urlscan.io logo urlscan.io
SecurityTrails logo

torontosun.com Open in urlscan Pro
34.111.249.109  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://torontosun.com/
Effective URL: https://torontosun.com/
Submission: On October 17 via manual from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 90 IPs in 11 countries across 79 domains to perform 343 HTTP transactions. The main IP is 34.111.249.109, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is torontosun.com. The Cisco Umbrella rank of the primary domain is 320010.
TLS certificate: Issued by GTS CA 1D4 on September 26th 2022. Valid for: 3 months.
This is the only time torontosun.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 34.111.249.109 396982 (GOOGLE-CL...)
5 2404:6800:400... 15169 (GOOGLE)
3 99.84.60.22 16509 (AMAZON-02)
2 23.41.81.252 16625 (AKAMAI-AS)
1 13.32.50.69 16509 (AMAZON-02)
3 2404:6800:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 99.84.140.16 16509 (AMAZON-02)
31 34.117.54.29 396982 (GOOGLE-CL...)
6 2404:6800:400... 15169 (GOOGLE)
15 34.149.157.221 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 23.39.13.202 16625 (AKAMAI-AS)
1 35.241.9.51 15169 (GOOGLE)
2 6 103.43.90.54 29990 (ASN-APPNEX)
1 104.19.149.54 13335 (CLOUDFLAR...)
10 34.107.254.252 396982 (GOOGLE-CL...)
24 52.77.152.198 16509 (AMAZON-02)
1 13.35.45.87 16509 (AMAZON-02)
1 103.231.99.77 62713 (AS-PUBMATIC)
5 35.244.159.8 15169 (GOOGLE)
2 104.18.19.126 13335 (CLOUDFLAR...)
1 182.161.74.18 55569 (CRITEO-AS...)
2 2602:803:c006... 26667 (RUBICONPR...)
2 75.2.40.13 16509 (AMAZON-02)
8 17 142.250.196.130 15169 (GOOGLE)
14 18 2600:9000:214... 16509 (AMAZON-02)
24 2a04:4e42:600... 54113 (FASTLY)
2 13 52.46.143.56 16509 (AMAZON-02)
4 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
1 54.64.63.177 16509 (AMAZON-02)
2 2404:6800:400... 15169 (GOOGLE)
4 18.139.9.236 16509 (AMAZON-02)
1 152.195.62.252 15133 (EDGECAST)
2 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
1 4 104.18.18.126 13335 (CLOUDFLAR...)
4 9 13.228.50.99 16509 (AMAZON-02)
2 23.193.52.229 16625 (AKAMAI-AS)
4 23.42.45.197 16625 (AKAMAI-AS)
2 2 18.178.52.42 16509 (AMAZON-02)
2 2 35.71.178.8 16509 (AMAZON-02)
4 2404:6800:400... 15169 (GOOGLE)
2 103.231.99.243 62713 (AS-PUBMATIC)
6 6 3.33.220.150 16509 (AMAZON-02)
1 1 202.241.208.52 4694 (IDCF IDC ...)
1 8 34.98.64.218 396982 (GOOGLE-CL...)
2 2 18.65.168.61 16509 (AMAZON-02)
1 1 69.173.151.100 26667 (RUBICONPR...)
1 11 23.90.68.235 27381 (CASALE-MEDIA)
1 1 34.95.81.168 396982 (GOOGLE-CL...)
1 1 141.226.231.48 200478 (TABOOLA-AS)
3 3 103.43.90.117 29990 (ASN-APPNEX)
1 2606:4700::68... 13335 (CLOUDFLAR...)
11 2404:6800:400... 15169 (GOOGLE)
1 4 8.39.36.142 26667 (RUBICONPR...)
