urlscan.io logo urlscan.io
SecurityTrails logo

torontosun.com Open in urlscan Pro
34.111.249.109  Public Scan

Go To Rescan Add Verdict Report
URL: https://torontosun.com/
Submission: On December 16 via api from DO — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 98 IPs in 12 countries across 65 domains to perform 341 HTTP transactions. The main IP is 34.111.249.109, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is torontosun.com. The Cisco Umbrella rank of the primary domain is 184248.
TLS certificate: Issued by GTS CA 1D4 on November 22nd 2022. Valid for: 3 months.
This is the only time torontosun.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 34.111.249.109 396982 (GOOGLE-CL...)
15 2a00:1450:400... 15169 (GOOGLE)
3 18.66.108.49 16509 (AMAZON-02)
2 104.96.145.246 16625 (AKAMAI-AS)
1 13.32.27.33 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:e2:... 13335 (CLOUDFLAR...)
6 2606:4700:10:... 13335 (CLOUDFLAR...)
4 18.66.97.108 16509 (AMAZON-02)
1 18.66.112.84 16509 (AMAZON-02)
32 34.117.54.29 396982 (GOOGLE-CL...)
20 34.149.157.221 15169 (GOOGLE)
7 100.22.15.219 16509 (AMAZON-02)
1 63.32.218.197 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a04:4e42::485 54113 (FASTLY)
1 104.87.141.138 16625 (AKAMAI-AS)
1 35.241.9.51 15169 (GOOGLE)
3 7 37.252.171.53 29990 (ASN-APPNEX)
1 104.19.150.54 13335 (CLOUDFLAR...)
10 34.107.254.252 396982 (GOOGLE-CL...)
1 108.138.4.150 16509 (AMAZON-02)
26 18.156.195.47 16509 (AMAZON-02)
2 34.98.64.218 396982 (GOOGLE-CL...)
1 216.52.2.48 32475 (SINGLEHOP...)
1 2a02:2638:1::1a 44788 (ASN-CRITE...)
2 2602:803:c003... 26667 (RUBICONPR...)
1 185.64.189.112 62713 (AS-PUBMATIC)
2 104.18.33.19 13335 (CLOUDFLAR...)
2 75.2.40.13 16509 (AMAZON-02)
8 10 142.251.208.98 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
15 19 2600:9000:225... 16509 (AMAZON-02)
27 2a04:4e42:400... 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 63.34.253.29 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
4 18.159.85.30 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 152.199.22.243 15133 (EDGECAST)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
5 2600:9000:223... 16509 (AMAZON-02)
8 2a00:1450:400... 15169 (GOOGLE)
1 5 99.86.240.69 16509 (AMAZON-02)
10 2a04:4e42:600... 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
3 2600:1f18:44f... 14618 (AMAZON-AES)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2600:9000:215... 16509 (AMAZON-02)
2 2a02:2638::3 44788 (ASN-CRITE...)
2 2600:9000:206... 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
1 2 2a02:2638:1::13 44788 (ASN-CRITE...)
2 151.101.194.207 54113 (FASTLY)
2 2a03:2880:f00... 32934 (FACEBOOK)
1 52.222.214.32 16509 (AMAZON-02)
1 18.66.100.58 16509 (AMAZON-02)
9 2600:1f18:1ac... 14618 (AMAZON-AES)
1 178.250.0.157 44788 (ASN-CRITE...)
2 2001:4860:480... 15169 (GOOGLE)
1 99.86.240.44 16509 (AMAZON-02)
1 18.66.15.97 16509 (AMAZON-02)
2 18.66.15.32 16509 (AMAZON-02)
1 54.155.18.159 16509 (AMAZON-02)
3 2a00:1450:402... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 176.9.63.246 24940 (HETZNER-AS)
1 151.101.2.207 54113 (FASTLY)
1 3.210.251.205 14618 (AMAZON-AES)
2 2a03:2880:f10... 32934 (FACEBOOK)
1 2600:1901:0:8... 15169 (GOOGLE)
2 23.35.236.201 16625 (AKAMAI-AS)
1 23.35.236.188 16625 (AKAMAI-AS)
2 104.109.78.125 16625 (AKAMAI-AS)
1 104.18.36.94 13335 (CLOUDFLAR...)
1 4 172.64.154.237 13335 (CLOUDFLAR...)
1 2 185.64.190.78 62713 (AS-PUBMATIC)
3 5 52.46.128.147 16509 (AMAZON-02)
1 5 185.80.39.216 27381 (CASALE-MEDIA)
3 3.33.220.150 16509 (AMAZON-02)
1 1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 34.111.151.213 396982 (GOOGLE-CL...)
1 1 185.183.112.148 60350 (VP)
1 172.64.151.162 13335 (CLOUDFLAR...)
2 4 69.173.144.165 26667 (RUBICONPR...)
4 4 69.173.144.138 26667 (RUBICONPR...)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
3 5 67.220.224.150 16509 (AMAZON-02)
1 1 185.29.132.241 30419 (MEDIAMATH...)
7 185.64.190.80 62713 (AS-PUBMATIC)
1 1 178.250.0.163 44788 (ASN-CRITE...)
2 2 213.155.156.184 1299 (TWELVE99 ...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 54.75.190.240 16509 (AMAZON-02)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
1 35.204.74.118 396982 (GOOGLE-CL...)
2 2 37.157.6.252 198622 (ADFORM)
1 185.64.190.81 ()
1 2001:4860:480... ()
341 98
2    34.111.249.109 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 109.249.111.34.bc.googleusercontent.com
torontosun.com
15    2a00:1450:400d:808::2002 (Ireland)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
3    18.66.108.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-108-49.fra56.r.cloudfront.net
c.amazon-adsystem.com
2    104.96.145.246 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-145-246.deploy.static.akamaitechnologies.com
micro.rubiconproject.com
ads.rubiconproject.com
1    13.32.27.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-33.fra56.r.cloudfront.net
cdn.adsafeprotected.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:e2::ac40:8f26 (United States)

ASN13335 (CLOUDFLARENET, US)
www.npttech.com
6    2606:4700:10::6816:49e8 (United States)

ASN13335 (CLOUDFLARENET, US)
auth.lrcontent.com
config.lrcontent.com
4    18.66.97.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-108.fra56.r.cloudfront.net
cdn.browsiprod.com
1    18.66.112.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-84.fra56.r.cloudfront.net
ak.sail-horizon.com
32    34.117.54.29 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 29.54.117.34.bc.googleusercontent.com
fem.gprod.postmedia.digital
dcs-static.gprod.postmedia.digital
20    34.149.157.221 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 221.157.149.34.bc.googleusercontent.com
smartcdn.gprod.postmedia.digital
7    100.22.15.219 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-100-22-15-219.us-west-2.compute.amazonaws.com
events.browsiprod.com
1    63.32.218.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-218-197.eu-west-1.compute.amazonaws.com
yield-manager.browsiprod.com
4    2a00:1450:400d:805::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700::6812:af (United States)

ASN13335 (CLOUDFLARENET, US)
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
1    2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    104.87.141.138 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-87-141-138.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co
7    37.252.171.53 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
secure.adnxs.com
1    104.19.150.54 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
10    34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com
api.permutive.com
googlesync.permutive.com
1    108.138.4.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-4-150.fra56.r.cloudfront.net
aax-dtb-cf.amazon-adsystem.com
26    18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
c2shb.pubgw.yahoo.com
2    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
postmedia-d.openx.net
u.openx.net
1    216.52.2.48 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    2a02:2638:1::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
2    2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    104.18.33.19 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
2    75.2.40.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa7557bb34ea5624b.awsglobalaccelerator.com
api.sail-personalize.com
10    142.251.208.98 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s41-in-f2.1e100.net
cm.g.doubleclick.net
1    2a00:1450:400d:808::2010 (Ireland)

ASN15169 (GOOGLE, US)
storage.googleapis.com
19    2600:9000:225e:1200:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.jwplayer.com
27    2a04:4e42:400::626 (United States)

ASN54113 (FASTLY, US)
assets-jpcust.jwpsrv.com
ssl.p.jwpcdn.com
prd.jwpltx.com
videos-fms.jwpsrv.com
1    2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.com
3    63.34.253.29 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-253-29.eu-west-1.compute.amazonaws.com
pixel.adsafeprotected.com
1    2a00:1450:400d:805::2001 (Ireland)

ASN15169 (GOOGLE, US)
6d49519d1fdf76a7ab36c75192cd0ac6.safeframe.googlesyndication.com
4    18.159.85.30 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-85-30.eu-central-1.compute.amazonaws.com
postmedia.hub.loginradius.com
5    2a00:1450:400d:807::2001 (Ireland)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2a00:1450:400d:807::2004 (Ireland)

ASN15169 (GOOGLE, US)
www.google.com
1    152.199.22.243 (United States)

ASN15133 (EDGECAST, US)
entitlements.jwplayer.com
2    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    2a00:1450:400d:802::2006 (Ireland)

ASN15169 (GOOGLE, US)
s0.2mdn.net
3    2a00:1450:400d:807::2003 (Ireland)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2606:4700::6811:b6b1 (United States)

ASN13335 (CLOUDFLARENET, US)
experience.tinypass.com
cdn.tinypass.com
5    2600:9000:223c:2e00:8:2ae1:d740:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.viafoura.net
8    2a00:1450:400d:807::2008 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    99.86.240.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-240-69.vie50.r.cloudfront.net
sb.scorecardresearch.com
10    2a04:4e42:600::645 (United States)

ASN54113 (FASTLY, US)
jssdkcdns.mparticle.com
identity.mparticle.com
jssdks.mparticle.com
1    2a00:1450:400d:805::2002 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    2600:1f18:44f0:4800:250:51f2:8e30:528d (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
api.viafoura.co
1    2606:4700::6810:f015 (United States)

ASN13335 (CLOUDFLARENET, US)
c2.piano.io
2    2600:9000:2156:2000:7:75d4:e40:93a1 (United States)

ASN16509 (AMAZON-02, US)
assets.ribn.com
2    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    2600:9000:206e:d600:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
5    2a00:1450:400d:80d::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    151.101.194.207 (United States)

ASN54113 (FASTLY, US)
sdk.mrf.io
2    2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    52.222.214.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-32.fra56.r.cloudfront.net
get.s-onetag.com
1    18.66.100.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-100-58.fra56.r.cloudfront.net
cdn.parsely.com
9    2600:1f18:1aca:4282:259b:2b92:b6d2:f836 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dt.adsafeprotected.com
1    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
region1.analytics.google.com
1    99.86.240.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-240-44.vie50.r.cloudfront.net
onetag-geo.s-onetag.com
1    18.66.15.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-97.vie50.r.cloudfront.net
signal-beacon.s-onetag.com
2    18.66.15.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-32.vie50.r.cloudfront.net
signal-segments.s-onetag.com
1    54.155.18.159 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-18-159.eu-west-1.compute.amazonaws.com
p1.parsely.com
3    2a00:1450:4025:401::9c (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:400d:80c::2003 (Ireland)

ASN15169 (GOOGLE, US)
www.google.de
3    176.9.63.246 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: haproxy08.cl03.het.mrf.io
events.newsroom.bi
compassdata.mrf.io
1    151.101.2.207 (United States)

ASN54113 (FASTLY, US)
flowcards.mrf.io
1    3.210.251.205 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-251-205.compute-1.amazonaws.com
i.viafoura.co
2    2a03:2880:f107:83:face:b00c:0:25de (Vienna, Austria)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2600:1901:0:8344:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
lexicon.33across.com
2    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com
acdn.adnxs.com
2    104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    104.18.36.94 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
4    172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
dsum.casalemedia.com
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
5    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
5    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
3    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
1    34.111.151.213 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 213.151.111.34.bc.googleusercontent.com
dmp.brand-display.com
1    185.183.112.148 (Paris, France)

ASN60350 (VP, FR)
sync.adotmob.com
1    172.64.151.162 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.indexww.com
4    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
4    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    2a05:d018:d29:3601:576c:7828:69ec:4641 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
5    67.220.224.150 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
7    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    213.155.156.184 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-184.teliacarrier-cust.com
d5p.de17a.com
1    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
1    54.75.190.240 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-190-240.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
1    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
1    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
2    37.157.6.252 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net
c1.adform.net
1    185.64.190.81 (None, )

ASN- ()
simage4.pubmatic.com
1    2001:4860:4802:34::36 (None, )

ASN- ()
region1.analytics.google.com
Apex Domain
Subdomains		 Transfer
52 postmedia.digital
fem.gprod.postmedia.digital — Cisco Umbrella Rank: 130932
smartcdn.gprod.postmedia.digital — Cisco Umbrella Rank: 95565
dcs-static.gprod.postmedia.digital — Cisco Umbrella Rank: 112082
652 KB
27 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 837
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 408
2 KB
20 jwplayer.com
cdn.jwplayer.com — Cisco Umbrella Rank: 2620
entitlements.jwplayer.com — Cisco Umbrella Rank: 3505
67 KB
19 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 192
cm.g.doubleclick.net — Cisco Umbrella Rank: 208
stats.g.doubleclick.net — Cisco Umbrella Rank: 77
305 KB
18 jwpsrv.com
assets-jpcust.jwpsrv.com — Cisco Umbrella Rank: 3480
videos-fms.jwpsrv.com — Cisco Umbrella Rank: 4851
491 KB
15 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
6d49519d1fdf76a7ab36c75192cd0ac6.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 139
223 KB
15 adsafeprotected.com
cdn.adsafeprotected.com — Cisco Umbrella Rank: 3234
pixel.adsafeprotected.com — Cisco Umbrella Rank: 604
static.adsafeprotected.com — Cisco Umbrella Rank: 587
dt.adsafeprotected.com — Cisco Umbrella Rank: 543
178 KB
14 rubiconproject.com
micro.rubiconproject.com — Cisco Umbrella Rank: 2861
ads.rubiconproject.com — Cisco Umbrella Rank: 2891
fastlane.rubiconproject.com — Cisco Umbrella Rank: 462
eus.rubiconproject.com — Cisco Umbrella Rank: 529
pixel.rubiconproject.com — Cisco Umbrella Rank: 309
token.rubiconproject.com — Cisco Umbrella Rank: 563
248 KB
14 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 296
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 503
s.amazon-adsystem.com — Cisco Umbrella Rank: 273
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 912
56 KB
13 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 449
ads.pubmatic.com — Cisco Umbrella Rank: 481
image6.pubmatic.com — Cisco Umbrella Rank: 716
simage2.pubmatic.com — Cisco Umbrella Rank: 641
image2.pubmatic.com — Cisco Umbrella Rank: 852
simage4.pubmatic.com
27 KB
12 browsiprod.com
cdn.browsiprod.com — Cisco Umbrella Rank: 13967
events.browsiprod.com — Cisco Umbrella Rank: 12023
yield-manager.browsiprod.com — Cisco Umbrella Rank: 12995
93 KB
11 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 482
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 419
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 513
dsum.casalemedia.com — Cisco Umbrella Rank: 1324
9 KB
11 permutive.com
cdn.permutive.com — Cisco Umbrella Rank: 2583
api.permutive.com — Cisco Umbrella Rank: 1991
googlesync.permutive.com — Cisco Umbrella Rank: 8376
27 KB
10 mparticle.com
jssdkcdns.mparticle.com — Cisco Umbrella Rank: 5397
identity.mparticle.com — Cisco Umbrella Rank: 2528
jssdks.mparticle.com — Cisco Umbrella Rank: 4835
56 KB
8 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 51
492 KB
8 jwpcdn.com
ssl.p.jwpcdn.com — Cisco Umbrella Rank: 2701
276 KB
8 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 210
acdn.adnxs.com — Cisco Umbrella Rank: 576
secure.adnxs.com — Cisco Umbrella Rank: 414
24 KB
7 google.com
adservice.google.com — Cisco Umbrella Rank: 72
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 4762
2 KB
7 gstatic.com
fonts.gstatic.com
www.gstatic.com
90 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29
region1.google-analytics.com — Cisco Umbrella Rank: 2623
20 KB
6 lrcontent.com
auth.lrcontent.com — Cisco Umbrella Rank: 46816
config.lrcontent.com — Cisco Umbrella Rank: 19555
96 KB
5 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 3839
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 4644
signal-beacon.s-onetag.com — Cisco Umbrella Rank: 5046
signal-segments.s-onetag.com — Cisco Umbrella Rank: 8282
19 KB
5 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 154
3 KB
5 viafoura.net
cdn.viafoura.net — Cisco Umbrella Rank: 11395
195 KB
5 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 713
gum.criteo.com — Cisco Umbrella Rank: 394
mug.criteo.com — Cisco Umbrella Rank: 2835
dis.criteo.com — Cisco Umbrella Rank: 658
8 KB
4 mrf.io
sdk.mrf.io — Cisco Umbrella Rank: 14121
flowcards.mrf.io — Cisco Umbrella Rank: 14501
compassdata.mrf.io — Cisco Umbrella Rank: 119173
32 KB
4 viafoura.co
api.viafoura.co — Cisco Umbrella Rank: 11742
i.viafoura.co — Cisco Umbrella Rank: 11598
4 KB
4 loginradius.com
postmedia.hub.loginradius.com — Cisco Umbrella Rank: 134150
1 KB
4 google.de
adservice.google.de — Cisco Umbrella Rank: 8549
www.google.de — Cisco Umbrella Rank: 6041
1 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
storage.googleapis.com — Cisco Umbrella Rank: 415
imasdk.googleapis.com — Cisco Umbrella Rank: 405
516 KB
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 24144
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 26541
739 B
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 315
793 B
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 566
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4459
562 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 599
cdn.indexww.com — Cisco Umbrella Rank: 1485
2 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
203 B
2 newsroom.bi
events.newsroom.bi — Cisco Umbrella Rank: 11523
1008 B
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 2773
p1.parsely.com — Cisco Umbrella Rank: 2076
26 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 149
112 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 637
58 KB
2 ribn.com
assets.ribn.com — Cisco Umbrella Rank: 132511
8 KB
2 tinypass.com
experience.tinypass.com — Cisco Umbrella Rank: 7708
cdn.tinypass.com — Cisco Umbrella Rank: 5759
100 KB
2 sail-personalize.com
api.sail-personalize.com — Cisco Umbrella Rank: 2898
496 B
2 openx.net
postmedia-d.openx.net — Cisco Umbrella Rank: 158184
u.openx.net — Cisco Umbrella Rank: 653
468 B
2 torontosun.com
torontosun.com — Cisco Umbrella Rank: 184248
122 KB
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 759
610 B
1 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 719
266 B
1 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 2401
382 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 434
724 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 367
925 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1368
268 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1494
366 B
1 dotomi.com
casale-match.dotomi.com — Cisco Umbrella Rank: 2693
181 B
1 33across.com
lexicon.33across.com — Cisco Umbrella Rank: 2050
249 B
1 piano.io
c2.piano.io — Cisco Umbrella Rank: 4117
2 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 188
47 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 267
17 KB
1 jwpltx.com
prd.jwpltx.com — Cisco Umbrella Rank: 2798
40 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 581
402 B
1 prmutv.co
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co — Cisco Umbrella Rank: 173192
392 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1200
17 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 381
1 KB
1 permutive.app
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app — Cisco Umbrella Rank: 137858
109 KB
1 sail-horizon.com
ak.sail-horizon.com — Cisco Umbrella Rank: 2974
44 KB
1 npttech.com
www.npttech.com — Cisco Umbrella Rank: 8038
3 KB
341 65
Domain Requested by
28 dcs-static.gprod.postmedia.digital torontosun.com
dcs-static.gprod.postmedia.digital
26 c2shb.pubgw.yahoo.com micro.rubiconproject.com
20 smartcdn.gprod.postmedia.digital torontosun.com
19 cdn.jwplayer.com 15 redirects dcs-static.gprod.postmedia.digital
cdn.jwplayer.com
ssl.p.jwpcdn.com
15 assets-jpcust.jwpsrv.com
10 cm.g.doubleclick.net 8 redirects
9 dt.adsafeprotected.com
9 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
9 api.permutive.com 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
8 www.googletagmanager.com fem.gprod.postmedia.digital
jssdkcdns.mparticle.com
www.googletagmanager.com
8 ssl.p.jwpcdn.com cdn.jwplayer.com
7 events.browsiprod.com cdn.browsiprod.com
6 ib.adnxs.com 2 redirects 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
micro.rubiconproject.com
acdn.adnxs.com
6 securepubads.g.doubleclick.net torontosun.com
securepubads.g.doubleclick.net
www.googletagservices.com
5 aax-eu.amazon-adsystem.com 3 redirects ads.pubmatic.com
5 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
5 s.amazon-adsystem.com 3 redirects ssum-sec.casalemedia.com
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
5 jssdks.mparticle.com jssdkcdns.mparticle.com
5 sb.scorecardresearch.com 1 redirects fem.gprod.postmedia.digital
5 cdn.viafoura.net fem.gprod.postmedia.digital
cdn.viafoura.net
5 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 simage2.pubmatic.com ads.pubmatic.com
4 token.rubiconproject.com 4 redirects
4 pixel.rubiconproject.com 2 redirects
4 identity.mparticle.com jssdkcdns.mparticle.com
4 www.google.com tpc.googlesyndication.com
securepubads.g.doubleclick.net
4 postmedia.hub.loginradius.com fem.gprod.postmedia.digital
auth.lrcontent.com
4 config.lrcontent.com auth.lrcontent.com
4 fonts.gstatic.com fonts.googleapis.com
4 fem.gprod.postmedia.digital torontosun.com
fem.gprod.postmedia.digital
4 cdn.browsiprod.com torontosun.com
cdn.browsiprod.com
3 image2.pubmatic.com ads.pubmatic.com
3 match.adsrvr.org ssum-sec.casalemedia.com
ads.pubmatic.com
3 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
3 www.google.de
3 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
3 api.viafoura.co cdn.viafoura.net
3 videos-fms.jwpsrv.com ssl.p.jwpcdn.com
3 www.gstatic.com cdn.jwplayer.com
www.gstatic.com
3 pixel.adsafeprotected.com cdn.adsafeprotected.com
torontosun.com
3 c.amazon-adsystem.com torontosun.com
c.amazon-adsystem.com
2 c1.adform.net 2 redirects
2 cr.frontend.weborama.fr 2 redirects
2 d5p.de17a.com 2 redirects
2 image6.pubmatic.com 1 redirects ads.pubmatic.com
2 eus.rubiconproject.com micro.rubiconproject.com
eus.rubiconproject.com
2 ads.pubmatic.com micro.rubiconproject.com
ads.pubmatic.com
2 www.facebook.com
2 events.newsroom.bi sdk.mrf.io
2 region1.analytics.google.com www.googletagmanager.com
2 signal-segments.s-onetag.com get.s-onetag.com
2 connect.facebook.net torontosun.com
connect.facebook.net
2 sdk.mrf.io torontosun.com
sdk.mrf.io
2 gum.criteo.com 1 redirects static.criteo.net
2 static.adsafeprotected.com pixel.adsafeprotected.com
torontosun.com
2 static.criteo.net micro.rubiconproject.com
static.criteo.net
2 assets.ribn.com www.googletagmanager.com
torontosun.com
2 imasdk.googleapis.com cdn.jwplayer.com
imasdk.googleapis.com
2 api.sail-personalize.com ak.sail-horizon.com
2 htlb.casalemedia.com micro.rubiconproject.com
2 fastlane.rubiconproject.com micro.rubiconproject.com
2 auth.lrcontent.com torontosun.com
cdn.viafoura.net
2 torontosun.com dcs-static.gprod.postmedia.digital
1 simage4.pubmatic.com ads.pubmatic.com
1 um.simpli.fi ads.pubmatic.com
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 sync.crwdcntrl.net ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 dis.criteo.com 1 redirects
1 sync.mathtag.com 1 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 px.ads.linkedin.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 sync.adotmob.com 1 redirects
1 dmp.brand-display.com 1 redirects
1 secure.adnxs.com 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 js-sec.indexww.com micro.rubiconproject.com
1 u.openx.net micro.rubiconproject.com
1 acdn.adnxs.com micro.rubiconproject.com
1 lexicon.33across.com micro.rubiconproject.com
1 compassdata.mrf.io sdk.mrf.io
1 i.viafoura.co cdn.viafoura.net
1 flowcards.mrf.io
1 p1.parsely.com
1 signal-beacon.s-onetag.com get.s-onetag.com
1 onetag-geo.s-onetag.com get.s-onetag.com
1 region1.google-analytics.com www.googletagmanager.com
1 mug.criteo.com
1 cdn.parsely.com www.googletagmanager.com
1 get.s-onetag.com www.googletagmanager.com
1 c2.piano.io cdn.tinypass.com
1 www.googletagservices.com securepubads.g.doubleclick.net
1 cdn.tinypass.com experience.tinypass.com
1 jssdkcdns.mparticle.com fem.gprod.postmedia.digital
1 experience.tinypass.com fem.gprod.postmedia.digital
1 s0.2mdn.net imasdk.googleapis.com
1 prd.jwpltx.com
1 entitlements.jwplayer.com cdn.jwplayer.com
1 6d49519d1fdf76a7ab36c75192cd0ac6.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 storage.googleapis.com dcs-static.gprod.postmedia.digital
1 googlesync.permutive.com
1 hbopenbid.pubmatic.com micro.rubiconproject.com
1 bidder.criteo.com micro.rubiconproject.com
1 ap.lijit.com micro.rubiconproject.com
1 postmedia-d.openx.net micro.rubiconproject.com
1 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
1 cdn.permutive.com 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
1 23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
1 secure.cdn.fastclick.net torontosun.com
1 cdn.jsdelivr.net micro.rubiconproject.com
1 ads.rubiconproject.com micro.rubiconproject.com
1 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app fem.gprod.postmedia.digital
1 yield-manager.browsiprod.com cdn.browsiprod.com
1 ak.sail-horizon.com torontosun.com
1 www.npttech.com torontosun.com
1 fonts.googleapis.com torontosun.com
1 cdn.adsafeprotected.com torontosun.com
1 micro.rubiconproject.com torontosun.com
341 123
Subject Issuer Validity Valid
torontosun.com
GTS CA 1D4		 2022-11-22 -
2023-02-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh
*.adsafeprotected.com
Amazon		 2022-06-21 -
2023-07-20		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-06 -
2023-06-05		 a year crt.sh
*.browsiprod.com
Amazon		 2022-02-13 -
2023-03-14		 a year crt.sh
ak.sail-horizon.com
Amazon		 2022-01-06 -
2023-02-02		 a year crt.sh
gprod.postmedia.digital
GTS CA 1D4		 2022-11-12 -
2023-02-10		 3 months crt.sh
gobrowsi.com
Amazon		 2022-11-02 -
2023-11-30		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
permutive.app
Cloudflare Inc ECC CA-3		 2022-11-12 -
2023-02-10		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-03-21 -
2023-04-22		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-02 -
2023-12-02		 a year crt.sh
*.prmutv.co
R3		 2022-09-28 -
2022-12-27		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
permutive.com
Cloudflare Inc ECC CA-3		 2022-02-26 -
2023-02-25		 a year crt.sh
api.permutive.com
R3		 2022-10-18 -
2023-01-16		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-02 -
2023-01-25		 6 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
api.sail-personalize.com
Amazon		 2022-05-25 -
2023-06-23		 a year crt.sh
storage.googleapis.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
jwplayer.com
Amazon		 2022-11-27 -
2023-12-25		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
fw.adsafeprotected.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
*.loginradius.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-29 -
2023-12-15		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.jwplayer.com
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-26 -
2023-12-28		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
entitlements.jwplayer.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2022-06-07 -
2023-05-31		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
viafoura.com
Amazon		 2022-09-07 -
2023-10-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
jssdkcdns.mparticle.com
R3		 2022-10-23 -
2023-01-21		 3 months crt.sh
identity.mparticle.com
Go Daddy Secure Certificate Authority - G2		 2022-07-09 -
2023-07-07		 a year crt.sh
piano.io
Cloudflare Inc ECC CA-3		 2022-04-27 -
2023-04-26		 a year crt.sh
jssdks.mparticle.com
R3		 2022-10-23 -
2023-01-21		 3 months crt.sh
*.ribn.com
Amazon		 2022-08-21 -
2023-09-19		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
sdk.mrf.io
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-10-23 -
2023-11-24		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-09-24 -
2022-12-23		 3 months crt.sh
*.s-onetag.com
Amazon		 2022-12-04 -
2024-01-02		 a year crt.sh
*.parsely.com
Amazon		 2022-06-05 -
2023-07-04		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2022-04-10 -
2023-05-08		 a year crt.sh
www.google.de
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
ssl03.cert.cl03.k8s.mrf.io
R3		 2022-11-30 -
2023-02-28		 3 months crt.sh
flowcards.mrf.io
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-10-23 -
2023-11-24		 a year crt.sh
ssl02.cert.cl03.k8s.mrf.io
R3		 2022-12-12 -
2023-03-12		 3 months crt.sh
lexicon.33across.com
GTS CA 1D4		 2022-10-24 -
2023-01-22		 3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2022-10-21 -
2023-10-22		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh

This page contains 22 frames:

Primary Page: https://torontosun.com/
Frame ID: 3A60A8C5F4AD08BD6B81FBD3DFB26E56
Requests: 253 HTTP requests in this frame

Frame: https://fem.gprod.postmedia.digital/v71.0/xd.html
Frame ID: 7BDF178D6534FE3E06857B0BCE202BD5
Requests: 2 HTTP requests in this frame

Frame: https://6d49519d1fdf76a7ab36c75192cd0ac6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 78072B0F5B69A82538C71E305EA884C1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 15EFA3661D914F121BC15B6806B71DB5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4B6CCC776212ED89E7D7BC3B15412AD6
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.549.0_en_ca.html
Frame ID: B7CEE6626B19FD0E38A4A874528DAD26
Requests: 6 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=928934&campId=970x250&pubId=4811995650&chanId=165440461&placementId=6054664554&pubCreative=138416997094&pubOrder=3038327423&cb=197053979&custom=index&custom2=1&adsafe_par&impId=
Frame ID: 799E7C61A35FDB179E38B34DC22C8B68
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuCZSv8zxALLfctaw1Eu-_LZnv1uRfoZRJJBkSvDebHryPmPAlWcQgKncoMXj3GAibtgZGaqh7AsSXykeI7kgV6x7viaegucA57u3fSSkJ4K9E4DszZxIi9VzPpsrfSZOGtX60C72fgHe08lPpx9QR5I-plHExVU6AO9nO0HlNzQdazArJLsoZumRoYBDwbR6cBqjZ4zkpc208Cb66SRKelpSYLGrGvpGGGGp9tw7WGuPED700mlSsDYxNdTdHCsSheQ-i6jE3QFKJVez6bpOFuxSWeFgg6igu2oq00qcs4A8VWA0lSW2eXch28ALKLGRORow0YccBWUVPs&sai=AMfl-YRjbO_Bp2gZWLc1qkvP9LTBiVXBEX7zpQpUDSafbLp-K1eI0CX3BoDAIlpdNROubZ0z0PGbHEIs9rC7HiPhrADPBrRX916tqfshYOYsRGArKwmMAzq-xSp9TQ12Zse1&sig=Cg0ArKJSzG4ZWVvi5nVBEAE&uach_m=[UACH]&adurl=
Frame ID: ED56A9BF5F529554B43D504892E79DEC
Requests: 8 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=torontosun.com
Frame ID: 4FF177D723B1D1DAA8EEC7EE123C5FE7
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 398909F6AD36827173739A3093D8F969
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 1905B392BEA907DC8BA5123E456724FF
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Frame ID: E9603A80E0A58AFF3FB8FD0928394F3A
Requests: 12 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: FC3321A872842902D7528BDEF01D47D2
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: F26E2C4D1799C9A5AE62B1451B0ADC43
Requests: 10 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 96C984BD3552A9DF402EA7883C055B4E
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 909FE50AAAF9BB0A41D0CBA4BAA42D8A
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: F39CEA3262B6560E7230AAC56C5E26AF
Requests: 10 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:59e1639b-ef81-4e00-874b-0bf7d936c4d6&gdpr=0&gdpr_consent=
Frame ID: 4754118A64A746181E68BF82600014F4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 7308D81818EA8AC4C4311C5F240672D6
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1411022692424926832
Frame ID: 6A9D1A3E3BE7115686DB933244DCABFC
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=55D0CBF5-5780-45DF-89E1-2B9C6F03B681&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 404310763BEAB1B55B1FD91F03D3C0EF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=331733116838856510&gdpr=0&gdpr_consent=
Frame ID: 6EE8D1715FADB857B1D2D5A2992C53D3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home | Toronto Sun Home Page | Toronto SunToronto SunUser

