c179e92880b5bf049f93b5f529928ef111920647ea220c7ce0b04

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:22 GMT
content-encoding
gzip
x-f1
1
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 27B0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuUGmHu0N74ydipp1T-LTAFG5rWcPhSig2CaYLAkglddK_IDoELB-9Pqh3Td57ncgd6cl1DvelUEJhNyxZF-UdYdGiCtM70QAAIEgzJHPeXgQtRx0CzWBrQh-bnbcGCT479izoGJG6BPIytQTvAfw69cp0VPdkCghS-nC5pPFgbk4-Qkhg9PMAe-QPKkjAHatN2TJD1HXHBrXequkBld2c8LIJFcHRd0AfKzxB3qObOnGhraxmTYHweB2D7MDdndk7Qa5oQNlptrG680D1_yR5LBz-tJRxps0oFq5_oAOLGOUay01xaQ9cYIa4EFA8Ci-MTziIIbz0mpUWopBZwLF5zqRj62qZcZBiyemK0VBE&sai=AMfl-YTk4fZkRkzsYOAaMbBcQSGLbNv6iN2qKC0hM8tE3myc3VxXGfRPhiaEUN4C4vCTDm_oYp4XelIUz4vjVTW5iWoradtbXpFCUTqgQrKfaEpYq_fgQi-L6IBkm2Ap7dmUkUHI8mOKlZOrD7FMReGw&sig=Cg0ArKJSzLcu3k8AA6oUEAE&uach_m=[UACH]&adurl=
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 20:41:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 27B0 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:37:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
249
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 14 Feb 2022 20:37:13 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 27B0 		123 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643200382015849"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 31 Jan 2022 20:41:22 GMT
l
www.google.com/ads/measurement/ Frame 27B0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSaeMX5UKpUImfq5FywbMxFKomEGu6jVy2y83279L6rBrhk__gBf7N27sIs5ebCETvkayHm2D9KexrKds6GzTvMMXFOKA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
10522570174231140101
tpc.googlesyndication.com/simgad/ Frame 27B0 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10522570174231140101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3386638d1a84cb9f85baca1d7516c12ceb2c77119330b6eaf180f5336834b9ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 14:29:16 GMT
x-content-type-options
nosniff
age
22326
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74106
x-xss-protection
0
last-modified
Fri, 14 Jan 2022 21:19:51 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 31 Jan 2023 14:29:16 GMT
main.gr.19.8.284.js
static.adsafeprotected.com/ Frame CB4A 		189 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.284.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=928934&campId=300x250&pubId=4811995650&chanId=165440461&placementId=5887583179&pubCreative=138378607954&pubOrder=2967187390&cb=275399176&custom=index&custom2=1&adsafe_par&impId=255481cb-82d6-11ec-8962-0a6f860e8f41
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:202c:d600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eff9611cedbd4005f4e14141b36370a67bffe1e50b1082cb32a84ee835c27a21

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 17:07:11 GMT
content-encoding
gzip
age
444852
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 26 Jan 2022 16:52:12 GMT
server
AmazonS3
etag
W/"fb9b2792c3db887dfff0ad3cd668ef5a"
vary
Accept-Encoding
x-amz-version-id
dmAY6a2.PaweZS3llbmldpNvP5GdhzI6
via
1.1 fd4983be77ace22659323918c5b30f1e.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
EWR52-C2
content-type
application/javascript
x-amz-cf-id
EUuZKoZ0wCYFvWwyy27U5L-yk1sRE1WQUWuIt8gMVTdNaLyyn9Z50w==
view
securepubads.g.doubleclick.net/pcs/ Frame 27B0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuuiN4rZQ9K6HMFqhZ8AUe7fHTF03IGQ74NPG47feoKV_LBz1nUEXeMVuY-K_WaDsR6566IH7DZivz0CHRhoPr4kPc1jUFtQ_e9mOBdkrSor7tX4-XZhBE5GNO5ykGqJEI20xkg6RfpJLsqOMBWkEzOXwYsb-jFEl3ZvVZyUv8FD5Va2sjUOvoQk-Xh8Wdtf_io0DO6r83MQ2FuaMagUVbntgunDS4NMCtKJiClCu47k5saU2oC1OLRCyFIInxvUKoiDqgmSPeAdv5luGq8HY24shWy9wyQcbSlD1ThWDdLkBI1-SmR9Yq-Nnp-AHpn-sQ_CV2FNktR7B2GJtzulxgCKt4hwXviTBIPUbvLM080eA&sai=AMfl-YSq3MW9fQ0iSAytup7ClEQ1H3DDUQxuGKoG6gRTQt6dHrfzP5_zjH4JBAnSj6KYyrE3hA0JJ3XLGMc4wT585642PpGstI3GXzFkHqU8m3sow4tFJq5nO0i0dayGMYGH1kAYVY26sCv_Pf4W4F64&sig=Cg0ArKJSzKIt8-bZ1qGeEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 20:41:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 31 Jan 2022 20:41:22 GMT
truncated
/ Frame 27B0 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
88a52adaeb0af673d2ae5668e3433c6faafb69936774c2aa857ecb65ce0e26bb

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
sca.17.5.12.js
static.adsafeprotected.com/ Frame E4BA 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:202c:d600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 03:16:10 GMT
content-encoding
gzip
age
5678713
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 fd4983be77ace22659323918c5b30f1e.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
EWR52-C2
content-type
application/javascript
x-amz-cf-id
vbbtlV19ObxsSXeakWX8k7C4k0pAVFwBeJOyTgKwhIh3lh8HJKqJkw==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=928934&campId=300x250&pubId=4811995650&chanId=165440461&placementId=5887583179&pubCreative=138378607954&pubOrder=2967187390&cb=275399176&custom=index&custom2=1&adsafe_par&impId=255481cb-82d6-11ec-8962-0a6f860e8f41&adsafe_url=https%3A%2F%2Fcheet-4549-torontosun.gdev.postmedia.digital%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:d2408d8d-5c8f-9b6a-6206-fe36738d5a95,c:2UshQZ,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-7bc459846d-qg7q9,rg:va,pt:1-2-3-4-5-6-7-8-9-10-11-12-13-14-15,wc:0.0.1600.1200,ac:650.152.300.250,am:i,cc:650.152.300.250,piv:100,obst:0,th:0,reas:,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,mtim:150,fm:sW84UAm+11%7C12%7C13%7C1411%7C14121%7C14122%7C14123%7C1413%7C1414%7C1415%7C1416%7C1417%7C1418%7C1419%7C15%7C16*.928934%7C161,idMap:16*,pl:,rmeas:1,rend:1,renddet:IMG.qs,es:1,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:171,oid:266a375d-82d6-11ec-93fc-963d4477ed2b,v:19.8.284,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.164.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-164-51.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:22 GMT
x-server-name
app19.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=d2408d8d-5c8f-9b6a-6206-fe36738d5a95&tv=%7Bc:2UshRo,pingTime:0,time:196,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:170%7D%5D,es:1,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:196,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:170,wc:0.0.1600.1200,ac:650.152.300.250,am:i,cc:650.152.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B42~100%5D,as:%5B42~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sW84UAm+11%7C12%7C13%7C1411%7C14121%7C14122%7C14123%7C1413%7C1414%7C1415%7C1416%7C1417%7C1418%7C1419%7C15%7C16*.928934%7C161,idMap:16*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.20.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-20-189.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:22 GMT
x-server-name
dt03.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=d2408d8d-5c8f-9b6a-6206-fe36738d5a95&tv=%7Bc:2UshRv,pingTime:-2,time:203,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:120,beZ:121,mfA:269,cmA:271,inA:272,inZ:276,prA:276,prZ:282,si:291,poA:292,poZ:308,cmZ:308,mfZ:308,loA:317,loZ:319,ltA:322,ltZ:322%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:170%7D%5D,es:1,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:203,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:170,wc:0.0.1600.1200,ac:650.152.300.250,am:i,cc:650.152.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B49~100%5D,as:%5B49~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sW84UAm+11%7C12%7C13%7C1411%7C14121%7C14122%7C14123%7C1413%7C1414%7C1415%7C1416%7C1417%7C1418%7C1419%7C15%7C16*.928934%7C161,idMap:16*,rmeas:1,rend:1,renddet:IMG.qs,slid:%5Bgoogle_ads_iframe_/3081/SMCO_ENUR_TSUN_EN_WEB/index_0,google_ads_iframe_/3081/SMCO_ENUR_TSUN_EN_WEB/index_0__container__,ad-1,ad__inner-1,main-content%5D,sinceFw:30,readyFired:true%7D&br=u
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.20.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-20-189.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:22 GMT
x-server-name
dt04.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=d2408d8d-5c8f-9b6a-6206-fe36738d5a95&tv=%7Bc:2UshSe,time:248,type:e,env:%7Bar:self.0%7D,es:1,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:248,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:170,wc:0.0.1600.1200,ac:650.152.300.250,am:i,cc:650.152.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B94~100%5D,as:%5B94~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sW84UAm+11%7C12%7C13%7C1411%7C14121%7C14122%7C14123%7C1413%7C1414%7C1415%7C1416%7C1417%7C1418%7C1419%7C15%7C16*.928934%7C161,idMap:16*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.20.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-20-189.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:22 GMT
x-server-name
dt05.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
publishertag.prebid.113.js
static.criteo.net/js/ld/ 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.113.js
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:22 GMT
content-encoding
gzip
last-modified
Wed, 08 Sep 2021 12:50:31 GMT
server
nginx
etag
W/"6138b197-1532d"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 01 Feb 2022 20:41:22 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
5f1a0eb046f22533fd96fde5da0c9f951cb8b69354839596657271c9af223be0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:22 GMT
content-encoding
gzip
last-modified
Mon, 24 Jan 2022 04:27:55 GMT
server
nginx
etag
W/"61ee2acb-16429"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 01 Feb 2022 20:41:22 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=d2408d8d-5c8f-9b6a-6206-fe36738d5a95&tv=%7Bc:2UshWL,pingTime:-10,time:529,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Ny4wLjQ2OTIuNzEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1643661682654%7C%7C4bc423900133a3482172ed946b10feff%7C%7C8866308252d63f9bf74b74e606896148%7C%7C8e96aa7bf11f44a39070767056a2babb%7C%7Caf122503170a0c81a1dfa58d92f120ea%7C%7Cd32d9c9b02cd18b0c10f0272ab1707a4%7C%7C4f11f244fd72149dab7da1977387168f%7C%7C8f730f05544de6d960984dfa9a31a16a%7C%7C1629390669%7D
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.20.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-20-189.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:22 GMT
x-server-name
dt10.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
activeview
pagead2.googlesyndication.com/pcs/ Frame 27B0 		42 B
497 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssjOO7kqPpII_G94RWJ9jfWlGRrG0L5CX1QloACPFGgIIO24n5Kk27nWthBY1CPVXCRSHehNRbx4e-O1kV5dSyWYUOMvHAO_b9hJjNYV0_aFLId_A6I&sig=Cg0ArKJSzDqFosK4hcTGEAE&id=lidar2&mcvt=1001&p=152,650,402,950&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220126&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=225519801&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643661682000&rpt=222&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=d2408d8d-5c8f-9b6a-6206-fe36738d5a95&tv=%7Bc:2Usi7y,pingTime:1,time:1198,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:170%7D%5D,es:1,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1198,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:170,wc:0.0.1600.1200,ac:650.152.300.250,am:i,cc:650.152.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1044~100%5D,as:%5B1044~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:29,fm:sW84UAm+11%7C12%7C13%7C1411%7C14121%7C14122%7C14123%7C1413%7C1414%7C1415%7C1416%7C1417%7C1418%7C1419%7C15%7C16*.928934%7C161,idMap:16*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.20.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-20-189.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:23 GMT
x-server-name
dt13.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=d2408d8d-5c8f-9b6a-6206-fe36738d5a95&tv=%7Bc:2Usi7y,pingTime:1,time:1198,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:170%7D%5D,es:1,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1198,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:170,wc:0.0.1600.1200,ac:650.152.300.250,am:i,cc:650.152.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1044~100%5D,as:%5B1044~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:29,fm:sW84UAm+11%7C12%7C13%7C1411%7C14121%7C14122%7C14123%7C1413%7C1414%7C1415%7C1416%7C1417%7C1418%7C1419%7C15%7C16*.928934%7C161,idMap:16*,rmeas:1,rend:1,renddet:IMG.qs,metricId:publ1,cmr:t%7D&br=u
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.20.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-20-189.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:23 GMT
x-server-name
dt14.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=d2408d8d-5c8f-9b6a-6206-fe36738d5a95&tv=%7Bc:2Usi7z,pingTime:1,time:1199,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:170%7D%5D,es:1,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1199,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:170,wc:0.0.1600.1200,ac:650.152.300.250,am:i,cc:650.152.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1045~100%5D,as:%5B1045~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:29,fm:sW84UAm+11%7C12%7C13%7C1411%7C14121%7C14122%7C14123%7C1413%7C1414%7C1415%7C1416%7C1417%7C1418%7C1419%7C15%7C16*.928934%7C161,idMap:16*,rmeas:1,rend:1,renddet:IMG.qs,metricId:grpm1,cmr:t%7D&br=u
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.20.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-20-189.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:23 GMT
x-server-name
dt15.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
SPug
simage4.pubmatic.com/AdServer/ Frame EF13 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:23 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
optout_check
beacon.krxd.net/ 		82 B
241 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon.krxd.net/optout_check?callback=Krux.ns.postmedia.kxjsonp_optOutCheck
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.182.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-182-225.compute-1.amazonaws.com
Software
/
Resource Hash
6555370285c21c6d6a7fa36bdeecd0873cd6ce342a5941b03c48a40b1e07abb6