1 52.95.126.160 16509 (AMAZON-02)
4 4 8.39.36.141 26667 (RUBICONPR...)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 4 2406:da18:929... 16509 (AMAZON-02)
1 9 2404:6800:400... 15169 (GOOGLE)
4 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
2 2406:2600:4::1 55569 (CRITEO-AS...)
1 1 202.232.238.37 2497 (IIJ Inter...)
1 1 23.193.52.29 16625 (AKAMAI-AS)
1 1 23.106.127.165 59253 (LEASEWEB-...)
3 3 174.137.133.49 27257 (WEBAIR-IN...)
1 183.79.249.124 24572 (YAHOO-JP-...)
2 3 64.202.112.127 23352 (SERVERCEN...)
1 2 2406:2600:4::b 55569 (CRITEO-AS...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
5 2600:9000:20c... 16509 (AMAZON-02)
8 2404:6800:400... 15169 (GOOGLE)
2 5 65.9.42.42 16509 (AMAZON-02)
6 2a04:4e42::645 54113 (FASTLY)
1 182.161.74.11 55569 (CRITEO-AS...)
3 2600:1f18:44f... 14618 (AMAZON-AES)
2 2600:9000:221... 16509 (AMAZON-02)
4 2a04:4e42:200... 54113 (FASTLY)
7 2404:6800:400... 15169 (GOOGLE)
2 151.101.130.207 54113 (FASTLY)
2 2a03:2880:f00... 32934 (FACEBOOK)
1 18.65.212.64 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 44.242.33.86 16509 (AMAZON-02)
3 188.40.80.165 24940 (HETZNER-AS)
1 151.101.2.207 54113 (FASTLY)
2 2001:4860:480... 15169 (GOOGLE)
3 2404:6800:400... 15169 (GOOGLE)
3 2404:6800:400... 15169 (GOOGLE)
2 2a03:2880:f10... 32934 (FACEBOOK)
1 54.147.89.146 14618 (AMAZON-AES)
1 23.193.52.206 16625 (AKAMAI-AS)
2 104.18.13.76 13335 (CLOUDFLAR...)
2 2 151.101.130.49 54113 (FASTLY)
1 34.96.105.8 396982 (GOOGLE-CL...)
1 1 18.177.11.95 16509 (AMAZON-02)
1 18.176.32.10 16509 (AMAZON-02)
1 2 35.186.253.211 15169 (GOOGLE)
3 3 202.131.200.84 17941 (BIT-ISLE ...)
1 1 202.131.200.82 17941 (BIT-ISLE ...)
2 2 103.229.205.243 30419 (MEDIAMATH...)
1 1 2001:df2:a300... 6336 (TURN-US-ASN)
1 13.115.196.111 16509 (AMAZON-02)
1 1 34.126.167.117 396982 (GOOGLE-CL...)
2 2 23.106.69.73 59253 (LEASEWEB-...)
2 2 13.229.33.3 16509 (AMAZON-02)
2 2 185.84.60.30 198622 (ADFORM)
343 90
3    34.111.249.109 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 109.249.111.34.bc.googleusercontent.com
torontosun.com
5    2404:6800:4004:826::2002 (Australia)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    99.84.60.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-60-22.nrt20.r.cloudfront.net
c.amazon-adsystem.com
2    23.41.81.252 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-41-81-252.deploy.static.akamaitechnologies.com
micro.rubiconproject.com
ads.rubiconproject.com
1    13.32.50.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-50-69.nrt57.r.cloudfront.net
cdn.adsafeprotected.com
3    2404:6800:4004:822::200a (Australia)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:3030::6815:5476 (United States)