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

341
Requests

88 %
HTTPS

41 %
IPv6

65
Domains

123
Subdomains

98
IPs

12
Countries

4870 kB
Transfer

15758 kB
Size

86
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 129
  • https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=59b383c7-347f-4425-b503-7e7d81631514 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=59b383c7-347f-4425-b503-7e7d81631514&google_tc= HTTP 302
  • https://googlesync.permutive.com/v2.0/px/sync?alias=CAESECZo1pAufye-_LDSWNGVL1c&error=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=59b383c7-347f-4425-b503-7e7d81631514&google_cver=1
Request Chain 131
  • https://cdn.jwplayer.com/v2/media/d9dbB4sc/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/crrnn3lp-320.jpg
Request Chain 132
  • https://cdn.jwplayer.com/v2/media/cI43H2tS/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/gpejx2xy-320.jpg
Request Chain 133
  • https://cdn.jwplayer.com/v2/media/CtFnNPda/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/u8uit50p-320.jpg
Request Chain 134
  • https://cdn.jwplayer.com/v2/media/1neXBkPA/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/oxcqfdgl-320.jpg
Request Chain 135
  • https://cdn.jwplayer.com/v2/media/E16vC0st/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/pihrgonv-320.jpg
Request Chain 136
  • https://cdn.jwplayer.com/v2/media/oJJGx4RN/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/xgs44ygt-320.jpg
Request Chain 137
  • https://cdn.jwplayer.com/v2/media/o6EK83ym/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/cri4cye5-320.jpg
Request Chain 138
  • https://cdn.jwplayer.com/v2/media/iAR6JDbF/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/3gugdm44-320.jpg
Request Chain 139
  • https://cdn.jwplayer.com/v2/media/UteA8aCv/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/z9yp0uso-320.jpg
Request Chain 140
  • https://cdn.jwplayer.com/v2/media/rZWWoovK/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/jy14ugsv-320.jpg
Request Chain 166
  • https://cdn.jwplayer.com/tracks/VPJ6pj1v.vtt HTTP 301
  • https://assets-jpcust.jwpsrv.com/tracks/VPJ6pj1v.vtt
Request Chain 168
  • https://cdn.jwplayer.com/strips/rZWWoovK-120.vtt HTTP 301
  • https://assets-jpcust.jwpsrv.com/strips/rZWWoovK-120.vtt
Request Chain 172
  • https://cdn.jwplayer.com/v2/media/rZWWoovK/poster.jpg?width=720 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/jy14ugsv-720.jpg
Request Chain 173
  • https://cdn.jwplayer.com/v2/media/rZWWoovK/poster.jpg?width=640 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/jy14ugsv-640.jpg
Request Chain 211
  • https://cdn.jwplayer.com/v2/media/d9dbB4sc/poster.jpg?width=120 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/crrnn3lp-120.jpg
Request Chain 243
  • https://sb.scorecardresearch.com/c2/10276888/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
Request Chain 247
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=torontosun.com&sn=ChromeSyncframe&so=0&topUrl=torontosun.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=l9Yd73xTRWlSdUhuV0ptRWhDVW92T2JDbFJZLzRBeTk3Zkd5QzVIMlpKb0JrbXMwQ0Y1bXJqeUdKQmg4S2tnRUNaNGFWUGRuOEJRbFNBbG5FWENLb3pqTFA5SERUaU9NRWVXQlRTYnFXNy9wTjhvSlBSTHZDdHd3WFU1V05weDNiU2N3bVlIbmp4UVQyY2s2OW5sQnVMTnpxMnc2ajNEOWdUd3ZCTlorNUNEcUd2WDNESjFod1h4aW4vTDJxWmtqYkMwTG5CTHRmdmJiak9pTlFHN3ZuVGNRRW5JeHdMamZSdDlCa25wS2FxaElLcTNQSnpPNGJsZzJ1MFF3OU51MDhSUGc0aGNoalM4VC9zWHF2Y2VmUlpJQzZFdz09fA&cppv=2
Request Chain 301
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 303
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 305
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y5vvgcGmWMOEV209pnY3swAABKoAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ9gIJykc_C-o5F0UwfSuMY&google_cver=1
Request Chain 306
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y5vvgcGmWMOEV209pnY3swAABKoAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y5vvgcGmWMOEV209pnY3swAABKoAAAAB&dcc=t
Request Chain 307
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y5vvgcGmWMOEV209pnY3swAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEozytIZR5K06IqXZGO4a1o&google_cver=1
Request Chain 309
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1671250177
Request Chain 310
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=331733116838856510
Request Chain 311
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=5d6c878e-0d3a-02ba-6793b917
Request Chain 312
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
Request Chain 314
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Fv6BC0GkRxaETZ19WYjOAg&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Fv6BC0GkRxaETZ19WYjOAg
Request Chain 315
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJQWlJGMzQtMU0tSzlBMw==
Request Chain 316
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBPZRF34-1M-K9A3
Request Chain 317
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDSfbSVEkshJl6pbp-yJDxU&google_cver=1
Request Chain 318
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzcwZjYxMjMxMWYwNTAwYmEzZjcxMTUwM2U3YmUxYTBjNGE2YWQyMw
Request Chain 319
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/3boCHm9i9vHfYLRZgJMEZMn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-m0hzYStE2oJ0ZydHhRKvxPrGTqhXhhXs3Tby5w--~A
Request Chain 320
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=iWYKPAjkQbSB06fMeoTkzA&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=iWYKPAjkQbSB06fMeoTkzA
Request Chain 322
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:59e1639b-ef81-4e00-874b-0bf7d936c4d6&gdpr=0&gdpr_consent=
Request Chain 323
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 324
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1411022692424926832
Request Chain 325
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=55D0CBF5-5780-45DF-89E1-2B9C6F03B681&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=55D0CBF5-5780-45DF-89E1-2B9C6F03B681&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 326
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=331733116838856510&gdpr=0&gdpr_consent=
Request Chain 327
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VdDL9VeARd-J4SucbwO2gQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 330
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1165507131 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=55D0CBF5-5780-45DF-89E1-2B9C6F03B681
Request Chain 331
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTVEMENCRjUtNTc4MC00NURGLTg5RTEtMkI5QzZGMDNCNjgx&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 332
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJoyFxl95k0MDjF1ykINodk&google_cver=1
Request Chain 334
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1679576178816261471

341 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
torontosun.com/ 		896 KB
112 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.249.109 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
109.249.111.34.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
2505036dc4bf486348c3dd8f36b787d6f4cdf4da52ed3f36b80f826fb10f8607
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-dynamic' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
max-age=300
content-encoding
gzip
content-security-policy
default-src * 'unsafe-eval' 'unsafe-dynamic' 'unsafe-inline' data: blob:
content-type
text/html; charset=utf-8
date
Fri, 16 Dec 2022 04:09:30 GMT
expires
Fri, 16 Dec 2022 04:08:49 GMT
permissions-policy
autoplay=(*), camera=(*), display-capture=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), microphone=(*), payment=(*)
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.14.2
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-pmd-backend
pmd-nginx-proxy-6b5f856d6f-6cxcp
x-pmd-cache
HIT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7eabd269d94046e76c744518aa01578a00047c238727208cded024567d7a0974
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27544
x-xss-protection
0
server
sffe
etag
"1422 / 324 of 1000 / last-modified: 1670587582"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 16 Dec 2022 04:09:30 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		178 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.108.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-108-49.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
20b9cd2a5e2125ece15cc0d11ae35586a1e9eb4bc90226eb3df789adf191be61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 03:29:35 GMT
content-encoding
gzip
via
1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront), 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
last-modified
Thu, 15 Dec 2022 17:02:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P5
age
2396
x-amz-server-side-encryption
AES256
etag
W/"9678e76b6e6295571547f8fe5df68b88"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
DIo1fQDRDpH8xsto5bX0Z8bYy2zV_ZRgm-dMAq88c6kR4B1krlquig==
14648.js
micro.rubiconproject.com/prebid/dynamic/ 		2 MB
221 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://micro.rubiconproject.com/prebid/dynamic/14648.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-145-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
02441c6c3c04ebc9405efc745ca1ec390cdd1e1a84d4536b472f392e22d8b56e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:30 GMT
content-encoding
gzip
last-modified
Thu, 15 Dec 2022 07:41:01 GMT
server
Apache
vary
Accept-Encoding
edge-cache-tag
prod-prebid-14648_postmedia_pbjs.js
content-type
text/javascript
access-control-expose-headers
x-trp-pba
cache-control
public, must-revalidate, max-age=14400
content-length
225414
x-trp-pba
{"ruleId":"1","rulePos":0,"ruleName":"Catch All Rule","wrapperName":"14648_postmedia_pbjs","isPrimary":true,"randomProb":74,"account":14648,"device":"desktop","country":"DE","host":"torontosun.com","isMobile":false,"isTablet":false,"reqHost":"micro.rubiconproject.com","referrer":["https://torontosun.com/"],"xForwardedFor":"","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36","query":"","ranAt":"2022-12-16T04:09:30.702Z","runId":"1671163770702-4800","wrapperPath":"/prebid/14648_postmedia_pbjs.js","redirectUrl":"/prebid/get-wrapper/Catch%20All%20Rule/14648_postmedia_pbjs.js"}
expires
Fri, 16 Dec 2022 08:09:55 GMT
iasPET.1.js
cdn.adsafeprotected.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-33.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 10 Dec 2022 09:59:36 GMT
Content-Encoding
gzip
Via
1.1 6c7a5d26be7fb35284e54d321f16b6f6.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Jun 2021 17:38:57 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-C2
Age
497395
ETag
W/"51636de3ce868a2172f9e6996c2934e0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=604800
Connection
keep-alive
X-Amz-Cf-Id
aCTngUUStMh2iiWCJ6j6ESTC4z85gYukyj05Pcywwl56IDu6zQDsMQ==
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f0968e72ba174df05d85d839030aff0adb94bbb544df41272934c273ba5125a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 16 Dec 2022 04:09:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 16 Dec 2022 04:09:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 16 Dec 2022 04:09:30 GMT
advertising.js
www.npttech.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.npttech.com/advertising.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8f26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:30 GMT
x-amz-version-id
AqISHxpKTQvORh8RqBdMoHK.Vq6tURDV
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
1HGFGYKFBJ1FD4SJ
age
6101
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
w3DPCWgCIY9X371LbZeQf50Zl9JpxsSKKKTYPm7afqBmo8rwdv4zSt8970P0EiZvTo9zNvpTQwQ=
last-modified
Tue, 18 Oct 2022 13:20:01 GMT
server
cloudflare
etag
W/"df0e1827cd8f289a645f38d8fecaf6e0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=53UMqOKBsLrM4zxntFd0pVo8QrQK6fQjgaTs4LL%2B1Ollvh8xkP0eYtYSq6l6TmYBDyarrhGx6VIJp7Q7RcDdfby91WIVbJU0z6NQRdw86ZaF0kOgJuh4DlvCoSUadrwH7F5WmZN5Fw8B9eDYrz8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=28800
cf-ray
77a4905fda459c00-FRA
LoginRadiusV2.js
auth.lrcontent.com/v2/js/ 		199 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.lrcontent.com/v2/js/LoginRadiusV2.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:49e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68a335c0d87dce935fee1811892070e78c514828d50bfe2ae21fde739ec1002c
Security Headers
Name Value
Strict-Transport-Security max-age= 63072000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:30 GMT
strict-transport-security
max-age= 63072000; includeSubdomains; preload
via
1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
gzip
age
3005
x-amz-cf-pop
FRA56-C1
cf-polished
origSize=1238069
x-cache
Hit from cloudfront
cf-bgj
minify
last-modified
Mon, 13 Dec 2021 05:19:58 GMT
server
cloudflare
etag
W/"ae3463c4a59ae100b160ed4dd5dbf4b8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77a4905f7d1cbb43-FRA
x-amz-cf-id
Q7Rd-JzaEdQKUAlq7kPrJcAsbYjpQT37NFsHGZoRD6yEQCv7wqoSPg==
bootstrap.js
cdn.browsiprod.com/bootstrap/ 		44 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.browsiprod.com/bootstrap/bootstrap.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-108.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e0d6ff5c28d41e767b13a5f4582d4b006d5c9bdc0278c3c8eabc8a5ef16d033e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
9af1m900vm1axhQeqDvhNbLlfHa5kaRJ
content-encoding
br
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
date
Fri, 16 Dec 2022 04:06:59 GMT
last-modified
Wed, 23 Nov 2022 09:06:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
152
etag
W/"3f8e167efaeb906f4fdd3046cf52501d"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public,max-age=3600
x-amz-cf-id
3N4bJjHpiRN2KqiJ2Ed7l1Jxx-0toVe0rqaSM90SZdr2uSQ7t4nxDA==
spm.v1.min.js
ak.sail-horizon.com/spm/ 		124 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-84.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a8236998816487aa6623e3626d7cd50f395e3deee0732c33b150bec3cb81f9a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:00:48 GMT
content-encoding
gzip
via
1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
last-modified
Thu, 15 Sep 2022 23:20:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
522
etag
W/"97dd801dd26ae0172c7875245d92f506"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=600; must-revalidate
x-amz-cf-id
WCatagnOfy_xglXF_qDdP7QwZ5qw-Gub93aSdcze16hAU53gsF8n-w==
fem.js
fem.gprod.postmedia.digital/v71.0/ 		301 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v71.0/fem.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
bc9358013a102bd92dff4b8ffd831396f2f8faa550061163602d3c4c5fb40859

Request headers

Referer
https://torontosun.com/
Origin
https://torontosun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 18:45:44 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1669212154
age
1416226
x-guploader-uploadid
ADPycdvhBWreWFCvKihXqiLtKdf6KpwE_aweKuWtGSCDsqKKVl277kTF32a5P8sM-35xElZNzIgrb0tArcq8LP9JKubWuQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
88559
last-modified
Wed, 23 Nov 2022 14:04:35 GMT
server
UploadServer
etag
W/"bca89b6f8b4981d85748be86613526dd"
vary
Accept-Encoding
x-goog-generation
1669212275393057
x-goog-hash
crc32c=VwdH6w==, md5=vKibb4tJgdhXSL6GYTUm3Q==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
307780
accept-ranges
none
content-type
application/javascript
rangers.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/12/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/12/rangers.jpg?quality=90&strip=all&w=466&type=webp
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
95d4fee3eee1d2bad826be5d670daeeb8adc78ea27f872fd731899b11e0ef21c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Fri, 16 Dec 2022 04:09:31 GMT
via
1.1 google
server
nginx/1.19.10
etag
"6452f22b4773ba4ad002fac94c574ef93e91b725"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
miss
x-pmd-smart-cdn-proxy
thumbor-proxy-85586bbf6f-ntvpl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53388
isis.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/12/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/12/isis.jpg?quality=90&strip=all&w=466&type=webp
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
4e83812be1445dca33b2bbc084770dd3573d968d7d1a885fae54ab15d6ccf56f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Fri, 16 Dec 2022 04:09:31 GMT
via
1.1 google
server
nginx/1.19.10
etag
"6c1dbb70af5dae71d3ce99096f3747254f8e31ef"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
miss
x-pmd-smart-cdn-proxy
thumbor-proxy-85586bbf6f-ntvpl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19262
shapiro-e1671141434436.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/12/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/12/shapiro-e1671141434436.jpg?quality=90&strip=all&w=466&type=webp
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
75ae81579ed3d59bc21c3d04c8c84f8d179b0ac81d6b339b5b4ee20ba614525d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Fri, 16 Dec 2022 04:09:31 GMT
via
1.1 google
server
nginx/1.19.10
etag
"09054c12e32ec7b2267f4e9b0799ea2d0d3b123b"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
miss
x-pmd-smart-cdn-proxy
thumbor-proxy-85586bbf6f-wdq77
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19474
Henry-Morales.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/11/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/11/Henry-Morales.jpg?quality=90&strip=all&w=466&type=webp
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
bff6176392806e3cfd70c33bf603d2d8f469f02f9acbef91dc31586990ea9580

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Fri, 16 Dec 2022 02:55:30 GMT
via
1.1 google
server
nginx/1.19.10
age
4440
etag
"c5b6a1153f0d62a9f66e0020ffbd8cee6620bc58"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-85586bbf6f-kflqp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30348
PNG1120-Port-Backlog-16.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/04/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/04/PNG1120-Port-Backlog-16.jpg?quality=90&strip=all&w=466&type=webp
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
555c7d500cf06d05e4fcecd7b94b017dd56c6e9795d3d9de1e316121cbe4df60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Fri, 16 Dec 2022 04:09:31 GMT
via
1.1 google
server
nginx/1.19.10
etag
"70adbc08c905d1de6286b5397f8f05c8f44f83ac"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
miss
x-pmd-smart-cdn-proxy
thumbor-proxy-85586bbf6f-nh8hm
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35972
1449120284.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/12/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/12/1449120284.jpg?quality=90&strip=all&w=466&type=webp
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
2064444a75d9a2071124a2024f215bd076b2eeb2c4d2fccc73fb915d4909bfac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Fri, 16 Dec 2022 04:09:31 GMT
via
1.1 google
server
nginx/1.19.10
etag
"f5737da9bceea358748801c19058ebccece33b53"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
miss
x-pmd-smart-cdn-proxy
thumbor-proxy-85586bbf6f-wdq77
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18404
pine-valley-drive.png
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/12/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/12/pine-valley-drive.png?quality=90&strip=all&w=466&type=webp
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
0c75b547b7a9fda22d839e29063046aa71e940fa97eaa11abc996024e983a6c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Thu, 15 Dec 2022 17:51:01 GMT
via
1.1 google
server
nginx/1.19.10
age
37109
etag
"52e8999c22072bcdc633d760922e0d8238597f9a"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-85586bbf6f-4m9mw
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48070
duke-of-sussex.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/12/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/12/duke-of-sussex.jpg?quality=90&strip=all&w=466&type=webp
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
bebc959b993f853c46378a0718579a8642492a9257f2d6f2e8bdc00af2e53b63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Fri, 16 Dec 2022 04:09:31 GMT
via
1.1 google
server
nginx/1.19.10
etag
"75921dae5c70926e61825813376b75c0a1bee321"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
miss
x-pmd-smart-cdn-proxy
thumbor-proxy-85586bbf6f-wdq77
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13298
OPP_Snow_storm_traffic.-Sgt._Schmidt_4x3.jpeg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/12/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/12/OPP_Snow_storm_traffic.-Sgt._Schmidt_4x3.jpeg?quality=90&strip=all&w=466&type=webp
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
ca7d45e2a6601e164d2c716ec870f08a8fad6c978cc7e94a4516e9c0df71d06d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Thu, 15 Dec 2022 21:33:59 GMT
via
1.1 google
server
nginx/1.19.10
age
23731
etag
"ce2a1bb2cadb425b027ebc835d25cb87712fbdc9"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-85586bbf6f-nh8hm
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25868
904252346-scaled-e1671122889293.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/12/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/12/904252346-scaled-e1671122889293.jpg?quality=90&strip=all&w=466&type=webp
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
6f2b60f890fde744f4035bd1d1192847d535b8c7178f20eee63b576dbc5d74d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Thu, 15 Dec 2022 17:00:41 GMT
via
1.1 google
server
nginx/1.19.10
age
40129
etag
"24a307d81d992a949a400f50eafd6046982bf3fd"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-85586bbf6f-rhdwp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19500
business-wire-logo.svg
dcs-static.gprod.postmedia.digital/12.5.3/websites/images/common/ 		11 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/12.5.3/websites/images/common/business-wire-logo.svg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
7fb15552a88b764ca42963e71136255cecf99c6bccc6fdc68fbe0f930a516cb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 18:27:35 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1670619207
age
121315
x-guploader-uploadid
ADPycduP04AY3c9JweUdVGiXL_vVgjrAnf3EUTwGIWEVNaShIb6EsUYg0F5ivr0Hm1pcshy_ehZYyEwKIEQpPkQQb3NbfRTEdix4
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3994
last-modified
Wed, 14 Dec 2022 18:04:41 GMT
server
UploadServer
etag
W/"c65c15718398ba7d64f31b6847913a4c"
vary
Accept-Encoding
x-goog-generation
1671041081791207
x-goog-hash
crc32c=oKRWcA==, md5=xlwVcYOYun1k8xtoR5E6TA==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
11114
accept-ranges
none
globe-newswire.svg
dcs-static.gprod.postmedia.digital/12.5.3/websites/images/common/ 		14 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/12.5.3/websites/images/common/globe-newswire.svg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ca157b8a9c98a19c0446a974ea642d13e3b3398f328d312fd474df9f63c45fe9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 18:27:35 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1670619207
age
121315
x-guploader-uploadid
ADPycdvffsjjP1qik5ssIbPpMAjEGg51z1SWofzBXV5-2NK5pcQYwu5FW81KiORVn3RkoytmiP3z6hSx0rQbUEJSNIiewA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4041
last-modified
Wed, 14 Dec 2022 18:04:42 GMT
server
UploadServer
etag
W/"898d3597d34bb62f664ab25f0ac21cd9"
vary
Accept-Encoding
x-goog-generation
1671041082125289
x-goog-hash
crc32c=HxkysQ==, md5=iY01l9NLti9mSrJfCsIc2Q==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
14160
accept-ranges
none
icon-soc-fb.svg
dcs-static.gprod.postmedia.digital/12.5.3/websites/images/share-icons/ 		775 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/12.5.3/websites/images/share-icons/icon-soc-fb.svg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
40e562e806ce113ae7879d0dd76db82797b5c274794751c260381f2c8b283641

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 18:12:38 GMT
x-goog-meta-goog-reserved-file-mtime
1670619207
age
122212
x-guploader-uploadid
ADPycdtv2gtcWLaAxWzaqhrpPUfOBNkGRrvE0mxWJ9_hxlM5DXLLsEZOJNXUVJUh40nD1S6LLIAX5cy-sIOlBWYSUEAC4rfjtgVW
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
775
last-modified
Wed, 14 Dec 2022 18:04:55 GMT
server
UploadServer
etag
"993353c51244defcc16154eac23ff88d"
x-goog-generation
1671041095559389
x-goog-hash
crc32c=Z/aKUg==, md5=mTNTxRJE3vzBYVTqwj/4jQ==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
775
accept-ranges
bytes
icon-soc-tw.svg
dcs-static.gprod.postmedia.digital/12.5.3/websites/images/share-icons/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/12.5.3/websites/images/share-icons/icon-soc-tw.svg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
975a64dc9bbc5e1884ba8ca2e76d9b2791d16d5c9f3619bf30477cd21a8636d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 18:12:38 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1670619207
age
122212
x-guploader-uploadid
ADPycdt4WuqpEQhgn51DVh8rtaGjxywf2pFT6EyL6I5_D5xhBqNk6Lu4SmhaFvxeoKFFDnelmQVdrRJC8E9VuMcFcS870XY-U6Ut
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
806
last-modified
Wed, 14 Dec 2022 18:04:55 GMT
server
UploadServer
etag
W/"df82c342c1176b84253c53e6e10eed05"
vary
Accept-Encoding
x-goog-generation
1671041095949094
x-goog-hash
crc32c=cbPk0w==, md5=34LDQsEXa4QlPFPm4Q7tBQ==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
1698
accept-ranges
none
icon-soc-yt.svg
dcs-static.gprod.postmedia.digital/12.5.3/websites/images/share-icons/ 		744 B
983 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/12.5.3/websites/images/share-icons/icon-soc-yt.svg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
99394b0f6e9f0aefd71dd6a9ad59129ff7852e7734905bead2f2cec5789e3436

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 18:17:06 GMT
x-goog-meta-goog-reserved-file-mtime
1670619207
age
121944
x-guploader-uploadid
ADPycdvLGouttFL7foRhGXqZgz70kZX6R2fn_JVc2kzZFfVS0msfiVMdN7OkD8-4OpQQ2NZKxj2FebfdQI2pRtOaw5aDPl86BFEB
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
744
last-modified
Wed, 14 Dec 2022 18:04:55 GMT
server
UploadServer
etag
"c7b3b346ada043e6e241bca3e7f698d0"
x-goog-generation
1671041095859513
x-goog-hash
crc32c=8iXYKg==, md5=x7OzRq2gQ+biQbyj5/aY0A==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
744
accept-ranges
bytes
icon-soc-ig.svg
dcs-static.gprod.postmedia.digital/12.5.3/websites/images/share-icons/ 		2 KB
957 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/12.5.3/websites/images/share-icons/icon-soc-ig.svg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
179f43e8abd5e7bd49d05571dc29d22c9f5044eb17ca8253a49e3e28e716af61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 18:15:50 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1670619207
age
122020
x-guploader-uploadid
ADPycdtublADW-4ySp49WxhWD6rYHNQSZ1LaJqWkzUvJBJetb3XLE0deDh4XoYn4MLTJho5BKqtMGgN031NBOa0SnJ3zMA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
720
last-modified
Wed, 14 Dec 2022 18:04:55 GMT
server
UploadServer
etag
W/"cf38c08bd0b7e49f4550f048b7c4e2cf"
vary
Accept-Encoding
x-goog-generation
1671041095809938
x-goog-hash
crc32c=bCiZ9w==, md5=zzjAi9C35J9FUPBIt8Tizw==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
1898
accept-ranges
none
shared.2e4340763e2d.js
dcs-static.gprod.postmedia.digital/12.5.3/CACHE/js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/12.5.3/CACHE/js/shared.2e4340763e2d.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
0baf5f3281ad10ebed37ca8245624b6410711722ff8c0ecf3b4f9845d8ab33a7

Request headers

Referer
https://torontosun.com/
Origin
https://torontosun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 18:11:17 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1670619208
age
122293
x-guploader-uploadid
ADPycdtQ4bqk1NnymK80DDvHIAvOw0zntetzKWcKZiqe61s4tHjs6n0J9XyxSu6qPXBYlu5uslpMhmxAlyXZwb_a-M4RXg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7377
last-modified
Wed, 14 Dec 2022 18:04:29 GMT
server
UploadServer
etag
W/"c649f3af22b4f81ce931ef54aa4b2865"
vary
Accept-Encoding
x-goog-generation
1671041069216045
x-goog-hash
crc32c=cuPbsw==, md5=xknzryK0+BzpMe9UqksoZQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
20517
accept-ranges
none
content-type
application/javascript
main.6ff4cd6953e5.js
dcs-static.gprod.postmedia.digital/12.5.3/CACHE/js/ 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/12.5.3/CACHE/js/main.6ff4cd6953e5.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
6ff4cd6953e5004de78e73eb67f55b71c689e8325ba0151e65f9b2e9b9eee479

Request headers

Referer
https://torontosun.com/
Origin
https://torontosun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 18:11:16 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1670619208
age
122294
x-guploader-uploadid
ADPycdvvfzKHO9oG0gV48uP62E4qVJWDu01j9bmOku-1GZvImMt7oqBYF6A6E7YNRHd_uoyQ1pC5ITtDxCZzmzbQRGd0kQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31088
last-modified
Wed, 14 Dec 2022 18:04:29 GMT
server
UploadServer
etag
W/"900ffd4dd377fc82e222bd1ec7cfc91b"
vary
Accept-Encoding
x-goog-generation
1671041069428592
x-goog-hash
crc32c=qreUBw==, md5=kA/9TdN3/ILiIr0ex8/JGw==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
91028
accept-ranges
none
content-type
application/javascript
supply
events.browsiprod.com/events/ 		0
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/supply?p=AqzXNfLHq$dNnfXyWNl_
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.22.15.219 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-100-22-15-219.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://torontosun.com
date
Fri, 16 Dec 2022 04:09:31 GMT
access-control-allow-credentials
true
v5
yield-manager.browsiprod.com/supply/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://yield-manager.browsiprod.com/supply/v5?sk=torontosun&url=https%3A%2F%2Ftorontosun.com%2F&bid=AqzXNfLHq%24dNnfXyWNl_&at=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&sw=1600&sh=1200
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.218.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-218-197.eu-west-1.compute.amazonaws.com
Software
akka-http/10.2.1 /
Resource Hash
f2ebd3daf9f7e6e52154055594244104dbd6b2eae7f7ce9041e9834aaf669b0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
https://torontosun.com
date
Fri, 16 Dec 2022 04:09:30 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
akka-http/10.2.1
content-type
application/json
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://torontosun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 19:33:00 GMT
x-content-type-options
nosniff
age
117390
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Dec 2023 19:33:00 GMT
NGSpv5_NC0k9P_v6ZUCbLRAHxK1EbiusdUmm.woff2
fonts.gstatic.com/s/heebo/v21/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/heebo/v21/NGSpv5_NC0k9P_v6ZUCbLRAHxK1EbiusdUmm.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a02900c2dbce0e4436db42632097edb14b149edf0e58add290771afd965ec38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://torontosun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:55:40 GMT
x-content-type-options
nosniff
age
65630
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10372
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:30:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Dec 2023 09:55:40 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://torontosun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 19:33:08 GMT
x-content-type-options
nosniff
age
117382
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Dec 2023 19:33:08 GMT
23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/ 		372 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v71.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a4f5d095ff4fcc49a7d288671f1a0240784103f08a28618ec94f968aa44083a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:30 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
23dc09d6-b664-425a-a76e-0eed6a6cc102
age
2992
x-guploader-uploadid
ADPycdt3FhqbUI60xuiVNTTqrH24k7vLWetgxP1S_IEk55dboXjx0TC89vIxBzheU1qjMkFxlQi8tWYXAAmWHxdmXhU7Ng
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
last-modified
Thu, 15 Dec 2022 22:09:23 GMT
server
cloudflare
etag
W/"1a4fcb59f653e17a2b26fa93465797e7"
vary
Accept-Encoding
x-goog-generation
1671142163134543
content-type
application/javascript
x-goog-hash
crc32c=r/PlkQ==, md5=Gk/LWfZT4XorJvqTRleX5w==
cache-control
public, max-age=900
x-goog-stored-content-length
114485
cf-ray
77a490607c7f9b95-FRA
expires
Fri, 16 Dec 2022 04:24:30 GMT
pubads_impl_2022120501.js
securepubads.g.doubleclick.net/gpt/ 		380 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 12:06:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
230581
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131905
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 09:36:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 13 Dec 2023 12:06:30 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		260 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=torontosun.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
31f1262c9c30189e2357c102e2f866fe0c77b88fa3572df8c50531fe1e860b7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121
x-xss-protection
0
expires
Fri, 16 Dec 2022 04:09:31 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		248 B
604 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3528&u=https%3A%2F%2Ftorontosun.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.108.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-108-49.fra56.r.cloudfront.net
Software
Server /
Resource Hash
7beb96ef759b267b4159270a64ca009646a2e9a725882896b3dd431198b92058

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 22:12:22 GMT
via
1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P5
age
21427
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://torontosun.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
248
x-amz-cf-id
fWH04kCh0rq3eHTmG_Yxe-YJkignW2AwruCMmMZZcsK20WKhi-HdTg==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.108.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-108-49.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
KO0V33_zzBQMkGMaMpLupHqINiAUum0D
content-encoding
gzip
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
date
Thu, 15 Dec 2022 05:27:06 GMT
x-amz-cf-pop
FRA56-P5
age
81745
x-cache
Hit from cloudfront
last-modified
Wed, 07 Dec 2022 02:43:04 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
wI2EJ7xtzxA2Fb9S-Wh0cKRlJEigFeI4wFmhaRLWVGwkfECpfj_J9A==
14648-pbjs-floors.json
ads.rubiconproject.com/floors/ 		5 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/floors/14648-pbjs-floors.json
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-145-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6041280b985586f83dc91436abf20ae4b4f59df0818cef7192143e6e947bad75

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 16 Dec 2022 04:09:31 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 03:41:00 GMT
server
Apache
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1500
access-control-allow-credentials
true
accept-ranges
bytes
content-length
987
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221216
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3ab6bb77fb534c171d8192bd0d6e14367d4c91268b07703fd020669e9de63b61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 16 Dec 2022 04:09:31 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
524
x-jsd-version
1.0.1557
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
922
x-served-by
cache-fra-eddf8230021-FRA, cache-hhn-etou8220047-HHN
x-jsd-version-type
version
etag
W/"66d-hELxIyl/z47rn172WydRJYgoRW0"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
truncated
/ 		256 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3fde76cacc186420d0405496f66f9cd00a7c14a38a9ffa4b626a09affe83cc2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
icon-generic-play.svg
dcs-static.gprod.postmedia.digital/12.5.3/websites/images/common-icon/ 		1 KB
532 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/12.5.3/websites/images/common-icon/icon-generic-play.svg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
2f28c008f0ce667d697ccc95a07377e8562c0c28dd910f864724a265f75671e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 18:23:48 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1670619207
age
121543
x-guploader-uploadid
ADPycds_N2UAlmw7mYGPzmw5xO0kxFNLgoBXNdbtpFjg_NWbkm0xe9JWwZK41Nt9ZevJ7i86QI1SwBqMnmQ2WPWtZ456TA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
501
last-modified
Wed, 14 Dec 2022 18:04:43 GMT
server
UploadServer
etag
W/"34ef0f992f9fa3f5a172353b887ba82c"
vary
Accept-Encoding
x-goog-generation
1671041083278556
x-goog-hash
crc32c=+OS2xg==, md5=NO8PmS+fo/WhcjU7iHuoLA==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
1091
accept-ranges
none
carousel-previous.svg
dcs-static.gprod.postmedia.digital/12.5.3/websites/images/common-icon/ 		1 KB
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/12.5.3/websites/images/common-icon/carousel-previous.svg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e5bab9427ec1d36c811e3ca40b2a1014b330dea0fc48b787041c572e1fdc4f28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 18:17:05 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1670619207
age
121946
x-guploader-uploadid
ADPycduV6a7UOWEeJBd7X_mWA6skEL6OE52lvXm37VzhOiCiSNylubfECVojGql3U7XGxDNVA8ytdfWzXRukm07LRAujYrPbuv3z
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
519
last-modified
Wed, 14 Dec 2022 18:04:42 GMT
server
UploadServer
etag
W/"23fbd7cd311279a2b6eb68d8f6059047"
vary
Accept-Encoding
x-goog-generation
1671041082823161
x-goog-hash
crc32c=RxdKhw==, md5=I/vXzTESeaK262jY9gWQRw==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
1204
accept-ranges
none
carousel-next.svg
dcs-static.gprod.postmedia.digital/12.5.3/websites/images/common-icon/ 		1 KB
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/12.5.3/websites/images/common-icon/carousel-next.svg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b510ee91066f77f938f78422378a73f44818d0ee661c0ccb5ad398cc7dd6b080

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 18:15:48 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1670619207
age
122023
x-guploader-uploadid
ADPycduaXPUQHAdYNpJZ4N-RTWYTohNKZjYl4ydCzhW1W-sCjNc-_EO3F6XwZ6rXD-3lKQVWmzf-jRF3QC3iuJQetd6YcaEdC6dx
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
520
last-modified
Wed, 14 Dec 2022 18:04:42 GMT
server
UploadServer
etag
W/"735fdba5ead6fce3777e91bf3fee8dd6"
vary
Accept-Encoding
x-goog-generation
1671041082793237
x-goog-hash
crc32c=8FG2nQ==, md5=c1/bperW/ON3fpG/P+6N1g==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
1204
accept-ranges
none
PN_xRfK9oXHga0XdZsg_.woff2
fonts.gstatic.com/s/martel/v10/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/martel/v10/PN_xRfK9oXHga0XdZsg_.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b52af4f6849257bb609f2078d51dc45ad49c0f9b5ff217cf6f9c1c8afcb9a8df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://torontosun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 06:37:41 GMT
x-content-type-options
nosniff
age
423110
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18860
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:03:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 11 Dec 2023 06:37:41 GMT
icon-fire.svg
dcs-static.gprod.postmedia.digital/12.5.3/websites/images/common-icon/ 		835 B
864 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/12.5.3/websites/images/common-icon/icon-fire.svg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a345a18e5d3f6c07451cb14dd480bfad123f03663912b581265d617d4725fe9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 18:15:50 GMT
x-goog-meta-goog-reserved-file-mtime
1670619207
age
122021
x-guploader-uploadid
ADPycdtrNyCROxQgUs6bcQ_7CsebdGz4xb2MchDYahIXbmetiIuo70WgjhLrEbkCgloTJ1lwLcJiRwEeVXS3O28wPmu8Xfi3wuyE
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
835
last-modified
Wed, 14 Dec 2022 18:04:43 GMT
server
UploadServer
etag
"9c6e99306a671d196d8945273b28bfe8"
x-goog-generation
1671041083289657
x-goog-hash
crc32c=0k5Zig==, md5=nG6ZMGpnHRltiUUnOyi/6A==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
835
accept-ranges
bytes
postmedia-image-fallback.webp
dcs-static.gprod.postmedia.digital/12.5.3/websites/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/12.5.3/websites/images/postmedia-image-fallback.webp
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
179c493864283938999b1e6cfb14839f78f9b25d1ec30faabbf9ea18216b23e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:28:00 GMT
x-goog-meta-goog-reserved-file-mtime
1670619207
age
88891
x-guploader-uploadid
ADPycdvJjLsXZkLgMllidEET46Vfy9_qUelJRO5AgfNNU1GHX-OzQiK29Zw_taYpTT3LkEx7JSjnDQRrSrNXLuN4vppk8g
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2934
last-modified
Wed, 14 Dec 2022 18:04:55 GMT
server
UploadServer
etag
"496f3aa3adffbf2280dd5f74fb6eef8f"
x-goog-generation
1671041095522032
x-goog-hash
crc32c=Qpf2ww==, md5=SW86o63/vyKA3V90+27vjw==
access-control-allow-origin
*
content-type
application/octet-stream
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
2934
accept-ranges
bytes
xd.html
fem.gprod.postmedia.digital/v71.0/ Frame 7BDF 		165 B
196 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v71.0/xd.html
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v71.0/fem.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
16271ea5e2003645ab901091ded34573e937b162eb573fd1779b555ad1a036dc