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:23 GMT
cache-control
private, max-age=0, s-max-age=0
x-request-time
D=34 t=1643661683
x-served-by
beacon-n025-ash-prod.krxd.net
content-type
text/javascript
get
cdn.krxd.net/userdata/ 		364 B
508 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/userdata/get?pub=42fb57ac-2013-45a6-8dad-332d53e17c1b&technographics=1&callback=Krux.ns.postmedia.kxjsonp_userdata
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
08830bf92a05a2a3ec46797bb02f66dd52ef685e94ff9731d18f336e01342724

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_userdata_ash_prod_krxd_net___UserData_Service_V2
date
Mon, 31 Jan 2022 20:41:23 GMT
content-encoding
gzip
age
0
x-served-by
userdata-a020-ash-prod.krxd.net, cache-yul12827-YUL
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript
via
1.1 varnish
cache-control
private, max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1643661684.972063,VS0,VE19
content-length
280
x-cache-hits
0, 0
pixel.gif
beacon.krxd.net/ 		0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/pixel.gif?source=smarttag&fired=report&confid=uep0921xz&_kpid=42fb57ac-2013-45a6-8dad-332d53e17c1b&_kcp_s=torontosun_desktop&_kcp_d=postmedia.digital&_knifr=6&_kua_kx_tz=0&geo_country=ca&geo_region=qc&geo_dma=124462&_kua_kx_lang=en-us&_kua_kx_tech_browser_language=en-us&_kua_mpid=-6290370058898212161&_kua_ad_light_user=false&_kua_kx_tech_browser=Chrome%209&_kua_kx_tech_manufacturer=Microsoft%20Corporation&_kua_kx_tech_device=Computer&_kua_kx_tech_os=Windows%2010&_kua_kx_geo_country=ca&_kua_kx_geo_region=qc&_kua_kx_geo_dma=124462&_kpa_domain=postmedia.digital&_kpa_page_type=index&_kpa_torontosun_desktop_page_type=index&_kpa_main_category=index&_kpa_env=test&_kpa_view_type=HTML&_kpa_paywall_whitelist=false&t_navigation_type=0&t_dns=0&t_tcp=27&t_http_request=-1&t_http_response=35&t_content_ready=1164&t_window_load=0&t_redirect=0&interchange_ran=false&userdata_was_requested=true&userdata_did_respond=true&store_user_after=w3no0wb10&userdata_user=OopqlhR2%2Cw3no0wb10&sview=1&kplt0=41818&kplt1=42920&kplt2=42921&kplt3=42922&kplt4=45977&kplt5=46302&jsonp_requests=https%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2F42fb57ac-2013-45a6-8dad-332d53e17c1b%2C88%2Chttps%3A%2F%2Fbeacon.krxd.net%2Foptout_check%2C40%2Chttps%3A%2F%2Fcdn.krxd.net%2Fuserdata%2Fget%2C40
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.182.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-182-225.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:24 GMT
cache-control
private, no-cache, no-store
x-request-time
D=75 t=1643661684
x-served-by
beacon-n037-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=d2408d8d-5c8f-9b6a-6206-fe36738d5a95&tv=%7Bc:2UsinG,pingTime:2,time:2198,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:170%7D%5D,es:1,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2198,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:170,wc:0.0.1600.1200,ac:650.152.300.250,am:i,cc:650.152.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2044~100%5D,as:%5B2044~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:33,fm:sW84UAm+11%7C12%7C13%7C1411%7C14121%7C14122%7C14123%7C1413%7C1414%7C1415%7C1416%7C1417%7C1418%7C1419%7C15%7C16*.928934%7C161,idMap:16*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.20.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-20-189.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:24 GMT
x-server-name
dt18.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=d2408d8d-5c8f-9b6a-6206-fe36738d5a95&tv=%7Bc:2UsiDO,pingTime:3,time:3198,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:170%7D%5D,es:1,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:3198,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:170,wc:0.0.1600.1200,ac:650.152.300.250,am:i,cc:650.152.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B3044~100%5D,as:%5B3044~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:27,fm:sW84UAm+11%7C12%7C13%7C1411%7C14121%7C14122%7C14123%7C1413%7C1414%7C1415%7C1416%7C1417%7C1418%7C1419%7C15%7C16*.928934%7C161,idMap:16*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.20.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-20-189.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:25 GMT
x-server-name
dt19.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
events
jssdks.mparticle.com/v3/JS/us1-a9588c0ddc27594cabd152e47ffe27ee/ 		42 B
296 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v3/JS/us1-a9588c0ddc27594cabd152e47ffe27ee/events
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-a9588c0ddc27594cabd152e47ffe27ee/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
6ee10a68bcfe9b1dc8260da11666b94b80c56262c0952e782c02bd895da12616

Request headers

Accept
text/plain;charset=UTF-8
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 31 Jan 2022 20:41:25 GMT
content-encoding
gzip
server
Kestrel
x-timer
S1643661686.749526,VS0,VE16
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-served-by
cache-yul12826-YUL
vary
Accept-Encoding
x-cache
MISS
content-type
application/json
access-control-allow-origin
*
accept-ranges
bytes
via
1.1 varnish
x-cache-hits
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame 88D9 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Sun, 16 Jan 2022 02:32:47 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Mon, 31 Jan 2022 20:41:25 GMT
Age
65290
X-Served-By
cache-lga21969-LGA, cache-yul12823-YUL
X-Cache
HIT, HIT
X-Cache-Hits
183792, 279253
X-Timer
S1643661686.902478,VS0,VE0
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6E2F 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-197.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=168802
expires
Wed, 02 Feb 2022 19:34:47 GMT
date
Mon, 31 Jan 2022 20:41:25 GMT
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 2BC0 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.240 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Mon, 31 Jan 2022 20:41:25 GMT
Connection
keep-alive
pd
us-u.openx.net/w/1.0/ Frame 5F1A 		1 KB
637 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=10&ph=eda0710e-2847-4e25-9f9c-d56d6d9d553e&gdpr=0
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
2d0f5b846051e978362b432af21ee8c3d8d8bd01bce14e226abe2eb8bf964b44

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.1.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Mon, 31 Jan 2022 20:41:25 GMT
content-type
text/html
content-length
618
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
usync.html
eus.rubiconproject.com/ Frame 4A46 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.57.136.222 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-57-136-222.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/

Response headers

server
Apache/2.2.15 (CentOS)
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
etag
"402b2-119-5d32342a551c0"
accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Mon, 31 Jan 2022 20:41:25 GMT
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 6E2F 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=18912623&p=160305&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
63add3d48f9c81088a759648782733578dc5afeb7f483cc8724572a3e9f5fd30

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:25 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usync.js
eus.rubiconproject.com/ Frame 4A46 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.57.136.222 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-57-136-222.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a6010d4fbbdf8ee64f9dd0d7e18ceef9edeabb9ba4620b5eba658a9eff5c220f

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:25 GMT
content-encoding
gzip
last-modified
Wed, 15 Dec 2021 23:04:16 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=63693
content-type
text/html; charset=UTF-8
content-length
9703
expires
Tue, 01 Feb 2022 14:22:58 GMT
dds
rtb.openx.net/sync/ Frame 5F1A
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=oBVNkl74hFWMp7jrpudsTA==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=eda0710e-2847-4e25-9f9c-d56d6d9d553e&gdpr=0
Protocol
H3
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:26 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
ldsjj75cvaq17uubr97b5g41o1r9ml6c

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 5F1A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://us-u.openx.net/w/1.0/sd?id=536872786&val=c28761f8-4971-4d00-9689-a84a9b360c6f
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=536872786&val=c28761f8-4971-4d00-9689-a84a9b360c6f
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=eda0710e-2847-4e25-9f9c-d56d6d9d553e&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:26 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Mon, 31 Jan 2022 20:41:25 GMT
Server
MT3 4133 baa842e master iad-pixel-x22 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://us-u.openx.net/w/1.0/sd?id=536872786&val=c28761f8-4971-4d00-9689-a84a9b360c6f
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 31 Jan 2022 20:41:24 GMT
sd
us-u.openx.net/w/1.0/ Frame 5F1A
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID}
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=28ca4745-82d6-11ec-8a96-67f41156c3d5
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073028&val=28ca4745-82d6-11ec-8a96-67f41156c3d5
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=eda0710e-2847-4e25-9f9c-d56d6d9d553e&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:26 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073028&val=28ca4745-82d6-11ec-8a96-67f41156c3d5
Date
Mon, 31 Jan 2022 20:41:25 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
28ca4746-82d6-11ec-8a96-67f41156c3d5
sd
us-u.openx.net/w/1.0/ Frame 5F1A
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=4&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=cb10bfa0-8a43-4be7-b111-742947030d35-61f84976-4341&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072977&val=cb10bfa0-8a43-4be7-b111-742947030d35-61f84976-4341&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=eda0710e-2847-4e25-9f9c-d56d6d9d553e&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:26 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:25 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://us-u.openx.net/w/1.0/sd?id=537072977&val=cb10bfa0-8a43-4be7-b111-742947030d35-61f84976-4341&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
check
pixel.tapad.com/idsync/ex/receive/ Frame 5F1A
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=793db452-ac79-00fc-2032-6c8a467297fa
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1955&partner_device_id=793db452-ac79-00fc-2032-6c8a467297fa
95 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1955&partner_device_id=793db452-ac79-00fc-2032-6c8a467297fa
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=eda0710e-2847-4e25-9f9c-d56d6d9d553e&gdpr=0
Protocol
H2
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:26 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1955&partner_device_id=793db452-ac79-00fc-2032-6c8a467297fa
date
Mon, 31 Jan 2022 20:41:26 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
sync
ups.analytics.yahoo.com/ups/58294/ Frame 5F1A
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9e0a35ea-c8e3-4b1b-9efa-4af6f54a373e&r=https://pixel.advertising.com/ups/58294/sync?_origin=1&uid={OPENX_ID}
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&uid=51874427-2f14-0732-39f4-3556e25da29f
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&uid=51874427-2f14-0732-39f4-3556e25da29f&verify=true
  • https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=51874427-2f14-0732-39f4-3556e25da29f&apid=UP28cb0a25-82d6-11ec-ab1d-02694ef55315
0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=51874427-2f14-0732-39f4-3556e25da29f&apid=UP28cb0a25-82d6-11ec-ab1d-02694ef55315
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=eda0710e-2847-4e25-9f9c-d56d6d9d553e&gdpr=0
Protocol
H2
Server
3.218.90.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-90-66.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:26 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=51874427-2f14-0732-39f4-3556e25da29f&apid=UP28cb0a25-82d6-11ec-ab1d-02694ef55315
date
Mon, 31 Jan 2022 20:41:26 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
px
p.adsymptotic.com/d/ Frame 5F1A
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D
  • https://id.rlcdn.com/464246.gif?partner_uid=2a85b8c8-3a39-0b1b-35aa-74af4c65372e
  • https://pippio.com/api/sync?pid=5324&it=1&iv=ba0748a75a03dff6c76410920e5044e03291fc07159aff76cec6463c0a983d42791426b5417dce21&_=2
  • https://p.adsymptotic.com/d/px?_pid=13553&_psign=9e62e5c043ecadc9479a0ccac401dd7d
43 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px?_pid=13553&_psign=9e62e5c043ecadc9479a0ccac401dd7d
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=eda0710e-2847-4e25-9f9c-d56d6d9d553e&gdpr=0
Protocol
H2
Server
104.18.101.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:26 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6d65c2c2588b5473-YYZ
p3p
CP='NON DSP COR CONi OUR BUS CNT'
content-type
image/gif
content-length
43