ASN13335 (CLOUDFLARENET, US)
www.npttech.com
2    2606:4700:10::6816:49e8 (United States)

ASN13335 (CLOUDFLARENET, US)
auth.lrcontent.com
1    99.84.140.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-140-16.nrt57.r.cloudfront.net
ak.sail-horizon.com
31    34.117.54.29 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 29.54.117.34.bc.googleusercontent.com
fem.gprod.postmedia.digital
dcs-static.gprod.postmedia.digital
6    2404:6800:4004:80a::2003 (Australia)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
15    34.149.157.221 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 221.157.149.34.bc.googleusercontent.com
smartcdn.gprod.postmedia.digital
1    2606:4700::6812:551 (United States)

ASN13335 (CLOUDFLARENET, US)
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
1    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    23.39.13.202 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-39-13-202.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co
6    103.43.90.54 (Singapore, Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
ib.adnxs.com
1    104.19.149.54 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
10    34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com
api.permutive.com
googlesync.permutive.com
24    52.77.152.198 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
c2shb.pubgw.yahoo.com
1    13.35.45.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-45-87.nrt20.r.cloudfront.net
aax-dtb-cf.amazon-adsystem.com
1    103.231.99.77 (Japan)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
5    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
postmedia-d.openx.net
u.openx.net
us-u.openx.net
jp-u.openx.net
2    104.18.19.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
1    182.161.74.18 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
2    2602:803:c006:158::65 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    75.2.40.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa7557bb34ea5624b.awsglobalaccelerator.com
api.sail-personalize.com
17    142.250.196.130 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s36-in-f2.1e100.net
cm.g.doubleclick.net
18    2600:9000:2142:5000:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.jwplayer.com
24    2a04:4e42:600::626 (United States)

ASN54113 (FASTLY, US)
assets-jpcust.jwpsrv.com
ssl.p.jwpcdn.com
videos-fms.jwpsrv.com
prd.jwpltx.com
13    52.46.143.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
4    2606:4700:10::6816:48e8 (United States)

ASN13335 (CLOUDFLARENET, US)
config.lrcontent.com
1    2404:6800:4004:827::2002 (Australia)

ASN15169 (GOOGLE, US)
adservice.google.co.jp
1    2404:6800:4004:80b::2002 (Australia)

ASN15169 (GOOGLE, US)
adservice.google.com
1    54.64.63.177 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-64-63-177.ap-northeast-1.compute.amazonaws.com
pixel.adsafeprotected.com
2    2404:6800:4004:808::2001 (Australia)

ASN15169 (GOOGLE, US)
14a779b744740689ff02eb61bf981cfe.safeframe.googlesyndication.com
4    18.139.9.236 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-139-9-236.ap-southeast-1.compute.amazonaws.com
postmedia.hub.loginradius.com
1    152.195.62.252 (United States)

ASN15133 (EDGECAST, US)
entitlements.jwplayer.com
2    2404:6800:4004:80c::200a (Australia)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    2404:6800:4004:808::2006 (Australia)

ASN15169 (GOOGLE, US)
s0.2mdn.net
4    104.18.18.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
9    13.228.50.99 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-50-99.ap-southeast-1.compute.amazonaws.com
match.sharethrough.com
2    23.193.52.229 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-193-52-229.deploy.static.akamaitechnologies.com
ads.pubmatic.com
4    23.42.45.197 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-42-45-197.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    18.178.52.42 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-178-52-42.ap-northeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    35.71.178.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
4    2404:6800:4004:826::2003 (Australia)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    103.231.99.243 (Japan)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
6    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    202.241.208.52 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
8    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
jp-u.openx.net
u.openx.net
us-u.openx.net
2    18.65.168.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-168-61.nrt57.r.cloudfront.net
cr-p3.ladsp.com
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
11    23.90.68.235 (India)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
1    34.95.81.168 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.81.95.34.bc.googleusercontent.com
euexchangesync.digitaleast.mobi
1    141.226.231.48 (Hong Kong)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
3    103.43.90.117 (Singapore, Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
secure.adnxs.com
1    2606:4700::6813:ac6c (United States)

ASN13335 (CLOUDFLARENET, US)
csync.loopme.me
11    2404:6800:4004:808::2002 (Australia)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    8.39.36.142 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    52.95.126.160 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
4    8.39.36.141 (Los Angeles, United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
4    2406:da18:929:5a00:ba11:d0cb:83c:9b08 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
9    2404:6800:400a:805::2001 (Osaka, Japan)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2404:6800:4004:825::2004 (Australia)

ASN15169 (GOOGLE, US)
www.google.com
1    2404:6800:4004:801::2002 (Australia)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2406:2600:4::1 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
1    202.232.238.37 (Itabashi-ku, Japan)