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1416221
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=31622400
content-length
165
content-type
text/html
date
Tue, 29 Nov 2022 18:45:50 GMT
etag
"c7b64c3d3ccccbb85bc5f096dcb3d4e7"
last-modified
Wed, 23 Nov 2022 14:04:37 GMT
server
UploadServer
x-cache-hit
hit
x-goog-generation
1669212277436186
x-goog-hash
crc32c=SWntGQ== md5=x7ZMPTzMy7hbxfCW3LPU5w==
x-goog-meta-goog-reserved-file-mtime
1669212154
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
165
x-guploader-uploadid
ADPycdslzn8_dwAf6EH6upWpgJai-v_6W_-qYWFyAKrtOKbrfSfEVG7Ghf2bpnFIFdbDfF2ij9LXzAB65saYhN_Om_dIyQ
icon-lock.svg
dcs-static.gprod.postmedia.digital/12.5.3/websites/images/common-icon/ 		690 B
726 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/12.5.3/websites/images/common-icon/icon-lock.svg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
1ab332ded1376c272c0b5da6e2c26719a2dbead1844c4e695a86ea4473792d66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 18:26:32 GMT
x-goog-meta-goog-reserved-file-mtime
1670619207
age
121379
x-guploader-uploadid
ADPycdvI9Ot7qw1BMhfTeqitcbxuBQtkg0QxT2V94XwwyoS4GjeMr3lRstdpwS39AYSDGv_qoA_oaOP-sokz5pLAfm9Euw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
690
last-modified
Wed, 14 Dec 2022 18:04:43 GMT
server
UploadServer
etag
"987c6575a322590ac03c11e3d8344477"
x-goog-generation
1671041083422681
x-goog-hash
crc32c=GdIEQQ==, md5=mHxldaMiWQrAPBHj2DREdw==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
690
accept-ranges
bytes
xd.js
fem.gprod.postmedia.digital/v71.0/ Frame 7BDF 		51 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v71.0/xd.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v71.0/xd.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
dfc68c199336d1b5368f2c6dc4c9939088d511d79d4335745fd05e6c073e0d4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fem.gprod.postmedia.digital/v71.0/xd.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 18:45:50 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1669212154
age
1416221
x-guploader-uploadid
ADPycduzUKvT4qBocqW8cqhHK8iGpUdrM-NsOHDczcqBxP2UlkKNqc1UiTKf1rbRGV0-KnNZx_9Q4OMQ04yt6wHDjQZkzA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17105
last-modified
Wed, 23 Nov 2022 14:04:37 GMT
server
UploadServer
etag
W/"e68d1bf5fac1548af09bab283139f9d9"
vary
Accept-Encoding
x-goog-generation
1669212277462927
x-goog-hash
crc32c=02PNhw==, md5=5o0b9frBVIrwm6soMTn52Q==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
51825
accept-ranges
none
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.87.141.138 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-87-141-138.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0767c070293f17944c5246f47d8c610131ee16556a032dc3b5820bdac5ec725f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:31 GMT
content-encoding
gzip
last-modified
Thu, 13 Oct 2022 18:14:48 GMT
server
Apache
etag
"d4ed-5eaee7c12df48-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17131
expires
Fri, 16 Dec 2022 04:24:31 GMT
2b29a3056cb502857a0127.js
dcs-static.gprod.postmedia.digital/12.5.3/websites/js/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/12.5.3/websites/js/2b29a3056cb502857a0127.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/12.5.3/CACHE/js/shared.2e4340763e2d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
158742070fa31289cfc15117a06d7e9e6ba2243aa8c20c57ebe71dd38386409f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 18:12:09 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1670619205
age
122242
x-guploader-uploadid
ADPycdt9o8u4bW3K77el36cgGk9x3m9JKdE3EECmKfAIp5K_R-3TKerBA9MPDkXhu6JeDhpHLHLdM_yPypF6p6ZOFpb6PfEimPek
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2255
last-modified
Wed, 14 Dec 2022 18:04:58 GMT
server
UploadServer
etag
W/"b85a1d6d923e94ffb45f59018c8f6420"
vary
Accept-Encoding
x-goog-generation
1671041098703989
x-goog-hash
crc32c=x+ONoQ==, md5=uFodbZI+lP+0X1kBjI9kIA==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
8931
accept-ranges
none
e47495018748c94898c36.js
dcs-static.gprod.postmedia.digital/12.5.3/websites/js/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/12.5.3/websites/js/e47495018748c94898c36.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/12.5.3/CACHE/js/shared.2e4340763e2d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
edf934dd0852b28ca5f72fa57d5907ae71b706c9a7617183af1a3e9fbb556a6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 18:12:10 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1670619205
age
122241
x-guploader-uploadid
ADPycdsJVNPsgjnfJ0VGlsR4EJmoKLVKIdDlSN3KSlCW5Uo6pIwgx0COAOvh9dqlfR1JRl7H0NYsiAkZiaSyPo3Pvs5mOQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6776
last-modified
Wed, 14 Dec 2022 18:05:01 GMT
server
UploadServer
etag
W/"d14d1806153ee308f0ff38ac2d50d5b5"
vary
Accept-Encoding
x-goog-generation
1671041101397351
x-goog-hash
crc32c=jZZhQQ==, md5=0U0YBhU+4wjw/zisLVDVtQ==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
22486
accept-ranges
none
a3abef1aea194bc54ce30.js
dcs-static.gprod.postmedia.digital/12.5.3/websites/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/12.5.3/websites/js/a3abef1aea194bc54ce30.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/12.5.3/CACHE/js/shared.2e4340763e2d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
6333459bbba841d16299dfee81d2019bf4b4133760e6b375168a4b4ce03a9079

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 18:12:09 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1670619205
age
122242
x-guploader-uploadid
ADPycdvsrxZBZfqwb33wGFnExIZFCxYFxrKa9JvSB-3_6BAto3qsOaQ4EdTL4Wa7WAfIxPNxzqhoh7TT6_16wjP_X9uigKTh7soE
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2828
last-modified
Wed, 14 Dec 2022 18:05:00 GMT
server
UploadServer
etag
W/"b64e8b5cfcdcf8c0a79afea901dadb8c"
vary
Accept-Encoding
x-goog-generation
1671041100786272
x-goog-hash
crc32c=S9u9sA==, md5=tk6LXPzc+MCnmv6pAdrbjA==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
6981
accept-ranges
none
e59b9bf6522879b1a2c02.js
dcs-static.gprod.postmedia.digital/12.5.3/websites/js/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/12.5.3/websites/js/e59b9bf6522879b1a2c02.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/12.5.3/CACHE/js/shared.2e4340763e2d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
0ae3e514b386d9f2fbb5f7725d9d5af5dab6a3507581c070aec15e9524588c9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 18:16:27 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1670619205
age
121984
x-guploader-uploadid
ADPycdvN1G0kC1XFrL5F0Z69pYUwdN_HRRjjIXVDhQDkgA3moQM7sDxIUTPrClc7WKryafmLl_Pw5LFCVbz9egrl27fvKg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9239
last-modified
Wed, 14 Dec 2022 18:05:01 GMT
server
UploadServer
etag
W/"5f0db1694e9f8c83ef18aa5024f967e8"
vary
Accept-Encoding
x-goog-generation
1671041101413306
x-goog-hash
crc32c=jM8swQ==, md5=Xw2xaU6fjIPvGKpQJPln6A==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
30467
accept-ranges
none
1cd4fd18bce21e1e10d73.js
dcs-static.gprod.postmedia.digital/12.5.3/websites/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/12.5.3/websites/js/1cd4fd18bce21e1e10d73.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/12.5.3/CACHE/js/shared.2e4340763e2d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ddd5ad281411bb8cc616e4d95d511541d0d41dcf4069602f384a31bfd1f16a85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 18:20:55 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1670619205
age
121716
x-guploader-uploadid
ADPycduEZ9tz1najTN558L1UW8GBj_lUAG7YRDKVVD9QauWGDZkFFzcnH6_d-7dQw60phjkL929yf54k4a8RtLr97cJAyg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3056
last-modified
Wed, 14 Dec 2022 18:04:58 GMT
server
UploadServer
etag
W/"a7160db631e8a505c2eb4d498b7e75c3"
vary
Accept-Encoding
x-goog-generation
1671041098233238
x-goog-hash
crc32c=ITDLPg==, md5=pxYNtjHopQXC601Ji351ww==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
8938
accept-ranges
none
1506985bb7389809897425.js
dcs-static.gprod.postmedia.digital/12.5.3/websites/js/ 		223 B
259 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/12.5.3/websites/js/1506985bb7389809897425.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/12.5.3/CACHE/js/shared.2e4340763e2d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
71fa9b6b98aefea63abb3de5bd3664dc857176cd9a203fbbc35b9260e4396a1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 18:20:55 GMT
x-goog-meta-goog-reserved-file-mtime
1670619205
age
121716
x-guploader-uploadid
ADPycdvgOj2VQ2enERs956Au_2gmloIi0zzyhzXYe48qQOYm-S9-ql5HJ8mpm_CJrZA9NX2y37UZOpFMISt8M3OZ-EfmgQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
223
last-modified
Wed, 14 Dec 2022 18:04:58 GMT
server
UploadServer
etag
"fdc044cbe8643dbc486b3d72739e1177"
x-goog-generation
1671041098019849
x-goog-hash
crc32c=diLDTw==, md5=/cBEy+hkPbxIaz1yc54Rdw==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
223
accept-ranges
bytes
1d25956fc8581f7c4cfb9.js
dcs-static.gprod.postmedia.digital/12.5.3/websites/js/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/12.5.3/websites/js/1d25956fc8581f7c4cfb9.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/12.5.3/CACHE/js/shared.2e4340763e2d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
894f43de99413159346378f8738aceb7ac3463e6a2eed4a6d24b2c8094a54876

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 18:20:55 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1670619205
age
121716
x-guploader-uploadid
ADPycds0LSY4nWwjY8q4XYSL7cLqMGFNgOA7ygG3V96DbzkS1vcSRBiQnDCVxU9jCn6yVyv8_-q_vHXFFZohyoVMYwZmww
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6742
last-modified
Wed, 14 Dec 2022 18:04:58 GMT
server
UploadServer
etag
W/"0e2a2775d7a7e859fde5eb2977d9f13a"
vary
Accept-Encoding
x-goog-generation
1671041098278650
x-goog-hash
crc32c=Mj6mkw==, md5=Diondden6Fn95espd9nxOg==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
22092
accept-ranges
none
12788bf72521f5ada3cd32.js
dcs-static.gprod.postmedia.digital/12.5.3/websites/js/ 		751 B
788 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/12.5.3/websites/js/12788bf72521f5ada3cd32.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/12.5.3/CACHE/js/shared.2e4340763e2d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e937c7cd2f056d3f65cd1578265c925d143d42d53b2b32bf144eb72135571f59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 18:27:13 GMT
x-goog-meta-goog-reserved-file-mtime
1670619205
age
121338
x-guploader-uploadid
ADPycdtLNp7-OhmsG_gjRBUYdi7aAYRVH6guSjDoykc0Mem2lu1nyO6DWHhoUrrTl2LZxQ7Ts9eMsQ6h7Y6gYD7MZQBLJbuy9G2g
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
751
last-modified
Wed, 14 Dec 2022 18:04:57 GMT
server
UploadServer
etag
"97b2317e753d874c4886dca6b1f3692f"
x-goog-generation
1671041097728562
x-goog-hash
crc32c=qlWrVg==, md5=l7IxfnU9h0xIhtymsfNpLw==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
751
accept-ranges
bytes
10dc0eecadc470fc61d837.js
dcs-static.gprod.postmedia.digital/12.5.3/websites/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/12.5.3/websites/js/10dc0eecadc470fc61d837.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/12.5.3/CACHE/js/shared.2e4340763e2d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b4e4f460bb4c620edc56a8fb77a40460e9b7db0a05292a51339cb8a8e89bc4c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 18:12:09 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1670619205
age
122242
x-guploader-uploadid
ADPycdtc55Xgklrz-Su1FA5TnG-z1rBagML9IAsv3fEha7nwd6FS_x98niwdgksnUUls41Vz6j5E8CrciuzpzRQ-EUpNyHL2vlpt
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1071
last-modified
Wed, 14 Dec 2022 18:04:57 GMT
server
UploadServer
etag
W/"9b7e91af4e60968d996f8ad37b2178f2"
vary
Accept-Encoding
x-goog-generation
1671041097706150
x-goog-hash
crc32c=hN2QPQ==, md5=m36Rr05glo2Zb4rTeyF48g==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
2462
accept-ranges
none
dcce2da074181be8803420.js
dcs-static.gprod.postmedia.digital/12.5.3/websites/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/12.5.3/websites/js/dcce2da074181be8803420.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/12.5.3/CACHE/js/shared.2e4340763e2d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
964fadec50deff42a2b1adf6c3fa8ee3799d1982202b3996c74e6275d5dfc5ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 18:20:55 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1670619205
age
121716
x-guploader-uploadid
ADPycdstQb-tBtY9f7RJ1Zo6I3uRy6khnApPbUdeDAKjHFAe_o3rkeWT8iUvSu8IMeVg4TVn1vmTj2Sr4FFOQ_vnrfzh1A
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2784
last-modified
Wed, 14 Dec 2022 18:05:01 GMT
server
UploadServer
etag
W/"b3679eed4401f30baa485c316dc659d5"
vary
Accept-Encoding
x-goog-generation
1671041101243626
x-goog-hash
crc32c=XhqRiA==, md5=s2ee7UQB8wuqSFwxbcZZ1Q==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
9127
accept-ranges
none
pxid
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/v2.0/ 		46 B
392 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/v2.0/pxid?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.9.241.35.bc.googleusercontent.com
Software
Permutive /
Resource Hash
bec2d030bf0fac209a9db7ea8fa8c9b4bc783396c4bf11a1b18faf07589b86e5

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 16 Dec 2022 04:09:31 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66
getuidj
ib.adnxs.com/ 		11 B
817 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 16 Dec 2022 04:09:31 GMT
AN-X-Request-Uuid
844236f3-d56e-482e-9913-f6eec1cf1ea1
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://torontosun.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
146.70.117.70; 146.70.117.70; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
11
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
23dc09d6-b664-425a-a76e-0eed6a6cc102-models.bin
cdn.permutive.com/models/v2/ 		38 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/models/v2/23dc09d6-b664-425a-a76e-0eed6a6cc102-models.bin
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.150.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bcf5b39b20bbc3d50a07fe4d2ef3b0a1f7ed5340ca00affe398ba377ada5324

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 16 Dec 2022 04:09:31 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-oid
23dc09d6-b664-425a-a76e-0eed6a6cc102
age
2284
x-guploader-uploadid
ADPycdvZ2kmdhsVQhKX_vfP7xWV04boC6PAfjzHJedVBuB-bOhe6Hbv9Y2QiLMJEq6yypSIINcUf9aTL-1eZA1G8jV15Uw
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
26073
last-modified
Thu, 15 Dec 2022 15:31:16 GMT
server
cloudflare
etag
"bcfe876db3053c5bf54cf4cfe3cc9b53"
vary
Accept-Encoding
x-goog-generation
1671118276968659
content-type
application/x-binary
access-control-allow-origin
*
x-goog-hash
crc32c=5xkelA==, md5=vP6HbbMFPFv1TPTP48ybUw==
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=900, no-transform
x-goog-stored-content-length
26073
accept-ranges
bytes
cf-ray
77a490644b69bb97-FRA
expires
Fri, 16 Dec 2022 03:31:27 GMT
geoip
api.permutive.com/v2.0/ 		254 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
6a2bb1023400cca8ae0171e8789a54ccac0cc4e10eb8908b7d51eb10a45ce1b9

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 16 Dec 2022 04:09:31 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
watson
api.permutive.com/v2.0/ 		281 B
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/watson?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
93c45b6c4d23d6de935cc95285dbd06307bb024640cb4c186ddb7cdbc091aac1

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 16 Dec 2022 04:09:31 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
208
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		64 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=3528&u=https%3A%2F%2Ftorontosun.com%2F&pid=aO0PRImWvhDkl&cb=0&ws=1600x1200&v=22.1212.1511&t=2000&slots=%5B%7B%22sd%22%3A%22ad-1%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-2%22%2C%22s%22%3A%5B%226x6%22%2C%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-1%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-3%22%2C%22s%22%3A%5B%227x7%22%2C%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-2%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-4%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-3%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-5%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-4%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-6%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-5%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-7%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-6%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-8%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-7%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-9%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-8%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-10%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-9%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-11%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-10%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-12%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-11%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-13%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-150.fra56.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:31 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 e1f996a9009532eeea33edfd32ef3240.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
0XW9GB7JGGBDA5BTXS4V
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
yJuji_AEDj-S3-zT3Ad-sP2x52YgtEAkrsVrzTzhDibDyNkVtNsBCQ==
trudeau-twitter-20221215.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/12/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/12/trudeau-twitter-20221215.jpg?quality=90&strip=all&w=344&type=webp
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
d880d019efb0272ca3e1840ff175c0040f5444e22d10348ca39dea57f684ddfa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Fri, 16 Dec 2022 04:09:32 GMT
via
1.1 google
server
nginx/1.19.10
etag
"e6e88d89779f0a1118fbe741cb8b3c940092dd7f"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
miss
x-pmd-smart-cdn-proxy
thumbor-proxy-85586bbf6f-8tbqz
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23404
dave-chappelle.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/12/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/12/dave-chappelle.jpg?quality=90&strip=all&w=344&type=webp
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
361490f1e87a7dce9e1eefef1fcecf837cd9087f8502882df460a63eda5ba14f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Fri, 16 Dec 2022 02:40:06 GMT
via
1.1 google
server
nginx/1.19.10
age
5365
etag
"11c3e9817bfecea00ff8b7b5bd307f6ccf45ce2b"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-85586bbf6f-8tbqz
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14974
jane-fonda.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/12/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/12/jane-fonda.jpg?quality=90&strip=all&w=344&type=webp
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
4eb31ad83bbe575502ad8bbe43b5b2b0b3ff4a23f8562e85ab555db74312e52c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Fri, 16 Dec 2022 02:40:06 GMT
via
1.1 google
server
nginx/1.19.10
age
5365
etag
"2f46e43739c88804fa97cf634305526f1fe2a22d"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-85586bbf6f-tjjvz
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27322
gavel_70373356-1-e1593007899571.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2020/06/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2020/06/gavel_70373356-1-e1593007899571.jpg?quality=90&strip=all&w=344&type=webp
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
56b587c6bb695112e0df0351261cd31e64bb13b8f95a4af4b5fcc05daff5c824

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Fri, 16 Dec 2022 04:09:31 GMT
via
1.1 google
server
nginx/1.19.10
etag
"581dc8df47bc01e2670dfa166c0473bb75f177b7"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
miss
x-pmd-smart-cdn-proxy
thumbor-proxy-85586bbf6f-8tbqz
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17268
SMITH-e1671128703370.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/02/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/02/SMITH-e1671128703370.jpg?quality=90&strip=all&w=344&type=webp
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
5250fa8ade0e9119478967ddcdf09589c9cd365f00304fba2cb3e48f8fe4c0eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Thu, 15 Dec 2022 18:27:31 GMT
via
1.1 google
server
nginx/1.19.10
age
34920
etag
"f4dd97cb3e663c32947b98f45d5be17acac3469a"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-85586bbf6f-rhdwp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18238
shapiro-e1671141434436.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/12/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/12/shapiro-e1671141434436.jpg?quality=90&strip=all&w=344&type=webp
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
cb322d7ff5f1220578c7b2ef7e794df79d42f4118d53a87f21936950514a302f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Thu, 15 Dec 2022 22:24:28 GMT
via
1.1 google
server
nginx/1.19.10
age
20703
etag
"66cc34411874f8fea8fe54ecbe8692f56a704b46"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-85586bbf6f-8tbqz
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13220
Mandy.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/12/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/12/Mandy.jpg?quality=90&strip=all&w=344&type=webp
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
b36edc243d1570f7c03e81e7abec405acd611dba0c48bd3bb078a88bd6b0b848

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Thu, 15 Dec 2022 17:05:23 GMT
via
1.1 google
server
nginx/1.19.10
age
39848
etag
"70079a38283fcbc6a2840efa8c15c71402de9315"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-85586bbf6f-rhdwp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
thumbnail_Screen-Shot-2022-12-14-at-3.18.30-PM-e1671062762919.png
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/12/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/12/thumbnail_Screen-Shot-2022-12-14-at-3.18.30-PM-e1671062762919.png?quality=90&strip=all&w=344&type=webp
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
51d7a8c3fc686f9540257695de8b6e01b1e3595db5a94507fb5476d5d697f682

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Thu, 15 Dec 2022 00:15:56 GMT
via
1.1 google
server
nginx/1.19.10
age
100415
etag
"a88f5c432ae02a793369f633896addf2367ff5ec"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-85586bbf6f-rhdwp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7102
mulroneymarkle.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2020/01/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2020/01/mulroneymarkle.jpg?quality=90&strip=all&w=344&type=webp
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
93f18bbcba1ebee8f7a2777fba54c264a62d0f61a1cc93834cf3d662098541f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Thu, 15 Dec 2022 14:36:31 GMT
via
1.1 google
server
nginx/1.19.10
age
48780
etag
"dc9c6d1560a6cec6ef46ee8dbc064c0a75231faf"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-85586bbf6f-kflqp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20686
roadtrip1.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/12/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/12/roadtrip1.jpg?quality=90&strip=all&w=344&type=webp
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
35b10c8275ff303669fc378958022226435586e2ffc74e02655e51c7786457b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Tue, 13 Dec 2022 23:31:11 GMT
via
1.1 google
server
nginx/1.19.10
age
189500
etag
"66bcccf72cee3ef9343fd8bbba050e5786998854"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-85586bbf6f-f54d5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14094
supply
events.browsiprod.com/events/ 		0
100 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/supply?p=16c53466-a3f0-4904-a3bb-834cd0c01c3b
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.22.15.219 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-100-22-15-219.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://torontosun.com
date
Fri, 16 Dec 2022 04:09:31 GMT
access-control-allow-credentials
true
PreEngine_desktop_2022-12-15T21:44:13.121.js
cdn.browsiprod.com/static_js/postmedia/torontosun/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.browsiprod.com/static_js/postmedia/torontosun/PreEngine_desktop_2022-12-15T21:44:13.121.js
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-108.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d165437464ee3290c7af258a1222e346b0231d90aeac9ad689e4eeac300ae9df

Request headers

Referer
https://torontosun.com/
Origin
https://torontosun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 21:45:02 GMT
x-amz-version-id
JgJIJ.UAzRy_6uZEXYHeSg7y06wcPnN7
content-encoding
br
via
1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
23070
x-cache
Hit from cloudfront
last-modified
Thu, 15 Dec 2022 21:44:14 GMT
server
AmazonS3
etag
W/"6bf47142794dae20618c8321c1a0c475"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
vKa4AXdtpXOCnNYWdy6-EQF90YeVJ5d7I1s7A1UGib-SjXefkq5rCw==
abc2260b-4cf8-4768-adc1-4d4808548d35
https://torontosun.com/ 		117 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://torontosun.com/abc2260b-4cf8-4768-adc1-4d4808548d35
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a14e24757256e1621cc559f2d90475c452d89eaeee533a5b151f01041f1f3ba2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length
119504
82cea9a4-0754-4dec-a948-090952a3bf0d
https://torontosun.com/ 		20 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://torontosun.com/82cea9a4-0754-4dec-a948-090952a3bf0d
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6b33c0820a7b5689afa478532c9b818373206051d9f0a9e670ba825eeee61cf4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length
20393
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Fri, 16 Dec 2022 04:09:32 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Fri, 16 Dec 2022 04:09:32 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Fri, 16 Dec 2022 04:09:32 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Fri, 16 Dec 2022 04:09:32 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Fri, 16 Dec 2022 04:09:32 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Fri, 16 Dec 2022 04:09:32 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Fri, 16 Dec 2022 04:09:32 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Fri, 16 Dec 2022 04:09:32 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Fri, 16 Dec 2022 04:09:32 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Fri, 16 Dec 2022 04:09:32 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Fri, 16 Dec 2022 04:09:32 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Fri, 16 Dec 2022 04:09:32 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Fri, 16 Dec 2022 04:09:32 GMT
server
ATS/9.1.10.25
arj
postmedia-d.openx.net/w/1.0/ 		73 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://postmedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Ftorontosun.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=0c651a52-d7d8-40f9-84a7-b4af3b6bff84%2C912cb536-9c94-4490-a73d-58027d98f774%2Ccbc74068-96f3-4170-8e74-e97ab8ff7ebd%2Cb4bf4a3b-2c82-47a9-9640-ce93ec4088fd%2Ca0ec30e4-d5ec-4cce-8d7c-2fa044a61db4%2C7418609a-f2d3-417a-93ac-853523ba853b%2C2ff1447c-b782-4b86-b102-3c250009384a%2C6375f804-e4fa-4745-9f47-a79398cd0971%2Cadb82b34-b419-406f-80e5-5ec7a36003ff%2Cff867320-c859-453d-9877-dcd9ebe99202%2C3e86a014-6017-403f-b37d-d694ed7f916e%2Caee3366b-0eb0-4746-8800-1640811621b3%2C68117553-0acb-4d85-9fb2-9d12c2c4797c&nocache=1671163771816&pubcid=2637d781-6cd0-46a0-b0b8-e2682e446327&aus=970x90%2C970x250%2C728x90%2C300x250%7C970x90%2C970x250%2C728x90%2C300x250%7C970x90%2C970x250%2C728x90%2C300x250%7C970x90%2C970x250%2C728x90%2C300x250%7C970x90%2C970x250%2C728x90%2C300x250%7C970x90%2C970x250%2C728x90%2C300x250%7C970x90%2C970x250%2C728x90%2C300x250%7C970x90%2C970x250%2C728x90%2C300x250%7C970x90%2C970x250%2C728x90%2C300x250%7C970x90%2C970x250%2C728x90%2C300x250%7C970x90%2C970x250%2C728x90%2C300x250%7C970x90%2C970x250%2C728x90%2C300x250%7C970x90%2C970x250%2C728x90%2C300x250&divids=ad-1%2Cad-2%2Cad-3%2Cad-4%2Cad-5%2Cad-6%2Cad-7%2Cad-8%2Cad-9%2Cad-10%2Cad-11%2Cad-12%2Cad-13&aucs=%252F3081%252FSMCO_ENUR_TSUN_EN_WEB%252Findex%2523ad-1%2C%252F3081%252FSMCO_ENUR_TSUN_EN_WEB%252Findex%2523ad-2%2C%252F3081%252FSMCO_ENUR_TSUN_EN_WEB%252Findex%2523ad-3%2C%252F3081%252FSMCO_ENUR_TSUN_EN_WEB%252Findex%2523ad-4%2C%252F3081%252FSMCO_ENUR_TSUN_EN_WEB%252Findex%2523ad-5%2C%252F3081%252FSMCO_ENUR_TSUN_EN_WEB%252Findex%2523ad-6%2C%252F3081%252FSMCO_ENUR_TSUN_EN_WEB%252Findex%2523ad-7%2C%252F3081%252FSMCO_ENUR_TSUN_EN_WEB%252Findex%2523ad-8%2C%252F3081%252FSMCO_ENUR_TSUN_EN_WEB%252Findex%2523ad-9%2C%252F3081%252FSMCO_ENUR_TSUN_EN_WEB%252Findex%2523ad-10%2C%252F3081%252FSMCO_ENUR_TSUN_EN_WEB%252Findex%2523ad-11%2C%252F3081%252FSMCO_ENUR_TSUN_EN_WEB%252Findex%2523ad-12%2C%252F3081%252FSMCO_ENUR_TSUN_EN_WEB%252Findex%2523ad-13&auid=543843952%2C543843952%2C543843952%2C543843952%2C543843952%2C543843952%2C543843952%2C543843952%2C543843952%2C543843952%2C543843952%2C543843952%2C543843952
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4ad17efd0f6f383f41c3aa9f5d957f7776e51aa292392693835c2ae6243e4b80

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 04:09:31 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://torontosun.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/ 		25 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.22.1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
98cd5c3cf6eb9d2f92d3250e369d0f1b5ba2400739e0f4c934ae1a970793bc5c

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 16 Dec 2022 04:09:31 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://torontosun.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
cdb
bidder.criteo.com/ 		18 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.22.1&cb=41587410505&lsavail=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 16 Dec 2022 04:09:31 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
8b703be42242eee8bfe346ac91e72584b1e3a889f0b837a5ab93cf28c6473afe

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 16 Dec 2022 04:09:32 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
ba3ae80139a42161ba57cfcb42a387acaf45894037e7bc7e74316a568f0d4b8e

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 16 Dec 2022 04:09:32 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
158d15d406f2a0803adc1afc183986947687fd82b618769b6533d0b7b3d9a17f

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 16 Dec 2022 04:09:32 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
cf514d45392949b96532aef0abdd9a6053f438c42cd51509e022b33c37ade53a

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 16 Dec 2022 04:09:32 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
7be77395ff6f17f2eae4830b16237093816fe5304d4acbba22dd3f6c398f6f2a

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 16 Dec 2022 04:09:32 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
05e643ec517dc8936ead9603882a5af654e031b07fdb9e305b4cca1b5abdb1c5

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 16 Dec 2022 04:09:32 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
d4107a2cfa14fd055c9fcd8d45885bdade3fc03efd351537ac75f0dc2a13f16a

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 16 Dec 2022 04:09:32 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
1a5f3dcb9cbef18927a50fc894b34d0281a63065d21447d710b887392ae972f5

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 16 Dec 2022 04:09:32 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
99b938daf601d69b0646faa00ed130eb7e0ff6bcb5cb474c75ed838b6c773b8e

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 16 Dec 2022 04:09:32 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
24c165ff23089a9a51dd4606096f4e226dc07dd4f811172820580fed721d4abe

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 16 Dec 2022 04:09:32 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
399604f8ea5a3d3aa0ea7bc71588037d988eaa321b9b2264c1c77f41c2e4fbc3

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 16 Dec 2022 04:09:32 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
bc81dba2bf133e2cd1360fd01a7d034c4bff3ae5c8cbd56f29bbc719a018a1ce

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 16 Dec 2022 04:09:32 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
8b3689c851ed2fe2660c6fc9ed9b7cf0a51073bb1c16d2687715d50ead336d65

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 16 Dec 2022 04:09:32 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
66
fastlane.json
fastlane.rubiconproject.com/a/api/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14648&site_id=359816&zone_id=1939012&size_id=15&alt_size_ids=2%2C55%2C57&eid_pubcid.org=2637d781-6cd0-46a0-b0b8-e2682e446327%5E1&rf=https%3A%2F%2Ftorontosun.com%2F&tg_i.aupname=%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex&tg_i.pbadslot=%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-1%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-2%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-3%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-4%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-5%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-6%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-7%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-8%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-9%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-10&tk_flint=dmpbjs_v7.22.1&x_source.tid=0c651a52-d7d8-40f9-84a7-b4af3b6bff84%3B912cb536-9c94-4490-a73d-58027d98f774%3Bcbc74068-96f3-4170-8e74-e97ab8ff7ebd%3Bb4bf4a3b-2c82-47a9-9640-ce93ec4088fd%3Ba0ec30e4-d5ec-4cce-8d7c-2fa044a61db4%3B7418609a-f2d3-417a-93ac-853523ba853b%3B2ff1447c-b782-4b86-b102-3c250009384a%3B6375f804-e4fa-4745-9f47-a79398cd0971%3Badb82b34-b419-406f-80e5-5ec7a36003ff%3Bff867320-c859-453d-9877-dcd9ebe99202&l_pb_bid_id=583b1e0067d8e3%3B59bdee1b5457501%3B605e79dbb11307a%3B610a43afd3a83dd%3B62a8afa9f92bef%3B63e10d9687c383e%3B642462badb81429%3B6518b9c1bbad1eb%3B66de1731c598a99%3B678f6a94ef628dd&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-1%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-2%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-3%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-4%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-5%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-6%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-7%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-8%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-9%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-10&slots=10&rand=0.04914244737168527
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
3a94940775ee0f8857fd6f60c4eae52cebc488a211e6aad26fa60410da658403

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 04:09:32 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://torontosun.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		581 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14648&site_id=359816&zone_id=1939012&size_id=15&alt_size_ids=2%2C55%2C57&eid_pubcid.org=2637d781-6cd0-46a0-b0b8-e2682e446327%5E1&rf=https%3A%2F%2Ftorontosun.com%2F&tg_i.aupname=%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex&tg_i.pbadslot=%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-11%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-12%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-13&tk_flint=dmpbjs_v7.22.1&x_source.tid=3e86a014-6017-403f-b37d-d694ed7f916e%3Baee3366b-0eb0-4746-8800-1640811621b3%3B68117553-0acb-4d85-9fb2-9d12c2c4797c&l_pb_bid_id=68530bb0505c5c5%3B699d18f282f3703%3B708e119280056ef&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-11%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-12%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-13&slots=3&rand=0.9543337312882483
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
2c8e4ee6b0f2ca20775868405b85e5cfaea952442c8c3b11af29998aa6482dfe