Redirect headers

date
Mon, 31 Jan 2022 20:41:26 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://p.adsymptotic.com/d/px?_pid=13553&_psign=9e62e5c043ecadc9479a0ccac401dd7d
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
clear
content-length
0
sd
us-u.openx.net/w/1.0/ Frame 5F1A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=6020183768421938910
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=6020183768421938910
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=eda0710e-2847-4e25-9f9c-d56d6d9d553e&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:26 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 20:41:25 GMT
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 676.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
a8d3fc97-ab76-4a58-b841-6c8f4066e14d
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=6020183768421938910
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 5F1A 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=2795bbd3-ebd4-8681-aadd-76cb1dcd9d16
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=eda0710e-2847-4e25-9f9c-d56d6d9d553e&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 20:41:25 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
2FSE3E6Z017DQX5RZVE5
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 5F1A
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2859497471008174543&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2859497471008174543&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=eda0710e-2847-4e25-9f9c-d56d6d9d553e&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:26 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2859497471008174543&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 31 Jan 2022 20:41:25 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
async_usersync
ib.adnxs.com/ Frame 88D9 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.117 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 20:41:25 GMT
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 676.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
c87f5d6e-986b-422b-b3f9-f831ff0e15f1
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 584E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c28761f8-4971-4d00-9689-a84a9b360c6f&gdpr=0&gdpr_consent=
42 B
497 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c28761f8-4971-4d00-9689-a84a9b360c6f&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 31 Jan 2022 20:41:26 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
njrpug003:0:731
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Date
Mon, 31 Jan 2022 20:41:26 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Access-Control-Allow-Origin
*
Server
MT3 4133 baa842e master iad-pixel-x16 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c28761f8-4971-4d00-9689-a84a9b360c6f&gdpr=0&gdpr_consent=
Expires
Mon, 31 Jan 2022 20:41:25 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 695C
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEZFowN0Q4Sk1BQUF3bWxuQ3I1UQ&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AADdZ07D8JMAAAwmlnCr5Q&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Csyn%252Cpm%26bee_sync_current_partne...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Csyn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AADdZ07D8JMAAAwmlnCr5Q&pid=558502&do=add
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADdZ07D8JMAAAwmlnCr5Q&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsyn%252Cpm%26bee_sync_curr...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=syn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=7386982843298969964
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AADdZ07D8JMAAAwmlnCr5Q&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D7386982843298969964%26bee_sync_partners%3Dpm%26bee_sy...
  • https://match.prod.bidr.io/cookie-sync?userid=7386982843298969964&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADdZ07D8JMAAAwmlnCr5Q
42 B
215 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADdZ07D8JMAAAwmlnCr5Q
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 31 Jan 2022 20:41:26 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
njrpug008:0:563
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Date
Mon, 31 Jan 2022 20:41:26 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADdZ07D8JMAAAwmlnCr5Q
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
141
match.deepintent.com/usersync/ Frame 73DE 		0
221 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
content-type
image/gif
content-length
0
date
Mon, 31 Jan 2022 20:41:25 GMT
server
a
usersync.aspx
dis.criteo.com/dis/ Frame 3EBA 		43 B
362 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Mon, 31 Jan 2022 20:41:25 GMT
content-type
image/gif
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Mon, 31 Jan 2022 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
615561
strict-transport-security
max-age=31536000; preload;
33141
tags.bluekai.com/site/ Frame 6E2F
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=AC76E529-C2E3-4CA5-986B-00E047C2FEE7
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=3b802ca9b379a15cd3a325e41baf630d
  • https://pixel.onaudience.com/?partner=109&icm&cver&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
  • https://tags.bluekai.com/site/33141?&id=0c4dc9d44e179db8
62 B
583 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/33141?&id=0c4dc9d44e179db8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
HTTP/1.1
Server
184.85.195.135 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-85-195-135.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 20:41:26 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
Content-Type
image/gif

Redirect headers

location
https://tags.bluekai.com/site/33141?&id=0c4dc9d44e179db8
content-length
0
p.gif
visitor.fiftyt.com/ Frame 6E2F
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=AC76E529-C2E3-4CA5-986B-00E047C2FEE7&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=AC76E529-C2E3-4CA5-986B-00E047C2FEE7&gdpr=&fbounce=1
0
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=AC76E529-C2E3-4CA5-986B-00E047C2FEE7&gdpr=&fbounce=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Server
35.201.96.126 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
126.96.201.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:26 GMT
via
1.1 google
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
clear
content-length
0
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

date
Mon, 31 Jan 2022 20:41:26 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=AC76E529-C2E3-4CA5-986B-00E047C2FEE7&gdpr=&fbounce=1
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
144
g.pixel
aa.agkn.com/adscores/ Frame 6E2F 		43 B
684 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212308278&puid=AC76E529-C2E3-4CA5-986B-00E047C2FEE7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
156.154.202.36 , United States, ASN19907 (NEUSTAR-AS6, US),
Reverse DNS
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 20:41:26 GMT
Server
AAWebServer
Access-Control-Allow-Methods
GET, POST, OPTIONS
P3P
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
close
Content-Type
image/gif
Access-Control-Allow-Headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
Content-Length
43
Expires
0
/
io.narrative.io/ Frame 6E2F
Redirect Chain
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:AC76E529-C2E3-4CA5-986B-00E047C2FEE7
  • https://io.narrative.io/?io.narrative.guid.v2=28d5b871-82d6-11ec-9141-120bff9cc4e7&companyId=673&id=pubmatic_id:AC76E529-C2E3-4CA5-986B-00E047C2FEE7
0
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://io.narrative.io/?io.narrative.guid.v2=28d5b871-82d6-11ec-9141-120bff9cc4e7&companyId=673&id=pubmatic_id:AC76E529-C2E3-4CA5-986B-00E047C2FEE7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
HTTP/1.1
Server
44.198.222.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-222-213.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 20:41:26 GMT
Cache-Control
no-cache
Server
nginx/1.18.0
Connection
keep-alive

Redirect headers

Location
https://io.narrative.io/?io.narrative.guid.v2=28d5b871-82d6-11ec-9141-120bff9cc4e7&companyId=673&id=pubmatic_id:AC76E529-C2E3-4CA5-986B-00E047C2FEE7
Date
Mon, 31 Jan 2022 20:41:26 GMT
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
0
AC76E529-C2E3-4CA5-986B-00E047C2FEE7
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 6E2F 		43 B
983 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/AC76E529-C2E3-4CA5-986B-00E047C2FEE7?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:1f9d:78fd:b4f5:2185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:26 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
SPug
image4.pubmatic.com/AdServer/ Frame 6E2F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=AC76E529-C2E3-4CA5-986B-00E047C2FEE7&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-G3uadC5E2uVaD.5LgbA5o6FCV97NLcI-~A&gdpr=0&gdpr_consent=
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-G3uadC5E2uVaD.5LgbA5o6FCV97NLcI-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Server
104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:25 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-G3uadC5E2uVaD.5LgbA5o6FCV97NLcI-~A&gdpr=0&gdpr_consent=
date
Mon, 31 Jan 2022 20:41:26 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
image2.pubmatic.com/AdServer/ Frame 6E2F
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6020183768421938910&gdpr=0&gdpr_consent=
42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6020183768421938910&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:26 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug006:0:553
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 20:41:26 GMT
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 676.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
d22bc120-2040-46c7-bbd3-6cae33f8b658
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6020183768421938910&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 6E2F
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=AC76E529-C2E3-4CA5-986B-00E047C2FEE7&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=79692ead5a831219&is_secure=true&networkId=17100&version=1&nuid=AC76E529-C2E3-4CA5-986B-00E047C2FEE7&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGbf6waz78ZQM3vB-yAAAAAAA&expiration=1643748086&nuid=AC76E529-C2E3-4CA5-986B-00E047C2FEE7&...
42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGbf6waz78ZQM3vB-yAAAAAAA&expiration=1643748086&nuid=AC76E529-C2E3-4CA5-986B-00E047C2FEE7&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:26 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug001:0:768
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:26 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGbf6waz78ZQM3vB-yAAAAAAA&expiration=1643748086&nuid=AC76E529-C2E3-4CA5-986B-00E047C2FEE7&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 6E2F
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=28d1c1a1-82d6-11ec-a9bf-a10e15a78249&gdpr=0&gdpr_consent=
1 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=28d1c1a1-82d6-11ec-a9bf-a10e15a78249&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:26 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug015:0:605
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=28d1c1a1-82d6-11ec-a9bf-a10e15a78249&gdpr=0&gdpr_consent=
Date
Mon, 31 Jan 2022 20:41:25 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
28d1c1a2-82d6-11ec-a9bf-a10e15a78249
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 6E2F 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.56.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-56-215.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
usermatch
ssum-sec.casalemedia.com/ Frame 851A 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://cheet-4549-torontosun.gdev.postmedia.digital/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.240 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
84e4151c2f412203c93d13e3f8d684eb87e3b20d3b8491c1f3af0c9e872fd4b8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|45|230|241|88|152|156|3
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Mon, 31 Jan 2022 20:41:26 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 31 Jan 2022 20:41:26 GMT
Content-Length
1723
Connection
keep-alive
rum
dsum-sec.casalemedia.com/ Frame 851A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=cd1d4203-2ece-4cd3-a1e0-da4cd49066e2&expiration=1646253686&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=cd1d4203-2ece-4cd3-a1e0-da4cd49066e2&expiration=1646253686&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://cheet-4549-torontosun.gdev.postmedia.digital/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.54.68.240 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 20:41:26 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 31 Jan 2022 20:41:26 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:26 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=cd1d4203-2ece-4cd3-a1e0-da4cd49066e2&expiration=1646253686&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
crum
dsum-sec.casalemedia.com/ Frame 851A
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YfhJceVlWSGxaq.ssoN7ZAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGyV0MKIi9RMIumtmHRz8gs&google_cver=1&google_hm=2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGyV0MKIi9RMIumtmHRz8gs&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://cheet-4549-torontosun.gdev.postmedia.digital/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.54.68.240 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 20:41:26 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 31 Jan 2022 20:41:26 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGyV0MKIi9RMIumtmHRz8gs&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 851A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YfhJceVlWSGxaq-ssoN7ZAAAAc0AAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENc8DQc9zim7ZaFKWbt0vwU&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENc8DQc9zim7ZaFKWbt0vwU&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://cheet-4549-torontosun.gdev.postmedia.digital/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.54.68.240 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 20:41:26 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 31 Jan 2022 20:41:26 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENc8DQc9zim7ZaFKWbt0vwU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 851A 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YfhJceVlWSGxaq-ssoN7ZAAAAc0AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://cheet-4549-torontosun.gdev.postmedia.digital/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 20:41:26 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
5TWAYQSYYS27MFSCR33J
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 851A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YfhJcQACw9fZHgBB
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YfhJcQACw9fZHgBB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://cheet-4549-torontosun.gdev.postmedia.digital/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.54.68.240 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 20:41:26 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 31 Jan 2022 20:41:26 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:26 GMT
via
1.1 varnish
server
Varnish
x-timer
S1643661686.197756,VS0,VE0
x-served-by
cache-yul12820-YUL
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YfhJcQACw9fZHgBB
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame 851A
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=3ad77a2f-a7b8-4205-8f5c-5870f697b496
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=3ad77a2f-a7b8-4205-8f5c-5870f697b496
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://cheet-4549-torontosun.gdev.postmedia.digital/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.54.68.240 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 20:41:26 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 31 Jan 2022 20:41:26 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 20:41:26 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=3ad77a2f-a7b8-4205-8f5c-5870f697b496
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
crum
dsum.casalemedia.com/ Frame 851A
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
  • https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=a506bad1-a9d1-49fb-bc85-22eebd4389ea
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=a506bad1-a9d1-49fb-bc85-22eebd4389ea
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://cheet-4549-torontosun.gdev.postmedia.digital/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.54.68.240 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 20:41:26 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 31 Jan 2022 20:41:26 GMT