ASN2497 (IIJ Internet Initiative Japan Inc., JP)
sync.fout.jp
1    23.193.52.29 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-193-52-29.deploy.static.akamaitechnologies.com
cs.media.net
1    23.106.127.165 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync.smartadserver.com
3    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
rtb2-useast.e-volution.ai
dsp.adkernel.com
1    183.79.249.124 (Japan)

ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP)
cksync.yahoo.co.jp
3    64.202.112.127 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
2    2406:2600:4::b (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
2    2606:4700::6811:b7b1 (United States)

ASN13335 (CLOUDFLARENET, US)
experience.tinypass.com
cdn.tinypass.com
5    2600:9000:20c4:e600:8:2ae1:d740:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.viafoura.net
8    2404:6800:4004:820::2008 (Australia)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    65.9.42.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-42-42.nrt12.r.cloudfront.net
sb.scorecardresearch.com
6    2a04:4e42::645 (United States)

ASN54113 (FASTLY, US)
jssdkcdns.mparticle.com
jssdks.mparticle.com
1    182.161.74.11 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
mug.criteo.com
3    2600:1f18:44f0:4832:c2a7:8a22:497d:150b (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
api.viafoura.co
2    2600:9000:221a:ea00:7:75d4:e40:93a1 (United States)

ASN16509 (AMAZON-02, US)
assets.ribn.com
4    2a04:4e42:200::645 (United States)

ASN54113 (FASTLY, US)
identity.mparticle.com
7    2404:6800:4004:824::200e (Australia)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    151.101.130.207 (United States)

ASN54113 (FASTLY, US)
sdk.mrf.io
2    2a03:2880:f00f:8:face:b00c:0:1 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    18.65.212.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-212-64.nrt57.r.cloudfront.net
cdn.parsely.com
1    2606:4700::6810:2a41 (United States)

ASN13335 (CLOUDFLARENET, US)
c2.piano.io
1    44.242.33.86 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-242-33-86.us-west-2.compute.amazonaws.com
p1.parsely.com
3    188.40.80.165 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: haproxy02.cl03.k8s.mrf.io
events.newsroom.bi
compassdata.mrf.io
1    151.101.2.207 (United States)

ASN54113 (FASTLY, US)
flowcards.mrf.io
2    2001:4860:4802:32::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
3    2404:6800:4008:c15::9b (Taipei, Taiwan)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2404:6800:4004:81c::2003 (Australia)

ASN15169 (GOOGLE, US)
www.google.co.jp
2    2a03:2880:f10f:83:face:b00c:0:25de (Tokyo, Japan)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    54.147.89.146 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-89-146.compute-1.amazonaws.com
i.viafoura.co
1    23.193.52.206 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-193-52-206.deploy.static.akamaitechnologies.com
acdn.adnxs.com
2    104.18.13.76 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
2    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
1    18.177.11.95 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-177-11-95.ap-northeast-1.compute.amazonaws.com
bk.r-ad.ne.jp
1    18.176.32.10 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-176-32-10.ap-northeast-1.compute.amazonaws.com
dps.jp.cinarra.com
2    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
3    202.131.200.84 (Japan)

ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP)
sync-dsp.ad-m.asia
1    202.131.200.82 (Japan)

ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP)
sync-tapi.admatrix.jp
2    103.229.205.243 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    2001:df2:a300:bbbb::135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
1    13.115.196.111 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-115-196-111.ap-northeast-1.compute.amazonaws.com
match.prod.bidr.io
1    34.126.167.117 (Singapore, Singapore)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 117.167.126.34.bc.googleusercontent.com
um.simpli.fi
2    23.106.69.73 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
gu.dyntrk.com
2    13.229.33.3 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-229-33-3.ap-southeast-1.compute.amazonaws.com
pm.w55c.net
2    185.84.60.30 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
Apex Domain
Subdomains		 Transfer
46 postmedia.digital
fem.gprod.postmedia.digital — Cisco Umbrella Rank: 135433
smartcdn.gprod.postmedia.digital — Cisco Umbrella Rank: 114909
dcs-static.gprod.postmedia.digital — Cisco Umbrella Rank: 122732
1 MB
30 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 895
ups.analytics.yahoo.com — Cisco Umbrella Rank: 294
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 426
6 KB
25 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188
cm.g.doubleclick.net — Cisco Umbrella Rank: 215
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
256 KB
22 googlesyndication.com
14a779b744740689ff02eb61bf981cfe.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
tpc.googlesyndication.com — Cisco Umbrella Rank: 147
89 KB
19 jwplayer.com
cdn.jwplayer.com — Cisco Umbrella Rank: 2507
entitlements.jwplayer.com — Cisco Umbrella Rank: 3536
57 KB
18 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 313
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 534
s.amazon-adsystem.com — Cisco Umbrella Rank: 296
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1205
60 KB
17 jwpsrv.com
assets-jpcust.jwpsrv.com — Cisco Umbrella Rank: 3412
videos-fms.jwpsrv.com — Cisco Umbrella Rank: 4868
485 KB
17 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 519
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 439
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 542
14 KB
17 rubiconproject.com
micro.rubiconproject.com — Cisco Umbrella Rank: 3162
ads.rubiconproject.com — Cisco Umbrella Rank: 2637
fastlane.rubiconproject.com — Cisco Umbrella Rank: 492
eus.rubiconproject.com — Cisco Umbrella Rank: 596
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 852
pixel.rubiconproject.com — Cisco Umbrella Rank: 347
token.rubiconproject.com — Cisco Umbrella Rank: 682
168 KB
15 openx.net
postmedia-d.openx.net — Cisco Umbrella Rank: 190083
u.openx.net — Cisco Umbrella Rank: 664
us-u.openx.net — Cisco Umbrella Rank: 409
jp-u.openx.net — Cisco Umbrella Rank: 10520
rtb.openx.net — Cisco Umbrella Rank: 1521
3 KB
11 permutive.com
cdn.permutive.com — Cisco Umbrella Rank: 2439
api.permutive.com — Cisco Umbrella Rank: 1966
googlesync.permutive.com — Cisco Umbrella Rank: 8148
18 KB
10 mparticle.com
jssdkcdns.mparticle.com — Cisco Umbrella Rank: 5896
identity.mparticle.com — Cisco Umbrella Rank: 2574
jssdks.mparticle.com — Cisco Umbrella Rank: 5248
55 KB
10 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 232
secure.adnxs.com — Cisco Umbrella Rank: 438
acdn.adnxs.com — Cisco Umbrella Rank: 618
25 KB
10 gstatic.com
fonts.gstatic.com
www.gstatic.com
127 KB
9 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 554
3 KB
8 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 61
483 KB
7 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
40 KB
7 google.com
adservice.google.com — Cisco Umbrella Rank: 78
www.google.com — Cisco Umbrella Rank: 2
analytics.google.com — Cisco Umbrella Rank: 400
2 KB
6 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 356
3 KB
6 jwpcdn.com
ssl.p.jwpcdn.com — Cisco Umbrella Rank: 2665
270 KB
6 lrcontent.com
auth.lrcontent.com — Cisco Umbrella Rank: 49245
config.lrcontent.com — Cisco Umbrella Rank: 18693
96 KB
5 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 156
3 KB
5 viafoura.net
cdn.viafoura.net — Cisco Umbrella Rank: 10933
193 KB
5 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 470
ads.pubmatic.com — Cisco Umbrella Rank: 495
image6.pubmatic.com — Cisco Umbrella Rank: 671
12 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 44