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 04:09:32 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://torontosun.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://torontosun.com
date
Fri, 16 Dec 2022 04:09:30 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=613230&v=7.2&ac=j&sd=1&sn=0&r=%7B%22id%22%3A%228507c1710167db%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Ftorontosun.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A13%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A13%2C%22ren%22%3Afalse%2C%22version%22%3A%227.22.1%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Ftorontosun.com%2F%22%2C%22tmax%22%3A2000%2C%22syncsPerBidder%22%3A3%2C%22pbadslot%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-11%22%2C%22adunitcode%22%3A%22ad-11%22%2C%22divId%22%3A%22ad-11%22%2C%22sn%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%228661e92f73fc25a%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22gpid%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-1%22%2C%22tid%22%3A%220c651a52-d7d8-40f9-84a7-b4af3b6bff84%22%7D%7D%2C%7B%22id%22%3A%2293be6c6e3037139%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22gpid%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-2%22%2C%22tid%22%3A%22912cb536-9c94-4490-a73d-58027d98f774%22%7D%7D%2C%7B%22id%22%3A%22100292ee65ca00de%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22gpid%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-3%22%2C%22tid%22%3A%22cbc74068-96f3-4170-8e74-e97ab8ff7ebd%22%7D%7D%2C%7B%22id%22%3A%221077bd77127e8dab%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22gpid%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-4%22%2C%22tid%22%3A%22b4bf4a3b-2c82-47a9-9640-ce93ec4088fd%22%7D%7D%2C%7B%22id%22%3A%221141b494c3e50227%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22gpid%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-5%22%2C%22tid%22%3A%22a0ec30e4-d5ec-4cce-8d7c-2fa044a61db4%22%7D%7D%2C%7B%22id%22%3A%221218b3e2a26fc809%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22gpid%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-6%22%2C%22tid%22%3A%227418609a-f2d3-417a-93ac-853523ba853b%22%7D%7D%2C%7B%22id%22%3A%221284b5ef3787e64b%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22gpid%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-7%22%2C%22tid%22%3A%222ff1447c-b782-4b86-b102-3c250009384a%22%7D%7D%2C%7B%22id%22%3A%221356d908cbc51238%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22gpid%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-8%22%2C%22tid%22%3A%226375f804-e4fa-4745-9f47-a79398cd0971%22%7D%7D%2C%7B%22id%22%3A%22142522581f32e07f%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22gpid%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-9%22%2C%22tid%22%3A%22adb82b34-b419-406f-80e5-5ec7a36003ff%22%7D%7D%2C%7B%22id%22%3A%22149315e362b057a5%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22gpid%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-10%22%2C%22tid%22%3A%22ff867320-c859-453d-9877-dcd9ebe99202%22%7D%7D%2C%7B%22id%22%3A%2215619165aefae8da%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22gpid%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-11%22%2C%22tid%22%3A%223e86a014-6017-403f-b37d-d694ed7f916e%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%225edbfda8-50f7-47ae-86d8-645087c63493%22%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%222637d781-6cd0-46a0-b0b8-e2682e446327%22%7D%5D%7D%5D%7D%7D
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37a35e827a31dd2a348a6e8aaebf00a7d7e2107da3570a92b41964dd3ab8ea76

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 04:09:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LtPPLngZrAo8VFe3oUgm1jTfetY8TBzWJnQ%2FqVlR91C1Vc18uZkynbivd0jIqHvo8Wsfow6PIRdvhpTlTIxajuTfxu5dL93I74%2F%2FtDWrb4d2GJQ7HZHjP4KCn9XIPzpAPHD4NCJP"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://torontosun.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77a490665814913d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
566 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=613230&v=7.2&ac=j&sd=1&sn=1&r=%7B%22id%22%3A%228507c1710167db%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Ftorontosun.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A13%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A13%2C%22ren%22%3Afalse%2C%22version%22%3A%227.22.1%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Ftorontosun.com%2F%22%2C%22tmax%22%3A2000%2C%22syncsPerBidder%22%3A3%2C%22pbadslot%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-13%22%2C%22adunitcode%22%3A%22ad-13%22%2C%22divId%22%3A%22ad-13%22%2C%22sn%22%3A1%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2216395d3ade00b746%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22gpid%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-12%22%2C%22tid%22%3A%22aee3366b-0eb0-4746-8800-1640811621b3%22%7D%7D%2C%7B%22id%22%3A%22170cf701a0748e0f%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22gpid%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-13%22%2C%22tid%22%3A%2268117553-0acb-4d85-9fb2-9d12c2c4797c%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%225edbfda8-50f7-47ae-86d8-645087c63493%22%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%222637d781-6cd0-46a0-b0b8-e2682e446327%22%7D%5D%7D%5D%7D%7D
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37a35e827a31dd2a348a6e8aaebf00a7d7e2107da3570a92b41964dd3ab8ea76

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 04:09:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yeK3BcpZz9tIo0yuFgXq4kKEoHqTaQY33my4kzfq3FqNDFKXZt9DUuAr%2F%2BBlnciZbLxr9nnNOSYDfuekXIFKP1FftkQAM%2FOWWBJOGLnxBHU6dIQTo9zKAyi4%2Bhg8WkZh8HigKL08"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://torontosun.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77a490665817913d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
prebid
ib.adnxs.com/ut/v3/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
bc2bba157c11df81733bc7fe77a13727fa43efb6bc1cafa5f9144cae475deb67
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 16 Dec 2022 04:09:31 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
146.70.117.70; 146.70.117.70; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
a22ebf19-ec95-4d5d-8882-273d0500a7b2
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://torontosun.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
e8e669ebb67a78d96d2d28.js
dcs-static.gprod.postmedia.digital/12.5.3/websites/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/12.5.3/websites/js/e8e669ebb67a78d96d2d28.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/12.5.3/CACHE/js/shared.2e4340763e2d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
4e1bd155f625d1706b709db5e4d94ba4240df4d25fa412dc894897fd8657e93a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 18:12:09 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1670619205
age
122242
x-guploader-uploadid
ADPycdsG-F2PUK-1Gi6sP6WIDqlLOytEbwEmvkiwUHktGKcjDi6Yr90PkYBxu6HstB0isbYbfF2G-sTwFQU5hbT2cnpFsC6PyPfe
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2513
last-modified
Wed, 14 Dec 2022 18:05:01 GMT
server
UploadServer
etag
W/"60b727a9ffb01521af6885ca861aa08c"
vary
Accept-Encoding
x-goog-generation
1671041101543241
x-goog-hash
crc32c=MnS3jA==, md5=YLcnqf+wFSGvaIXKhhqgjA==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
6726
accept-ranges
none
e45897abad6af51d48e717.js
dcs-static.gprod.postmedia.digital/12.5.3/websites/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/12.5.3/websites/js/e45897abad6af51d48e717.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/12.5.3/CACHE/js/shared.2e4340763e2d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
d5e868028c560620b2a3021f3cd3dbb2494f0d073526cbf72ebd142972a5d3d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 18:12:09 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1670619205
age
122242
x-guploader-uploadid
ADPycdulJJFn4xHvBK8oSc0VsyMvqykNUmc2yGhxoQWvHU3dUQ6bM7-eALLU9cdwid_6-SI3tyvXvZIBmdl9H4_qxL8luEWhRjZz
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1901
last-modified
Wed, 14 Dec 2022 18:05:01 GMT
server
UploadServer
etag
W/"71aa252034e993d5983f6752c7325c08"
vary
Accept-Encoding
x-goog-generation
1671041101446834
x-goog-hash
crc32c=InqTZw==, md5=caolIDTpk9WYP2dSxzJcCA==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
5175
accept-ranges
none
65079a5abc8be7057f994.js
dcs-static.gprod.postmedia.digital/12.5.3/websites/js/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/12.5.3/websites/js/65079a5abc8be7057f994.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/12.5.3/CACHE/js/shared.2e4340763e2d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
604b9cf337c21d5ffee6265583dcb1ff9fc38cda8bfd50ac6925325f843a2375

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 18:12:09 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1670619205
age
122242
x-guploader-uploadid
ADPycdvk8Q0n64RziSsVLRqeCaqIlXjeoHEzyRH3w-6BuXXKPHZ0-i1xkba2ntEuvHCSyHd3wy4-l7cbPIcrWK2G9Drg5TqaYbf5
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3192
last-modified
Wed, 14 Dec 2022 18:05:00 GMT
server
UploadServer
etag
W/"af103ed23009aa6f4424aebb0e89e9b1"
vary
Accept-Encoding
x-goog-generation
1671041100295981
x-goog-hash
crc32c=8Ax41g==, md5=rxA+0jAJqm9EJK67DonpsQ==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
11392
accept-ranges
none
4a6b87733520e601cd1f13.js
dcs-static.gprod.postmedia.digital/12.5.3/websites/js/ 		2 KB
1016 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/12.5.3/websites/js/4a6b87733520e601cd1f13.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/12.5.3/CACHE/js/shared.2e4340763e2d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b7b755cfa3fa45840b39b8dfb0e1512fdd9e5e32bc4a193101477b8364693b25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 18:12:09 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1670619205
age
122242
x-guploader-uploadid
ADPycdtzBR08wanaxwDrjwRuE-DxWVOr894MMJroHti2Ld7L-En6Wf3DoXkxrPMpXNfOtDIV55771br5jFBtKBDCoRBrwXlSrTMK
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
969
last-modified
Wed, 14 Dec 2022 18:04:59 GMT
server
UploadServer
etag
W/"cd556753de2d16988b007bbd92408c9a"
vary
Accept-Encoding
x-goog-generation
1671041099824999
x-goog-hash
crc32c=ZnVOfg==, md5=zVVnU94tFpiLAHu9kkCMmg==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
2483
accept-ranges
none
identify
api.permutive.com/v2.0/ 		50 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
40e4a22028fa2c007b569bd52d7fc310815832aafd6ecfa8672acc395e1aa72c

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 16 Dec 2022 04:09:31 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
middy-desktop-4.9.24.js
cdn.browsiprod.com/sd/apps/middy/ 		334 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.9.24.js
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-108.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ce41c7e0b8ca5d050d3e9c504d0e03d16ae1690fcb7d9b1789d47620518eca5d

Request headers

Referer
https://torontosun.com/
Origin
https://torontosun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 20:25:39 GMT
x-amz-version-id
Hx0.d0uGI2CmQoVmD55mqthvK5hSUElG
content-encoding
br
via
1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
287033
x-cache
Hit from cloudfront
last-modified
Sun, 06 Nov 2022 09:23:54 GMT
server
AmazonS3
etag
W/"c4015347ecfb7b5dd67823ab9a9022be"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
nNatqDxSFc_CaVz3aHUH6lTAeXYALB_oJD0hIp4En5Kn0IHDtkuYvA==
/
torontosun.com/api-root/media/videos/playlists/JQkbLqiZ/player/json/ 		9 KB
9 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://torontosun.com/api-root/media/videos/playlists/JQkbLqiZ/player/json/
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/12.5.3/websites/js/e47495018748c94898c36.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.249.109 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
109.249.111.34.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
4fdc18f793ea9a4ab3aca6a20d140841a3be68cfc812e8b0d12bfb19f98449ed
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-dynamic' 'unsafe-inline' data: blob:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:32 GMT
content-security-policy
default-src * 'unsafe-eval' 'unsafe-dynamic' 'unsafe-inline' data: blob:
x-content-type-options
nosniff
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9586
referrer-policy
strict-origin-when-cross-origin
last-modified
Friday, 16-Dec-2022 04:09:32 GMT
server
nginx/1.14.2
x-pmd-backend
pmd-nginx-proxy-6b5f856d6f-9np6t
vary
Accept, Cookie, Origin
allow
GET, HEAD, OPTIONS
content-type
application/json
x-frame-options
SAMEORIGIN
cache-control
max-age=900, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
permissions-policy
autoplay=(*), camera=(*), display-capture=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), microphone=(*), payment=(*)
expires
Fri, 16 Dec 2022 04:10:45 GMT
simple
api.sail-personalize.com/v1/personalize/ 		288 B
496 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Requested by
Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.40.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash
3892e125d1dbed450238758f1014350f44fc60151c71dde2af583fa2568afec9

Request headers

x-lib-version
v1.0.1
accept-language
de-DE,de;q=0.9
authorization
Bearer b9d3df2fccd108b5eff3c44f573b2cd6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type
application/json
accept
application/json
Referer
https://torontosun.com/
x-referring-url
https://torontosun.com/

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 04:09:32 GMT
content-encoding
gzip
allowedorigins
*
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
allowedmethods
GET,OPTIONS
cache-control
no-store
access-control-allow-credentials
true
allowedheaders
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length
195
expires
-1
simple
api.sail-personalize.com/v1/personalize/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.40.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-lib-version,x-referring-url
Access-Control-Request-Method
GET
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
access-control-allow-methods
OPTIONS,GET,POST,PUT,DELETE
access-control-allow-origin
https://torontosun.com
access-control-max-age
1800
allow
HEAD,GET,OPTIONS
content-length
18
content-type
text/plain
date
Fri, 16 Dec 2022 04:09:32 GMT
supply
events.browsiprod.com/events/ 		0
100 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/supply?p=16c53466-a3f0-4904-a3bb-834cd0c01c3b
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.9.24.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.22.15.219 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-100-22-15-219.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://torontosun.com
date
Fri, 16 Dec 2022 04:09:32 GMT
access-control-allow-credentials
true
abd.js
cdn.browsiprod.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.browsiprod.com/abd.js
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.9.24.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-108.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
481d713552f587d3bc0e3683557f8541ea69543e4d7abb7e4299c646ab10fd03

Request headers

Referer
https://torontosun.com/
Origin
https://torontosun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
rKwk7MJeT07HcAaaVBBDA7s6dDzRWDJ1
content-encoding
gzip
via
1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
date
Thu, 15 Dec 2022 20:00:42 GMT
x-amz-cf-pop
FRA56-P2
age
29331
x-cache
Hit from cloudfront
last-modified
Sun, 08 Jul 2018 12:47:26 GMT
server
AmazonS3
etag
W/"bc70a2c30105ea2f98d83f5ad623fc39"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
kO04Ng_36igTWizzqzGMkQraCj68EyftNCgjwVPac8hRJaWMS24QRw==
supply
events.browsiprod.com/events/ 		0
100 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/supply?p=16c53466-a3f0-4904-a3bb-834cd0c01c3b
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.9.24.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.22.15.219 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-100-22-15-219.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://torontosun.com
date
Fri, 16 Dec 2022 04:09:32 GMT
access-control-allow-credentials
true
segment
api.permutive.com/adv/v2/ 		30 B
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/adv/v2/segment?new-session=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
b445bad8e6fcb75a280aab0d13732970ddcb3e855e14f5281ec4200b871ac7ef

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 16 Dec 2022 04:09:32 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30
content-type
application/json
sync
googlesync.permutive.com/v2.0/px/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=59b383c7-347f-4425-b503-7e7d81631514
  • https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=59b383c7-347f-4425-b503-7e7d81631514&google_tc=
  • https://googlesync.permutive.com/v2.0/px/sync?alias=CAESECZo1pAufye-_LDSWNGVL1c&error=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=59b383c7-347f-4425-b503-7e7d81631514&google_cver=1
35 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googlesync.permutive.com/v2.0/px/sync?alias=CAESECZo1pAufye-_LDSWNGVL1c&error=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=59b383c7-347f-4425-b503-7e7d81631514&google_cver=1
Protocol
H2
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:32 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
vary
Origin
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 16 Dec 2022 04:09:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://googlesync.permutive.com/v2.0/px/sync?alias=CAESECZo1pAufye-_LDSWNGVL1c&error=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=59b383c7-347f-4425-b503-7e7d81631514&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
404
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
comscore.js
storage.googleapis.com/pmd-dev-northamerica-northeast1-asset-analytics-pub/js/ 		168 KB
168 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/pmd-dev-northamerica-northeast1-asset-analytics-pub/js/comscore.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/12.5.3/websites/js/10dc0eecadc470fc61d837.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2010 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
276b5244682738d09b1f2ea556faf7d6d967c844fa95c762c121a0957ebe4503

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 03:14:58 GMT
age
3274
x-guploader-uploadid
ADPycds2QRy97ORrJlBzwJBiPCP3bNE1xNL8g66LpdpMCXss_Pl1XRsYSscjsEl8WS826PnEVqDIwG6t7z1ZxfPiW8CZ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
171739
last-modified
Tue, 13 Sep 2022 19:04:43 GMT
server
UploadServer
etag
"702fb2c84c6e8b364a6130cb860c7987"
x-goog-generation
1663095883714722
x-goog-hash
crc32c=aQkgGQ==, md5=cC+yyExuizZKYTDLhgx5hw==
content-type
text/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
171739
accept-ranges
bytes
expires
Fri, 16 Dec 2022 04:14:58 GMT
crrnn3lp-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/d9dbB4sc/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/crrnn3lp-320.jpg
23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/crrnn3lp-320.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
551070687cfd89cbf873f4c2a8eb7b7a1f11ba3b56ae271ae3b300179c896c38

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:32 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
554
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
23070
x-served-by
cache-iad-kcgs7200107-IAD, cache-hhn-etou8220056-HHN
last-modified
Thu, 15 Dec 2022 19:04:17 GMT
server
nginx
x-timer
S1671163772.414367,VS0,VE92
etag
"944264aeed76209cea82aacd3b1b1d70"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
11, 1

Redirect headers

date
Fri, 16 Dec 2022 04:09:32 GMT
via
1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/crrnn3lp-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
ur-k8vlm4l3yAL5LVuxYD0agNVqsgRmrchnv5ToOj8QRLSy587zQrQ==
gpejx2xy-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/cI43H2tS/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/gpejx2xy-320.jpg
30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/gpejx2xy-320.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5ba802a18fa82dd616c0457512b0ee5286de011e968b169f5d8ed952627251a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:32 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
669
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
30508
x-served-by
cache-iad-kiad7000022-IAD, cache-hhn-etou8220056-HHN
last-modified
Thu, 15 Dec 2022 18:08:38 GMT
server
nginx
x-timer
S1671163772.415096,VS0,VE1
etag
"a380083f4c61713ff6cfc37c3f0bc329"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
59, 1

Redirect headers

date
Fri, 16 Dec 2022 04:09:32 GMT
via
1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/gpejx2xy-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
-d_Sclp16-DtLfeZik9sX0DHPqAwvPTUf2XDLF51IEGoW8tUbax5hg==
u8uit50p-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/CtFnNPda/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/u8uit50p-320.jpg
22 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/u8uit50p-320.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
265547021d6ef280f93f886c9912e7966ebdf9c3ae3f4cc9d05f8a1596ad090c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:32 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
554
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
21546
x-served-by
cache-iad-kjyo7100177-IAD, cache-hhn-etou8220056-HHN
last-modified
Thu, 15 Dec 2022 19:50:41 GMT
server
nginx
x-timer
S1671163772.415231,VS0,VE93
etag
"5752ca4bbbf3c9bcbde07672e117513d"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
9, 1

Redirect headers

date
Fri, 16 Dec 2022 04:09:32 GMT
via
1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/u8uit50p-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
wbRTReq2TwMdKuhqAHG9sva5-l4dmfyAhC4439M6Y4j_1ZRbbRCV-Q==
oxcqfdgl-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/1neXBkPA/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/oxcqfdgl-320.jpg
9 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/oxcqfdgl-320.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3f5480c4d6414adec5068c70f1519592a1918352d68d189dcff1b3e530cf8f83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:32 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
392
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
8532
x-served-by
cache-iad-kjyo7100119-IAD, cache-hhn-etou8220056-HHN
last-modified
Wed, 14 Dec 2022 23:29:15 GMT
server
nginx
x-timer
S1671163772.414366,VS0,VE87
etag
"4861d0bae40f466976973435b965f6ad"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
10, 1

Redirect headers

date
Fri, 16 Dec 2022 04:09:32 GMT
via
1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/oxcqfdgl-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
cnc5Uqkf6AhhS4tAiiT6T-Y4EOE-GRYEYQkDJdc-h0ZhuDO_l3OZkg==
pihrgonv-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/E16vC0st/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/pihrgonv-320.jpg
18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/pihrgonv-320.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2acb117f7aa71c661a68767b93b69f23500a83cbe72a74d9e1c7817d768a89b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:32 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
669
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
18046
x-served-by
cache-iad-kcgs7200096-IAD, cache-hhn-etou8220056-HHN
last-modified
Wed, 14 Dec 2022 22:43:08 GMT
server
nginx
x-timer
S1671163772.414723,VS0,VE1
etag
"d77d684c038c751cc034c9cb3f619aa6"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
66, 1

Redirect headers

date
Fri, 16 Dec 2022 04:09:32 GMT
via
1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/pihrgonv-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
4BM3CCkQmnVuKkgqtGTgz5462uCsbPDe7aTUuy-s__BKzUW1WYe3OA==
xgs44ygt-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/oJJGx4RN/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/xgs44ygt-320.jpg
13 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/xgs44ygt-320.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9ea4d028cd2d66f638e2eb242382d52582a52e48d6cea974a598ca65a2daecd6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:32 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
292
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
12220
x-served-by
cache-iad-kiad7000031-IAD, cache-hhn-etou8220056-HHN
last-modified
Tue, 13 Dec 2022 20:02:06 GMT
server
nginx
x-timer
S1671163772.414942,VS0,VE87
etag
"089fe4d5ced61c90b8d2778bc278912e"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
6, 1

Redirect headers

date
Fri, 16 Dec 2022 04:09:32 GMT
via
1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/xgs44ygt-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
rMoUH0jcpsBXkiAgRucEPyMUN1BW1NvdDFQQ8OfRRgAfZqlWDWZxZQ==
cri4cye5-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/o6EK83ym/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/cri4cye5-320.jpg
19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/cri4cye5-320.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4e73162b7ecdf75b3941306c4f9eedc5656a54e9aab98992c3f2e0f76f5829d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:32 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
366
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
18802
x-served-by
cache-iad-kiad7000171-IAD, cache-hhn-etou8220056-HHN
last-modified
Thu, 15 Dec 2022 00:22:33 GMT
server
nginx
x-timer
S1671163772.418679,VS0,VE87
etag
"aab7d1e05e496301421d916775e393a7"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
29, 1

Redirect headers

date
Fri, 16 Dec 2022 04:09:32 GMT
via
1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/cri4cye5-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
Kt4pG8bpJSDJqocjgX1SHWK5pQb4tf6Ngoxh5RBAvGPMsrwy8R5A-A==
3gugdm44-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/iAR6JDbF/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/3gugdm44-320.jpg
33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/3gugdm44-320.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cbd137ce04edfb792ccb0ccc11c46b81a35af44d54395e63ddb95f0474390b2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:32 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
668
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
33517
x-served-by
cache-iad-kcgs7200085-IAD, cache-hhn-etou8220056-HHN
last-modified
Thu, 15 Dec 2022 00:09:10 GMT
server
nginx
x-timer
S1671163772.414687,VS0,VE1
etag
"69c236efeb889373f8ee30351eee11c0"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
45, 1

Redirect headers

date
Fri, 16 Dec 2022 04:09:32 GMT
via
1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/3gugdm44-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
iQBmspL-_N1LmYO8m7U-Yksfxw8gI-tsuO4s7rdCSdOQi4VU8kCToA==
z9yp0uso-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/UteA8aCv/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/z9yp0uso-320.jpg
12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/z9yp0uso-320.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2bc9884ce04149fcef998cacf9f73d2ed2286de9baf0b9d7f582961077dc8074

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:32 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
418
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
11868
x-served-by
cache-iad-kjyo7100073-IAD, cache-hhn-etou8220056-HHN
last-modified
Tue, 13 Dec 2022 22:42:58 GMT
server
nginx
x-timer
S1671163772.418687,VS0,VE185
etag
"5e39bf00169e5d70107a7f4b3c33b5a3"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
3, 1

Redirect headers

date
Fri, 16 Dec 2022 04:09:32 GMT
via
1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/z9yp0uso-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
8FS6RUjlb_veqEEa5ecqf7I1GFyEMJctz2EjVbct_tbfev8Bi5Lbyw==
jy14ugsv-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/rZWWoovK/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/jy14ugsv-320.jpg
20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/jy14ugsv-320.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4d4c2a4a232c46ab1f749bdcfa670b00cb68019cc3c18354ae73ce9424d432a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:32 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
366
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
20035
x-served-by
cache-iad-kcgs7200087-IAD, cache-hhn-etou8220056-HHN
last-modified
Thu, 15 Dec 2022 21:10:35 GMT
server
nginx
x-timer
S1671163772.414698,VS0,VE95
etag
"718006070dd34f75492ea708bc7bb5f3"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
32, 1

Redirect headers

date
Fri, 16 Dec 2022 04:09:32 GMT
via
1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/jy14ugsv-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
qIsTYKxlUe1s9NltcT7obaKzW25dslgdr-8AnKeKeJQIoDRwd9-WOw==
IrYAVodh.js
cdn.jwplayer.com/libraries/ 		120 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/libraries/IrYAVodh.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/12.5.3/websites/js/10dc0eecadc470fc61d837.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:1200:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
8392ad514caf1f268ff659c3bce80070d92cd51c1f01e430989ddd8c086dbef5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:32 GMT
content-encoding
gzip
via
1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180
x-robots-tag
noindex, indexifembedded
content-length
42747
x-amz-cf-id
pAtidRJyV7T8Z6-pC9YFMqVp7OSHta81nOBFDY2ItPlloxSL_ASlzw==
appInfo
config.lrcontent.com/ciam/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://config.lrcontent.com/ciam/appInfo?apikey=1a9a7ccf-c3f1-4ec9-a65f-2c3e8d9510a5
Requested by
Host: auth.lrcontent.com
URL: https://auth.lrcontent.com/v2/js/LoginRadiusV2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:49e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbe74c62945bca0d7d29f9784c7462326fb4f8100313f320468c67a947a267ad

Request headers

Referer
https://torontosun.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:32 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json
access-control-allow-origin
https://torontosun.com
cache-control
max-age=86400
cf-ray
77a49069e8ed926e-FRA
bc68aee9cb2ffca46da1.js
fem.gprod.postmedia.digital/v71.0/chunks/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v71.0/chunks/bc68aee9cb2ffca46da1.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v71.0/fem.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8097af8146c2d5e9994270aeabe8bab06b1c10d16c3b8a8ea9ddabeff6633ecd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 18:45:49 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1669212154
age
1416223
x-guploader-uploadid
ADPycdsML8I4MhTm0gZ5rnF3oWUMEDAQTLxZu97v5XWIEeeB6ce7ZO4v2gcZfV5ZrAOzD_bTJ6IN5PHKAzkFYcxtxUSYXw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1092
last-modified
Wed, 23 Nov 2022 14:04:34 GMT
server
UploadServer
etag
W/"fbbfa837334d742fcc174f76c1328442"
vary
Accept-Encoding
x-goog-generation
1669212274221676
x-goog-hash
crc32c=FOIepw==, md5=+7+oNzNNdC/MF092wTKEQg==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
3199
accept-ranges
none
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=torontosun.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=torontosun.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
pub
pixel.adsafeprotected.com/services/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=928934&slot=%7Bid:ad-1,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-2,ss:%5B6.6,1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-1,ss:%5B5.5%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-3,ss:%5B7.7,1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-2,ss:%5B5.5%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-4,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-3,ss:%5B5.5%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-5,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-4,ss:%5B5.5%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-6,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-5,ss:%5B5.5%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-7,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-6,ss:%5B5.5%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-8,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-7,ss:%5B5.5%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-9,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-8,ss:%5B5.5%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-10,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-9,ss:%5B5.5%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-11,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-10,ss:%5B5.5%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-12,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-11,ss:%5B5.5%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-13,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=3620fb1d-436e-cc18-4190-b0ee9176aba4&url=https%253A%252F%252Ftorontosun.com%252F
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.253.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-253-29.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8600c27f22c398446daef29ce76576693aadd7ec6702a895be742f92c4b9bfac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:32 GMT
server
nginx
x-server-name
app05.ie.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://torontosun.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
ads
securepubads.g.doubleclick.net/gampad/ 		1 MB
147 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4316221826527483&correlator=1280743560611113&eid=31071151%2C31071221&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=3081%2CSMCO_ENUR_TSUN_EN_WEB%2Cindex&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C6x6%7C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C7x7%7C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250&ifi=1&adks=225519801%2C1205333068%2C2520642919%2C4150895342%2C2520642904%2C225519802%2C2520642905%2C225519797%2C2520642906%2C225519796%2C2520642907%2C225519799%2C2520642908%2C225519798%2C2520642909%2C225519793%2C2520642910%2C3169864135%2C2520642911%2C3169864134%2C997449486%2C3169863993%2C997449485%2C3169863992&didk=390648829~390648828~3147356942~390648827~3147356943~390648826~3147356940~390648825~3147356941~390648824~3147356938~390648775~3147356939~390648774~3147356936~390648773~3147356937~4188301106~3147356934~4188301101~3650700221~4188301100~3650700218~4188301103&sfv=1-0-40&prev_scp=loc%3D1%26browsiId%3Dtorontosun_a%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%7Cloc%3D2%26browsiId%3Dtorontosun_a%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%7Cloc%3D1%26amznbid%3D2%26amznp%3D2%7Cloc%3D3%26browsiId%3Dtorontosun_a%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%7Cloc%3D2%26amznbid%3D2%26amznp%3D2%7Cloc%3D4%26browsiId%3Dtorontosun_a%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.02%26hb_adid%3D19270052c3ab4a7%26hb_bidder%3Drubicon%7Cloc%3D3%26amznbid%3D2%26amznp%3D2%7Cloc%3D5%26browsiId%3Dtorontosun_a%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%7Cloc%3D4%26amznbid%3D2%26amznp%3D2%7Cloc%3D6%26browsiId%3Dtorontosun_a%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%7Cloc%3D5%26amznbid%3D2%26amznp%3D2%7Cloc%3D7%26browsiId%3Dtorontosun_a%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%7Cloc%3D6%26amznbid%3D2%26amznp%3D2%7Cloc%3D8%26browsiId%3Dtorontosun_a%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%7Cloc%3D7%26amznbid%3D2%26amznp%3D2%7Cloc%3D9%26browsiId%3Dtorontosun_a%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%7Cloc%3D8%26amznbid%3D2%26amznp%3D2%7Cloc%3D10%26browsiId%3Dtorontosun_a%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%7Cloc%3D9%26amznbid%3D2%26amznp%3D2%7Cloc%3D11%26browsiId%3Dtorontosun_a%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%7Cloc%3D10%26amznbid%3D2%26amznp%3D2%7Cloc%3D12%26browsiId%3Dtorontosun_a%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%7Cloc%3D11%26amznbid%3D2%26amznp%3D2%7Cloc%3D13%26browsiId%3Dtorontosun_a%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=permutive%3D96400%252C110592%252C111761%252C111793%252C116417%252Crts%26puid%3D59b383c7-347f-4425-b503-7e7d81631514%26ptime%3D1671163771565%26prmtvvid%3D2a237a0b-d8fe-45a0-a9d3-ae6172a486de%26prmtvwid%3D23dc09d6-b664-425a-a76e-0eed6a6cc102%26no_pol%3Dtrue%26page%3Dindex%26pr%3Dtsun%26sensitive%3Dn%26negative%3Dn%26et%3Dsm%26ck%3Dindex%26imp%3Dindex%26prmtvsdk%3Dweb&sc=1&cookie_enabled=1&abxe=1&dt=1671163772310&lmt=1671163772&dlt=1671163770545&idt=1011&adxs=200%2C797%2C765%2C797%2C765%2C200%2C765%2C200%2C765%2C200%2C765%2C200%2C765%2C200%2C765%2C200%2C765%2C200%2C765%2C200%2C765%2C200%2C765%2C200&adys=277%2C1823%2C2437%2C3459%2C4312%2C4317%2C4881%2C4890%2C5484%2C5463%2C6027%2C5804%2C6447%2C6145%2C6760%2C6486%2C7028%2C6827%2C7414%2C7168%2C7736%2C7509%2C8152%2C7850&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7C10%7C11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C20%7C21%7C22%7C23&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg%7Ch%7Ci%7Cj%7Ck%7Cl%7Cm%7Cn%7Co&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Ftorontosun.com%2F&frm=20&vis=1&psz=1600x250%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250&msz=1600x-1%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1&fws=4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4&ohw=1600%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600&ga_vid=1205838941.1671163772&ga_sid=1671163772&ga_hid=1369631191&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a82a9448cf617b6b136de8e983c9c592c32ebd05e51f8a2ed4efb6375e85ecbb
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8955022908764288637/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8955022908764288637/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJ3jk5ii_fsCFZ3AuwgdB7gLVg&gqi=&layout=/sadbundle/%24csp%253Der3%24/8955022908764288637/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10341413083544804248/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10341413083544804248/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJvjk5ii_fsCFZ3AuwgdB7gLVg&gqi=&layout=/sadbundle/%24csp%253Der3%24/10341413083544804248/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8955022908764288637/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8955022908764288637/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJfjk5ii_fsCFZ3AuwgdB7gLVg&gqi=&layout=/sadbundle/%24csp%253Der3%24/8955022908764288637/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8955022908764288637/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8955022908764288637/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJ_jk5ii_fsCFZ3AuwgdB7gLVg&gqi=&layout=/sadbundle/%24csp%253Der3%24/8955022908764288637/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5812480258466461545/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5812480258466461545/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIfjk5ii_fsCFZ3AuwgdB7gLVg&gqi=&layout=/sadbundle/%24csp%253Der3%24/5812480258466461545/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5812480258466461545/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5812480258466461545/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJnjk5ii_fsCFZ3AuwgdB7gLVg&gqi=&layout=/sadbundle/%24csp%253Der3%24/5812480258466461545/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5812480258466461545/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5812480258466461545/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJXjk5ii_fsCFZ3AuwgdB7gLVg&gqi=&layout=/sadbundle/%24csp%253Der3%24/5812480258466461545/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10341413083544804248/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10341413083544804248/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKHjk5ii_fsCFZ3AuwgdB7gLVg&gqi=&layout=/sadbundle/%24csp%253Der3%24/10341413083544804248/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10341413083544804248/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10341413083544804248/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKPjk5ii_fsCFZ3AuwgdB7gLVg&gqi=&layout=/sadbundle/%24csp%253Der3%24/10341413083544804248/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10341413083544804248/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10341413083544804248/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKXjk5ii_fsCFZ3AuwgdB7gLVg&gqi=&layout=/sadbundle/%24csp%253Der3%24/10341413083544804248/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5812480258466461545/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5812480258466461545/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CInjk5ii_fsCFZ3AuwgdB7gLVg&gqi=&layout=/sadbundle/%24csp%253Der3%24/5812480258466461545/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8955022908764288637/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8955022908764288637/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJ3jk5ii_fsCFZ3AuwgdB7gLVg&gqi=&layout=/sadbundle/%24csp%253Der3%24/8955022908764288637/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10341413083544804248/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10341413083544804248/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJvjk5ii_fsCFZ3AuwgdB7gLVg&gqi=&layout=/sadbundle/%24csp%253Der3%24/10341413083544804248/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8955022908764288637/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8955022908764288637/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJfjk5ii_fsCFZ3AuwgdB7gLVg&gqi=&layout=/sadbundle/%24csp%253Der3%24/8955022908764288637/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8955022908764288637/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8955022908764288637/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJ_jk5ii_fsCFZ3AuwgdB7gLVg&gqi=&layout=/sadbundle/%24csp%253Der3%24/8955022908764288637/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5812480258466461545/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5812480258466461545/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIfjk5ii_fsCFZ3AuwgdB7gLVg&gqi=&layout=/sadbundle/%24csp%253Der3%24/5812480258466461545/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5812480258466461545/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5812480258466461545/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJnjk5ii_fsCFZ3AuwgdB7gLVg&gqi=&layout=/sadbundle/%24csp%253Der3%24/5812480258466461545/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5812480258466461545/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5812480258466461545/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJXjk5ii_fsCFZ3AuwgdB7gLVg&gqi=&layout=/sadbundle/%24csp%253Der3%24/5812480258466461545/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10341413083544804248/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10341413083544804248/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKHjk5ii_fsCFZ3AuwgdB7gLVg&gqi=&layout=/sadbundle/%24csp%253Der3%24/10341413083544804248/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10341413083544804248/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10341413083544804248/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKPjk5ii_fsCFZ3AuwgdB7gLVg&gqi=&layout=/sadbundle/%24csp%253Der3%24/10341413083544804248/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10341413083544804248/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10341413083544804248/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKXjk5ii_fsCFZ3AuwgdB7gLVg&gqi=&layout=/sadbundle/%24csp%253Der3%24/10341413083544804248/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5812480258466461545/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5812480258466461545/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CInjk5ii_fsCFZ3AuwgdB7gLVg&gqi=&layout=/sadbundle/%24csp%253Der3%24/5812480258466461545/index.html
date
Fri, 16 Dec 2022 04:09:33 GMT
x-content-type-options
nosniff
content-encoding
br
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
150285
x-xss-protection
0
google-lineitem-id
6054664554,6054664554,-2,-1,-2,-1,-2,-1,-2,-1,-2,-1,-2,-1,-2,-1,-2,-1,-2,-1,-2,-1,-2,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138416997094,138416348750,-2,-1,-2,-1,-2,-1,-2,-1,-2,-1,-2,-1,-2,-1,-2,-1,-2,-1,-2,-1,-2,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://torontosun.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1f1a1b4664a64e30770b1ae845e7d00302bc61703b801dfcf4f0fb10da8a918d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11201
x-xss-protection
0
container.html
6d49519d1fdf76a7ab36c75192cd0ac6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7807 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6d49519d1fdf76a7ab36c75192cd0ac6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 16 Dec 2022 04:09:32 GMT
expires
Sat, 16 Dec 2023 04:09:32 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
appInfo
config.lrcontent.com/ciam/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://config.lrcontent.com/ciam/appInfo?apikey=1a9a7ccf-c3f1-4ec9-a65f-2c3e8d9510a5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:49e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers
x-requested-with
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://torontosun.com
allow
GET, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
77a4906978ac926e-FRA
date
Fri, 16 Dec 2022 04:09:32 GMT
server
cloudflare
vary
Origin
login
postmedia.hub.loginradius.com/ssologin/ 		38 B
548 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v71.0/fem.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.159.85.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-85-30.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type
application/json