Redirect headers

X-ServerName
Track004-dc3
Pragma
no-cache
Date
Mon, 31 Jan 2022 20:41:25 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=a506bad1-a9d1-49fb-bc85-22eebd4389ea
Cache-Control
private,no-cache
Content-Type
text/html; charset=utf-8
Content-Length
222
Expires
-1
crum
dsum-sec.casalemedia.com/ Frame 851A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=c28761f8-4971-4d00-9689-a84a9b360c6f
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=c28761f8-4971-4d00-9689-a84a9b360c6f
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://cheet-4549-torontosun.gdev.postmedia.digital/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.54.68.240 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 20:41:26 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 31 Jan 2022 20:41:26 GMT

Redirect headers

Date
Mon, 31 Jan 2022 20:41:26 GMT
Server
MT3 4133 baa842e master iad-pixel-x11 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=c28761f8-4971-4d00-9689-a84a9b360c6f
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 31 Jan 2022 20:41:25 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 851A 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YfhJceVlWSGxaq.ssoN7ZAAA%26461
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://cheet-4549-torontosun.gdev.postmedia.digital/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.240 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 20:41:26 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3205
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Mon, 31 Jan 2022 21:34:51 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=d2408d8d-5c8f-9b6a-6206-fe36738d5a95&tv=%7Bc:2UsiU1,pingTime:4,time:4203,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:170%7D%5D,es:1,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:4204,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:170,wc:0.0.1600.1200,ac:650.152.300.250,am:i,cc:650.152.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B4050~100%5D,as:%5B4050~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:27,fm:sW84UAm+11%7C12%7C13%7C1411%7C14121%7C14122%7C14123%7C1413%7C1414%7C1415%7C1416%7C1417%7C1418%7C1419%7C15%7C16*.928934%7C161,idMap:16*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.20.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-20-189.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:26 GMT
x-server-name
dt04.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
async_usersync
ib.adnxs.com/ Frame 88D9 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.117 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 20:41:26 GMT
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 676.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
5f24eaf6-d2b0-4c09-a768-b8f195039bad
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=d2408d8d-5c8f-9b6a-6206-fe36738d5a95&tv=%7Bc:2Usja4,pingTime:5,time:5198,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:170%7D%5D,es:1,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5198,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:170,wc:0.0.1600.1200,ac:650.152.300.250,am:i,cc:650.152.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5044~100%5D,as:%5B5044~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:30,fm:sW84UAm+11%7C12%7C13%7C1411%7C14121%7C14122%7C14123%7C1413%7C1414%7C1415%7C1416%7C1417%7C1418%7C1419%7C15%7C16*.928934%7C161,idMap:16*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.20.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-20-189.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:27 GMT
x-server-name
dt04.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
SPug
simage4.pubmatic.com/AdServer/ Frame 6E2F 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=160305&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:28 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=d2408d8d-5c8f-9b6a-6206-fe36738d5a95&tv=%7Bc:2Usjqw,pingTime:6,time:6218,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:170%7D%5D,es:1,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:6218,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:170,wc:0.0.1600.1200,ac:650.152.300.250,am:i,cc:650.152.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B6064~100%5D,as:%5B6064~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:27,fm:sW84UAm+11%7C12%7C13%7C1411%7C14121%7C14122%7C14123%7C1413%7C1414%7C1415%7C1416%7C1417%7C1418%7C1419%7C15%7C16*.928934%7C161,idMap:16*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.20.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-20-189.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:28 GMT
x-server-name
dt08.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
appInfo
config.lrcontent.com/ciam/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://config.lrcontent.com/ciam/appInfo?apikey=682843b1-d3e0-460e-ab90-6556bc31470f
Requested by
Host: auth.lrcontent.com
URL: https://auth.lrcontent.com/v2/js/LoginRadiusV2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:49e8 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
ea3fb2d69b33c82e436b6b8918676a539023628324a4240ad5bafba6dd97ce74

Request headers

Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
X-Requested-With
XMLHttpRequest
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:29 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
cache-control
max-age=86400
cf-ray
6d65c2d43ee04bd0-YUL
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022012701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5d4f0beba73f2fd0eb946053284c1552681d503f46c625bc219ae6902e50dfe1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 20:41:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8949
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 735E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=cheet-4549-torontosun.gdev.postmedia.digital
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c -, , ASN (),
Reverse DNS
Software
/
Resource Hash
051668900f3f9c5235992fcebe36b4af3290b7d8cd274ec7b10821dd961c50e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
2330
date
Mon, 31 Jan 2022 20:41:28 GMT
content-length
5180
strict-transport-security
max-age=31536000; preload;
ribn-postmedia.min.js
assets.ribn.com/v2/production/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.ribn.com/v2/production/ribn-postmedia.min.js
Requested by
Host: cheet-4549-torontosun.gdev.postmedia.digital
URL: https://cheet-4549-torontosun.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2140:e200:7:75d4:e40:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c81cab8c63d469329c0e0724770c6c8622f0d5d1fb8b6f919b6d7dddfadba190

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 01:24:20 GMT
content-encoding
gzip
last-modified
Wed, 01 Sep 2021 18:06:03 GMT
server
AmazonS3
age
69429
etag
W/"baaa6497dd2dea88d8fdb6d6cca08cf2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 27f5831be5a9ad411fca9c84fe627bdc.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C1
x-amz-cf-id
tTqlxpYflGMm0cqBHYtqNUeptEHeNNtm7-7genQM9IVNaoJlL82-oQ==
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/10276888/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
350 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol
H2
Server
13.33.46.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-46-48.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:38:41 GMT
via
1.1 d57e92f55da6364b30f6b45e435b7b20.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
last-modified
Mon, 01 Mar 2021 20:42:20 GMT
server
AmazonS3
age
168
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
EWR52-C1
accept-ranges
bytes
content-length
0
x-amz-cf-id
z_QygdYgtRml6Tjum_MUizzKp338IsVnkNq_wI8X0pYcNuddVpuSVw==

Redirect headers

date
Mon, 31 Jan 2022 20:41:28 GMT
via
1.1 d57e92f55da6364b30f6b45e435b7b20.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
/internal-c2/default/cs.js
content-length
48
x-amz-cf-id
gCyQpK4R_0MtwNLg-XE2RsqUErH0ow1iXuRKJEAjsQQLwBR81qmwmg==
appInfo
config.lrcontent.com/ciam/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://config.lrcontent.com/ciam/appInfo?apikey=682843b1-d3e0-460e-ab90-6556bc31470f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:49e8 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-requested-with
Origin
https://cheet-4549-torontosun.gdev.postmedia.digital
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 31 Jan 2022 20:41:28 GMT
access-control-allow-headers
x-requested-with
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://cheet-4549-torontosun.gdev.postmedia.digital
allow
GET, OPTIONS
vary
Origin
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6d65c2d3fe9a4bd0-YUL
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 31 Jan 2022 20:41:29 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 139D 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sat, 29 Jan 2022 04:39:35 GMT
expires
Sun, 29 Jan 2023 04:39:35 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
230514
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 92F2 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e9c6ed594b1ffcb4b12c7ea019ec08b299d4e62f83c38c03c376afc4f723ab7c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-zSghHPDTtbUYQnKNXAn09A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 31 Jan 2022 20:41:29 GMT
date
Mon, 31 Jan 2022 20:41:29 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-zSghHPDTtbUYQnKNXAn09A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/pagead/ Frame 92F2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022012701&jk=1959898311638529&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
jGbA3lvUbVA_isqhK0kcOmFQnhmy9VywXuVHQ76HhUI.js
pagead2.googlesyndication.com/bg/ Frame 139D 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/jGbA3lvUbVA_isqhK0kcOmFQnhmy9VywXuVHQ76HhUI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c66c0de5bd46d503f8acaa12b491c3a61509e19b2f55cb05ee54743be878542
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 21:55:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
254759
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13685
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 28 Jan 2023 21:55:30 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=d2408d8d-5c8f-9b6a-6206-fe36738d5a95&tv=%7Bc:2UsjGx,pingTime:7,time:7211,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:170%7D%5D,es:1,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:7211,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:170,wc:0.0.1600.1200,ac:650.152.300.250,am:i,cc:650.152.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B7057~100%5D,as:%5B7057~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:31,fm:sW84UAm+11%7C12%7C13%7C1411%7C14121%7C14122%7C14123%7C1413%7C1414%7C1415%7C1416%7C1417%7C1418%7C1419%7C15%7C16*.928934%7C161,idMap:16*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.20.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-20-189.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:29 GMT
x-server-name
dt15.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
generate_204
tpc.googlesyndication.com/ Frame 139D 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?HrZjWw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 20:41:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022012701&jk=1959898311638529&bg=!e3ileDzNAAY6OBv_Ojg7ACkAdvg8WvVib-32q0Csb9ULeMbI9U2fwNtWQaHOhL3Vts2nd6h4SvRwyAIAAAC1UgAAAAVoAQeZAuTjBCEWszqx-UADmUR9h5fWx8xXNK7Q2WVjY8tlT2yu1nNZ04hqpqdExae_QguXzzC3hd7BQ5ygHQYcSu-Mc_G7L3BnnO8UUdn1tL_bv_XjrNRlRSu31JvlwgTPvyeA1pWMg0IDxJnHP39eZ3_Gwde303iA6nSet0c7TQZSMF6pT1M9Us4sQva_vnAb7HYfdQLvgBDM3rVXl2wq5EUMvGznSgsEX0v7V8llYha4kNDqF4oEOLNQ2fQtdIWLgHibsHowRuaZxfcaDIop56HWaYk45zfsR7jnI3WL_Y9gylTGwoqZmCYpbfKRKYwUon5BYpjQFC7mM3lE3SIwiNtCVS7iJHQkhI-9RKitsLMUyz-AX5QlQv4T3hYESB8hgu6YpUw5Xtq0vQXU5FEAf0VDbbXaLeSeJu82-WExb4zHseZeLMHlgCR1sOrBe1P2-2YhT5iNtTRVXQ4ObkxaRVbAVjAxaG5Q5bZSqrtl9KADdIqJU5xV9ePQQJ1ilS_a_rnNskUaR8v5Ani4HtRsPOvOXFf-xa9uJ_JNmVbB53L25RNq5ikNVsF1sqtuGgXJEP1aZC6n2oWYhS0-SHa06IVzf8-3TrbqfcDv8p0fShHpycWFJ6KQpQqpG4e0A6VVorKE35zsICLK7PTLnuIJmUi_Rqn-sMc7JXVymvTSqi_XQBWYjhePcq7CnkbTDLh8Ybbyqd3AwLbqOjIDnxp_kvLgbmCDhHlj5VHktp3_Q8LqdHjMPy0lbB2vPYa2PGp7UdK2kUpm-m559XxsY_3TTc-rVlz5lm7k_yWlccaiTeSzoLA9kemkQRPpUxfbGfYkPC_lSntiUv1szVoiEuxmnXCJ8gzXWrA2FvL1pviqv8iHDv6Wg-GJG2Bcmc2NoLNL2fxSVYWOfkrHnVTMiaE41eppsSOxgFDursaYEVvmvcFCRQFqpBgCGZg-ybTzaAKANYz7_O5g2gnuaX2823KxqK4ecje6dOFBZQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cheet-4549-torontosun.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame 735E
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=postmedia.digital&sn=ChromeSyncframe&so=0&topUrl=cheet-4549-torontosun.gdev.postmedia.digital&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=6j7CyHxUcWljaHlYS0llKy80UVVCZEsybzhPb0dscktPQzE0KzNQMlZERlVoeG5qQ1FoNGt2MHVQdHVwdWFEdUppbUF0aTBLRDY2TkpYaEt2b1FXVFVWN3podkFJdlkwVllNcXJydTZ0dWREUWNaODE0M0tjR0p5SXdhdV...
425 B
632 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=6j7CyHxUcWljaHlYS0llKy80UVVCZEsybzhPb0dscktPQzE0KzNQMlZERlVoeG5qQ1FoNGt2MHVQdHVwdWFEdUppbUF0aTBLRDY2TkpYaEt2b1FXVFVWN3podkFJdlkwVllNcXJydTZ0dWREUWNaODE0M0tjR0p5SXdhdVI1SjFRMElUK05tdUdVK3JSblBJYmFzLzEvRWFkQTErS3V2Mm4wZVhEQWNndnFNS1RFREJ1MUg1ZWQzZXRUU3RpemVzVnRTSGd2WGo5ZGlHWVcraFpuNGljVmpPNUp6OVZLcE5icENVVFhsTXk1UDNqVmNYbHB4Ui8zQk05MnRPa3N4YkZuZW1ic2FkOXpDVWhjQlM5Y2VtSlVON1cwUT09fA&cppv=2
Protocol
H2
Server
74.119.119.139 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
3ef0812c1173fa7787f6589962ecc76f9583eb82ecbeb9f6fe53299c3256f290
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:29 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
5256
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 20:41:29 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=6j7CyHxUcWljaHlYS0llKy80UVVCZEsybzhPb0dscktPQzE0KzNQMlZERlVoeG5qQ1FoNGt2MHVQdHVwdWFEdUppbUF0aTBLRDY2TkpYaEt2b1FXVFVWN3podkFJdlkwVllNcXJydTZ0dWREUWNaODE0M0tjR0p5SXdhdVI1SjFRMElUK05tdUdVK3JSblBJYmFzLzEvRWFkQTErS3V2Mm4wZVhEQWNndnFNS1RFREJ1MUg1ZWQzZXRUU3RpemVzVnRTSGd2WGo5ZGlHWVcraFpuNGljVmpPNUp6OVZLcE5icENVVFhsTXk1UDNqVmNYbHB4Ui8zQk05MnRPa3N4YkZuZW1ic2FkOXpDVWhjQlM5Y2VtSlVON1cwUT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2396
content-length
541
expires
0