Response headers

Date
Fri, 16 Dec 2022 04:09:33 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Server
nginx
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,OPTIONS, POST, GET, PUT, OPTIONS, DELETE
Content-Type
application/json
Access-Control-Allow-Origin
https://torontosun.com
X-LoginRadius-Server
Primary - IDX - AWS
Access-Control-Allow-Credentials
true
X-Server
ms_idx_primary
Connection
keep-alive
Content-Length
38
login
postmedia.hub.loginradius.com/ssologin/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.159.85.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-85-30.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,OPTIONS POST, GET, PUT, OPTIONS, DELETE
Access-Control-Allow-Origin
https://torontosun.com
Connection
keep-alive
Date
Fri, 16 Dec 2022 04:09:33 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-LoginRadius-Server
Primary - IDX - AWS
X-Server
ms_idx_primary
JQkbLqiZ
cdn.jwplayer.com/v2/playlists/ 		57 KB
9 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/v2/playlists/JQkbLqiZ
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/12.5.3/websites/js/e59b9bf6522879b1a2c02.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:1200:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
75c64fa9c6192ce18c7c901e1065f5c2193b332251058a8e46bcb395403fd2b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:32 GMT
content-encoding
gzip
via
1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-robots-tag
noindex, indexifembedded
content-length
8690
x-amz-cf-id
L39LkmIjXRtzYxJtoropR93S5DeDEkqYUK2icwgMAAwXGy3C4RR8yg==
expires
Fri, 16 Dec 2022 04:12:32
supply
events.browsiprod.com/events/ 		0
100 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/supply?p=16c53466-a3f0-4904-a3bb-834cd0c01c3b
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.9.24.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.22.15.219 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-100-22-15-219.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://torontosun.com
date
Fri, 16 Dec 2022 04:09:32 GMT
access-control-allow-credentials
true
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 16 Dec 2022 04:09:32 GMT
googima.js
ssl.p.jwpcdn.com/player/v/8.26.4/ 		75 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.26.4/googima.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01ed1c5dcb04e38437e2838db84f1f8f258934bcb79ec428feddde2d02faa658

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:32 GMT
content-encoding
gzip
via
1.1 varnish
age
7281
x-cache
HIT
content-length
22519
x-served-by
cache-hhn-etou8220056-HHN
last-modified
Fri, 18 Nov 2022 20:47:06 GMT
server
AmazonS3
x-timer
S1671163773.625676,VS0,VE0
etag
"0fff9e40a3231687c7fca8c4578e323a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, immutable
accept-ranges
bytes
x-cache-hits
702
jwpsrv.js
ssl.p.jwpcdn.com/player/v/8.26.4/ 		62 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.26.4/jwpsrv.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
81c3817feb6b870c945faa95ff3322b5d6560c1cf259b0c7826e7a15f88e0023

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:32 GMT
content-encoding
gzip
via
1.1 varnish
age
239
x-cache
HIT
content-length
18865
x-served-by
cache-hhn-etou8220056-HHN
last-modified
Tue, 13 Dec 2022 17:49:36 GMT
server
AmazonS3
x-timer
S1671163773.625691,VS0,VE0
etag
"fef737c4cc57ed883ecf82f803194198"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, immutable
accept-ranges
bytes
x-cache-hits
89
jwplayer.core.controls.js
ssl.p.jwpcdn.com/player/v/8.26.4/ 		325 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.26.4/jwplayer.core.controls.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
795fde21904da8fba2d623e23f6f79d59fe4f21d117aaaadafae15dd9387e598

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:32 GMT
content-encoding
gzip
via
1.1 varnish
age
698632
x-cache
HIT
content-length
85630
x-served-by
cache-hhn-etou8220056-HHN
last-modified
Fri, 18 Nov 2022 20:47:00 GMT
server
AmazonS3
x-timer
S1671163773.625684,VS0,VE0
etag
"68e4ffb90450a7ac45412da232cf120a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
244442
JQkbLqiZ
cdn.jwplayer.com/v2/playlists/ 		57 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/v2/playlists/JQkbLqiZ
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:1200:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
75c64fa9c6192ce18c7c901e1065f5c2193b332251058a8e46bcb395403fd2b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:32 GMT
content-encoding
gzip
via
1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
x-cache
Hit from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-robots-tag
noindex, indexifembedded
content-length
8690
x-amz-cf-id
mqJhl4qZzhYf7pYvWjgtZv-kC3H_NLA28SPxdUYpRkLhNeMm9gJjKg==
expires
Fri, 16 Dec 2022 04:12:32
events
api.permutive.com/v2.0/batch/ 		101 B
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
356120439f6c88cd9bb2a57d851d5f5e642ba9ded3c1ef469e7a2c766a0620bf

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 16 Dec 2022 04:09:32 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
provider.hlsjs.js
ssl.p.jwpcdn.com/player/v/8.26.4/ 		377 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.26.4/provider.hlsjs.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f0d08bd0271c5d085f5d1419b1af887eb9c250aac800cadc4d5ea64c3a348e97

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:32 GMT
content-encoding
gzip
via
1.1 varnish
age
698632
x-cache
HIT
content-length
112546
x-served-by
cache-hhn-etou8220056-HHN
last-modified
Fri, 18 Nov 2022 20:47:03 GMT
server
AmazonS3
x-timer
S1671163773.629287,VS0,VE0
etag
"e133e8e7b97079d4bc7ec71fae611795"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
187501
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 15EF 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
51221
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 13:55:51 GMT
expires
Fri, 15 Dec 2023 13:55:51 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4B6C 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d1bad41e63f2182939b73d789dead6c48fc1bba5128d6be8f7fb4d74ce5a8bbe
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-cAEP79Djgy2tW_Uc8XVvDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-cAEP79Djgy2tW_Uc8XVvDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 16 Dec 2022 04:09:32 GMT
expires
Fri, 16 Dec 2022 04:09:32 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
EP4j6LNJEeu2Q2J+7u8ONQ.json
entitlements.jwplayer.com/ 		69 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://entitlements.jwplayer.com/EP4j6LNJEeu2Q2J+7u8ONQ.json
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.243 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (amb/6AC4) /
Resource Hash
5427e10c23520fbca480e8750c7e03dc2858eee594081879ea72a559bbd9fa81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:32 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 02:46:44 GMT
server
ECAcc (amb/6AC4)
age
4968
vary
Accept-Encoding
x-cache
HIT
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1800, s-maxage=13200
accept-ranges
bytes
content-length
80
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		372 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b0e18d026f801cfbb4fdf886e99a811a4befbeb289daf315a8d30c963242943
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126857
x-xss-protection
0
expires
Fri, 16 Dec 2022 04:09:32 GMT
VPJ6pj1v.vtt
assets-jpcust.jwpsrv.com/tracks/
Redirect Chain
  • https://cdn.jwplayer.com/tracks/VPJ6pj1v.vtt
  • https://assets-jpcust.jwpsrv.com/tracks/VPJ6pj1v.vtt
2 KB
927 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets-jpcust.jwpsrv.com/tracks/VPJ6pj1v.vtt
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e843afb4d1c2b5cf4e101ab6d9c19a3e7e5e2e04abc61938ea28feac8644ca38

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:32 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
270
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
767
x-served-by
cache-iad-kiad7000155-IAD, cache-hhn-etou8220097-HHN
last-modified
Thu, 15 Dec 2022 20:54:16 GMT
server
nginx
x-timer
S1671163773.884075,VS0,VE91
etag
"08c565f071d829482b48a7b20b2710b3"
vary
Accept-Encoding
content-type
text/vtt
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
9, 1

Redirect headers

date
Fri, 16 Dec 2022 04:09:32 GMT
via
1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
content-type
text/html
location
https://assets-jpcust.jwpsrv.com/tracks/VPJ6pj1v.vtt
access-control-allow-origin
*
x-robots-tag
noindex, indexifembedded
content-length
166
x-amz-cf-id
K2ipaM4rjE2vMguvj6R63iLoL1NCm71ngMfazGIuXP3R5iHl11SP0g==
polyfills.webvtt.js
ssl.p.jwpcdn.com/player/v/8.26.4/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.26.4/polyfills.webvtt.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1ff5585bdbea001d37f3647975a645f0594090f070915831286de90dd45949d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:32 GMT
content-encoding
gzip
via
1.1 varnish
age
697345
x-cache
HIT
content-length
4430
x-served-by
cache-hhn-etou8220056-HHN
last-modified
Fri, 18 Nov 2022 20:47:02 GMT
server
AmazonS3
x-timer
S1671163773.724924,VS0,VE0
etag
"b3e139c07aac361115e8ec41bde7d2a5"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
32164
rZWWoovK-120.vtt
assets-jpcust.jwpsrv.com/strips/
Redirect Chain
  • https://cdn.jwplayer.com/strips/rZWWoovK-120.vtt
  • https://assets-jpcust.jwpsrv.com/strips/rZWWoovK-120.vtt
2 KB
737 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets-jpcust.jwpsrv.com/strips/rZWWoovK-120.vtt
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0215d8abf1730058f58dd7023c5e089d7e5b3363800687477f26ac3b30181f7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:32 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
270
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
367
x-served-by
cache-iad-kjyo7100062-IAD, cache-hhn-etou8220097-HHN
last-modified
Thu, 15 Dec 2022 20:52:24 GMT
server
nginx
x-timer
S1671163773.884133,VS0,VE87
etag
"ed4dbba52fbdb8c506e3fa105472f65a"
vary
Accept-Encoding
content-type
text/vtt
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
4, 1

Redirect headers

date
Fri, 16 Dec 2022 04:09:32 GMT
via
1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
content-type
text/html
location
https://assets-jpcust.jwpsrv.com/strips/rZWWoovK-120.vtt
access-control-allow-origin
*
x-robots-tag
noindex, indexifembedded
content-length
166
x-amz-cf-id
RBA946IU8IKepXY1KbB9hCsGntqG9gspI0nZ8PsI1m1shFy7cu29xw==
provider.cast.js
ssl.p.jwpcdn.com/player/v/8.26.4/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.26.4/provider.cast.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c04cc9291263e7985a785488a86def962e1b3acb3f6d0c6b6300ad83d296fa80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:32 GMT
content-encoding
gzip
via
1.1 varnish
age
698627
x-cache
HIT
content-length
10063
x-served-by
cache-hhn-etou8220056-HHN
last-modified
Fri, 18 Nov 2022 20:47:03 GMT
server
AmazonS3
x-timer
S1671163773.764067,VS0,VE0
etag
"85848960d38d9726d11832b0dfb8cc05"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
111676
related.js
ssl.p.jwpcdn.com/player/v/8.26.4/ 		106 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.26.4/related.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1437f4978d88ee673b2036f35e3bda280afcc88df1f9b684c99219618147326f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:32 GMT
content-encoding
gzip
via
1.1 varnish
age
697825
x-cache
HIT
content-length
25386
x-served-by
cache-hhn-etou8220056-HHN
last-modified
Fri, 18 Nov 2022 20:47:05 GMT
server
AmazonS3
x-timer
S1671163773.764674,VS0,VE0
etag
"f24fb774de6978d8e6347e9413aaf68c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
246220
rZWWoovK.m3u8
cdn.jwplayer.com/manifests/ 		2 KB
899 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/manifests/rZWWoovK.m3u8
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.26.4/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:1200:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
1fef529df5260859a2c508c940b822493253346b67b46762736ad66b2fd2bbf0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:32 GMT
content-encoding
gzip
via
1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
content-type
application/vnd.apple.mpegurl; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180
x-robots-tag
noindex, indexifembedded
content-length
547
x-amz-cf-id
a53Mo1d6omWxcJtjRTAZFjgWn_j5gZST_mUOlJJoPGSKmiVYmVJyAA==
jy14ugsv-720.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/rZWWoovK/poster.jpg?width=720
  • https://assets-jpcust.jwpsrv.com/thumbnails/jy14ugsv-720.jpg
55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/jy14ugsv-720.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e7e4410ba8851bdf3d957acd7e5c0ba4c9712f892d015ab46b327bc4acfb52e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:33 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
366
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
55889
x-served-by
cache-iad-kcgs7200146-IAD, cache-hhn-etou8220056-HHN
last-modified
Thu, 15 Dec 2022 21:10:35 GMT
server
nginx
x-timer
S1671163773.955617,VS0,VE96
etag
"ab9cf2e10a9ea70e95fb83f39d3db54e"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
1, 1

Redirect headers

date
Fri, 16 Dec 2022 04:09:32 GMT
via
1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/jy14ugsv-720.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
169aDSxv2NwJ8DAKiCKClnGBm3lNa2gqLGaBw1V91-TspkBZiui-mg==
jy14ugsv-640.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/rZWWoovK/poster.jpg?width=640
  • https://assets-jpcust.jwpsrv.com/thumbnails/jy14ugsv-640.jpg
47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/jy14ugsv-640.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
375d1f67910cba692fd7b9cf75ac1629967e6fc458748fc0a4cf9be34029ef46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:33 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
231
x-amz-server-side-encryption
AES256
x-cache
MISS, HIT
content-length
48201
x-served-by
cache-iad-kcgs7200050-IAD, cache-hhn-etou8220056-HHN
last-modified
Thu, 15 Dec 2022 21:10:35 GMT
server
nginx
x-timer
S1671163773.955637,VS0,VE88
etag
"28e8eb42214ce141489f59e993d80df5"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
0, 1

Redirect headers

date
Fri, 16 Dec 2022 04:09:32 GMT
via
1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/jy14ugsv-640.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
UCOXFmAiLt6w5Aqdd9xvX5QzrBcxPIku2CtevgYK4Y7XfEvI1uJ3hA==
ping.gif
prd.jwpltx.com/v1/jwplayer6/ 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prd.jwpltx.com/v1/jwplayer6/ping.gif?h=129739014&e=e&n=1951565128488169&abc=0&aid=EP4j6LNJEeu2Q2J%2B7u8ONQ&amp=0&ask=5VYzOeRc&at=1&c=1&ccp=0&cp=0&d=0&eb=0&ed=6&emi=puq8w912ggg9&i=0&id=rZWWoovK&lid=fcnedx11de93&lsa=set&mt=0&pbd=1&pbr=1&pgi=1gvrqb5sedm1&ph=1&pid=IrYAVodh&pii=0&pl=282&plc=20&pli=1hf6px91xb4e&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&pu=https%3A%2F%2Ftorontosun.com%2F&pv=8.26.4&pyc=0&s=0&sdk=0&stc=1&stpe=0&t=SNOW%20STORM%3A%20Salting%20truck%20stuck%20among%20cars%20not%20moving%20on%20QEW.%20OPP%20says%20stay%20home%20if%20possible&tv=3.41.0&vb=1&vi=1&vl=90&wd=501&ab=1&cae=0&cb=1&cdid=leadVideoIFrameHeadline&cme=0&dd=1&fed=JQkbLqiZ&flc=1&fv=&ga=0&lng=en-CA&mk=hls&mu=https%3A%2F%2Fcdn.jwplayer.com%2Fmanifests%2FrZWWoovK.m3u8&pbc=0&pd=2&pdr=&plng=en-CA&plt=1750&pni=1&po=0&pogt=%20Toronto%20Sun&rf=%2F%2Fcdn.jwplayer.com%2Fv2%2Fplaylists%2FuzU5KAZg%3Frelated_media_id%3DMEDIAID&sn=%7B%22controlbar%22%3A%7B%22background%22%3A%22rgba(0%2C0%2C0%2C0)%22%2C%22icons%22%3A%22rgba(255%2C255%2C255%2C0.8)%22%2C%22iconsActive%22%3A%22%23FFFFFF%22%2C%22text%22%3A%22%23FFFFFF%22%7D%2C%22menus%22%3A%7B%22background%22%3A%22%23333333%22%2C%22text%22%3A%22rgba(255%2C255%2C255%2C0.8)%22%2C%22textActive%22%3A%22%23FFFFFF%22%7D%2C%22timeslider%22%3A%7B%22progress%22%3A%22%23F2F2F2%22%2C%22rail%22%3A%22rgba(255%2C255%2C255%2C0.3)%22%7D%2C%22tooltips%22%3A%7B%22background%22%3A%22%23FFFFFF%22%2C%22text%22%3A%22%23000000%22%7D%7D&sp=0&st=160&sa=1671163772768
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by
cache-hhn-etou8220056-HHN
date
Fri, 16 Dec 2022 04:09:32 GMT
via
1.1 varnish
server
nginx
accept-ranges
bytes
x-cache
MISS
x-cache-hits
0
bridge3.549.0_en_ca.html
imasdk.googleapis.com/js/core/ Frame B7CE 		693 KB
222 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.549.0_en_ca.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59b87c26e7ecc18c94ff68b2e5ca3867ccf08772649b2fe6ed31b8118082f5e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
82571
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
227313
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 05:13:21 GMT
expires
Fri, 15 Dec 2023 05:13:21 GMT
last-modified
Fri, 09 Dec 2022 15:29:50 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Dec 2022 04:09:32 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4B6C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120501&jk=4316221826527483&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 16 Dec 2022 04:09:33 GMT
QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
pagead2.googlesyndication.com/bg/ Frame 15EF 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 20:49:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
199208
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15878
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 13 Dec 2023 20:49:24 GMT
rZWWoovK-33887826.mp4.m3u8
videos-fms.jwpsrv.com/639c983c_0xcad7ab45f0c8532e4464b4aeeb11fe287ce4f53c/content/conversions/ReDAXyY4/videos/ 		921 B
535 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://videos-fms.jwpsrv.com/639c983c_0xcad7ab45f0c8532e4464b4aeeb11fe287ce4f53c/content/conversions/ReDAXyY4/videos/rZWWoovK-33887826.mp4.m3u8
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.26.4/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
otfp /
Resource Hash
a9c836abaac0bed288e6ecc5e592f76cbadbfc00b64f5e615dd03a6ccc91024e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:33 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-backend
https://s3-external-1.amazonaws.com
age
19962
x-cache
HIT, HIT
fastly-stats
otfp=1
content-length
200
x-served-by
cache-iad-kjyo7100114-IAD, cache-hhn-etou8220097-HHN
server
otfp
x-timer
S1671163773.093528,VS0,VE1
etag
"tnb_248s3li2PB6E4Nr1C5UVzFscswkNTy1tk0Mirskyia9gbE_pWIcz7puEcT3fk5Uak7g6J-zJw9MWGyuHnOnTqA"
vary
Accept-Encoding
content-type
application/x-mpegurl
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt
x-cache-hits
41, 1
vttparser.js
ssl.p.jwpcdn.com/player/v/8.26.4/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.26.4/vttparser.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8572591d1b93a5981c6da4ddceccc86893bbeb1a5e9c35f23074a1aa51427f30

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:33 GMT
content-encoding
gzip
via
1.1 varnish
age
697345
x-cache
HIT
content-length
2148
x-served-by
cache-hhn-etou8220056-HHN
last-modified
Fri, 18 Nov 2022 20:47:04 GMT
server
AmazonS3
x-timer
S1671163773.052644,VS0,VE0
etag
"fe4965dd2b0a082e72b98aa94556a3b7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
28243
truncated
/ Frame B7CE 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame B7CE 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?aot=ib&tte=f&lid=158&sdkv=h.3.549.0&id=ima_html5&c=4396355710528054&domain=torontosun.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 04:09:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B7CE 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?blob=nullPromise&lid=155&sdkv=h.3.549.0&id=ima_html5&c=4396355710528054&domain=torontosun.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 04:09:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rZWWoovK-33887826.mp4-1.ts
videos-fms.jwpsrv.com/639c983c_0xcad7ab45f0c8532e4464b4aeeb11fe287ce4f53c/content/conversions/ReDAXyY4/videos/ 		180 KB
180 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://videos-fms.jwpsrv.com/639c983c_0xcad7ab45f0c8532e4464b4aeeb11fe287ce4f53c/content/conversions/ReDAXyY4/videos/rZWWoovK-33887826.mp4-1.ts
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.26.4/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
otfp /
Resource Hash
81d67795b56d526dbf7f404c7f1431b77d7a4095421ea68e198f849c955ba9bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:33 GMT
via
1.1 varnish, 1.1 varnish
x-backend
https://s3-external-1.amazonaws.com
age
19962
x-cache
HIT, HIT
fastly-stats
otfp=1
content-length
183864
x-served-by
cache-iad-kcgs7200137-IAD, cache-hhn-etou8220097-HHN
server
otfp
x-timer
S1671163773.128264,VS0,VE1
etag
"Vn27hYeHopCed2h343d3Dc54drbu4d8HLtylc6IU-8HOu601QTKv0yE_ojbeqUzG8ryeF0Oa_Sfu_qxjbZLY0uxoFw"
content-type
video/mp2t
x-fastly-otfp-info
ss=0.000 sl=4.000 vl=73.133 rs=320x180
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt
x-cache-hits
39, 1
cast_framework.js
www.gstatic.com/cast/sdk/libs/sender/1.0/ 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12197
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 23:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="chrome-dongle"
vary
Accept-Encoding
report-to
{"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type
text/javascript
cache-control
private, max-age=0
accept-ranges
bytes
expires
Fri, 16 Dec 2022 04:09:33 GMT
cast_sender.js
www.gstatic.com/eureka/clank/108/ 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/108/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a174ce3d0e66cfea95ba4288c928291b37bd679f3044ac1a7f4dc3958036be11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 06:24:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78290
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15164
x-xss-protection
0
last-modified
Tue, 08 Nov 2022 00:45:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Fri, 16 Dec 2022 06:24:43 GMT
load
experience.tinypass.com/xbuilder/experience/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://experience.tinypass.com/xbuilder/experience/load?aid=KlFb8Hg2nS
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v71.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdf5d5b6df703dc9f57f4d32390ffc5174c32dacec3be929d445f3e6d311fc15
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
date
Fri, 16 Dec 2022 04:09:33 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 16 Dec 2022 03:53:58 GMT
server
cloudflare
age
935
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=1800
cf-ray
77a4906e5b359054-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
lhuml8i3l2
expires
Fri, 16 Dec 2022 04:39:33 GMT
vf-v2.js
cdn.viafoura.net/ 		769 KB
182 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/vf-v2.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v71.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:2e00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1503ffa845faf94d1171cd43f9f4d04a36848943be74e5365764990bb57d2d50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
ymlDCSCAhJSJrGzi.pf5al2STPhLAMjI
content-encoding
br
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
date
Fri, 16 Dec 2022 04:04:54 GMT
x-amz-cf-pop
FRA56-P2
age
281
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 14 Dec 2022 19:39:21 GMT
server
AmazonS3
etag
W/"851b1621665e35ed8458e49d4b1aded9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
x-amz-cf-id
kx_OTa4PcxjxCWI5dxyKX1mR-0OKMPLlpa0bHNidPvQiYE274t8agQ==
gtm.js
www.googletagmanager.com/ 		325 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v71.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
44f2f285a38b082b7097e9b3e6ab28c0af4cbe73ba3c672af8d98adc26f3f44a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
86669
x-xss-protection
0
last-modified
Fri, 16 Dec 2022 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 16 Dec 2022 04:09:33 GMT
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v71.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.240.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-240-69.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:25:00 GMT
content-encoding
gzip
via
1.1 aa98922692c099827cdae6a16b894744.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C1
age
9979
x-amz-server-side-encryption
AES256
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
EeTq-rTBZAbYbheBQ-2HqHYTNyfi96sxvwRJToCdBEL3rQwJRq9LnA==
mparticle.js
jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/ 		226 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v71.0/fem.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
b5deb3b7e7b9b1182e9e2ed5dc6297cdb710eea2566d25d5089d910de386a574

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by
cache-iad-kcgs7200117-IAD, cache-hhn-etou8220093-HHN
date
Fri, 16 Dec 2022 04:09:33 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
server
Kestrel
age
127
x-timer
S1671163773.205652,VS0,VE1
x-origin-name
fastlyshield--shield_ssl_cache_iad_kcgs7200117_IAD
x-cache
HIT, HIT
content-type
application/javascript
vary
Accept, Accept-Encoding
cache-control
public, max-age=3600
accept-ranges
bytes
content-length
55720
x-cache-hits
72, 1
gtm.js
www.googletagmanager.com/ 		132 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v71.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
771e31a4e74c32326778598b97aa12613850c1ff3f77431ac5f64e575067bd99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42454
x-xss-protection
0
last-modified
Fri, 16 Dec 2022 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 16 Dec 2022 04:09:33 GMT
state
api.permutive.com/v1.0/ 		0
34 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v1.0/state?fetch_unseen=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 16 Dec 2022 04:09:33 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20
22b231ef-e98e-43b8-aaa8-dda849ba4fa9
https://torontosun.com/ 		84 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://torontosun.com/22b231ef-e98e-43b8-aaa8-dda849ba4fa9
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3dfc273cb08d312f5a2b0bb010ac8b5fa33c6555cf26e4a14cc8e0210b1c695c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length
85591
Content-Type
text/javascript
tinypass.min.js
cdn.tinypass.com/api/ 		336 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tinypass.com/api/tinypass.min.js?version=2
Requested by
Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=KlFb8Hg2nS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6f32ba0a443ebfa1c07612ddaa34431208c28876b16fb95fa9e9a14940e9280
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:33 GMT
x-amz-version-id
d6cVWsxxIfNnDo2m_.s4xFDsh5H2ZyMQ
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=86400; includeSubDomains
x-amz-request-id
WM1QD6EJVSGMKCSC
age
2865
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
1GbUrdlfgJzzb5gS78eCBRqIPoRpa/GLmJBzYdaTsItwyDttZM5HQtwQuyVaybVGVczb85JxQPc=
last-modified
Mon, 12 Dec 2022 06:29:02 GMT
server
cloudflare
etag
W/"9771737a9d8814b5ab0a40884207bc6f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
77a4906eab749054-FRA
expires
Fri, 16 Dec 2022 08:09:33 GMT
jload
pixel.adsafeprotected.com/ Frame 799E 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=928934&campId=970x250&pubId=4811995650&chanId=165440461&placementId=6054664554&pubCreative=138416997094&pubOrder=3038327423&cb=197053979&custom=index&custom2=1&adsafe_par&impId=
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.253.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-253-29.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
352c81003728aa0c38302edecf4dab6c5c0a8df19763ba45700c8a0cdc1657e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 04:09:33 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame ED56 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuCZSv8zxALLfctaw1Eu-_LZnv1uRfoZRJJBkSvDebHryPmPAlWcQgKncoMXj3GAibtgZGaqh7AsSXykeI7kgV6x7viaegucA57u3fSSkJ4K9E4DszZxIi9VzPpsrfSZOGtX60C72fgHe08lPpx9QR5I-plHExVU6AO9nO0HlNzQdazArJLsoZumRoYBDwbR6cBqjZ4zkpc208Cb66SRKelpSYLGrGvpGGGGp9tw7WGuPED700mlSsDYxNdTdHCsSheQ-i6jE3QFKJVez6bpOFuxSWeFgg6igu2oq00qcs4A8VWA0lSW2eXch28ALKLGRORow0YccBWUVPs&sai=AMfl-YRjbO_Bp2gZWLc1qkvP9LTBiVXBEX7zpQpUDSafbLp-K1eI0CX3BoDAIlpdNROubZ0z0PGbHEIs9rC7HiPhrADPBrRX916tqfshYOYsRGArKwmMAzq-xSp9TQ12Zse1&sig=Cg0ArKJSzG4ZWVvi5nVBEAE&uach_m=[UACH]&adurl=
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame ED56 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:04:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
75896
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Dec 2022 07:04:37 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame ED56 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 16 Dec 2022 04:09:33 GMT
12352474854864185998
tpc.googlesyndication.com/simgad/ Frame ED56 		180 KB
180 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12352474854864185998
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2d2af0af4b7d9b6b5d3879910a8e2cd16551462e75257ac1a2acfa519cfc87a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 20:47:23 GMT
x-content-type-options
nosniff
age
199330
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
184097
x-xss-protection
0
last-modified
Tue, 13 Dec 2022 20:34:07 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 13 Dec 2023 20:47:23 GMT
l
www.google.com/ads/measurement/ Frame ED56 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR4QjMZ6Nhvq4nAtyFyGGFrt37W2_KK4yP0xvAJKfrnK6-F-a0QbUx9an_AxsZT8DOv6uOO
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
demand
events.browsiprod.com/events/ 		0
100 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/demand?p=16c53466-a3f0-4904-a3bb-834cd0c01c3b
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.9.24.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.22.15.219 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-100-22-15-219.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://torontosun.com
date
Fri, 16 Dec 2022 04:09:33 GMT
access-control-allow-credentials
true
identify
identity.mparticle.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-mp-key
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type,x-mp-key
access-control-allow-methods
POST
access-control-allow-origin
*
age
3448
date
Fri, 16 Dec 2022 04:09:33 GMT
server
Kestrel
strict-transport-security
max-age=900
via
1.1 varnish
x-cache
HIT
x-cache-hits
931
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by
cache-hhn-etou8220021-HHN
x-timer
S1671163774.546763,VS0,VE0
gtm.js
www.googletagmanager.com/ 		138 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TR7GVNJ&l=dl_mparticle
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e58a981ed51697a852f3d01993b28d32a07852182d47d31d77133eeca7845fa5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48084
x-xss-protection
0
last-modified
Fri, 16 Dec 2022 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 16 Dec 2022 04:09:33 GMT
gtm.js
www.googletagmanager.com/ 		146 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MW2G74V&l=mp_data_layer
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6721fd04984682bd8df747af7fa9a476e6642c0ab7fe10533db7feeed4b1e44b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48786
x-xss-protection
0
last-modified
Fri, 16 Dec 2022 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 16 Dec 2022 04:09:33 GMT
identify
identity.mparticle.com/v1/ 		176 B
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
fa0a7746d0559429a36c1f8b4101d095375372e4d9c23eb09e9b4e56a8ff7272
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

x-mp-key
us1-99b65fde89a1a145894d2d51d283cc83
Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

x-served-by
cache-hhn-etou8220021-HHN
date
Fri, 16 Dec 2022 04:09:33 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=900
server
Kestrel
x-timer
S1671163774.555037,VS0,VE104
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-cache
MISS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-cache-hits
0
v2
api.viafoura.co/v2/torontosun.com/bootstrap/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/torontosun.com/bootstrap/v2
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4800:250:51f2:8e30:528d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
6f7e98d03a2100b1e6b8f3c97dfeb11989b74f7887ddcaa0ace5fda0ba12608e

Request headers

Accept
application/json, text/plain, */*
Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

x-instance-id
i-004355b99813ccfe6
pragma
no-cache
date
Fri, 16 Dec 2022 04:09:34 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://torontosun.com
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Fri, 16 Dec 2022 04:09:34 GMT
v2
api.viafoura.co/v2/torontosun.com/bootstrap/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/torontosun.com/bootstrap/v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4800:250:51f2:8e30:528d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
access-control-allow-origin
https://torontosun.com
access-control-max-age
1728000
cache-control
max-age=0
date
Fri, 16 Dec 2022 04:09:33 GMT
expires
Fri, 16 Dec 2022 04:09:33 GMT
server
nginx/1.18.0 (Ubuntu)
truncated
/ Frame ED56 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef0e4aa98eda935afde3b1e3032d82611267116a4674c6ef5d3f086ccfb800c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
crrnn3lp-120.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/d9dbB4sc/poster.jpg?width=120
  • https://assets-jpcust.jwpsrv.com/thumbnails/crrnn3lp-120.jpg
11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/crrnn3lp-120.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5ffdfd38c4e6da3a114773a72a7cb92304e7e385e6d477a36c065b35e0e9291f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:33 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
418
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
10499
x-served-by
cache-iad-kjyo7100178-IAD, cache-hhn-etou8220056-HHN
last-modified
Thu, 15 Dec 2022 19:04:18 GMT
server
nginx
x-timer
S1671163774.847914,VS0,VE104
etag
"04d3b4fa5bc0124d14fee223b68da932"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
3, 1

Redirect headers

date
Fri, 16 Dec 2022 04:09:33 GMT
via
1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/crrnn3lp-120.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
CYo4NzivxUBlN65Q55ydRvk9cbOl1giOS6N6MfH9IkNEVM83HTUsKw==
generate_204
tpc.googlesyndication.com/ Frame 15EF 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?BCWieg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:33 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
rZWWoovK-33887832.mp4.m3u8
videos-fms.jwpsrv.com/639c983c_0x12b34c246cd402961b039f99d2fec4a4b0e27bed/content/conversions/ReDAXyY4/videos/ 		921 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://videos-fms.jwpsrv.com/639c983c_0x12b34c246cd402961b039f99d2fec4a4b0e27bed/content/conversions/ReDAXyY4/videos/rZWWoovK-33887832.mp4.m3u8
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.26.4/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
otfp /
Resource Hash
df68cf63932f4787a5cb2423c998fa636b06fe1cfe02fca102c2823ec6ece32e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:33 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-backend
https://s3-external-1.amazonaws.com
age
25059
x-cache
HIT, HIT
fastly-stats
otfp=1
content-length
200
x-served-by
cache-iad-kiad7000093-IAD, cache-hhn-etou8220097-HHN
server
otfp
x-timer
S1671163774.697171,VS0,VE1
etag
"LvQACARmdc8NeU8OBIwZ7GYXz3I-LAsxHic1IaYFe6laMa4A_DA-ncH01jDwOVXSrI_ueojWovfmuu_MhE8jejVvsg"
vary
Accept-Encoding
content-type
application/x-mpegurl
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt
x-cache-hits
1, 1
execute
c2.piano.io/xbuilder/experience/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2.piano.io/xbuilder/experience/execute?aid=KlFb8Hg2nS
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js?version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e4ac9809157b159eeb548490e9b5aa4967fb392bbf56711018b5c9942f3fafd
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 16 Dec 2022 04:09:33 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
nijxdrtjak
pragma
no-cache
server
cloudflare
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://torontosun.com
access-control-expose-headers
Composer-Request-Control-Policy
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
77a490722a9bbb9d-FRA
Forwarding
jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 		0
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/Forwarding
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-hhn-etou8220048-HHN
date
Fri, 16 Dec 2022 04:09:33 GMT
via
1.1 varnish
server
Kestrel
x-timer
S1671163774.851783,VS0,VE3
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
x-cache-hits
0
Forwarding
jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/Forwarding
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-hhn-etou8220048-HHN
date
Fri, 16 Dec 2022 04:09:33 GMT
via
1.1 varnish
server
Kestrel
x-timer
S1671163774.851846,VS0,VE4
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
x-cache-hits
0
gtm.js
www.googletagmanager.com/ 		99 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KJC8VVB&l=gtm_data_layer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cd558a2f72cba27cd524e6518a6fb31e431d995a51737e71541722a0531ed647
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39447
x-xss-protection
0
last-modified
Fri, 16 Dec 2022 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 16 Dec 2022 04:09:33 GMT
gtm.js
www.googletagmanager.com/ 		273 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0948c158699038955bb5311301d19acc4d8c4ded5b4e32c565c8de6f015f929d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
82929
x-xss-protection
0
last-modified
Fri, 16 Dec 2022 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 16 Dec 2022 04:09:33 GMT
ribn.min.js
assets.ribn.com/production/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.ribn.com/production/ribn.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:2000:7:75d4:e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d22c2b457592d1f744afe93fdca6657e1985e47f0fade89674ae45ebce1d6428

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 05:13:16 GMT
content-encoding
gzip
via
1.1 45de888accabe1a1cb5a389e8c9c1e06.cloudfront.net (CloudFront)
last-modified
Wed, 28 Oct 2020 14:49:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
82578
etag
W/"6b213f30955b664fd78dc9e388b17e54"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
KgYgu5lMGzgCeEpIF9u_kd4-CL9NcbvWWLOZfmv5U91uNYSfm_X3LQ==
ribn-postmedia.min.js
assets.ribn.com/v2/production/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.ribn.com/v2/production/ribn-postmedia.min.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:2000:7:75d4:e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c81cab8c63d469329c0e0724770c6c8622f0d5d1fb8b6f919b6d7dddfadba190

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 02:21:25 GMT
content-encoding
gzip
via
1.1 45de888accabe1a1cb5a389e8c9c1e06.cloudfront.net (CloudFront)
last-modified
Wed, 01 Sep 2021 18:06:03 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
6488
etag
W/"baaa6497dd2dea88d8fdb6d6cca08cf2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
G3DTmNW6jT-qOyGcW38Ui3e2BTRgxeXAs1BsS2etXEZVxFInQKjklA==
publishertag.prebid.130.js
static.criteo.net/js/ld/ 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:33 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 17 Dec 2022 04:09:33 GMT
main.19.8.377.js
static.adsafeprotected.com/ Frame 799E 		199 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.377.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=928934&campId=970x250&pubId=4811995650&chanId=165440461&placementId=6054664554&pubCreative=138416997094&pubOrder=3038327423&cb=197053979&custom=index&custom2=1&adsafe_par&impId=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:d600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c3d6dd40d554051caae0e87609382cfbf0370ef9acd3beddd1ad5c0bfd335c15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 23:56:39 GMT
x-amz-version-id
dX.ebh6MRkbxhfqjxJgTQokuZG2AvCpL
content-encoding
gzip
via
1.1 aa98922692c099827cdae6a16b894744.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C1
age
274375
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 12 Dec 2022 16:54:47 GMT
server
AmazonS3
etag
W/"6021cd2c4605b3ba4a8f0769ad2e5fc0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
3_PEwCWq2ZI4IOD0RRM9xuas1qJ6jx5MydbcmFVNez2WXxnHBTt6wQ==
identify
identity.mparticle.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-mp-key
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type,x-mp-key
access-control-allow-methods
POST
access-control-allow-origin
*
age
3448
date
Fri, 16 Dec 2022 04:09:33 GMT
server
Kestrel
strict-transport-security
max-age=900
via
1.1 varnish
x-cache
HIT
x-cache-hits
932
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by
cache-hhn-etou8220021-HHN
x-timer
S1671163774.913646,VS0,VE0
identify
identity.mparticle.com/v1/ 		176 B
244 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
6ab1263b319adb2cdfe639d56ce4a8c4d976986b16c49f424444d15bdd27ee01
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

x-mp-key
us1-99b65fde89a1a145894d2d51d283cc83
Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

x-served-by
cache-hhn-etou8220021-HHN
date
Fri, 16 Dec 2022 04:09:34 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=900
server
Kestrel
x-timer
S1671163774.921370,VS0,VE232
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-cache
MISS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-cache-hits
0
Forwarding
jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/Forwarding
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-hhn-etou8220048-HHN
date
Fri, 16 Dec 2022 04:09:33 GMT
via
1.1 varnish
server
Kestrel
x-timer
S1671163774.919053,VS0,VE2
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
x-cache-hits
0
Forwarding
jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/Forwarding
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-hhn-etou8220048-HHN
date
Fri, 16 Dec 2022 04:09:33 GMT
via
1.1 varnish
server
Kestrel
x-timer
S1671163774.919489,VS0,VE2
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
x-cache-hits
0
identify
api.permutive.com/v2.0/ 		50 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
40e4a22028fa2c007b569bd52d7fc310815832aafd6ecfa8672acc395e1aa72c

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 16 Dec 2022 04:09:33 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
view
securepubads.g.doubleclick.net/pcs/ Frame ED56 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstfZh3mAvMfCgZK-JZpTVuvGnhQJD2FOUbMHRLAqWowdJ8tXgoW0_y189wQBIVUJUNZm1xS9ZdEypiswV6w5t6w3MD07MoaJNOJemjUVikWXnwXPBINbervbJC0PlPbieMxHlrvFl9xb2ndnenLRjDVtOFAiuGIf3UW2eAMQRSrXxNbHa6pTkesU99vhLbnonzsf_keOdstzdJynH2QnwTh0_5L19wrpJx2AONqBWeqB0gkn56MIhHBG1UM77SLC7wcY-eIB1r5W2cG6OpnbVkUdjH-wUGCUklLCZxwCiZ7LcPWU6JscJQFh6bJ4HeH3Pg1C5ETy10Abu_pwYY&sai=AMfl-YR6rG89zcKJ2U3d429zE3v_xxeu9rlSh61XzgE_icNpW59J44n8-wARzA3QKAJ1IVEFutQaX8552GH3KXfropWr2SGhxqIrHMriZhgrqHXr8xR9DAsBbm7POAR2r_jQ&sig=Cg0ArKJSzP9h2oo0zzEFEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 16 Dec 2022 04:09:33 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TR7GVNJ&l=dl_mparticle
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 16 Dec 2022 02:27:24 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
6130
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Fri, 16 Dec 2022 04:27:24 GMT
js
www.googletagmanager.com/gtag/ 		216 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-7GC5VRWDF9&l=mp_data_layer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MW2G74V&l=mp_data_layer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
30663a44d7023ea9bd22436d25ffc64408b16434025ef19b4adfe8d2c32fdae1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76819
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 16 Dec 2022 04:09:34 GMT
audiences
api.permutive.com/audience-matching/v1/id/59b383c7-347f-4425-b503-7e7d81631514/ 		12 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/audience-matching/v1/id/59b383c7-347f-4425-b503-7e7d81631514/audiences?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
/
Resource Hash
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 16 Dec 2022 04:09:34 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12
content-type
application/json
syncframe
gum.criteo.com/ Frame 4FF1 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=torontosun.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 16 Dec 2022 04:09:33 GMT
server
Kestrel
server-processing-duration-in-ticks
354426
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 17 Dec 2022 04:09:34 GMT
marfeel-sdk.js
sdk.mrf.io/statics/ 		92 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e07fad38e6deb2329385aa611581d5b9943953060730fbffe89402da707976cb

Request headers

Referer
https://torontosun.com/
Origin
https://torontosun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:34 GMT
content-encoding
br
x-b3-traceid
f17b3956bdb24973afb1cd981d490105
x-amz-cf-pop
FRA60-P2
x-cache
Hit from cloudfront, HIT
mrf-cache-status
H
x-b3-traceid-primal
617925cb87cd4e73988ef5a392ad61ad
content-length
25426
x-served-by
cache-hhn-etou8220081-HHN
last-modified
Thu, 15 Dec 2022 14:57:03 GMT
server
AmazonS3
x-timer
S1671163774.162218,VS0,VE0
etag
W/"4d5f4a97c6a8ce9d5289ddd65cc86729"
access-control-max-age
3600
access-control-allow-methods
GET
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
wOBr9JL0CTIGxHQhpDUSsFlJGVnVD7nwtVDTs33vxELjVgCZv6WrJQ==
x-cache-hits
14
fbevents.js
connect.facebook.net/en_US/ 		103 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 16 Dec 2022 04:09:34 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27298
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
c3gPEf0gbsO0ozAfFsEnuSfx0QpGH4s1ssBeXBtaOqo1BKNt0ww7XmfQ0wAXcpna4ufMDdQ9xmtFgU6ztQ37LQ==
x-fb-trip-id
2050670934
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
tag.min.js
get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/tag.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-32.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
64a35881569799c7f5dd76cd5fa93f2d9dee811f597a1c8e29fc278419329496

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
92eoqURorJB8KJYGoI0QBxCynPYeOrFQ
content-encoding
gzip
via
1.1 54fc556adf6e8c787574c6f132d70178.cloudfront.net (CloudFront)
date
Fri, 16 Dec 2022 04:04:40 GMT
last-modified
Tue, 08 Nov 2022 21:10:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
295
etag
W/"3e4ec84b5bf9c91ed6e5c49e344a2525"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
sQJ3v3IN6bdHkIKdCV1d54ZcMr4VO9DKgHpOeE0jDjVRPAEMrx7Ljg==
js
www.googletagmanager.com/gtag/ 		219 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-H792QCFZPV&l=gtm_data_layer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8e1c78b089eda8f511429db82cc2f7d5f5bdc3a4235139ec68ba99abf97026a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77890
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 16 Dec 2022 04:09:34 GMT
p.js
cdn.parsely.com/keys/torontosun.com/ 		74 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/torontosun.com/p.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.100.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-100-58.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
2f80f80091517bfccd89fd5e7160dd4c75224ab916dbc89c4b6ca2f801a3ecfd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
public
date
Thu, 15 Dec 2022 21:15:16 GMT
content-encoding
gzip
via
1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
last-modified
Wed, 14 Dec 2022 21:12:47 GMT
server
nginx
x-amz-cf-pop
FRA56-P2
age
24858
etag
W/"639a3c4f-1278f"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
mZ2aQl_4VuGxudJWifdH_nLODUaNcb_00PJoQlV6AqGnrl7ZlALe2Q==
expires
Fri, 16 Dec 2022 21:15:16 GMT
b
sb.scorecardresearch.com/ 		0
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=10276888&ns__t=1671163774106&ns_c=UTF-8&c8=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&c7=https%3A%2F%2Ftorontosun.com%2F&c9=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.240.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-240-69.vie50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:34 GMT
via
1.1 aa98922692c099827cdae6a16b894744.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C1
x-amz-cf-id
zkEx-UYpbjc84vO8IjJ16ifucuosPlPTj1ts7US0fSfm1RcVfWvVyg==
x-cache
Miss from cloudfront
sca.17.6.2.js
static.adsafeprotected.com/ Frame 3989 		91 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:d600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 05:28:02 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via
1.1 aa98922692c099827cdae6a16b894744.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C1
age
1550492
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
93606
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
"1f3488247c90bb5de253d3d0cb3b7458"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
z4j6qkKx8McLNoCsd9csJgNscUwJadpr3N-qKglkMr_-H17l2d37Sw==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=928934&campId=970x250&pubId=4811995650&chanId=165440461&placementId=6054664554&pubCreative=138416997094&pubOrder=3038327423&cb=197053979&custom=index&custom2=1&adsafe_par&impId=&adsafe_url=https%3A%2F%2Ftorontosun.com%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:b255724f-7373-a4b3-98a3-53fc97443a47,c:wVGgi7,sl:inView,em:true,fr:true,thd:1,mn:jsserver-experiment-primary-6bd6bc5bb-srrcz,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:315.152.970.250,am:i,cc:315.152.970.250,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:266,mot:0,app:0,maw:0,fm:tq9iSZv+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18*.928934%7C181%7C19,idMap:18*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:295,oid:72582942-7cf7-11ed-b35c-627dcaaa235a,v:19.8.377,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.253.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-253-29.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 04:09:34 GMT
server
nginx
x-server-name
app14.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=b255724f-7373-a4b3-98a3-53fc97443a47&tv=%7Bc:wVGgi9,pingTime:-8,time:296,type:l,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:296,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:293,wc:0.0.1600.1200,ac:315.152.970.250,am:i,cc:315.152.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B26~100%5D,as:%5B26~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tq9iSZv+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18*.928934%7C181%7C19,idMap:18*,rmeas:1,rend:1,renddet:IMG.qs,siq:295%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:259b:2b92:b6d2:f836 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 04:09:34 GMT
server
nginx
x-server-name
dt07.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/10276888/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
359 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol
H2
Server
99.86.240.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-240-69.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 03:45:38 GMT
via
1.1 aa98922692c099827cdae6a16b894744.cloudfront.net (CloudFront)
last-modified
Mon, 01 Mar 2021 20:42:20 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C1
age
1449
x-amz-server-side-encryption
AES256
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
0
x-amz-cf-id
UZ_ptgMeE2HG9_ITZex6oHkPKAwA99h4G96ru3LIVIXEOmbVhP_cYQ==

Redirect headers

location
/internal-c2/default/cs.js
date
Fri, 16 Dec 2022 04:09:34 GMT
via
1.1 aa98922692c099827cdae6a16b894744.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C1
content-length
0
x-amz-cf-id
3x4sGUUyf1Z21KVdu75_HgvvzF7feBR3qzgk7Du7PoUM6wJKKz0xvw==
x-cache
Miss from cloudfront
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=b255724f-7373-a4b3-98a3-53fc97443a47&tv=%7Bc:wVGgj3,pingTime:0,time:352,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:293%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:352,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:293,wc:0.0.1600.1200,ac:315.152.970.250,am:i,cc:315.152.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B81~100%5D,as:%5B81~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tq9iSZv+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18*.928934%7C181%7C19,idMap:18*,rmeas:1,rend:1,renddet:IMG.qs,siq:295%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:259b:2b92:b6d2:f836 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 04:09:34 GMT
server
nginx
x-server-name
dt08.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
events
jssdks.mparticle.com/v3/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 		42 B
180 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v3/JS/us1-99b65fde89a1a145894d2d51d283cc83/events
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
d3a11a28c5425f4c111a25296e68b4174dff6def0e18fdbba267616937469552

Request headers

Accept
text/plain;charset=UTF-8
Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-hhn-etou8220048-HHN
date
Fri, 16 Dec 2022 04:09:34 GMT
content-encoding
gzip
via
1.1 varnish
server
Kestrel
x-timer
S1671163774.249636,VS0,VE7
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-cache-hits
0
thirdpartycookie
api.viafoura.co/v2/torontosun.com/ 		45 B
648 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/torontosun.com/thirdpartycookie?section=
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4800:250:51f2:8e30:528d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356

Request headers

Accept
application/json, text/plain, */*
Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-instance-id
i-0ab609f53534b2e99
pragma
no-cache
date
Fri, 16 Dec 2022 04:09:34 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://torontosun.com
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Fri, 16 Dec 2022 04:09:34 GMT
sid
mug.criteo.com/ Frame 4FF1
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=torontosun.com&sn=ChromeSyncframe&so=0&topUrl=torontosun.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=l9Yd73xTRWlSdUhuV0ptRWhDVW92T2JDbFJZLzRBeTk3Zkd5QzVIMlpKb0JrbXMwQ0Y1bXJqeUdKQmg4S2tnRUNaNGFWUGRuOEJRbFNBbG5FWENLb3pqTFA5SERUaU9NRWVXQlRTYnFXNy9wTjhvSlBSTHZDdHd3WFU1V0...
430 B
651 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=l9Yd73xTRWlSdUhuV0ptRWhDVW92T2JDbFJZLzRBeTk3Zkd5QzVIMlpKb0JrbXMwQ0Y1bXJqeUdKQmg4S2tnRUNaNGFWUGRuOEJRbFNBbG5FWENLb3pqTFA5SERUaU9NRWVXQlRTYnFXNy9wTjhvSlBSTHZDdHd3WFU1V05weDNiU2N3bVlIbmp4UVQyY2s2OW5sQnVMTnpxMnc2ajNEOWdUd3ZCTlorNUNEcUd2WDNESjFod1h4aW4vTDJxWmtqYkMwTG5CTHRmdmJiak9pTlFHN3ZuVGNRRW5JeHdMamZSdDlCa25wS2FxaElLcTNQSnpPNGJsZzJ1MFF3OU51MDhSUGc0aGNoalM4VC9zWHF2Y2VmUlpJQzZFdz09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
92385d39d9fc237468426177f8fc5936936f2323862b28fae4acb8257c492f64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 04:09:34 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2166128
expires
0

Redirect headers

pragma
no-cache
date
Fri, 16 Dec 2022 04:09:34 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=l9Yd73xTRWlSdUhuV0ptRWhDVW92T2JDbFJZLzRBeTk3Zkd5QzVIMlpKb0JrbXMwQ0Y1bXJqeUdKQmg4S2tnRUNaNGFWUGRuOEJRbFNBbG5FWENLb3pqTFA5SERUaU9NRWVXQlRTYnFXNy9wTjhvSlBSTHZDdHd3WFU1V05weDNiU2N3bVlIbmp4UVQyY2s2OW5sQnVMTnpxMnc2ajNEOWdUd3ZCTlorNUNEcUd2WDNESjFod1h4aW4vTDJxWmtqYkMwTG5CTHRmdmJiak9pTlFHN3ZuVGNRRW5JeHdMamZSdDlCa25wS2FxaElLcTNQSnpPNGJsZzJ1MFF3OU51MDhSUGc0aGNoalM4VC9zWHF2Y2VmUlpJQzZFdz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
318468
content-length
0
expires
0
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=b255724f-7373-a4b3-98a3-53fc97443a47&tv=%7Bc:wVGgjE,pingTime:-2,time:389,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:413,beZ:414,mfA:679,cmA:681,inA:681,inZ:687,prA:687,prZ:695,si:707,poA:710,poZ:730,cmZ:730,mfZ:730,loA:780,loZ:784,ltA:801,ltZ:801,mdA:414,mdZ:519%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:293%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:389,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:293,wc:0.0.1600.1200,ac:315.152.970.250,am:i,cc:315.152.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B118~100%5D,as:%5B118~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tq9iSZv+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18*.928934%7C181%7C19,idMap:18*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:IMG.qs,siq:295,slid:%5Bgoogle_ads_iframe_/3081/SMCO_ENUR_TSUN_EN_WEB/index_0,google_ads_iframe_/3081/SMCO_ENUR_TSUN_EN_WEB/index_0__container__,ad-1,ad__inner-1,main-content%5D,sinceFw:90,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:259b:2b92:b6d2:f836 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 04:09:34 GMT
server
nginx
x-server-name
dt06.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
collect
region1.google-analytics.com/g/ 		0
346 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-7GC5VRWDF9&gtm=2oebu0&_p=1369631191&cid=1205838941.1671163772&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1671163774&sct=1&seg=0&dl=https%3A%2F%2Ftorontosun.com%2F&dt=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&en=page_view&_fv=1&_ss=1&ep.mp_ca_adblocker_enabled=false&ep.mp_ca_brand=Toronto%20Sun&ep.mp_ca_browser=Chrome&ep.mp_ca_browser_language=en-US&ep.mp_ca_device_type=desktop&ep.mp_ca_division=suns&ep.mp_ca_domain=torontosun.com&ep.mp_ca_fem_version=v71.0&ep.mp_ca_page_type=index&ep.mp_ca_page_url=https%3A%2F%2Ftorontosun.com%2F&ep.mp_ca_platform=Cheetah&ep.mp_ca_platform_version=12.5.3&ep.mp_ca_view_type=HTML&ep.mp_ca_user_status=anonymous&ep.mp_screen_view_main_category=index&ep.mp_screen_view_metered_content=false
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7GC5VRWDF9&l=mp_data_layer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 04:09:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://torontosun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1369631191&t=pageview&_s=1&dl=https%3A%2F%2Ftorontosun.com%2F&ul=en-us&de=UTF-8&dt=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=616728366&gjid=842408409&cid=1205838941.1671163772&tid=UA-238413164-10&_gid=1884658834.1671163774&_r=1&gtm=2wgbu0TR7GVNJ&cd1=Toronto%20Sun&cd2=https%3A%2F%2Ftorontosun.com%2F&cd3=false&cd4=Chrome&cd5=en-US&cd6=desktop&cd7=suns&cd8=torontosun.com&cd9=v71.0&cd10=index&cd11=Cheetah&cd12=12.5.3&cd13=anonymous&cd14=HTML&cd22=index&cd23=false&cd80=4C7B8705-CB83-432A-B7B2-8D85D3E0774F&cd81=-3344861625743790283&cd82=GTM-TR7GVNJ&cd83=4&z=178406829
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 04:09:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://torontosun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1369631191&t=pageview&_s=1&dl=https%3A%2F%2Ftorontosun.com%2F&ul=en-us&de=UTF-8&dt=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1741368165&gjid=1890090882&cid=1205838941.1671163772&tid=UA-138335866-30&_gid=1884658834.1671163774&_r=1&gtm=2wgbu0MW2G74V&cd1=Toronto%20Sun&cd2=https%3A%2F%2Ftorontosun.com%2F&cd3=false&cd4=Chrome&cd5=en-US&cd6=desktop&cd7=suns&cd8=torontosun.com&cd9=v71.0&cd10=index&cd11=Cheetah&cd12=12.5.3&cd13=anonymous&cd14=HTML&cd23=index&cd24=false&cd83=-3344861625743790283&cd84=4C7B8705-CB83-432A-B7B2-8D85D3E0774F&z=1455710887
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 04:09:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://torontosun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1369631191&t=pageview&_s=1&dl=https%3A%2F%2Ftorontosun.com%2F&ul=en-us&de=UTF-8&dt=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAEK~&jid=1619364006&gjid=386306665&cid=1205838941.1671163772&tid=UA-213173459-5&_gid=1884658834.1671163774&_r=1&gtm=2wgbu0P3Q4QHW&cd1=1205838941.1671163772&cd2=2022-12-16T04%3A09%3A34.098%2B00%3A00&cd7=anonymous&cd17=0&cd23=Toronto%20Sun&cd24=Cheetah&cd25=12.5.3&cd26=v71.0&cd27=0&cd28=GTM-P3Q4QHW&cd29=44&cd31=index&cd52=index&cd65=false&z=278012875
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 04:09:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://torontosun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1369631191&t=pageview&_s=1&dl=https%3A%2F%2Ftorontosun.com%2F&ul=en-us&de=UTF-8&dt=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAEK~&jid=1752906763&gjid=262554304&cid=1205838941.1671163772&tid=UA-114648105-14&_gid=1884658834.1671163774&_r=1&gtm=2wgbu0P3Q4QHW&z=99966170
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 04:09:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://torontosun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-geo.s-onetag.com/ 		555 B
973 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.240.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-240-44.vie50.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 22:20:08 GMT
via
1.1 c3fc8d1fb362a6655af993732c376dc4.cloudfront.net (CloudFront), 1.1 108e63109879954f4e720db50559f788.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6, VIE50-C1
age
20965
x-amzn-requestid
63c8854f-bbbe-4688-bdc6-bb85a3e6fb2d
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
dNWP7FB3iYcFhvw=
content-length
555
x-amz-cf-id
yvIQWYK9GgVhAZw1TpvK2v6O4AYOwovv8XbrIoQqDr5d0X-Pe82sEw==
beacon.min.js
signal-beacon.s-onetag.com/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signal-beacon.s-onetag.com/beacon.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-97.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
93975ae1d8cef7cb7a8c05ef392abe1b4d080b570b19cab279a208afe7d36cf9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
SQDb2i9Q5YZSPn9JZMj9axyuCi9GAOZD
content-encoding
gzip
via
1.1 353b8eaf90b8d7986000f2da151952bc.cloudfront.net (CloudFront)
date
Fri, 16 Dec 2022 01:02:00 GMT
last-modified
Wed, 10 Aug 2022 09:56:11 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-P1
age
11255
x-amz-server-side-encryption
AES256
etag
W/"588a5c88fba4ca02dace48040384e257"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
h6BagzdUq0O63zQY9NN_HnvAaY2vv4Xa_5eR3Q_p9t7cwCxoveqq5A==
%2F
signal-segments.s-onetag.com/desktop/torontosun.com/ 		133 B
445 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://signal-segments.s-onetag.com/desktop/torontosun.com/%2F
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-32.vie50.r.cloudfront.net
Software
/
Resource Hash
99f430da7b3c2232705260303d21182a43af31f87f5bb65ad863d4d299a343c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 06:20:17 GMT
via
1.1 af4c7c5690ef99c2d2945817a4e41504.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-P1
age
78557
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400, public
content-length
133
apigw-requestid
dLJpUhF2iYcEJDw=
x-amz-cf-id
xJHbSb81Uv0r2-onLStT63aWwwxmLRW4TnLfjpL5thrlchMJ1wpx3Q==
torontosun.com
signal-segments.s-onetag.com/desktop/ 		21 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://signal-segments.s-onetag.com/desktop/torontosun.com
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-32.vie50.r.cloudfront.net
Software
/
Resource Hash
cc34fe5f9a0f2295142e370e5a0126fcac1f3a35a36ae763ea4837c16a4dbd22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:34 GMT
content-encoding
gzip
via
1.1 af4c7c5690ef99c2d2945817a4e41504.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-P1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400, public
x-amz-cf-id
ig_fUu-JuBQrhR6RwxdM14fQlG6HN4lvYYDRa571laxU7yCpXAp5VQ==
apigw-requestid
dOJbzh2SCYcEPMg=
/
p1.parsely.com/plogger/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1671163774410&plid=d4c03c98-4285-4605-be92-77ebb9d22977&idsite=torontosun.com&url=https%3A%2F%2Ftorontosun.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22login_status%22%3A%22anonymous%22%7D&sid=1&surl=https%3A%2F%2Ftorontosun.com%2F&sref=&sts=1671163774399&slts=0&title=Home+%7C+Toronto+Sun+Home+Page+%7C+Toronto+Sun&date=Fri+Dec+16+2022+04%3A09%3A34+GMT%2B0000+(GMT)&action=pageview&pvid=2c8bb914-d450-4f43-97d9-91ab5d16a7e9&u=pid%3D8e130817-afe3-4388-a2d1-e2db9bc957a2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.18.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-18-159.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 16 Dec 2022 04:09:34 GMT
Cache-Control
no-cache
Last-Modified
Friday, 16-Dec-2022 04:09:34 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
1685973801652415
connect.facebook.net/signals/config/ 		295 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1685973801652415?v=2.9.90&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
061fd4af516128f2f085952e37d6506cea005934a5ca5d37e600bf0f0b654004
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 16 Dec 2022 04:09:34 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
t0txJCqgZNA4ybOlzy4GZ+HdvOedz0YWiRcZp9c/LmE2dDtnYjqyAwFm+YTAzNU9eePk4MkeEVvqg+jTETMirQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-H792QCFZPV&gtm=2oebu0&_p=1369631191&_gaz=1&cid=1205838941.1671163772&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAI&_s=1&sid=1671163774&sct=1&seg=0&dl=https%3A%2F%2Ftorontosun.com%2F&dt=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&en=ad_impression&_fv=1&_ss=1&_c=1&ep.query_id=COHzj5ii_fsCFZ3AuwgdB7gLVg
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H792QCFZPV&l=gtm_data_layer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 04:09:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://torontosun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-H792QCFZPV&cid=1205838941.1671163772&gtm=2oebu0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H792QCFZPV&l=gtm_data_layer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:401::9c Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 04:09:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://torontosun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-H792QCFZPV&cid=1205838941.1671163772&gtm=2oebu0&aip=1&z=1451256586
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 04:09:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-238413164-10&cid=1205838941.1671163772&jid=616728366&gjid=842408409&_gid=1884658834.1671163774&_u=YADAAEAAAAAAACAAI~&z=66332458
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:401::9c Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 16 Dec 2022 04:09:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://torontosun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-213173459-5&cid=1205838941.1671163772&jid=1619364006&gjid=386306665&_gid=1884658834.1671163774&_u=YCDACEABBAAAACAEK~&z=1771143995
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:401::9c Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 16 Dec 2022 04:09:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://torontosun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
224c9ba9ed2d15b9acd4.js
sdk.mrf.io/statics/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.mrf.io/statics/224c9ba9ed2d15b9acd4.js
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b4c055dcb1352dc590b93dd951aa95ed2c3e99d252838ca2c4a704b49cf10792