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 function| setNptTechAdblockerCookie object| script object| LRNameSpace object| LoginRadiusDefaults function| LoginRadiusUtility function| LoginRadiusApiFramework function| setLoginRadiusDefaultSchema function| setLoginRadiusModuleFunctions function| LoginRadiusHooksModel function| SetLoginRadiusCommonFunctions function| LoginRadiusControllers function| LoginRadiusV2 function| FormValidator object| hash object| modern_script_elem object| legacy_script_elem object| ytAdTargetingLoadEvent function| script_onload string| locSrc object| ytVideoAdTargetingConfig object| webpackJsonpFrontEndModules object| tp object| FrontEndModules object| googletag object| aax object| apstag object| pbjs function| Krux object| dataLayer object| KruxDataLayer object| __iasPET object| mParticle object| gtm_data_layer function| BlockAdBlock object| blockAdBlock object| ggeac object| google_js_reporting_queue boolean| apstagLOADED function| pbjsChunk object| _pbjsGlobals object| districtmHeader object| diagPixSentCodes object| __iasAdRefreshConfig object| webpackChunkdjango_content_services object| google_tag_manager undefined| google_measure_js_timing object| Criteo function| udm_ object| _comscore object| COMSCORE object| regeneratorRuntime string| iasScores function| postscribe object| google_tag_manager_external object| google_tag_data string| _linkedin_data_partner_id function| fbq function| _fbq function| twq function| onYouTubeIframeAPIReady object| vf object| vfQ function| _typeof object| PARSELY function| lintrk boolean| _already_called_lintrk object| twttr object| Sailthru function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal boolean| pnFullTPVersion number| pnInitPerformance boolean| pnHasPolyfilled object| pn string| __tpVersion object| SWG function| ___tp object| PianoESPConfig object| __IntegralASExec object| criteo_pubtag object| criteo_pubtag_prebid_113 object| Criteo_prebid_113