Request headers

Referer
https://torontosun.com/
Origin
https://torontosun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:34 GMT
content-encoding
br
x-b3-traceid
d9fc7ce1eb3e4466a5b79c39a252c5f2
x-amz-cf-pop
FRA60-P2
x-cache
Hit from cloudfront, HIT
mrf-cache-status
H
x-b3-traceid-primal
135099a989f74b6781005c77ca16ce20
content-length
5745
x-served-by
cache-hhn-etou8220081-HHN
last-modified
Wed, 07 Dec 2022 07:33:19 GMT
server
AmazonS3
x-timer
S1671163774.493815,VS0,VE0
etag
W/"d0644e005290d20db260590c9155a4c7"
access-control-max-age
3600
access-control-allow-methods
GET
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
yxavUUs16OXxUn_ITDXiCvXZUCzLyHmvrFvNvZEabUwVHPHegVrtXg==
x-cache-hits
10
ingest.php
events.newsroom.bi/ 		50 B
1008 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.63.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy08.cl03.het.mrf.io
Software
istio-envoy /
Resource Hash
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 16 Dec 2022 04:09:34 GMT
content-encoding
gzip
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://torontosun.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
66
active
flowcards.mrf.io/json/ 		16 B
379 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://flowcards.mrf.io/json/active?site_id=1528&page_technology=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
78b558bd2357fbe7ad52804fb3af1b8664b23db096b1deb22d215dde25b152bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:34 GMT
content-encoding
gzip
x-b3-traceid
7beab5e9be4e44f09c8492658af9ac2d
x-cache
HIT
mrf-cache-status
H
x-envoy-upstream-service-time
2
x-b3-traceid-primal
94498aa7046f44a9b1110f961f7c6465
content-length
42
x-served-by
cache-hhn-etou8220077-HHN
server
istio-envoy
x-timer
S1671163775.633696,VS0,VE1
vary
origin
x-req-backend
F_origin_1_croupier
access-control-allow-origin
*
content-type
application/json; charset=utf-8
cache-control
max-age=300
accept-ranges
bytes
x-cache-hits
1
intl-messageformat.08ed488acce68af5427e.js
cdn.viafoura.net/chunks/vendors~languages/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vendors~languages/intl-messageformat.08ed488acce68af5427e.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:2e00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b3c5ed5fd477a4a8faf9f047c18714c3220ef3d420a5ff283cc5d88e1590dfda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 19:39:39 GMT
x-amz-version-id
6SRSejxlfOHgTpEXP0wss4KIr_NIAedw
content-encoding
br
via
1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
age
116996
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 14 Dec 2022 19:39:05 GMT
server
AmazonS3
etag
W/"1b94bcc4f08423a7f6093908cbf33ad7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
ZRoVnDu8eINpMeqX2Pyka97EZedPMBLSJrLM_RU5Mu0m-C1nQxgV3w==
intl-messageformat.f699e602dfe83ef24fdf.js
cdn.viafoura.net/chunks/languages/ 		135 B
522 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/intl-messageformat.f699e602dfe83ef24fdf.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:2e00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c6495519c43cfcc35288071e3a44562329d08c3e9d4436638fc8c21ae166675b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 19:39:39 GMT
x-amz-version-id
4qsmn.d6ilYlmyz7C_JyMIgspA4krB5y
via
1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
age
116996
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
135
last-modified
Wed, 14 Dec 2022 19:38:57 GMT
server
AmazonS3
etag
"8cf6203079b3b340aefefb88dc916fba"
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
j2vh2mc-Aqmmoj5GDyMYmQu0gt5mrqj_EC_ijnh9nUbkCkYp54TDJg==
en-us-base-json.e6591103383cc0edc5dc.js
cdn.viafoura.net/chunks/languages/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/en-us-base-json.e6591103383cc0edc5dc.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:2e00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5608b0639585c425a4e3377ac9f9d987eea1c26d9cb12c1a1d7f46b4f5fdecb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 19:39:39 GMT
x-amz-version-id
z.kxT29WShjWywM.WRjS5mA3RRPBSdrN
content-encoding
br
via
1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
age
116996
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 14 Dec 2022 19:38:50 GMT
server
AmazonS3
etag
W/"18748a1c1f7924636a9aced117719e6f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
HWTCCJcNqu-DS8QGwlLqcCw2-B2RGcowQparXVeaYiqfx80wr1t-PQ==
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120501&jk=4316221826527483&bg=!TU6lTgrNAAYgquz3AKo7ACkAdvg8WmLumE-KRL69HS2q3jtJghMOIIRrKO_LurUCIusXtCvYzYBujQIAAAM0UgAAAARoAQeZAuFTXZrWscDqRBHRLu_HoW_TuJWAY5VsTThV3kRvc1AWFaZhn8JV6U9G9U0uYPRwI6mBAWzGQR-QGTtOy124EJhlKCHEUcxSfN_LpN8or4YShlTjtuUw_as78pqE5KQ0OOs1HJsSvcC5iKGPvPQbX0wnFMm3BibFF3WmAN86hwdcwPLJv6gJt6mQ-S9ltyaGeIIPFlhODvGcuEj5YvrKTf-qcl3LUspvy0LpaAyJ1tmx79UTVgUt9VKVC9UaRTtIQO5cjnI7aSx7sgIWXGePivZWFAdtUk4Ts4jrACtsEpM2DEFJzmAkfGVcoHIK0re9TgRvP_X4qEhIwbInQY_EMk90yqfiTuv3d-G-XlAJyqIHGBkaOwqu-kdmHo2V8iFQhWpM0MfesqzdS96Wu4UKM8K_TSGO60y1llIDVSu4LAtPO_T16ugr-VNxHueZg3CwAHYFH7Cs4jYyA0JjbiNOQ_hbqNl2ENKyLYZWIXnFCSyyGXhZpX6H1V8b5TAUwSJqdorgl4mkXvQZnJhnYPrslCLbThm3sN1pj5vkabTzf5YEeIsFYezHA6aG9HFNX6ov285dI2gsOrOeG76SB3DdHUz_IpMFQC6f8IZU36MkmrL823ehumxkMpBFBsDUFkjp_wcZQaO9U8omk18lUKmgebW8L-n_d2LHVaF_w61XnQUc37HOgUaM_1ejtrZjW-gzJqA6oU8_x1Jf2uiDJ9AgfyQM8Eb3s10iHtLTdmOnX8JLsBwQ5LGbyNgQMc18i-LeOMrqHWgeypapDnQFXQZwnyPu2UfsZgIZaZXik2zKVoRpI1xvCcRMuoHxw1BIgu1VXB290X53l5hByD04Sc-dKiSivhwlldULDc8cgM3_vuB7lyIXQey4XygQukP5h633h8ylbwrB5xsgFoD6h3W8YtHW-FnNPPdgs8B8RiuH_eoQTXzZhHwCRBzefHaOQSleRS45QoCMx3v5pIog91r2nAuj1w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=b255724f-7373-a4b3-98a3-53fc97443a47&tv=%7Bc:wVGgoI,time:703,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:703,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:293,wc:0.0.1600.1200,ac:315.152.970.250,am:i,cc:315.152.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B432~100%5D,as:%5B432~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:321,fm:tq9iSZv+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18*.928934%7C181%7C19,idMap:18*,rmeas:1,rend:1,renddet:IMG.qs,siq:295,sis:471%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:259b:2b92:b6d2:f836 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 04:09:34 GMT
server
nginx
x-server-name
dt12.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-238413164-10&cid=1205838941.1671163772&jid=616728366&_u=YADAAEAAAAAAACAAI~&z=1459583950
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 04:09:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-238413164-10&cid=1205838941.1671163772&jid=616728366&_u=YADAAEAAAAAAACAAI~&z=1459583950
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 04:09:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-213173459-5&cid=1205838941.1671163772&jid=1619364006&_u=YCDACEABBAAAACAEK~&z=130672627
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 04:09:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-213173459-5&cid=1205838941.1671163772&jid=1619364006&_u=YCDACEABBAAAACAEK~&z=130672627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 04:09:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
LoginRadiusV2.js
auth.lrcontent.com/v2/ 		199 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.lrcontent.com/v2/LoginRadiusV2.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:49e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68a335c0d87dce935fee1811892070e78c514828d50bfe2ae21fde739ec1002c
Security Headers
Name Value
Strict-Transport-Security max-age= 63072000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:34 GMT
strict-transport-security
max-age= 63072000; includeSubdomains; preload
via
1.1 fd7984f542db60e1fdef1a18277aff76.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
gzip
age
2281
x-amz-cf-pop
HAM50-P2
cf-polished
origSize=1238069
x-cache
Hit from cloudfront
cf-bgj
minify
last-modified
Mon, 13 Dec 2021 05:19:58 GMT
server
cloudflare
etag
W/"ae3463c4a59ae100b160ed4dd5dbf4b8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77a49077cd91bb43-FRA
x-amz-cf-id
KIgz2sSGrNyHiZOMDeb2JLeuFwh0F2iGjyKoGgBP1jyDesefJz85XQ==
ingest
i.viafoura.co/v3/torontosun.com/ 		67 B
391 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://i.viafoura.co/v3/torontosun.com/ingest
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.251.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-251-205.compute-1.amazonaws.com
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://torontosun.com
date
Fri, 16 Dec 2022 04:09:34 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/png
content-length
67
expires
Fri, 01 Jan 1990 00:00:00 GMT
svod-module-js.134d14cd72d5d9935f06.js
cdn.viafoura.net/chunks/vuex_store/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vuex_store/svod-module-js.134d14cd72d5d9935f06.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:2e00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
552026abf1372e748f12a796cd7f3d4036ccb046a12ab8577ee85b16e88dfea9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 19:39:40 GMT
x-amz-version-id
Yh8WxSi66pXgInyvmtOJvOo2LUYYEsNm
content-encoding
br
via
1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
age
116995
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 14 Dec 2022 19:39:03 GMT
server
AmazonS3
etag
W/"68a80baad1f6e634374ed97000dfdbe5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
yQ4p9ATt-nR2mItq5wwIg4eim-Q4LZUMh5UtnzWjeKEVP3Aw7-9eCQ==
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1685973801652415&ev=PageView&dl=https%3A%2F%2Ftorontosun.com%2F&rl=&if=false&ts=1671163774785&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22514537319740368%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22CAD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22503487844400487%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22CAD%22%7D%7D%7D&par[2]=%7B%22extractorID%22%3A%221042784969583558%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22CAD%22%7D%7D%7D&par[3]=%7B%22extractorID%22%3A%22858678751523779%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[4]=%7B%22extractorID%22%3A%221127243281129742%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[5]=%7B%22extractorID%22%3A%22497819211464386%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1671163774784.931267908&it=1671163774431&coo=false&exp=c1&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 16 Dec 2022 04:09:34 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=b255724f-7373-a4b3-98a3-53fc97443a47&tv=%7Bc:wVGgt9,pingTime:-10,time:978,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA4LjAuNTM1OS4xMjQgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1671163774862%7C%7Cc2c18989ec7a863497fe316c9cb35aed%7C%7Cff2a6b6b0b4b5b2c43e945104008d359%7C%7Cf6d993dd440b07694c00cdd7f792652a%7C%7C80fd49aa46bb90e36f67790350f96204%7C%7C225773cfd8cf34be7452c08db6b6add4%7C%7C897347e182e77ef6b78bb210ce24a091%7C%7C56223048a0be4e397070cc703f5dfff2%7C%7C1663701684%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:259b:2b92:b6d2:f836 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 04:09:34 GMT
server
nginx
x-server-name
dt12.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
appInfo
config.lrcontent.com/ciam/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://config.lrcontent.com/ciam/appInfo?apikey=1a9a7ccf-c3f1-4ec9-a65f-2c3e8d9510a5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:49e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers
x-requested-with
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://torontosun.com
allow
GET, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
77a490796d72926e-FRA
date
Fri, 16 Dec 2022 04:09:34 GMT
server
cloudflare
vary
Origin
appInfo
config.lrcontent.com/ciam/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://config.lrcontent.com/ciam/appInfo?apikey=1a9a7ccf-c3f1-4ec9-a65f-2c3e8d9510a5
Requested by
Host: auth.lrcontent.com
URL: https://auth.lrcontent.com/v2/LoginRadiusV2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:49e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbe74c62945bca0d7d29f9784c7462326fb4f8100313f320468c67a947a267ad

Request headers

Referer
https://torontosun.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:35 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json
access-control-allow-origin
https://torontosun.com
cache-control
max-age=86400
cf-ray
77a49079bdcd926e-FRA
activeview
pagead2.googlesyndication.com/pcs/ Frame ED56 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss60hCkKVYOnGSQK8_807R_OMKc7-nbSpiADxU1dOW9poMCQVU8c_wqBUB8YtTYWGj3qWZgdIW4dJkHfaL8UJ7-T52krdJhdh542AW6hyMkY91yEeW7&sig=Cg0ArKJSzHznSx-U96P3EAE&id=lidar2&mcvt=1000&p=152,315,402,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=225519801&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671163773460&rpt=493&isd=0&lsd=0&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 04:09:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
login
postmedia.hub.loginradius.com/ssologin/ 		38 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Requested by
Host: auth.lrcontent.com
URL: https://auth.lrcontent.com/v2/LoginRadiusV2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.159.85.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-85-30.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://torontosun.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 16 Dec 2022 04:09:35 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Server
nginx
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,OPTIONS, POST, GET, PUT, OPTIONS, DELETE
Content-Type
application/json
Access-Control-Allow-Origin
https://torontosun.com
X-LoginRadius-Server
Primary - IDX - AWS
Access-Control-Allow-Credentials
true
X-Server
ms_idx_primary
Connection
keep-alive
Content-Length
38
login
postmedia.hub.loginradius.com/ssologin/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.159.85.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-85-30.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
x-requested-with
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,OPTIONS POST, GET, PUT, OPTIONS, DELETE
Access-Control-Allow-Origin
https://torontosun.com
Connection
keep-alive
Date
Fri, 16 Dec 2022 04:09:35 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-LoginRadius-Server
Primary - IDX - AWS
X-Server
ms_idx_primary
rfv.php
compassdata.mrf.io/ 		27 B
580 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://compassdata.mrf.io/rfv.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.63.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy08.cl03.het.mrf.io
Software
istio-envoy /
Resource Hash
79df73fd1377483384f7b7565e98c4a430889f0388db05634271f9f302faeac7

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryDwIvXXH51UielIHN

Response headers

date
Fri, 16 Dec 2022 04:09:35 GMT
content-encoding
gzip
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://torontosun.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
42
multimedia.php
events.newsroom.bi/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/multimedia.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/224c9ba9ed2d15b9acd4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.63.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy08.cl03.het.mrf.io
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=b255724f-7373-a4b3-98a3-53fc97443a47&tv=%7Bc:wVGgzc,pingTime:1,time:1353,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:293%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1353,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:293,wc:0.0.1600.1200,ac:315.152.970.250,am:i,cc:315.152.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1082~100%5D,as:%5B1082~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:102,fm:tq9iSZv+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18*.928934%7C181%7C19,idMap:18*,rmeas:1,rend:1,renddet:IMG.qs,siq:295,sis:471%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:259b:2b92:b6d2:f836 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 04:09:35 GMT
server
nginx
x-server-name
dt01.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=b255724f-7373-a4b3-98a3-53fc97443a47&tv=%7Bc:wVGgzd,pingTime:1,time:1354,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:293%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1354,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:293,wc:0.0.1600.1200,ac:315.152.970.250,am:i,cc:315.152.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1083~100%5D,as:%5B1083~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:102,fm:tq9iSZv+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18*.928934%7C181%7C19,idMap:18*,rmeas:1,rend:1,renddet:IMG.qs,siq:295,sis:471,metricId:publ1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:259b:2b92:b6d2:f836 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 04:09:35 GMT
server
nginx
x-server-name
dt07.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=b255724f-7373-a4b3-98a3-53fc97443a47&tv=%7Bc:wVGgzd,pingTime:1,time:1354,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:293%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1354,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:293,wc:0.0.1600.1200,ac:315.152.970.250,am:i,cc:315.152.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1083~100%5D,as:%5B1083~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:102,fm:tq9iSZv+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18*.928934%7C181%7C19,idMap:18*,rmeas:1,rend:1,renddet:IMG.qs,siq:295,sis:471,metricId:grpm1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:259b:2b92:b6d2:f836 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 04:09:35 GMT
server
nginx
x-server-name
dt08.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
events
api.permutive.com/v2.0/batch/ 		101 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
11516e4134c2cf64e19258fa7911137325ae677de6a3805312b4c5eb9d73e40c

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 16 Dec 2022 04:09:35 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
/
www.facebook.com/tr/ Frame 1905 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://torontosun.com
Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://torontosun.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Fri, 16 Dec 2022 04:09:35 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
envelope
lexicon.33across.com/v1/ 		49 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a0000344KfnAAE&gdpr=0
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 16 Dec 2022 04:09:37 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://torontosun.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E960 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=106756
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 16 Dec 2022 04:09:37 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 17 Dec 2022 09:48:53 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
unused62
8096267
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame FC33 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 16 Dec 2022 04:09:37 GMT
ETag
"623de86a-cf34"
Expires
Sat, 17 Dec 2022 04:09:39 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame F26E 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 16 Dec 2022 04:09:37 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 96C9 		0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Fri, 16 Dec 2022 04:09:37 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ixmatch.html
js-sec.indexww.com/um/ Frame 909F 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
463
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
77a49087ff239061-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 16 Dec 2022 04:09:37 GMT
expires
Fri, 16 Dec 2022 08:09:37 GMT
last-modified
Mon, 25 Jul 2022 19:18:30 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame F26E 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
7cb76c118f71a8901748f5e7361ccf95dc92b60470dad6a56d925f61977c0b28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 16 Dec 2022 04:09:37 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Dec 2022 10:50:31 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=24098
Connection
keep-alive
Content-Length
10066
Expires
Fri, 16 Dec 2022 10:51:15 GMT
usermatch
ssum-sec.casalemedia.com/ Frame F39C
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db6670d91c704cdae386fb259fbd12599eac95749fd79163f4dc6d9b7a06f74c

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77a490888b819034-FRA
content-encoding
br
content-type
text/html
date
Fri, 16 Dec 2022 04:09:37 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2FRCLzrTzUtztg1SQCeixKODR5%2Fe8K0QT%2Bjf4ZxxEPHglslDu0UQfPefg6gUF7bnLOOcp0tmEX8ROc50Q%2FKeCrZLiRkxDVSnE7CZtEih%2FWfdx5S%2Fcw5PzPc4KoQPv%2BTeamEOVTI67VbXsA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77a490885e9290f2-FRA
content-length
0
date
Fri, 16 Dec 2022 04:09:37 GMT
expires
0
location
/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PhcInlJ2VrUmCx8HCgZZAyKI6Uv9KyS4hbjAqe7dKDP6d7crKArmCNBzeFMY7TsFvEbWGY3%2F2k0117PeqPFcMaAcaMTEGaW7pu8nnDdqaySKo2pBQxRof%2Fy8jApi%2FHPf1y%2FXrtNZkGx0dA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame E960 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=53620862&p=160305&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0efb9c2c222f4dca3cb13288e258f26216f6c49dc68141a6cfd164460f89fcfa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Fri, 16 Dec 2022 04:09:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
bounce
ib.adnxs.com/ Frame FC33
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
931 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Dec 2022 04:09:37 GMT
AN-X-Request-Uuid
6251de8e-ff37-415d-bb36-a0637885562e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
146.70.117.70; 146.70.117.70; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 16 Dec 2022 04:09:37 GMT
AN-X-Request-Uuid
99730ad4-d58f-4d00-a23f-09074e6237dc
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
146.70.117.70; 146.70.117.70; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
p
sb.scorecardresearch.com/ 		43 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=19&c2=10276888&ns_ap_an=unknown&ns_ap_pn=js&ns_ap_pv=5&c12=_&name=foreground&ns_ap_ec=1&ns_ap_ev=start&ns_ap_device=Win32&ns_ap_id=1671163777376&ns_ap_csf=1&ns_ap_bi=unknown&ns_ap_pfm=webbrowser&ns_ap_pfv=Chrome%20108.0.5359.124&ns_ap_ver=unknown&ns_ap_sv=7.7.0%2B211006&ns_ap_bv=7.7.0%2B211006&ns_ap_smv=6.4&ns_type=view&ns_ap_gs=1671163772364&ns_ts=1671163772364&ns_ap_cfg=1110101-110-3C-7D0-A-1F-1E-1E-12C-A&ns_ap_env=0-0-2&ns_ap_ut=60000&ns_ap_ar=unknown&ns_ap_cs=1&ns_ap_fg=1&ns_ap_dft=0&ns_ap_dbt=0&ns_ap_dit=0&ns_ap_as=1&ns_ap_das=0&ns_ap_usage=0&ns_radio=unknown&ns_ap_install=1671163772364&ns_ap_ft=0&ns_ap_bt=0&ns_ap_it=0&ns_ap_res=1600x1200&ns_ap_sd=1600x1200&ns_ap_po=0x0&ns_ap_lang=en-US&ns_ap_jb=unknown&ns_c=UTF-8&c7=https%3A%2F%2Ftorontosun.com%2F&c8=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&c9=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.240.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-240-69.vie50.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:37 GMT
via
1.1 aa98922692c099827cdae6a16b894744.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C1
content-length
43
x-amz-cf-id
nqy5g6ik1ZfVVnP9YgF5FTbaN5vgyy9xP1egagD8rcK0k_N0S02AjQ==
x-cache
Miss from cloudfront
content-type
image/gif
usermatchredir
ssum-sec.casalemedia.com/ Frame F39C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y5vvgcGmWMOEV209pnY3swAABKoAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ9gIJykc_C-o5F0UwfSuMY&google_cver=1
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ9gIJykc_C-o5F0UwfSuMY&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 04:09:37 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jRotfNkd4bDrSsNfyFhPN3QB0lk83EdDur8uVzz9Q9g0Khh995BxfvH%2F9shoXdfN5ZKX%2F9IKM4eMqgpqRiedfQDtPb78vgwSXYNHPOIyTvWj96giMHEhAQS3TY539diGJB8DADxAXbGRyg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77a490893c179034-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 16 Dec 2022 04:09:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ9gIJykc_C-o5F0UwfSuMY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame F39C
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y5vvgcGmWMOEV209pnY3swAABKoAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y5vvgcGmWMOEV209pnY3swAABKoAAAAB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y5vvgcGmWMOEV209pnY3swAABKoAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Dec 2022 04:09:37 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SQS94ST77RB49E1W1BQH
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 16 Dec 2022 04:09:37 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
DJFJDAD0V3W959T4EBS4
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y5vvgcGmWMOEV209pnY3swAABKoAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame F39C
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y5vvgcGmWMOEV209pnY3swAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEozytIZR5K06IqXZGO4a1o&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEozytIZR5K06IqXZGO4a1o&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Dec 2022 04:09:37 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 16 Dec 2022 04:09:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEozytIZR5K06IqXZGO4a1o&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame F39C 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 16 Dec 2022 04:09:37 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
rum
dsum.casalemedia.com/ Frame F39C
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1671250177
43 B
872 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1671250177
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 04:09:37 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PDJfUqATvYIuIAOwF5CaQ0XkKgNQO%2BTL3vszP6Zz67YyGSaFFBEofEuN6KUUyYz%2B7eFpi%2BBMfH66qSvgDR0soutc98PvKMx0ujGWlc1bJ8B2s9Lf0VbpgFmNtG5fgnRlGFdHBOPn"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77a49089dc169a15-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1671250177
pragma
no-cache
date
Fri, 16 Dec 2022 04:09:37 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame F39C
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=331733116838856510
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=331733116838856510
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Dec 2022 04:09:37 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Fri, 16 Dec 2022 04:09:37 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
146.70.117.70; 146.70.117.70; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
50247d6e-b16d-4127-8e5d-bd52f336bbf5
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=331733116838856510
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame F39C
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=5d6c878e-0d3a-02ba-6793b917
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=5d6c878e-0d3a-02ba-6793b917
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Dec 2022 04:09:37 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

date
Fri, 16 Dec 2022 04:09:37 GMT
via
1.1 google
server
nginx/1.23.3
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=5d6c878e-0d3a-02ba-6793b917
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146
crum
dsum-sec.casalemedia.com/ Frame F39C
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Dec 2022 04:09:37 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
date
Fri, 16 Dec 2022 04:09:37 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame F39C 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y5vvgcGmWMOEV209pnY3swAA%261194
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:37 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
20246
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77a490893fce9018-FRA
content-length
43
expires
Sat, 17 Dec 2022 04:09:37 GMT
ecm3
s.amazon-adsystem.com/ Frame F26E
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Fv6BC0GkRxaETZ19WYjOAg&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Fv6BC0GkRxaETZ19WYjOAg
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Fv6BC0GkRxaETZ19WYjOAg
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Dec 2022 04:09:38 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
9P8B4H01J4N6KM3JQC9P
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Fv6BC0GkRxaETZ19WYjOAg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame F26E
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJQWlJGMzQtMU0tSzlBMw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJQWlJGMzQtMU0tSzlBMw==
Protocol
H3
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 04:09:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJQWlJGMzQtMU0tSzlBMw==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame F26E
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBPZRF34-1M-K9A3
0
925 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBPZRF34-1M-K9A3
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:36 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 26D3B6DA673A46E99C66B9FD0CCF57BF Ref B: FRAEDGE1711 Ref C: 2022-12-16T04:09:37Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXv6iNS9YyID2RDLQykQw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBPZRF34-1M-K9A3
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame F26E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDSfbSVEkshJl6pbp-yJDxU&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDSfbSVEkshJl6pbp-yJDxU&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 16 Dec 2022 04:09:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDSfbSVEkshJl6pbp-yJDxU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F26E
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzcwZjYxMjMxMWYwNTAwYmEzZjcxMTUwM2U3YmUxYTBjNGE2YWQyMw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzcwZjYxMjMxMWYwNTAwYmEzZjcxMTUwM2U3YmUxYTBjNGE2YWQyMw
Protocol
H3
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 04:09:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzcwZjYxMjMxMWYwNTAwYmEzZjcxMTUwM2U3YmUxYTBjNGE2YWQyMw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame F26E
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/3boCHm9i9vHfYLRZgJMEZMn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-m0hzYStE2oJ0ZydHhRKvxPrGTqhXhhXs3Tby5w--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-m0hzYStE2oJ0ZydHhRKvxPrGTqhXhhXs3Tby5w--~A
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Fri, 16 Dec 2022 04:09:37 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-m0hzYStE2oJ0ZydHhRKvxPrGTqhXhhXs3Tby5w--~A
content-length
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame F26E
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=iWYKPAjkQbSB06fMeoTkzA&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=iWYKPAjkQbSB06fMeoTkzA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=iWYKPAjkQbSB06fMeoTkzA
Protocol
HTTP/1.1
Server
67.220.224.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Dec 2022 04:09:37 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
HA3CR4C8PZ740Q5TH0BD
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=iWYKPAjkQbSB06fMeoTkzA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame F26E 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 16 Dec 2022 04:09:37 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 4754
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:59e1639b-ef81-4e00-874b-0bf7d936c4d6&gdpr=0&gdpr_consent=
42 B
327 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:59e1639b-ef81-4e00-874b-0bf7d936c4d6&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 16 Dec 2022 04:09:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Fri, 16 Dec 2022 04:09:37 GMT
Expires
Fri, 16 Dec 2022 04:09:36 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 254 34fcae8 master zrh-pixel-x4 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:59e1639b-ef81-4e00-874b-0bf7d936c4d6&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 7308
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 16 Dec 2022 04:09:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Fri, 16 Dec 2022 04:09:37 GMT
expires
Fri, 16 Dec 2022 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1614317
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame 6A9D
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1411022692424926832
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1411022692424926832
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 16 Dec 2022 04:09:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1411022692424926832
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
dcm
aax-eu.amazon-adsystem.com/s/ Frame 4043
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=55D0CBF5-5780-45DF-89E1-2B9C6F03B681&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=55D0CBF5-5780-45DF-89E1-2B9C6F03B681&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=55D0CBF5-5780-45DF-89E1-2B9C6F03B681&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.224.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 16 Dec 2022 04:09:37 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
FZD6JNCWXJ1VZHYKMRC4

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Fri, 16 Dec 2022 04:09:37 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=55D0CBF5-5780-45DF-89E1-2B9C6F03B681&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
2342M6X9BFQWYTWSQBXC
Pug
simage2.pubmatic.com/AdServer/ Frame 6EE8
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=331733116838856510&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=331733116838856510&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 16 Dec 2022 04:09:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
91f148d9-4dd9-4d19-9e86-db9f7772ec0c
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Fri, 16 Dec 2022 04:09:37 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=331733116838856510&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
146.70.117.70; 146.70.117.70; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E960
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VdDL9VeARd-J4SucbwO2gQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

unused62
8096267
date
Fri, 16 Dec 2022 04:09:37 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=UTF-8
cache-control
max-age=106756
accept-ranges
bytes
content-length
5549
expires
Sat, 17 Dec 2022 09:48:53 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Dec 2022 04:09:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame E960 		95 B
382 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=55D0CBF5-5780-45DF-89E1-2B9C6F03B681
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:37 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
77a490897b2f9296-FRA
access-control-allow-headers
*
content-length
95
qmap
sync.crwdcntrl.net/ Frame E960 		49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=55D0CBF5-5780-45DF-89E1-2B9C6F03B681&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.75.190.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-190-240.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 04:09:37 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.27.164
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame E960
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1165507131
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=55D0CBF5-5780-45DF-89E1-2B9C6F03B681
0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=55D0CBF5-5780-45DF-89E1-2B9C6F03B681
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 04:09:37 GMT
via
1.1 google
last-modified
Fri, 16 Dec 2022 04:09:37 GMT
server
Weborama Collect Frontend
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=55D0CBF5-5780-45DF-89E1-2B9C6F03B681
date
Fri, 16 Dec 2022 04:09:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
Pug
image2.pubmatic.com/AdServer/ Frame E960
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTVEMENCRjUtNTc4MC00NURGLTg5RTEtMkI5QzZGMDNCNjgx&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 16 Dec 2022 04:09:37 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 16 Dec 2022 04:09:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame E960
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJoyFxl95k0MDjF1ykINodk&google_cver=1
42 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJoyFxl95k0MDjF1ykINodk&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 16 Dec 2022 04:09:37 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 16 Dec 2022 04:09:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJoyFxl95k0MDjF1ykINodk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame E960 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:37 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Thu, 15 Dec 2022 04:09:37 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame E960
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1679576178816261471
42 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1679576178816261471
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 16 Dec 2022 04:09:36 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 16 Dec 2022 04:09:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1679576178816261471
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame E960 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 16 Dec 2022 04:09:37 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
gen_204
pagead2.googlesyndication.com/pagead/ Frame B7CE 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?cslots=0&dispcorr=1&streamcorr=1&isgptpresent=1&loc=https%3A%2F%2Ftorontosun.com%2F&ref=https%3A%2F%2Ftorontosun.com%2F&gcasclass=1&vpaidadapter=f&ifstate=-1&lid=70&sdkv=h.3.549.0&id=ima_html5&c=4396355710528054&domain=torontosun.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 04:09:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B7CE 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?csrvinit=1&lid=151&sdkv=h.3.549.0&id=ima_html5&c=4396355710528054&domain=torontosun.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 04:09:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame FC33 		0
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Dec 2022 04:09:38 GMT
AN-X-Request-Uuid
8cea379e-593e-415b-acde-47ec2750baca
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
146.70.117.70; 146.70.117.70; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
demand
events.browsiprod.com/events/ 		0
100 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/demand?p=16c53466-a3f0-4904-a3bb-834cd0c01c3b
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.9.24.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.22.15.219 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-100-22-15-219.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://torontosun.com
date
Fri, 16 Dec 2022 04:09:38 GMT
access-control-allow-credentials
true
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=b255724f-7373-a4b3-98a3-53fc97443a47&tv=%7Bc:wVGhBI,pingTime:5,time:5353,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:293%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5353,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:293,wc:0.0.1600.1200,ac:315.152.970.250,am:i,cc:315.152.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5082~100%5D,as:%5B5082~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:102,fm:tq9iSZv+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18*.928934%7C181%7C19,idMap:18*,rmeas:1,rend:1,renddet:IMG.qs,siq:295,sis:471%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:259b:2b92:b6d2:f836 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 04:09:39 GMT
server
nginx
x-server-name
dt23.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
SPug
simage4.pubmatic.com/AdServer/ Frame E960 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=160305&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 04:09:39 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-H792QCFZPV&gtm=2oebu0&_p=1369631191&cid=1205838941.1671163772&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=2&dl=https%3A%2F%2Ftorontosun.com%2F&sid=1671163774&sct=1&seg=1&dt=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&en=page_view&ep.debug_mode=false&ep.gtm_version=44&ep.gtm_container_id=GTM-P3Q4QHW&ep.ad_blocker_enabled=false&ep.user_status=anonymous&ep.page_type=index&ep.session_uuid=4C7B8705-CB83-432A-B7B2-8D85D3E0774F&ep.platform=Cheetah&ep.platform_version=12.5.3&ep.fem_version=v71.0&ep.mp_id=-3344861625743790283&ep.brand=Toronto%20Sun&ep.timestamp=2022-12-16T04%3A09%3A34.506%2B00%3A00&ep.ga_client_id=1205838941.1671163772&ep.main_category=index&ep.metered_content=false&_et=46&up.mp_id=-3344861625743790283&up.client_id=1205838941.1671163772
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H792QCFZPV&l=gtm_data_layer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 04:09:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://torontosun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

155 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| oncontentvisibilityautostatechange function| setNptTechAdblockerCookie object| script object| LRNameSpace object| LoginRadiusDefaults function| LoginRadiusUtility function| LoginRadiusApiFramework function| setLoginRadiusDefaultSchema function| setLoginRadiusModuleFunctions function| LoginRadiusHooksModel function| SetLoginRadiusCommonFunctions function| LoginRadiusControllers function| LoginRadiusV2 function| FormValidator object| hash object| browsitag string| browsi_bootstrap_loaded object| modern_script_elem object| legacy_script_elem object| ytAdTargetingLoadEvent function| script_onload string| locSrc object| ytVideoAdTargetingConfig object| webpackJsonpFrontEndModules object| tp object| FrontEndModules boolean| isBrowsi object| googletag object| aax object| permutive object| apstag object| pbjs object| ggeac object| google_tag_data object| google_js_reporting_queue boolean| apstagLOADED object| pbjsChunk object| _pbjsGlobals object| BlockAdBlock object| blockAdBlock object| webpackChunkdjango_content_services object| __permutive undefined| google_measure_js_timing function| __browsiLoadFunc object| __browsiLoadObject object| Criteo object| PublisherCommonId object| _middyo object| Sailthru function| t object| adblockDetector object| __iasPET object| googleToken object| googleIMState function| processGoogleToken object| diagPixSentCodes object| __iasAdRefreshConfig number| google_unique_id object| gaGlobal object| ns_ object| jwDefaults object| webpackChunkjwplayer function| jwplayer string| iasScores object| GoogleGcLKhOms object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| closure_lm_439655 function| WebVTT object| closure_lm_754613 object| vf object| vfQ object| dataLayer object| mParticle object| gtm_data_layer object| mpOneTrustKit object| GoogleTagManagerKit function| OptanonWrapper object| dl_mparticle object| mp_data_layer object| _vfP boolean| vfLoaded function| setImmediate function| clearImmediate object| viafoura object| COMSCORE function| udm_ object| _comscore object| cast object| google_tag_manager function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| _typeof boolean| pnFullTPVersion number| pnInitPerformance boolean| pnHasPolyfilled object| pn string| __tpVersion object| SWG function| ___tp function| postscribe object| google_tag_manager_external function| onYouTubeIframeAPIReady object| Ribn object| PianoESPConfig string| GoogleAnalyticsObject function| ga object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_130 object| Criteo_prebid_130 function| e object| marfeel function| fbq function| _fbq object| PARSELY function| autotrack function| gtag object| gaplugins object| gaData function| _ga_originalSendHitTask object| __IntegralASExec object| __connect object| webpackChunk_marfeel_marfeel_sdk object| __mrfCompass object| google_image_requests

86 Cookies

Domain/Path Name / Value
torontosun.com/ Name: browsi_AB_test
Value: false
torontosun.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.torontosun.com/ Name: pbjs_sharedId
Value: 2637d781-6cd0-46a0-b0b8-e2682e446327
torontosun.com/ Name: __browsiSessionID
Value: 9203ec76-f4bc-4a3f-ac3c-c6c353b27855&false&false&DEFAULT&de&desktop-4.9.24&false
torontosun.com/ Name: __browsiUID
Value: 6933dd8f-ab08-4350-b661-966b3c6708bf
.torontosun.com/ Name: permutive-id
Value: 59b383c7-347f-4425-b503-7e7d81631514
.23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/ Name: pxid
Value: 7e5dc8d1-ad6e-43dc-a6f4-0f18383caa7f
torontosun.com/ Name: political-ad-opt-out
Value: {"data":false,"exp":604800000,"ts":1671163771998,"mac":-1739360479}
torontosun.com/ Name: __adblocker
Value: false
torontosun.com/ Name: sailthru_pageviews
Value: 1
.rubiconproject.com/ Name: khaos
Value: LBPZRF34-1M-K9A3
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qouk8Hsp4mYz/sKGGM1eolu5vVtDhgOVUPw0zLiRRUt4YYSuasyu/2PDo2K011bXXeP8psENAGzIsxuhZpbWKLtEtnlMZ0lWmo=
.doubleclick.net/ Name: IDE
Value: AHWqTUnpdjVdb-0Cp6bgnXOlM0HDj6s6xF1YkVqSzTlM_nlxyhGCLdX5sAoWHlMPK48
torontosun.com/ Name: sailthru_content
Value: 2daf89bab868e9ce42ab0131ed955a5b
torontosun.com/ Name: sailthru_visitor
Value: dc63a7f8-8f54-4897-aefe-b1c20241ecdf
torontosun.com/ Name: x-id
Value: {"data":{"adLight":false,"id":"2gd139zqrolkdids0bumv9815w0tkzuhf","updated":1671163773152,"printSubscriber":false},"exp":604800000,"ts":1671163773152,"mac":-1085107635}
fem.gprod.postmedia.digital/ Name: x-id
Value: {"data":{"adLight":false,"id":"2gd139zqrolkdids0bumv9815w0tkzuhf","updated":1671163773152,"printSubscriber":false},"exp":604800000,"ts":1671163773176,"mac":-1085105589}
.torontosun.com/ Name: __gads
Value: ID=531e52901906c892:T=1671163772:S=ALNI_MYVlG_UWRcDZNZX6UFsXdN73DykiA
.torontosun.com/ Name: __gpi
Value: UID=00000b935f195182:T=1671163772:RT=1671163772:S=ALNI_Mb_M-3AFK3rcBAKCqEp2vHAXKd_xQ
.torontosun.com/ Name: _pcid
Value: %7B%22browserId%22%3A%22lbpzrghkefxtko1o%22%7D
torontosun.com/ Name: __pnahc
Value: 0
.piano.io/ Name: __cf_bm
Value: xvIE_sli3H504mKT9w31jY_rAYzFwmepL_.Z4grp76c-1671163773-0-Ad6jgVgRwaOOniRCdeXGRCl6eHP3dGL/kAEAAuq+cYDhGl58GsAahFk3KX7iGhX/afEflgRke+Xs3G3ynnyxFvc=
.torontosun.com/ Name: __tbc
Value: %7Bkpex%7DwfZo0QtlU_JHzWwTzNN4sR5Qoar1ttJWmbRfCaPrkgoJ9Kh59IgJJWivn_wOdkz4
.torontosun.com/ Name: __pat
Value: -18000000
.torontosun.com/ Name: __pvi
Value: eyJpZCI6InYtMjAyMi0xMi0xNi0wNC0wOS0zMy03NjItTFNBNzRIWEVIVFVLMWVyYi1mZDM3ZjZiODU1ZWVjMDY2OTE2ZmY3ZDYwOTgzOTY0YiIsImRvbWFpbiI6Ii50b3JvbnRvc3VuLmNvbSIsInRpbWUiOjE2NzExNjM3NzM5ODN9
.torontosun.com/ Name: _pctx
Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAE0RXQF8g
.torontosun.com/ Name: xbc
Value: %7Bkpex%7DS2jpItMXokdWimgHUfn8l5AUSMJ5-2tMvsuZ9cG39YN8KP4Vd5UYb8gpORopZeNvmqxPlXlW7ZPLERzXYyTVpw
.criteo.com/ Name: uid
Value: e8a30868-60bf-4580-bd98-64146783a3ba
.viafoura.co/ Name: VfSess
Value: i31vtcdrhdtaorlk8a10cajjnh
.viafoura.co/ Name: vfThirdpartyCookiesEnabled
Value: true
.torontosun.com/ Name: mprtcl-v4_4662F03F
Value: {'gs':{'ie':1|'dt':'us1-99b65fde89a1a145894d2d51d283cc83'|'av':'1.0.0'|'cgid':'da8ec3d4-3bdf-4064-b548-7074fa253510'|'das':'4f63daab-14e1-4d63-b8cb-a8f2f25e9de8'|'csm':'WyItMzM0NDg2MTYyNTc0Mzc5MDI4MyJd'|'sid':'4C7B8705-CB83-432A-B7B2-8D85D3E0774F'|'les':1671163774248|'ssd':1671163773511}|'l':1|'-3344861625743790283':{'fst':1671163773784|'ui':'eyIwIjoiMmdkMTM5enFyb2xrZGlkczBidW12OTgxNXcwdGt6dWhmIn0='}|'cu':'-3344861625743790283'}
.torontosun.com/ Name: _ga_7GC5VRWDF9
Value: GS1.1.1671163774.1.0.1671163774.0.0.0
.torontosun.com/ Name: _gid
Value: GA1.2.1884658834.1671163774
.torontosun.com/ Name: _gat_UA-238413164-10
Value: 1
.torontosun.com/ Name: _gat_UA-138335866-30
Value: 1
.torontosun.com/ Name: _gat_UA-213173459-5
Value: 1
.torontosun.com/ Name: _gat_UA-114648105-14
Value: 1
.torontosun.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://torontosun.com/%22%2C%22sref%22:%22%22%2C%22sts%22:1671163774399%2C%22slts%22:0}
.torontosun.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=8e130817-afe3-4388-a2d1-e2db9bc957a2%22%2C%22session_count%22:1%2C%22last_session_ts%22:1671163774399}
.torontosun.com/ Name: _ga
Value: GA1.1.1205838941.1671163772
.torontosun.com/ Name: ___nrbic
Value: %7B%22previousVisit%22%3A1671163774%2C%22currentVisitStarted%22%3A1671163774%2C%22sessionId%22%3A%22a42bfe29-9078-43eb-836b-72755f3238f6%22%2C%22sessionVars%22%3A%5B%5D%2C%22visitedInThisSession%22%3Atrue%2C%22pagesViewed%22%3A1%2C%22landingPage%22%3A%22https%3A//torontosun.com/%22%2C%22referrer%22%3A%22%22%7D
.torontosun.com/ Name: ___nrbi
Value: %7B%22firstVisit%22%3A1671163774%2C%22userId%22%3A%222757f817-6660-43a5-b826-a9a9ab7dbfdf%22%2C%22userVars%22%3A%5B%5D%2C%22futurePreviousVisit%22%3A1671163774%2C%22timesVisited%22%3A1%7D
.torontosun.com/ Name: compass_uid
Value: 2757f817-6660-43a5-b826-a9a9ab7dbfdf
.torontosun.com/ Name: _ga_H792QCFZPV
Value: GS1.1.1671163774.1.1.1671163774.60.0.0
torontosun.com/ Name: _vfz
Value: torontosun%2Ecom.00000000-0000-4000-8000-d11b93482c8b.1671163775.1.medium=direct|source=|sharer_uuid=|terms=
.torontosun.com/ Name: _vfa
Value: torontosun%2Ecom.00000000-0000-4000-8000-d11b93482c8b.8cc58fcc-d3a1-4dde-bfd5-f4245a8c8e1c.1671163775.1671163775.1671163775.1
.torontosun.com/ Name: _vfb
Value: torontosun%2Ecom.00000000-0000-4000-8000-d11b93482c8b.2..1671163775....
.torontosun.com/ Name: cto_bundle
Value: L0u9HV96WjJNSDE3QmNYeURjRjMwdzhvR1U3V3ZHZ3lDcDVzY3RxRWs5QU03elNNY0I3RlVGRVl0UG5xJTJCRXJHVU0xd2J1bVQ4WUNpa3pzNTUyOCUyRjV6UUwwb2tLMktINSUyRkV1WWRzRTU5QSUyQnl6Q3pHSWIzSnhWMTlzZ1FNSmVJOG10SUx4ZXpTOW9vNDVWVSUyQjQ4SkNra2lqVUdBJTNEJTNE
events.newsroom.bi/ Name: 1528_u
Value: 2757f817-6660-43a5-b826-a9a9ab7dbfdf
events.newsroom.bi/ Name: 1528_s
Value: a42bfe29-9078-43eb-836b-72755f3238f6
events.newsroom.bi/ Name: 1528_lv
Value: null
events.newsroom.bi/ Name: 1528_ut
Value: 0
.torontosun.com/ Name: _fbp
Value: fb.1.1671163774784.931267908
.viafoura.co/ Name: vfDeviceId
Value: 75f0183b-fcee-468f-a544-f10951fa61f5
.ads.pubmatic.com/ Name: KCCH
Value: YES
.casalemedia.com/ Name: CMID
Value: Y5vvgcGmWMOEV209pnY3swAA
.casalemedia.com/ Name: CMPS
Value: 1194
.casalemedia.com/ Name: CMPRO
Value: 1194
.adnxs.com/ Name: uuid2
Value: 331733116838856510
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 55D0CBF5-5780-45DF-89E1-2B9C6F03B681
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 160305:2
.pubmatic.com/ Name: DPSync3
Value: 1672358400%3A227_245_241_201
.pubmatic.com/ Name: SyncRTB3
Value: 1672358400%3A7_54_161_251_3_21_13_56_220%7C1672444800%3A35
.weborama.fr/ Name: AFFICHE_W
Value: iQCMeItJHliJ61
.zeotap.com/ Name: zc
Value: ff70b1e8-519f-4ec4-4172-88c55470a234
.mathtag.com/ Name: uuid
Value: 59e1639b-ef81-4e00-874b-0bf7d936c4d6
.simpli.fi/ Name: suid
Value: 8762209AC1E64FAEB94C17C3323A4120
.de17a.com/ Name: guid
Value: 1.1411022692424926832
.adform.net/ Name: C
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-331733116838856510&KRTB&23339-331733116838856510
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:59e1639b-ef81-4e00-874b-0bf7d936c4d6&KRTB&16736-uid:59e1639b-ef81-4e00-874b-0bf7d936c4d6&KRTB&23019-uid:59e1639b-ef81-4e00-874b-0bf7d936c4d6&KRTB&23208-uid:59e1639b-ef81-4e00-874b-0bf7d936c4d6
.brand-display.com/ Name: _knxq_
Value: 5d6c878e-0d3a-02ba-6793b917.1671163777.0.1671163777.1671163777
.adform.net/ Name: uid
Value: 1679576178816261471
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEJoyFxl95k0MDjF1ykINodk&KRTB&16514-CAESEJoyFxl95k0MDjF1ykINodk&KRTB&23025-CAESEJoyFxl95k0MDjF1ykINodk&KRTB&23386-CAESEJoyFxl95k0MDjF1ykINodk
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-1411022692424926832
.casalemedia.com/ Name: CMTS
Value: 3180
.yahoo.com/ Name: A3
Value: d=AQABBIHvm2MCEFnSTdeMlBEg7vdnXLrR7aQFEgEBAQFBnWOlYwAAAAAA_eMAAA&S=AQAAAqUTVnbAdy3N8aVecrGEO-A
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-1679576178816261471&KRTB&23263-1679576178816261471
.pubmatic.com/ Name: PugT
Value: 1671163776
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&85ec720b-8074-4d5b-82ee-aa083b354549"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NzExNjM3Nzc7MjswMjEw8ZW+HJfqBD4tvkxE8ij7Hgj0wV74XW1ojC4g6DKOag==
.linkedin.com/ Name: lidc
Value: "b=VGST00:s=V:r=V:a=V:p=V:g=2884:u=1:x=1:i=1671163777:t=1671250177:v=2:sig=AQHbF06nblZjL5Z2XMSzBlN7BEvpct2J"
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.amazon-adsystem.com/ Name: ad-id
Value: A_4g-Fkt-EOyhFtg5wXGpPg

28 Console Messages

Source Level URL
Text
security error URL: https://torontosun.com/
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://fem.gprod.postmedia.digital/v71.0/fem.js
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
worker error URL: https://torontosun.com/
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
worker error URL: https://torontosun.com/
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221(Line 9)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://tpc.googlesyndication.com/sodar/sodar2.js(Line 31)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://tpc.googlesyndication.com/sodar/sodar2.js(Line 31)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
rendering warning URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js(Line 9)
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
security error URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 534)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 475)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 475)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
worker error URL: https://torontosun.com/
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221(Line 9)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221(Line 9)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221(Line 9)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221(Line 9)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error (Line 11)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js(Line 1)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://static.adsafeprotected.com/main.19.8.377.js
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://static.adsafeprotected.com/main.19.8.377.js
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://connect.facebook.net/en_US/fbevents.js(Line 23)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://connect.facebook.net/en_US/fbevents.js(Line 23)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js(Line 2)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js(Line 2)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js(Line 2)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js(Line 2)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js(Line 2)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=55D0CBF5-5780-45DF-89E1-2B9C6F03B681&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-dynamic' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co
6d49519d1fdf76a7ab36c75192cd0ac6.safeframe.googlesyndication.com
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ads.pubmatic.com
ads.rubiconproject.com
adservice.google.com
adservice.google.de
ak.sail-horizon.com
ap.lijit.com
api.permutive.com
api.sail-personalize.com
api.viafoura.co
assets-jpcust.jwpsrv.com
assets.ribn.com
auth.lrcontent.com
bidder.criteo.com
c.amazon-adsystem.com
c1.adform.net
c2.piano.io
c2shb.pubgw.yahoo.com
casale-match.dotomi.com
cdn.adsafeprotected.com
cdn.browsiprod.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.jwplayer.com
cdn.parsely.com
cdn.permutive.com
cdn.tinypass.com
cdn.viafoura.net
cm.g.doubleclick.net
compassdata.mrf.io
config.lrcontent.com
connect.facebook.net
cr.frontend.weborama.fr
d5p.de17a.com
dcs-static.gprod.postmedia.digital
dis.criteo.com
dmp.brand-display.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
entitlements.jwplayer.com
eus.rubiconproject.com
events.browsiprod.com
events.newsroom.bi
experience.tinypass.com
fastlane.rubiconproject.com
fem.gprod.postmedia.digital
flowcards.mrf.io
fonts.googleapis.com
fonts.gstatic.com
get.s-onetag.com
googlesync.permutive.com
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.viafoura.co
ib.adnxs.com
identity.mparticle.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
js-sec.indexww.com
jssdkcdns.mparticle.com
jssdks.mparticle.com
lexicon.33across.com
match.adsrvr.org
micro.rubiconproject.com
mug.criteo.com
mwzeom.zeotap.com
onetag-geo.s-onetag.com
p1.parsely.com
pagead2.googlesyndication.com
pixel.adsafeprotected.com
pixel.rubiconproject.com
postmedia-d.openx.net
postmedia.hub.loginradius.com
pr-bh.ybp.yahoo.com
prd.jwpltx.com
px.ads.linkedin.com
region1.analytics.google.com
region1.google-analytics.com
s.amazon-adsystem.com
s0.2mdn.net
sb.scorecardresearch.com
sdk.mrf.io
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
signal-beacon.s-onetag.com
signal-segments.s-onetag.com
simage2.pubmatic.com
simage4.pubmatic.com
smartcdn.gprod.postmedia.digital
ssl.p.jwpcdn.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
storage.googleapis.com
sync.adotmob.com
sync.crwdcntrl.net
sync.mathtag.com
token.rubiconproject.com
torontosun.com
tpc.googlesyndication.com
u.openx.net
um.simpli.fi
videos-fms.jwpsrv.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.npttech.com
yield-manager.browsiprod.com
100.22.15.219
104.109.78.125
104.18.33.19
104.18.36.94
104.19.150.54
104.87.141.138
104.96.145.246
108.138.4.150
13.32.27.33
142.251.208.98
151.101.194.207
151.101.2.207
152.199.22.243
172.64.151.162
172.64.154.237
176.9.63.246
178.250.0.157
178.250.0.163
18.156.195.47
18.159.85.30
18.66.100.58
18.66.108.49
18.66.112.84
18.66.15.32
18.66.15.97
18.66.97.108
185.183.112.148
185.29.132.241
185.64.189.112
185.64.190.78
185.64.190.80
185.64.190.81
185.80.39.216
2001:4860:4802:32::36
2001:4860:4802:34::36
213.155.156.184
216.52.2.48
23.35.236.188
23.35.236.201
2600:1901:0:8344::
2600:1f18:1aca:4282:259b:2b92:b6d2:f836
2600:1f18:44f0:4800:250:51f2:8e30:528d
2600:9000:206e:d600:8:48e:53c0:93a1
2600:9000:2156:2000:7:75d4:e40:93a1
2600:9000:223c:2e00:8:2ae1:d740:93a1
2600:9000:225e:1200:1:a3fa:7cc0:93a1
2602:803:c003:200::41
2606:4700:10::6816:1857
2606:4700:10::6816:49e8
2606:4700::6810:f015
2606:4700::6811:b6b1
2606:4700::6812:af
2606:4700:e2::ac40:8f26
2620:1ec:21::14
2a00:1450:4001:82b::200a
2a00:1450:4001:831::200a
2a00:1450:400d:802::2006
2a00:1450:400d:805::2001
2a00:1450:400d:805::2002
2a00:1450:400d:805::2003
2a00:1450:400d:806::2002
2a00:1450:400d:807::2001
2a00:1450:400d:807::2003
2a00:1450:400d:807::2004
2a00:1450:400d:807::2008
2a00:1450:400d:808::2002
2a00:1450:400d:808::2010
2a00:1450:400d:80c::2003
2a00:1450:400d:80d::2002
2a00:1450:400d:80d::200e
2a00:1450:4025:401::9c
2a02:2638:1::13
2a02:2638:1::1a
2a02:2638::3
2a02:fa8:8806:13::1400
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f107:83:face:b00c:0:25de
2a04:4e42:400::626
2a04:4e42:600::645
2a04:4e42::485
2a05:d018:d29:3601:576c:7828:69ec:4641
3.210.251.205
3.33.220.150
34.107.254.252
34.111.129.221
34.111.131.239
34.111.151.213
34.111.249.109
34.117.54.29
34.149.157.221
34.98.64.218
35.204.74.118
35.241.9.51
37.157.6.252
37.252.171.53
52.222.214.32
52.46.128.147
54.155.18.159
54.75.190.240
63.32.218.197
63.34.253.29
67.220.224.150
69.173.144.138
69.173.144.165
75.2.40.13
99.86.240.44
99.86.240.69
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
01ed1c5dcb04e38437e2838db84f1f8f258934bcb79ec428feddde2d02faa658
0215d8abf1730058f58dd7023c5e089d7e5b3363800687477f26ac3b30181f7f
02441c6c3c04ebc9405efc745ca1ec390cdd1e1a84d4536b472f392e22d8b56e
05e643ec517dc8936ead9603882a5af654e031b07fdb9e305b4cca1b5abdb1c5
061fd4af516128f2f085952e37d6506cea005934a5ca5d37e600bf0f0b654004
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0767c070293f17944c5246f47d8c610131ee16556a032dc3b5820bdac5ec725f
0948c158699038955bb5311301d19acc4d8c4ded5b4e32c565c8de6f015f929d
0ae3e514b386d9f2fbb5f7725d9d5af5dab6a3507581c070aec15e9524588c9c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0baf5f3281ad10ebed37ca8245624b6410711722ff8c0ecf3b4f9845d8ab33a7
0bcf5b39b20bbc3d50a07fe4d2ef3b0a1f7ed5340ca00affe398ba377ada5324
0c75b547b7a9fda22d839e29063046aa71e940fa97eaa11abc996024e983a6c9
0efb9c2c222f4dca3cb13288e258f26216f6c49dc68141a6cfd164460f89fcfa
11516e4134c2cf64e19258fa7911137325ae677de6a3805312b4c5eb9d73e40c
1437f4978d88ee673b2036f35e3bda280afcc88df1f9b684c99219618147326f
1503ffa845faf94d1171cd43f9f4d04a36848943be74e5365764990bb57d2d50
158742070fa31289cfc15117a06d7e9e6ba2243aa8c20c57ebe71dd38386409f
158d15d406f2a0803adc1afc183986947687fd82b618769b6533d0b7b3d9a17f
16271ea5e2003645ab901091ded34573e937b162eb573fd1779b555ad1a036dc
179c493864283938999b1e6cfb14839f78f9b25d1ec30faabbf9ea18216b23e5
179f43e8abd5e7bd49d05571dc29d22c9f5044eb17ca8253a49e3e28e716af61
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
1a4f5d095ff4fcc49a7d288671f1a0240784103f08a28618ec94f968aa44083a
1a5f3dcb9cbef18927a50fc894b34d0281a63065d21447d710b887392ae972f5
1ab332ded1376c272c0b5da6e2c26719a2dbead1844c4e695a86ea4473792d66
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
1f1a1b4664a64e30770b1ae845e7d00302bc61703b801dfcf4f0fb10da8a918d
1fef529df5260859a2c508c940b822493253346b67b46762736ad66b2fd2bbf0
1ff5585bdbea001d37f3647975a645f0594090f070915831286de90dd45949d5
2064444a75d9a2071124a2024f215bd076b2eeb2c4d2fccc73fb915d4909bfac
20b9cd2a5e2125ece15cc0d11ae35586a1e9eb4bc90226eb3df789adf191be61
24c165ff23089a9a51dd4606096f4e226dc07dd4f811172820580fed721d4abe
2505036dc4bf486348c3dd8f36b787d6f4cdf4da52ed3f36b80f826fb10f8607
265547021d6ef280f93f886c9912e7966ebdf9c3ae3f4cc9d05f8a1596ad090c
276b5244682738d09b1f2ea556faf7d6d967c844fa95c762c121a0957ebe4503
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63
2acb117f7aa71c661a68767b93b69f23500a83cbe72a74d9e1c7817d768a89b8
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2b0e18d026f801cfbb4fdf886e99a811a4befbeb289daf315a8d30c963242943
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78
2bc9884ce04149fcef998cacf9f73d2ed2286de9baf0b9d7f582961077dc8074
2c8e4ee6b0f2ca20775868405b85e5cfaea952442c8c3b11af29998aa6482dfe
2d2af0af4b7d9b6b5d3879910a8e2cd16551462e75257ac1a2acfa519cfc87a8
2f28c008f0ce667d697ccc95a07377e8562c0c28dd910f864724a265f75671e4
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f80f80091517bfccd89fd5e7160dd4c75224ab916dbc89c4b6ca2f801a3ecfd
30663a44d7023ea9bd22436d25ffc64408b16434025ef19b4adfe8d2c32fdae1
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
31f1262c9c30189e2357c102e2f866fe0c77b88fa3572df8c50531fe1e860b7d
352c81003728aa0c38302edecf4dab6c5c0a8df19763ba45700c8a0cdc1657e0
356120439f6c88cd9bb2a57d851d5f5e642ba9ded3c1ef469e7a2c766a0620bf
35b10c8275ff303669fc378958022226435586e2ffc74e02655e51c7786457b6
361490f1e87a7dce9e1eefef1fcecf837cd9087f8502882df460a63eda5ba14f
375d1f67910cba692fd7b9cf75ac1629967e6fc458748fc0a4cf9be34029ef46
37a35e827a31dd2a348a6e8aaebf00a7d7e2107da3570a92b41964dd3ab8ea76
3892e125d1dbed450238758f1014350f44fc60151c71dde2af583fa2568afec9
399604f8ea5a3d3aa0ea7bc71588037d988eaa321b9b2264c1c77f41c2e4fbc3
3a94940775ee0f8857fd6f60c4eae52cebc488a211e6aad26fa60410da658403
3ab6bb77fb534c171d8192bd0d6e14367d4c91268b07703fd020669e9de63b61
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dfc273cb08d312f5a2b0bb010ac8b5fa33c6555cf26e4a14cc8e0210b1c695c
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f5480c4d6414adec5068c70f1519592a1918352d68d189dcff1b3e530cf8f83
3fde76cacc186420d0405496f66f9cd00a7c14a38a9ffa4b626a09affe83cc2a
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
40e4a22028fa2c007b569bd52d7fc310815832aafd6ecfa8672acc395e1aa72c
40e562e806ce113ae7879d0dd76db82797b5c274794751c260381f2c8b283641
44f2f285a38b082b7097e9b3e6ab28c0af4cbe73ba3c672af8d98adc26f3f44a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
481d713552f587d3bc0e3683557f8541ea69543e4d7abb7e4299c646ab10fd03
4ad17efd0f6f383f41c3aa9f5d957f7776e51aa292392693835c2ae6243e4b80
4d4c2a4a232c46ab1f749bdcfa670b00cb68019cc3c18354ae73ce9424d432a5
4e1bd155f625d1706b709db5e4d94ba4240df4d25fa412dc894897fd8657e93a
4e73162b7ecdf75b3941306c4f9eedc5656a54e9aab98992c3f2e0f76f5829d7
4e83812be1445dca33b2bbc084770dd3573d968d7d1a885fae54ab15d6ccf56f
4eb31ad83bbe575502ad8bbe43b5b2b0b3ff4a23f8562e85ab555db74312e52c
4fdc18f793ea9a4ab3aca6a20d140841a3be68cfc812e8b0d12bfb19f98449ed
51d7a8c3fc686f9540257695de8b6e01b1e3595db5a94507fb5476d5d697f682
5250fa8ade0e9119478967ddcdf09589c9cd365f00304fba2cb3e48f8fe4c0eb
5427e10c23520fbca480e8750c7e03dc2858eee594081879ea72a559bbd9fa81
551070687cfd89cbf873f4c2a8eb7b7a1f11ba3b56ae271ae3b300179c896c38
552026abf1372e748f12a796cd7f3d4036ccb046a12ab8577ee85b16e88dfea9
555c7d500cf06d05e4fcecd7b94b017dd56c6e9795d3d9de1e316121cbe4df60
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
5608b0639585c425a4e3377ac9f9d987eea1c26d9cb12c1a1d7f46b4f5fdecb7
56b587c6bb695112e0df0351261cd31e64bb13b8f95a4af4b5fcc05daff5c824
59b87c26e7ecc18c94ff68b2e5ca3867ccf08772649b2fe6ed31b8118082f5e9
5a02900c2dbce0e4436db42632097edb14b149edf0e58add290771afd965ec38
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1
5ba802a18fa82dd616c0457512b0ee5286de011e968b169f5d8ed952627251a4
5ffdfd38c4e6da3a114773a72a7cb92304e7e385e6d477a36c065b35e0e9291f
6041280b985586f83dc91436abf20ae4b4f59df0818cef7192143e6e947bad75
604b9cf337c21d5ffee6265583dcb1ff9fc38cda8bfd50ac6925325f843a2375
61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6333459bbba841d16299dfee81d2019bf4b4133760e6b375168a4b4ce03a9079
64a35881569799c7f5dd76cd5fa93f2d9dee811f597a1c8e29fc278419329496
6721fd04984682bd8df747af7fa9a476e6642c0ab7fe10533db7feeed4b1e44b
68a335c0d87dce935fee1811892070e78c514828d50bfe2ae21fde739ec1002c
6a2bb1023400cca8ae0171e8789a54ccac0cc4e10eb8908b7d51eb10a45ce1b9
6ab1263b319adb2cdfe639d56ce4a8c4d976986b16c49f424444d15bdd27ee01
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b33c0820a7b5689afa478532c9b818373206051d9f0a9e670ba825eeee61cf4
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f2b60f890fde744f4035bd1d1192847d535b8c7178f20eee63b576dbc5d74d2
6f7e98d03a2100b1e6b8f3c97dfeb11989b74f7887ddcaa0ace5fda0ba12608e
6ff4cd6953e5004de78e73eb67f55b71c689e8325ba0151e65f9b2e9b9eee479
71fa9b6b98aefea63abb3de5bd3664dc857176cd9a203fbbc35b9260e4396a1e
75ae81579ed3d59bc21c3d04c8c84f8d179b0ac81d6b339b5b4ee20ba614525d
75c64fa9c6192ce18c7c901e1065f5c2193b332251058a8e46bcb395403fd2b8
771e31a4e74c32326778598b97aa12613850c1ff3f77431ac5f64e575067bd99
78b558bd2357fbe7ad52804fb3af1b8664b23db096b1deb22d215dde25b152bf
795fde21904da8fba2d623e23f6f79d59fe4f21d117aaaadafae15dd9387e598
79df73fd1377483384f7b7565e98c4a430889f0388db05634271f9f302faeac7
7be77395ff6f17f2eae4830b16237093816fe5304d4acbba22dd3f6c398f6f2a
7beb96ef759b267b4159270a64ca009646a2e9a725882896b3dd431198b92058
7cb76c118f71a8901748f5e7361ccf95dc92b60470dad6a56d925f61977c0b28
7eabd269d94046e76c744518aa01578a00047c238727208cded024567d7a0974
7fb15552a88b764ca42963e71136255cecf99c6bccc6fdc68fbe0f930a516cb7
8097af8146c2d5e9994270aeabe8bab06b1c10d16c3b8a8ea9ddabeff6633ecd
81c3817feb6b870c945faa95ff3322b5d6560c1cf259b0c7826e7a15f88e0023
81d67795b56d526dbf7f404c7f1431b77d7a4095421ea68e198f849c955ba9bc
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8392ad514caf1f268ff659c3bce80070d92cd51c1f01e430989ddd8c086dbef5
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8572591d1b93a5981c6da4ddceccc86893bbeb1a5e9c35f23074a1aa51427f30
8600c27f22c398446daef29ce76576693aadd7ec6702a895be742f92c4b9bfac
894f43de99413159346378f8738aceb7ac3463e6a2eed4a6d24b2c8094a54876
8b3689c851ed2fe2660c6fc9ed9b7cf0a51073bb1c16d2687715d50ead336d65
8b703be42242eee8bfe346ac91e72584b1e3a889f0b837a5ab93cf28c6473afe
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e1c78b089eda8f511429db82cc2f7d5f5bdc3a4235139ec68ba99abf97026a8
92385d39d9fc237468426177f8fc5936936f2323862b28fae4acb8257c492f64
93975ae1d8cef7cb7a8c05ef392abe1b4d080b570b19cab279a208afe7d36cf9
93c45b6c4d23d6de935cc95285dbd06307bb024640cb4c186ddb7cdbc091aac1
93f18bbcba1ebee8f7a2777fba54c264a62d0f61a1cc93834cf3d662098541f6
95d4fee3eee1d2bad826be5d670daeeb8adc78ea27f872fd731899b11e0ef21c
964fadec50deff42a2b1adf6c3fa8ee3799d1982202b3996c74e6275d5dfc5ad
975a64dc9bbc5e1884ba8ca2e76d9b2791d16d5c9f3619bf30477cd21a8636d2
98cd5c3cf6eb9d2f92d3250e369d0f1b5ba2400739e0f4c934ae1a970793bc5c
99394b0f6e9f0aefd71dd6a9ad59129ff7852e7734905bead2f2cec5789e3436
99b938daf601d69b0646faa00ed130eb7e0ff6bcb5cb474c75ed838b6c773b8e
99f430da7b3c2232705260303d21182a43af31f87f5bb65ad863d4d299a343c0
9e4ac9809157b159eeb548490e9b5aa4967fb392bbf56711018b5c9942f3fafd
9ea4d028cd2d66f638e2eb242382d52582a52e48d6cea974a598ca65a2daecd6
a14e24757256e1621cc559f2d90475c452d89eaeee533a5b151f01041f1f3ba2
a174ce3d0e66cfea95ba4288c928291b37bd679f3044ac1a7f4dc3958036be11
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
a345a18e5d3f6c07451cb14dd480bfad123f03663912b581265d617d4725fe9a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6f32ba0a443ebfa1c07612ddaa34431208c28876b16fb95fa9e9a14940e9280
a8236998816487aa6623e3626d7cd50f395e3deee0732c33b150bec3cb81f9a3
a82a9448cf617b6b136de8e983c9c592c32ebd05e51f8a2ed4efb6375e85ecbb
a9c836abaac0bed288e6ecc5e592f76cbadbfc00b64f5e615dd03a6ccc91024e
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
aef0e4aa98eda935afde3b1e3032d82611267116a4674c6ef5d3f086ccfb800c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b36edc243d1570f7c03e81e7abec405acd611dba0c48bd3bb078a88bd6b0b848
b3c5ed5fd477a4a8faf9f047c18714c3220ef3d420a5ff283cc5d88e1590dfda
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b445bad8e6fcb75a280aab0d13732970ddcb3e855e14f5281ec4200b871ac7ef
b4c055dcb1352dc590b93dd951aa95ed2c3e99d252838ca2c4a704b49cf10792
b4e4f460bb4c620edc56a8fb77a40460e9b7db0a05292a51339cb8a8e89bc4c9
b510ee91066f77f938f78422378a73f44818d0ee661c0ccb5ad398cc7dd6b080
b52af4f6849257bb609f2078d51dc45ad49c0f9b5ff217cf6f9c1c8afcb9a8df
b5deb3b7e7b9b1182e9e2ed5dc6297cdb710eea2566d25d5089d910de386a574
b7b755cfa3fa45840b39b8dfb0e1512fdd9e5e32bc4a193101477b8364693b25
ba3ae80139a42161ba57cfcb42a387acaf45894037e7bc7e74316a568f0d4b8e
bbe74c62945bca0d7d29f9784c7462326fb4f8100313f320468c67a947a267ad
bc2bba157c11df81733bc7fe77a13727fa43efb6bc1cafa5f9144cae475deb67
bc81dba2bf133e2cd1360fd01a7d034c4bff3ae5c8cbd56f29bbc719a018a1ce
bc9358013a102bd92dff4b8ffd831396f2f8faa550061163602d3c4c5fb40859
bebc959b993f853c46378a0718579a8642492a9257f2d6f2e8bdc00af2e53b63
bec2d030bf0fac209a9db7ea8fa8c9b4bc783396c4bf11a1b18faf07589b86e5
bff6176392806e3cfd70c33bf603d2d8f469f02f9acbef91dc31586990ea9580
c04cc9291263e7985a785488a86def962e1b3acb3f6d0c6b6300ad83d296fa80
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3d6dd40d554051caae0e87609382cfbf0370ef9acd3beddd1ad5c0bfd335c15
c6495519c43cfcc35288071e3a44562329d08c3e9d4436638fc8c21ae166675b
c81cab8c63d469329c0e0724770c6c8622f0d5d1fb8b6f919b6d7dddfadba190
ca157b8a9c98a19c0446a974ea642d13e3b3398f328d312fd474df9f63c45fe9
ca7d45e2a6601e164d2c716ec870f08a8fad6c978cc7e94a4516e9c0df71d06d
cb322d7ff5f1220578c7b2ef7e794df79d42f4118d53a87f21936950514a302f
cbd137ce04edfb792ccb0ccc11c46b81a35af44d54395e63ddb95f0474390b2b
cc34fe5f9a0f2295142e370e5a0126fcac1f3a35a36ae763ea4837c16a4dbd22
cd558a2f72cba27cd524e6518a6fb31e431d995a51737e71541722a0531ed647
cdf5d5b6df703dc9f57f4d32390ffc5174c32dacec3be929d445f3e6d311fc15
ce41c7e0b8ca5d050d3e9c504d0e03d16ae1690fcb7d9b1789d47620518eca5d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf514d45392949b96532aef0abdd9a6053f438c42cd51509e022b33c37ade53a
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
d165437464ee3290c7af258a1222e346b0231d90aeac9ad689e4eeac300ae9df
d1bad41e63f2182939b73d789dead6c48fc1bba5128d6be8f7fb4d74ce5a8bbe
d22c2b457592d1f744afe93fdca6657e1985e47f0fade89674ae45ebce1d6428
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d3a11a28c5425f4c111a25296e68b4174dff6def0e18fdbba267616937469552
d4107a2cfa14fd055c9fcd8d45885bdade3fc03efd351537ac75f0dc2a13f16a
d5e868028c560620b2a3021f3cd3dbb2494f0d073526cbf72ebd142972a5d3d2
d880d019efb0272ca3e1840ff175c0040f5444e22d10348ca39dea57f684ddfa
db6670d91c704cdae386fb259fbd12599eac95749fd79163f4dc6d9b7a06f74c
ddd5ad281411bb8cc616e4d95d511541d0d41dcf4069602f384a31bfd1f16a85
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df68cf63932f4787a5cb2423c998fa636b06fe1cfe02fca102c2823ec6ece32e
dfc68c199336d1b5368f2c6dc4c9939088d511d79d4335745fd05e6c073e0d4b
e07fad38e6deb2329385aa611581d5b9943953060730fbffe89402da707976cb
e0d6ff5c28d41e767b13a5f4582d4b006d5c9bdc0278c3c8eabc8a5ef16d033e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e58a981ed51697a852f3d01993b28d32a07852182d47d31d77133eeca7845fa5
e5bab9427ec1d36c811e3ca40b2a1014b330dea0fc48b787041c572e1fdc4f28
e7e4410ba8851bdf3d957acd7e5c0ba4c9712f892d015ab46b327bc4acfb52e5
e843afb4d1c2b5cf4e101ab6d9c19a3e7e5e2e04abc61938ea28feac8644ca38
e937c7cd2f056d3f65cd1578265c925d143d42d53b2b32bf144eb72135571f59
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
edf934dd0852b28ca5f72fa57d5907ae71b706c9a7617183af1a3e9fbb556a6e
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0968e72ba174df05d85d839030aff0adb94bbb544df41272934c273ba5125a6
f0d08bd0271c5d085f5d1419b1af887eb9c250aac800cadc4d5ea64c3a348e97
f2ebd3daf9f7e6e52154055594244104dbd6b2eae7f7ce9041e9834aaf669b0d
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9
fa0a7746d0559429a36c1f8b4101d095375372e4d9c23eb09e9b4e56a8ff7272