140 Cookies

Domain/Path Name / Value
cheet-4549-torontosun.gdev.postmedia.digital/ Name: x-id
Value: {"data":{"id":"f9a5lzyn62kpl5nn8x7l8r2s85nuicxhl","updated":1643661680005},"exp":604800000,"ts":1643661680054,"mac":-1228438034}
.openx.net/ Name: i
Value: aceff8f7-5ef9-028c-3005-3cb411d9650b|1643661680
.yahoo.com/ Name: A3
Value: d=AQABBHBJ-GECEKCreC3uNmkJuoAWbeMcSZUFEgEBAQGa-WECYgAAAAAA_eMAAA&S=AQAAAgaEBSfSx8T172Fxcdl-acs
cheet-4549-torontosun.gdev.postmedia.digital/ Name: __adblocker
Value: false
.postmedia.digital/ Name: _gcl_au
Value: 1.1.1788810653.1643661681
.scorecardresearch.com/ Name: UID
Value: 18Cf5c4cb562af8012036dd1643661680
d395dw5zk780j2.cloudfront.net/ Name: x-id
Value: {"data":{"id":"f9a5lzyn62kpl5nn8x7l8r2s85nuicxhl","updated":1643661680005},"exp":604800000,"ts":1643661680698,"mac":-1228255320}
.adnxs.com/ Name: icu
Value: ChgI5PFMEAoYASABKAEw8JLhjwY4AUABSAEQ8JLhjwYYAA..
.adnxs.com/ Name: uuid2
Value: 6020183768421938910
cheet-4549-torontosun.gdev.postmedia.digital/ Name: political-ad-opt-out
Value: {"data":false,"exp":604800000,"ts":1643661680769,"mac":1836341854}
.rubiconproject.com/ Name: khaos
Value: KZ35Q5J6-2-LCD3
.postmedia.digital/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://cheet-4549-torontosun.gdev.postmedia.digital/%22%2C%22sref%22:%22%22%2C%22sts%22:1643661680802%2C%22slts%22:0}
.postmedia.digital/ Name: _parsely_visitor
Value: {%22id%22:%22pid=a9594369b75ffeaaa3f33fd736281e59%22%2C%22session_count%22:1%2C%22last_session_ts%22:1643661680802}
cheet-4549-torontosun.gdev.postmedia.digital/ Name: sailthru_pageviews
Value: 1
.linkedin.com/ Name: li_sugr
Value: fdf60331-5a70-40e1-88ff-aa1758d7ec96
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&9f14d9eb-5d43-4a0d-8865-c29c238cf39a"
.linkedin.com/ Name: lidc
Value: "b=TGST02:s=T:r=T:a=T:p=T:g=2701:u=1:x=1:i=1643661680:t=1643748080:v=2:sig=AQFPrRCr2lIoF_QKJmVjaM_1edKbLeW-"
.postmedia.digital/ Name: mprtcl-v4_767FC2FC
Value: {'gs':{'ie':1|'dt':'us1-a9588c0ddc27594cabd152e47ffe27ee'|'av':'1.0.0'|'cgid':'ece6f597-5e63-40a9-8abe-4fd7d7edf149'|'das':'06f8abbe-754f-4573-994c-a65d93829563'|'csm':'WyItNjI5MDM3MDA1ODg5ODIxMjE2MSJd'|'sid':'7778FD0B-E516-46BB-8A9C-D3D8B73369FD'|'les':1643661680789|'ssd':1643661680469}|'l':1|'-6290370058898212161':{'fst':1643661680701|'ui':'eyIwIjoiZjlhNWx6eW42MmtwbDVubjh4N2w4cjJzODVudWljeGhsIn0='}|'cu':'-6290370058898212161'}
.postmedia.digital/ Name: _fbp
Value: fb.1.1643661681093.117870405
.linkedin.com/ Name: UserMatchHistory
Value: AQI-g_gCf1TscAAAAX6x3uG4AxGhZ91_x8VK9Ni_Sa7zvqP1a7BbUJt_gmqR8MAPTD5Q0lhqciOpVw
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQIWTvm8-_zX-gAAAX6x3uG4mACkcrByPYav-EfwoMtgnzZ7tfVhn5F_sZ1X86x4ggd4B7eWVxDr99aU8SIcEA
.amazon-adsystem.com/ Name: ad-id
Value: Ax87ODHn-0cVuX9FxiRF1lI
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
cheet-4549-torontosun.gdev.postmedia.digital/ Name: sailthru_visitor
Value: d38ab27b-a20d-4eca-a51a-b7ec608accb7
.twitter.com/ Name: personalization_id
Value: "v1_9HuuoyXmYr8zer0gyUF1MQ=="
.facebook.com/ Name: fr
Value: 0fHmlcnWvLVwG1iEM..Bh-Elx...1.0.Bh-Elx.
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YfhJcQACw9fZHgBB
.t.co/ Name: muc_ads
Value: 4b8ab037-ca40-463b-b539-0a00bd599776
.krxd.net/ Name: _kuid_
Value: OopqlhR2
.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.www.linkedin.com/ Name: bscookie
Value: "v=1&2022013120412170e8cc55-d650-4c96-88be-e3d8b57bfc9aAQHNHmHIudGh7MIISBVEfjRMRCmeUfQd"
.bidswitch.net/ Name: tuuid
Value: e8fe28ba-6592-4d87-837c-0ea289d44de3
.bidswitch.net/ Name: c
Value: 1643661681
.bidswitch.net/ Name: tuuid_lu
Value: 1643661681
.acuityplatform.com/ Name: auid
Value: 643968922486
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqCMTM3+o11c2VyTWF0Y2hpbmdJZCQEkpFsYXN0RHJvcFRpbWVNaWxsaXMlAT8sO24RqJhsYXN0U3VjY2Vzc2Z1bE1hdGNoTWlsbGlzJQE/LDtuEaiPdGhpcmRQYXJ0eVVzZXJJZCH7+4Z2ZXJzaW9uwvs="
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-2f126c61-fe47-4818-627f-64638f6f954a.HuPk8PNkqtz8a3XTEfkMglT5XxVKdnw1dXgD3K4Y7Bw
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A0-2f126c61-fe47-4818-627f-64638f6f954a%24ip%24149.56.153.189.yo7%2F7wBAb8QXg3KeySjJy8sQPYu561Nhq0SgAoHcRQU
cheet-4549-torontosun.gdev.postmedia.digital/ Name: __pnahc
Value: 0
.lijit.com/ Name: ljt_reader
Value: 09afbc539a74a362701db9af
.sharethrough.com/ Name: stx_user_id
Value: ac4a18e0-7e91-4150-9b03-ea7949669a20
.lijit.com/ Name: ljtrtbexp
Value: eJyrVjJWsjI0MzGxMDc0sjDUUbIwQeObofJN0fhG5hC%2BkZmZiYVhLQCMHRAy
.3lift.com/ Name: tluid
Value: 786745617440568970889
.casalemedia.com/ Name: CMID
Value: YfhJceVlWSGxaq.ssoN7ZAAA
.casalemedia.com/ Name: CMPS
Value: 471
.piano.io/ Name: __cf_bm
Value: 89_iXnHfVBqhsF4bVeC9iyMO1fMjeqBtdQmmsg.xiXo-1643661681-0-Add8PnbNQW7QTQPTnRlTyUu4p6lbLyiyOplqOWLItjdpcKHHAvqlEQgBgH7nadbn0gQXl0SkJ7EbtS60l/VlMUY=
.postmedia.digital/ Name: __tbc
Value: %7Bkpex%7DqknuY5yzCoNMXVbJTU5rB68z8Cwu8zPOF25QArdO_wcWGi5pOLsMIynJuWoGZF1M9C2203BO8TLDTVSLBq1vxgMIn5HKiNxQdjkG8n6mjIw
.casalemedia.com/ Name: CMPRO
Value: 461
.postmedia.digital/ Name: __pat
Value: -18000000
.postmedia.digital/ Name: __pvi
Value: %7B%22id%22%3A%22v-2022-01-31-20-41-21-264-Y7X8TBHInvziVrDg-1f5958c57c236af67dc66df4a02cd152%22%2C%22domain%22%3A%22.postmedia.digital%22%2C%22time%22%3A1643661681505%7D
.pubmatic.com/ Name: KADUSERCOOKIE
Value: AC76E529-C2E3-4CA5-986B-00E047C2FEE7
.postmedia.digital/ Name: xbc
Value: %7Bkpex%7D8s5PNotLRFGhfoNlDdiTpqXIePTDuVXFXWDCwozjuj8
.mathtag.com/ Name: uuid
Value: c28761f8-4971-4d00-9689-a84a9b360c6f
.ml314.com/ Name: u
Value: aHR0cHM6Ly9jZG4ua3J4ZC5uZXQvcGFydG5lcmpzL3hkaS9wcm94eS4zZDIxMDBmZDcxMDcyNjJlY2I1NWNlNjg0N2YwMWZhNS5odG1sIyFreGNpZD11ZXAwOTIxeHoma3h0PWh0dHBzJTNBJTJGJTJGY2hlZXQtNDU0OS10b3JvbnRvc3VuLmdkZXYucG9zdG1lZGlhLmRpZ2l0YWwma3hjbD1jZG4ma3hwPQ==
.ml314.com/ Name: pi
Value: 3624816913356947499
.adsymptotic.com/ Name: U
Value: 02ee4c07a41c984ad9052c91d3adb5d6
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd987FnXwPDHpuEeQ8CX9LPUoabxXM8uccsr7X6exNb1uffFjlyeU_MkI-aO8X0lbMC0
.adsrvr.org/ Name: TDID
Value: cd1d4203-2ece-4cd3-a1e0-da4cd49066e2
.openx.net/ Name: univ_id
Value: 537072971|cd1d4203-2ece-4cd3-a1e0-da4cd49066e2|1643661681570190
.lijit.com/ Name: _ljtrtb_3
Value: c28761f8-4971-4d00-9689-a84a9b360c6f
.bidr.io/ Name: bito
Value: AADdZ07D8JMAAAwmlnCr5Q
.bidr.io/ Name: bitoIsSecure
Value: ok
.adform.net/ Name: C
Value: 1
.mathtag.com/ Name: mt_mop
Value: 9:1643661681
.lijit.com/ Name: _ljtrtb_84
Value: c:5a4b023959421b5a5a2e9b1c479f109d
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-fd377101-0354-4b3f-ba0f-c14800c651a0&KRTB&22918-fd377101-0354-4b3f-ba0f-c14800c651a0&KRTB&23031-fd377101-0354-4b3f-ba0f-c14800c651a0
.pubmatic.com/ Name: PUBMDCID
Value: 2
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-YfhJcQACw9fZHgBB&KRTB&22978-YfhJcQACw9fZHgBB&KRTB&23194-YfhJcQACw9fZHgBB&KRTB&23209-YfhJcQACw9fZHgBB
.lijit.com/ Name: _ljtrtb_27
Value: cd1d4203-2ece-4cd3-a1e0-da4cd49066e2
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEFyOPctYvR5dqMZ_ZF9naQo&KRTB&16514-CAESEFyOPctYvR5dqMZ_ZF9naQo&KRTB&23025-CAESEFyOPctYvR5dqMZ_ZF9naQo
.adform.net/ Name: uid
Value: 3308236387161182561
.agkn.com/ Name: ab
Value: 0001%3A%2FJfEGdLF1q1RtkWgnYYLg%2F6pcjXVMC9q
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-012edfff-d40f-49f1-b994-f8a8f3f5de2d-005%22%2C%22nxtrdr%22%3Afalse%7D
.pippio.com/ Name: did
Value: ZWmkmbwWtZ7AsRir
.pippio.com/ Name: didts
Value: 1643661681
.pippio.com/ Name: nnls
Value:
.simpli.fi/ Name: suid
Value: CE8E56F9F9584FAD9E4F9985CF887D49
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:CE8E56F9F9584FAD9E4F9985CF887D49
.creativecdn.com/ Name: u
Value: 0IOAgJ5SJ5taCjcHuGcj
.creativecdn.com/ Name: ts
Value: 1643661681
.districtm.io/ Name: _dm_uid
Value: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAwLCJ1c3IiOiJxZ2JaQWJJR0d6STBWR3AwTkVwNVltTlhXRUp6Y25Ka05VVnRVSHAwYmtKSFFyb0dLUWlaVGhJa1pUaG1aVEk0WW1FdE5qVTVNaTAwWkRnM0xUZ3pOMk10TUdWaE1qZzVaRFEwWkdVenVnWVZDS0JPRWhCWlptaEtZMUZCUTNjNVpscElaMEpDdWdZUkNLWk9FZ3cyTkRNNU5qZzVNakkwT0RhNkJpQUlxazRTRzB4NFNuTlpaalZJVTBKb2FXWXlVbXBxTWkxV1UzQlZORzFpTUxvR0F3aXVUcm9HQXdpd1Ryb0dNUWpKVGhJc2VTMXhlRlJVYWpoU1JUSjFSazlVVWxKRldtbG1VVTk0VVZKaE9HVlVZVzFFVVZSbFRGUnBlR3N0ZmtFPSIsImlhdCI6MTY0MzY2MTY4MX0.jLsgrxdrZBhCcyAUhYSLqWOAPFcdF9KJYnhqF0WFG8oqz7hjceEeXM2_m1PnH77VyF6JlXEaqX65-6gVgLZvLw
.linksynergy.com/ Name: rmuid
Value: 83453d62-f231-4982-8932-9b7e400e0cb6
.linksynergy.com/ Name: icts
Value: 2022-01-31T20:41:21Z
.lijit.com/ Name: _ljtrtb_86
Value: 0IOAgJ5SJ5taCjcHuGcj
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-012edfff-d40f-49f1-b994-f8a8f3f5de2d-005%22%7D
.lijit.com/ Name: ljtrtb
Value: eJwVyjEOwjAMAMC%2FZMaS4zhO3A0xAF0YeIHjpEidYUL8nWa74b4hhSU41SJxq8BaInBHBJWqYJVNWxJ02cIpUJm3x86ECWj4APaewOJA6HaYFUUGHbfyvEs2bkhJszLFli0bDW3RuegWUfuccky8P86vNT%2FX%2FLbL7rfP1ffw%2BwP2wigi
.lijit.com/ Name: _ljtrtb_56
Value: RX-012edfff-d40f-49f1-b994-f8a8f3f5de2d-005
.turn.com/ Name: uid
Value: 2859497471008174543
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-2859497471008174543
.doubleclick.net/ Name: IDE
Value: AHWqTUmQIy3Es_iFpW8Kj09GRtXDRJXngoF2rMDQs9wQxyRO4eS_L_t79k-_Psbg-TU
.postmedia.digital/ Name: __gads
Value: ID=b0c8d87522692614:T=1643661681:S=ALNI_MazaSlXmGvWwNMxEFhp-0ZzA2Z_ZA
.rubiconproject.com/ Name: audit
Value: 1|clb2f5t+FPpYNXbg+Siaxe1WuCoMxA8a+JUixCbOKdrWDxYPRcXl/NNGtABGtNIeWMWfxaQAlnDfwuGw1SRBym5AF7191McZpPmOY6O1GPpZnaeJRrohdLtVZ1miqHLHzG6FmltYou0S2eUxnSVaag==
.openx.net/ Name: pd
Value: v2|1643661681.4|iKvMgakWgy.mmbwuYvPeShEgKg2f8ke
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: pi
Value: 160305:3
.pubmatic.com/ Name: DPSync3
Value: 1644796800%3A221_228_236_197_201_219%7C1644192000%3A164%7C1643673600%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1644796800%3A54_231_104_166_3_220_21_7_178_13_22_71%7C1644192000%3A223_2_15%7C1644883200%3A35
.tapad.com/ Name: TapAd_TS
Value: 1643661686000
.tapad.com/ Name: TapAd_DID
Value: 82732461-05ea-43e1-9872-cb49726d6b9a
.rlcdn.com/ Name: rlas3
Value: Pe1Ov+2R2g52rKSxnxhctj4kHNOl9E+Wk6Q5Bane8y4=
.rlcdn.com/ Name: pxrc
Value: CPaS4Y8GEgUI6EcQAA==
.sitescout.com/ Name: ssi
Value: cb10bfa0-8a43-4be7-b111-742947030d35#1643661686032
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:c28761f8-4971-4d00-9689-a84a9b360c6f&KRTB&16736-uid:c28761f8-4971-4d00-9689-a84a9b360c6f&KRTB&23019-uid:c28761f8-4971-4d00-9689-a84a9b360c6f&KRTB&23208-uid:c28761f8-4971-4d00-9689-a84a9b360c6f
.pubmatic.com/ Name: PugT
Value: 1643661686
.advertising.com/ Name: APID
Value: UP28cb0a25-82d6-11ec-ab1d-02694ef55315
.sitescout.com/ Name: _ssuma
Value: eyIxNyI6MTY0MzY2MTY4NjA3NH0
.casalemedia.com/ Name: CMST
Value: YfhJcWH4SXYA
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.pippio.com/ Name: pxrc
Value: CPGS4Y8GEgQIAhAAEgUI3k4QBRIGCOzrARAA
.fiftyt.com/ Name: fifid
Value: 94005eac-bddd-4831-5baf-5adaec4e8747
.fiftyt.com/ Name: cs
Value: MTY0MzY2MTY4NnxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fIfDIHt8YF8MqYhn6ncMCBEsaSOwRYyvC1Pop6CVStCc
.ipredictive.com/ Name: cu
Value: 28d1c1a1-82d6-11ec-a9bf-a10e15a78249|1643661686109
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-6020183768421938910&KRTB&23339-6020183768421938910
.deepintent.com/ Name: CDIUSER
Value: di_f5217a3e9cb0438f97491
.dotomi.com/ Name: DotomiTest
Value: 79692ead5a831219
io.narrative.io/ Name: io.narrative.guid.v2
Value: 28d5b871-82d6-11ec-9141-120bff9cc4e7
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-28d1c1a1-82d6-11ec-a9bf-a10e15a78249&KRTB&23011-28d1c1a1-82d6-11ec-a9bf-a10e15a78249
.fiftyt.com/ Name: fppm
Value: 20220131204126
.adsrvr.org/ Name: TDCPM
Value: CAESGwoMc2hhcmV0aHJvdWdoEgsIjvDBqYLBsjoQBRIWCgdydWJpY29uEgsI7L67rILBsjoQBRIVCgZjYXNhbGUSCwj8-e3XgsGyOhAFGAEgAigCMgsI9Lum2JjBsjoQBTgBWgthZGNvbmR1Y3RvcmAC
.analytics.yahoo.com/ Name: IDSYNC
Value: "191l~22z8:18z8~22z8:18za~22z8"
.contextweb.com/ Name: V
Value: dB9zkJUW1MHL
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1bx3|7dN.0.AADdZ07D8JMAAAwmlnCr5Q
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 91e9f899674a1e77
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAGbf6waz78ZQM3vB-yAAAAAAA&KRTB&22713-AAAGbf6waz78ZQM3vB-yAAAAAAA&KRTB&22715-AAAGbf6waz78ZQM3vB-yAAAAAAA
.onaudience.com/ Name: cookie
Value: cdccfe17359ac7c4
.onaudience.com/ Name: done_redirects161
Value: 1
.casalemedia.com/ Name: CMRUM3
Value: 2d61f849762760CAESEGyV0MKIi9RMIumtmHRz8gs&e661f849762760&9861f8497605a0&f161f8497605a0&9c61f8497605a0&0361f849762760c28761f8-4971-4d00-9689-a84a9b360c6f&2761f849760b40&5861f8497605a0
.exelator.com/ Name: EE
Value: "3b802ca9b379a15cd3a325e41baf630d"
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcE4ycLAKDnRMsnY3DLR0DQ5xTjR2Mg01cQwKTHNzNggZXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yNJ8SX5RZvoiZ8fFRSlpDItKik8F7494DwCF1yqK"
.smartadserver.com/ Name: pid
Value: 7386982843298969964
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AADdZ07D8JMAAAwmlnCr5Q
.onaudience.com/ Name: done_redirects109
Value: 1
.technoratimedia.com/ Name: tads_uid
Value: 2ACFEBCEE505467F99DCB4531C8E39A2
.technoratimedia.com/ Name: tads_uid_cd
Value: 20220131154126-0500
.technoratimedia.com/ Name: tads_zora
Value: 2
.technoratimedia.com/ Name: tads_uidp_73
Value: AADdZ07D8JMAAAwmlnCr5Q
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AADdZ07D8JMAAAwmlnCr5Q
.pubmatic.com/ Name: SPugT
Value: 1643661688

7 Console Messages

Source Level URL
Text
other warning URL: https://www.googleadservices.com/pagead/conversion_async.js(Line 71)
Message:
Unrecognized feature: 'attribution-reporting'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9ab1a5e59a6ae4f1c380e4ad20393179.safeframe.googlesyndication.com
aa.agkn.com
acdn.adnxs.com
ad.turn.com
ads.pubmatic.com
ads.rubiconproject.com
adservice.google.ca
adservice.google.com
ak.sail-horizon.com
analytics.twitter.com
aorta.clickagy.com
ap.lijit.com
api.sail-personalize.com
assets.ribn.com
auth.lrcontent.com
beacon.krxd.net
bh.contextweb.com
bidder.criteo.com
bttrack.com
c.amazon-adsystem.com
c1.adform.net
c2-sandbox.piano.io
c2shb.ssp.yahoo.com
cdn.adsafeprotected.com
cdn.districtm.io
cdn.jsdelivr.net
cdn.krxd.net
cdn.parsely.com
ce.lijit.com
cheet-4549-torontosun.gdev.postmedia.digital
cm.g.doubleclick.net
config.lrcontent.com
connect.facebook.net
consumer.krxd.net
creativecdn.com
d395dw5zk780j2.cloudfront.net
data.adsrvr.org
dis.criteo.com
dmx.districtm.io
dmx.us-east-34.districtm.io
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fem.prod.postmedia.digital
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
hb.districtm.io
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
identity.mparticle.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
io.narrative.io
js-sec.indexww.com
jssdkcdns.mparticle.com
jssdks.mparticle.com
loada.exelator.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
micro.rubiconproject.com
ml314.com
mug.criteo.com
p.adsymptotic.com
p1.parsely.com
pagead2.googlesyndication.com
pippio.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.adsafeprotected.com
pixel.advertising.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.tapad.com
postmedia-d.openx.net
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
px4.ads.linkedin.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.openx.net
s.amazon-adsystem.com
sandbox.tinypass.com
sb.scorecardresearch.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
smartcdn.gprod.postmedia.digital
snap.licdn.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.ads-twitter.com
static.adsafeprotected.com
static.criteo.net
sync-tm.everesttech.net
sync.1rx.io
sync.extend.tv
sync.ipredictive.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
t.co
tags.bluekai.com
tags.rd.linksynergy.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
visitor.fiftyt.com
www.facebook.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
www.npttech.com
x.bidswitch.net
104.16.190.66
104.18.101.194
104.244.42.3
104.244.42.5
104.36.115.109
104.36.115.113
104.36.115.114
104.36.115.98
104.94.205.31
107.178.246.49
107.178.254.65
108.174.10.14
13.33.46.48
13.33.46.72
141.94.170.64
142.250.65.162
142.250.81.226
143.204.137.197
146.75.28.157
151.101.1.108
151.101.130.133
151.101.130.49
151.101.66.133
156.154.202.36
178.250.2.131
18.213.56.215
184.85.195.135
185.167.164.37
185.184.8.65
192.132.33.46
193.122.130.38
198.148.27.139
199.127.204.142
199.187.193.193
207.198.113.169
209.54.176.128
23.54.68.197
23.54.68.240
23.57.136.222
23.92.190.68
2600:141b:e800:3d::17dc:f9cb
2600:1f18:4e9:5a02:1f9d:78fd:b4f5:2185
2600:9000:202c:d600:8:48e:53c0:93a1
2600:9000:2140:c000:8:f216:eb80:93a1
2600:9000:2140:e200:7:75d4:e40:93a1
2602:803:c002:200::41
2606:4700:10::6816:48e8
2606:4700:10::6816:49e8
2606:4700:3037::6815:3c3f
2606:4700::6810:5614
2606:4700::6810:f015
2606:4700::6811:b9b1
2606:ae80:1451:19::1400
2607:f8b0:4006:808::2001
2607:f8b0:4006:80b::2004
2607:f8b0:4006:80d::2002
2607:f8b0:4006:816::2002
2607:f8b0:4006:81c::2002
2607:f8b0:4006:81d::200a
2607:f8b0:4006:81e::2002
2607:f8b0:4006:81e::2003
2607:f8b0:4006:81f::2008
2607:f8b0:4006:820::2003
2607:f8b0:4006:821::2002
2607:f8b0:4006:823::2001
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:1ec:21::14
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42:200::645
2a04:4e42:400::645
2a04:4e42::645
3.212.61.226
3.216.55.148
3.218.90.66
3.223.182.225
3.230.217.116
3.231.80.183
34.149.157.221
34.194.30.250
34.203.25.60
34.229.3.43
34.73.194.24
34.95.11.30
34.98.64.218
34.98.67.3
35.186.253.211
35.190.60.146
35.201.96.126
35.211.178.172
35.244.159.8
35.71.131.137
38.91.45.7
44.198.222.213
52.201.20.189
52.204.164.51
52.223.22.214
54.144.144.142
54.165.115.242
54.175.198.118
54.236.195.76
54.85.224.115
63.251.114.136
68.67.160.117
68.67.161.206
69.173.144.138
69.173.144.165
69.173.151.100
69.90.254.78
74.119.119.139
74.119.119.150
74.121.140.14
75.126.248.142
99.83.154.140
99.84.125.32
99.84.40.238
99.84.42.98
027c960b439be277f5dd907e5629be7a4360eecb943c8c2d75e5b6a0e2157aaf
051668900f3f9c5235992fcebe36b4af3290b7d8cd274ec7b10821dd961c50e0
056439f728742942ff97ce79aab564484cc5280e730c29c451156d448a6f0962
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08830bf92a05a2a3ec46797bb02f66dd52ef685e94ff9731d18f336e01342724
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d2ac764cf2fb229cb99ff93f216bd04d62b564384adbcc9f89491d858c56e41
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0fbc907061b6169dcb1fb510d8e037414886f7c2d0782747392db7c423b89116
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12f0953fbf4ce674601749cec412a67ded53cdc891bafdf11ae0ac87bf4a776f
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
15e347a885fcabbbde879ac9aad37df68456936a60647804620de8312eade388
179c493864283938999b1e6cfb14839f78f9b25d1ec30faabbf9ea18216b23e5
179f43e8abd5e7bd49d05571dc29d22c9f5044eb17ca8253a49e3e28e716af61
17c0bebd31068ed4e5257fe396e8d332921e328deaba0a1588d961130571b5af
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
190bc6bf64a88996a8505f258adba28cba4c993a6b1b446abd3d3ff552286a1c
1bf3e4860d8c6caf4f0363f9c1af156076d961b599095887b4d564a622679f53
1d9286445228adc3e7a110357a424f822d6aacdc24751e7ce2355c36b9f8fc59
1fdd2eb3b9e7c8002d686f3d0ba7cec47176e28bbaba026fb72f2f48219e10c3
21c95fcafee5a9e9b8930a8f4a9f5251aece00d59d493ed8e8ecae9a295fe613
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
27f01048ffdbc31ca37d71e9457adb9470bb379b31ed7e4f3799b79fd8887646
2877cbf1f32a602472230deee3f3406e27984a0ad738c0a47d48da01dc5e2fc9
297bd887c6a333c8ad5d564d691e212afb2bcc0c6f22d38688b7bc2d36fc5b82
2a57c084ba5fc039d4bc2f41ebe757f1aa7db0b6e3a001d4ebba63b4fc173a77
2aab9961b950f52ec394aa4cbed5a13d24affd2ee3f20df02e79dc0f7e2e3d65
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2b32962e9a9201051cf83d13035f3595c28be101477a26abc9b70b93050b1a3d
2b50b46e9fff24bc7548538f3b19bc6857f243a5c4155ce88017892b839f7e3e
2bb50a86a0b357d2f5c825a1c592fb7c249dba866603cb27742ad5a3f8a5ba8e
2c3ab80bcb2a42bc903c0b6ecc8da9d2fbb8cb97b300a5015bac9b7127687cf7
2d0f5b846051e978362b432af21ee8c3d8d8bd01bce14e226abe2eb8bf964b44
2e5a2c4d3f80fc95a86188a2d21ffa09431d89b967b6a5fa34b5901709793d75
2f28c008f0ce667d697ccc95a07377e8562c0c28dd910f864724a265f75671e4
300b9ba11e041384aafe746b81adbac891f04890e6d71728d572df9073610076
3190a1bc7e5a6ac296dec0bc7e35476d8924f743968dbe480413bdbcabc5cc87
3386638d1a84cb9f85baca1d7516c12ceb2c77119330b6eaf180f5336834b9ee
34c4351e0ce42542bb0657355bfd91b4cb376ffce3bfc7de9ab1be8652124e3e
35d35d4471641e28e9ca6e26a9a0b396fd61a8779a4e482eec5929e8f087b120
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
38fef3749610f8d3262b39e38896b5bd7c0261937c141d6acdce8d0d7b08bc09
39a95bd7f8ff911c8a36dc1ae3b37f85d4684fd3897ab3df6dca5f8c3cd9b422
3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ef0812c1173fa7787f6589962ecc76f9583eb82ecbeb9f6fe53299c3256f290
3fde76cacc186420d0405496f66f9cd00a7c14a38a9ffa4b626a09affe83cc2a
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40e562e806ce113ae7879d0dd76db82797b5c274794751c260381f2c8b283641
42d28b968b79182a5ce39cb1bfb0a1f62441f1fb1a5d233162712097967aa6cd
42d3a8cf89f5eb746b28d80f863f0e6024d7ab4d347f028737ab8ff4b9b94dfe
46ba5f0b3b0f72884e66f3f7c8ac6c6195741a4e77f15f55ae16927c6c913da4
475edb49d60d0840a58c427173057a72466cc0f140b5b0fd5b5757ce113f3000
47d0d9481b5ba541cd66b7d69f914f00da176e7932394e3c9c3d82b14dec6ff0
48414eb96ed9b9f38db15a67d7c8646effcf015813cd2d72c50c86b8ff1de149
486ddaa8f86b230c5fff946591e9f92a54ca035a78b69a0597d808bbffde4be9
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49192dffcb73e397680434bf06974fbe1db8db0c7e3eacfcf94f4d8dfa0c490d
49304a48f04f4b463cf89198bd2038b27e1bca87293a37360ffa2e3f8e22c3e5
4959a941954a0161eac86159932892dd4d12dc515d17ba38023e0fd472bf8787
4a0121b5684d43090a4bf15541f701d6381129cee91890842595651bc41baad2
4d259af91ef9cf72737cb738f97fe8a8701ba61ec0ecdb8f394fb4e754d895d7
4d98426c457804c2ba98c2675b8204c5d14b2f46e3bb46d612fa7b0ee8e3f04a
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50d1b097304df7c128ca9fd7a3442c0314aa313eb5e0642fc511be4b8b482fe4
51abf473db4bdc212b1524d4099382a230684908bffe41cf4a1a41b9da9f2568
53e2af5fe00ca353f3b981c50476e19bf9c7e962bea84d79bf88926e5e406b0f
54f99710ea6dfde67c874d6f4d5e1ad6364cf81c89fceca1ae35967fd3b03855
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4
5958e4b9c33a2c112d383aa30e6642e00a7a69da276e5fdecf3d807ec33ad8eb
5a153dffcc7ded503310674cf4cf17b9de088da93dc1403a3065cbd416aedf29
5b47cd47cde0e419e5d1c013d143e71eddcf24eacf7dfde163764ace43a4a713
5bfee1a430ede5828fcb00547e58f4121e6758b35517b4ee1b5387067a2e65e9
5d4f0beba73f2fd0eb946053284c1552681d503f46c625bc219ae6902e50dfe1
5efed851f2a72ac448d9d98b3bb28cc06eb7d333a66f6f80901f2558842df0b3
5f1a0eb046f22533fd96fde5da0c9f951cb8b69354839596657271c9af223be0
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
61a9435112cb68acc5f8da27798416ac4082a71a8ee5d392fb39c30185e4bc73
61b2a318a5cad9a09b5ec4376e3fd66765e911b7632bcb4703ddcb6b2ddb3c4e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63add3d48f9c81088a759648782733578dc5afeb7f483cc8724572a3e9f5fd30
6555370285c21c6d6a7fa36bdeecd0873cd6ce342a5941b03c48a40b1e07abb6
65eccb74c20a5efab571a8cbfdbd4ada1792012b8965f9e41f25b471a6c5b49f
6694db916a152e687af7a0d1cf247950921409f4a8e80bee707a3a61f56621d7
682a41ba5f93cba21b95b8a413bd5d5733e2f9786db7307e449b54cbd750c20f
68a335c0d87dce935fee1811892070e78c514828d50bfe2ae21fde739ec1002c
6a81568f55ae9d3d6e7442d0b2c592acca8a1d57f6c7741aa1b563c316ca73b8
6b49bbb468c94bde753359eff3fedd1473f25a363c4153a6acca7c795685d259
6b8c2ee9a70dc83322a4425b31b8249958dfbced9e1c782963143dead9c523fc
6c4679c8b1bd388439663a88bc62c7dac11d6cd781193e372a2d7590c153ecdc
6ee10a68bcfe9b1dc8260da11666b94b80c56262c0952e782c02bd895da12616
70cb94500dc1d2baceb071b38702219e643fed9a4fb62316e33a7b3ad91c5b5f
73b783357e1ed270e36ebc7846a8477f3d0d44e457405f46926ee2dc2a7db692
7479f164f844624f9b1dac45d157cfea71a5798f0d0009093d346052f1e6710d
74e869f36cb8b26f9624b85bb38386c2352f48fb91efee3bb3c3234542576f3e
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b
7774f1ce9e972657a8e5b09981ac79b312ffe3e0be2a4bb23e5152e01c9b2269
78695c1f9936cc52cebe8f4438ce1008076f1dd3d3ddbaa7813df6f1623c2db1
78db1f6524482d30a123613ea871ce83370e9243850d775e30d813550383eaba
7a8eeaf2b963d18188f07f3e78982938224c9e58b5fab050989e51cbf44a3d6c
7d7c70e420417ec47253579e534c3f38a1e8b7472aecaab31fc0095902ac710c
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7fb15552a88b764ca42963e71136255cecf99c6bccc6fdc68fbe0f930a516cb7
8048aec50f28319317fb1a67a6873e93f75eaf5ce6dc27f8cdec10faf4d7c5b3
8152bef8897cebce5cb8777ee9d0d13037b045802bd125507b2821c2a612f931
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
84cbc6e5a7606e731a65362dde756bd1bc219b01c82367e758fa631c57ab78cf
84e4151c2f412203c93d13e3f8d684eb87e3b20d3b8491c1f3af0c9e872fd4b8
8805c0ffda96c3ce16da3cb3a665ad3cc32d162e3cf6b6ff969904bf3dec6be5
88a52adaeb0af673d2ae5668e3433c6faafb69936774c2aa857ecb65ce0e26bb
88cb82fbb15f064858767d23d38939e903f51391ead1281181f30ce735276a45
89b21ab23b44acc94ee9d2f9718d2d7755b3c52e2787b469aa45aa717da3983e
89ce57221f8c179e92880b5bf049f93b5f529928ef111920647ea220c7ce0b04
89d5260a69bbdaea62ddf6b3b24247fccd2856e510a614cd00c2320721b00f3a
8c66c0de5bd46d503f8acaa12b491c3a61509e19b2f55cb05ee54743be878542
8d0e9de7fc623b08bd0f2efbad9e9653b5892733a02f39a7867ffddd4fed5a4c
8ddf9e8fa96d1bbbeaf292ca94fc082dde61e4a6be90c87f8b2609fd88edbd4d
8efc268132d526206d433febe50d279a657513bcf23a6b6a527f84811c6ba6c8
8f750fbf94a80f0d331b9f83f24eb008b527b8e8e1c4ee504cbb0e52151ff206
9008ac843d4735e349bdde45c352caeb6d5c1517622730fa602d6b56cf5e4b3a
9034335635758d7a2b0d8f6f94a42f45ca55f3a87ed38929c7ab89800036e708
9295ee67ad7300bd039b63b5335a442fb5ab74ccd52e3378922fe7a2b4dfed73
92cb2b2123d5c0519ab7f0abec431ee733fdc4d69cf371f9a55e3012fea614c1
93edcc6bac0b2774959f930af27397d7be8c1087e1564b856c20ef9e506f23e3
94063385884ca850a6a50a6169726ae9a468dae143f872f920aee0d1a304109e
9502266edf21088cb878db8fc0b004c01b65ec4ce32a13779c8568d97e7aaa5c
975a64dc9bbc5e1884ba8ca2e76d9b2791d16d5c9f3619bf30477cd21a8636d2
97f59ccead873800701418302300e1c43fc7d41efe5aeb412d8279fefd5cd913
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9923905127ccbd0c0a2b41dc73cdcac7ee3331ad5cedc2a63c2a002278fde404
99394b0f6e9f0aefd71dd6a9ad59129ff7852e7734905bead2f2cec5789e3436
9ae2ed71471622dfee098ecab578b44e0ade9089726f69607eec40e1cd40dca7
9c3b6628ead9c3d14e03537e8a004ff6b24d1236cce73c97a9ce1809f391c508
9d24b403bcbe2d72c372a0b5734d06c846de0c30a73a75d9ea7e36adef151aab
9dbada7aabb253e1200878d3d804741d13832c218643685d5c98a9b6033552df
9f24266c169705d9f255e52ea5880db34227b8e51f91f43cbd3e8ed5189bdf46
9f8ffd0b38bc5e22245c02bdf6c4f492fc20bbd187186f9c707a202f44f6eef9
a1dae8ed2e18a113c1c1c8b4922683a296ab40349c8eb4e2514ccc5e9f3ed397
a1f4086973dc8059c20b2a680c1e4cfae4069ff3a4a063a297bbcd9281115dab
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6010d4fbbdf8ee64f9dd0d7e18ceef9edeabb9ba4620b5eba658a9eff5c220f
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8f3d9e4b35c52b61d73041f0707384aaddc048436f542fe3459185486b2d709
a91e60b554f9b9a46e69555f0e6ef5db2772b3a96df2bc91a775fedc07a51de3
a9ee9306de2291e605f8344abf097ba6a9e5b609c7a30970ade937cb73819037
aac8a51d86b9c8a821060b6c47348fda753abb9c1e79641c76cef8c8e4a46817
ab8a0b1e7521c7e845e6d54dfa453ff711353b7378ef9a99ed5df38df4383c85
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ace6a6b223be65a6a6ac22512a85447756c91e3e7c9de77ebf5bc1ed029ab510
ae23ddec6ff84e1b00b1049467da16f185e82853c2c89285fba783863f400999
aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1cc6855c1158a93a504ae865356e6274c236c7f81c2ba7654156c0c7761360a
b3e6b5af5e646986ac2345c48bd90b6ebec6efea81cd055d28fbfa73de052405
b40fffdca8df7dcf6a825dc35de6f3ee8bca5119730c8938e77e805d8016cb78
b414248bbcf7e8ecb52bb264ef9b47cbb5849d78cd7567262c8a44f6d53c4c6b
b510ee91066f77f938f78422378a73f44818d0ee661c0ccb5ad398cc7dd6b080
b52af4f6849257bb609f2078d51dc45ad49c0f9b5ff217cf6f9c1c8afcb9a8df
b751ee3a23f68aa0e2eab665232c87f14813f37379e92ea4c94c976ff6336637
b8bf1ce94288681edefbce3053bacc05d1a5081dd4ad962da2e8cf734d044d40
ba7cec6d75f86ee49f09fcfb4b547cc4e4906cb4b20905bd610500e5011bcda9
bab4cb9332bd672a87079c460f6b3036e9494d13e0fb75d900fd702d6b8ade05
bd368567408cb7952e868529211f6939acd670fc85c7abaf4a97632078169c21
be12dbeb382f6fc2d39357443b3b916558e51163e8791329ec55d5ac9d75dca8
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3414c73d546ab87194a785bc8091b8449605760c26699f32172a154f033c3c5
c42854521587191dba79c0cb0721daf9804911b9d3f7168b1753d261c00080b2
c5bfe7e837984f45a4b301978ceb06a03fea2e60a15b937d99fd5b30d6ae9946
c7360a9b46fde11845b3090ca0034fb409d92398a71f3ae15fac3a2fa29ae6cc
c81cab8c63d469329c0e0724770c6c8622f0d5d1fb8b6f919b6d7dddfadba190
ca157b8a9c98a19c0446a974ea642d13e3b3398f328d312fd474df9f63c45fe9
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cdc4bfeb56b07215f2a7434e814b9406a1e9e703b13111cf01bf5de20a61f502
cded44acd60feacae552415437e108c16bbfaaea8294ff0d9a2ed81dc8ce2d13
ce50c41dcedcc5d4e7de786be4cef33a86d902d1255aa6125c1815d94ac827fe
ce912e6d3b543995e5d01accdc7e4c700d32e05acc2c618249c3e1634c494e74
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d06ae5e97e495832fc4526c3e93d7e9440f1faf5f77669b41678c9d564a25faf
d11344d92d75aa78f523fc29ccd95ebc92af0012fe6e9bee839fd21534ef76c0
d34f1f5b282bd8ea254ef40e7f6d7a4ba4399e5e71324f45619ba0034cfddac7
d36e3b90b1f0f4b75a3777737e067adc48424b60cd7e4c6fcd7d7a59c509ec4b
d39d2581b21c1ba1194c85d32940c69e206e48f8fc8834306682824e3ee5d487
d3d03246e614a6cd3ea3de89e84f8352795658122c1880c526279c175a21ab5f
d43002ad5e39848ef1eb51f82cfa32fbec8514a48a628287ad3bfa63f6ba9a17
d5f7c1c0cbec2c27d4165db4cd06b7780f477fc9161008bde67c7a9d62b223aa
d97ba2bfcb1ab988ae9b0a822be6ca7390d9de0dc50003c8768c7f9e1877bdf3
d9a093aaa6bf60bcc9caad8031ae1878332f5bc6b2fbd718404c77ec16f63d57
da370af4691e19f146ac8e77da8032712c3b1d3f54952f944df74b1595122202
db2f644dfaf9dc0cb27da57f2857a2936d25b771ba1619473dbcba889b7907f2
db8b7bd8e3b47a8bf8cbd86926a7ca3e25ba931575b0d0148c66da50cbc2e763
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
dfdc1f05ccfc2cb2352ee1b2a6a0988d1525f7c67cb966dce430ae8c4231245d
e115819eef9b2147d3ad8b3ef40487ede44852e4a63d9062cb1980eb41b7cd27
e17015d0c998495d78087eec7a8017798a0137a15dc8487adf936e81522dd116
e23a61fdaf1449a6571008664b9d20bf10cc7149b6ab7fe96bed391616303f00
e2cf23246faa8dc51d53f8194af77082ccfa8dff6a73596ea98c0ded52fb3a39
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5bab9427ec1d36c811e3ca40b2a1014b330dea0fc48b787041c572e1fdc4f28
e60fc30093f72426cdcfb66adc7766c4ef5265fc595689d7ba2e56180c919bd0
e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad
e70ffc4d01cfe4313b5fe6d1ec876d1e8c6a638f1ede2b7ba0cb236f5026de25
e9c6ed594b1ffcb4b12c7ea019ec08b299d4e62f83c38c03c376afc4f723ab7c
ea24837103070968a4b29ff947900cc3595204a8164ab822e53e0731074989ed
ea3fb2d69b33c82e436b6b8918676a539023628324a4240ad5bafba6dd97ce74
eb73d9ce5ff4f99173940e81a1d9ac4242340f8e262ba3933b95fd53a753dd2d
ec636790224fbf496a3a0057578ebb57e55b7abfafd47f0029c906f84560cceb
ecccf884df25a44192c5c63c92604d1e5fb131446606c63dd42146373469bc52
ed6c88b024f26f59ef35e4d63d27c48e24f1953426a969426f6c77853e3e1b22
ee3eb4db98e43c96181e4603d67eabf5d680a95ddca89839334e3cb93a22276b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff9611cedbd4005f4e14141b36370a67bffe1e50b1082cb32a84ee835c27a21
effe3bd735d8ab5d0c9a8554f2ad8d4a344bbd602d0ac938e50ac5bb53beea66
f0830aa3f60c61a18b02cbf261bb7fccc5e8844ddf75c5072d865b1b76c103f6
f170d29486321587cadb0935b5538eeb97db6838b509c791f8e603162671b22e
f2029c9ff998a7b7f40597b81b9e3c88b7d090ceec3eeac8381a0b3a3845225b
f35e7e284c5a379b487f0fb6f28f87a65b92dd6ed268468c091b261cdb4fb09f
f36e32e465ea097161710b2aa52cc6c864110698cc16cea1b956f633db2c4886
f439f7a4f961828a48fc8abf9d6360685b86a53775d2339a002f2a454d5991b4
f659cdc6729e13e2604692492c7a3a4dcdd7aac6a18f0648c1492ecd200a5633
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e
f79e1f14cff6f380ebbbea645bb159978ead5447a33a0ced34534b2271eb4019
f81cffaea52b9980ed58c8ecccda3aa040c8ac55ea4a79c1a83ebd810944b36e
f8a26a2d7b8e9ff2d1fb982edf86999e28e1a3fb66266178ef03d190c0523dfd
f90f454ad17cf420c25c421cedb528e671d19f1c322f36a4ba7f91de378f9825
fb96ae562aee53baf3a0543cacbd63ee3802ae42cadef2586b1c9f79296c54d9
fbb21b341144342355faeea96404c113bba9071320ed0d6c5004c2e65e0e9de5
fcc9ba79def68dcbac6bfe3b08a16e6002baa3ecc018252d840d58cf8bb8bc9d
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3