imasdk.googleapis.com — Cisco Umbrella Rank: 435
351 KB
4 mrf.io
sdk.mrf.io — Cisco Umbrella Rank: 15351
flowcards.mrf.io — Cisco Umbrella Rank: 15800
compassdata.mrf.io — Cisco Umbrella Rank: 111438
30 KB
4 viafoura.co
api.viafoura.co — Cisco Umbrella Rank: 11220
i.viafoura.co — Cisco Umbrella Rank: 11100
4 KB
4 loginradius.com
postmedia.hub.loginradius.com — Cisco Umbrella Rank: 140635
1 KB
4 google.co.jp
adservice.google.co.jp — Cisco Umbrella Rank: 65346
www.google.co.jp — Cisco Umbrella Rank: 20613
1 KB
4 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 763
gum.criteo.com — Cisco Umbrella Rank: 425
mug.criteo.com — Cisco Umbrella Rank: 2786
8 KB
3 ad-m.asia
sync-dsp.ad-m.asia — Cisco Umbrella Rank: 2796
978 B
3 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 560
1 KB
3 torontosun.com
torontosun.com — Cisco Umbrella Rank: 320010
113 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 627
953 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 765
1 KB
2 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 1355
1 KB
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 462
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 578
615 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 608
cdn.indexww.com — Cisco Umbrella Rank: 1375
2 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
222 B
2 newsroom.bi
events.newsroom.bi — Cisco Umbrella Rank: 12270
915 B
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 2800
p1.parsely.com — Cisco Umbrella Rank: 2165
26 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 151
112 KB
2 ribn.com
assets.ribn.com — Cisco Umbrella Rank: 114315
7 KB
2 tinypass.com
experience.tinypass.com — Cisco Umbrella Rank: 7590
cdn.tinypass.com — Cisco Umbrella Rank: 5417
96 KB
2 e-volution.ai
rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 5415
964 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 680
58 KB
2 ladsp.com
cr-p3.ladsp.com — Cisco Umbrella Rank: 24354
1 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 373
739 B
2 sail-personalize.com
api.sail-personalize.com — Cisco Umbrella Rank: 2824
496 B
2 adsafeprotected.com
cdn.adsafeprotected.com — Cisco Umbrella Rank: 3256
pixel.adsafeprotected.com — Cisco Umbrella Rank: 620
9 KB
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 841
623 B
1 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 508
433 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 766
441 B
1 admatrix.jp
sync-tapi.admatrix.jp — Cisco Umbrella Rank: 82134
500 B
1 cinarra.com
dps.jp.cinarra.com — Cisco Umbrella Rank: 19171
220 B
1 r-ad.ne.jp
bk.r-ad.ne.jp — Cisco Umbrella Rank: 29697
549 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2392
174 B
1 piano.io
c2.piano.io — Cisco Umbrella Rank: 4180
2 KB
1 jwpltx.com
prd.jwpltx.com — Cisco Umbrella Rank: 2872
59 B
1 yahoo.co.jp
cksync.yahoo.co.jp — Cisco Umbrella Rank: 3317
620 B
1 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 6970
487 B
1 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 863
457 B
1 media.net
cs.media.net — Cisco Umbrella Rank: 1392
1 KB
1 fout.jp
sync.fout.jp — Cisco Umbrella Rank: 58454
661 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 193
47 KB
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 375
573 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 890
131 B
1 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 1072
308 B
1 digitaleast.mobi
euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 21523
269 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1201
860 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 273
17 KB
1 prmutv.co
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co — Cisco Umbrella Rank: 182236
392 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1340
17 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 394
2 KB
1 permutive.app
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app — Cisco Umbrella Rank: 148387
100 KB
1 sail-horizon.com
ak.sail-horizon.com — Cisco Umbrella Rank: 2852
44 KB
1 npttech.com
www.npttech.com — Cisco Umbrella Rank: 7144
3 KB
0 nex8.net Failed
cs.nex8.net Failed
343 79
Domain Requested by
27 dcs-static.gprod.postmedia.digital torontosun.com
dcs-static.gprod.postmedia.digital
24 c2shb.pubgw.yahoo.com micro.rubiconproject.com
18 cdn.jwplayer.com 14 redirects dcs-static.gprod.postmedia.digital
cdn.jwplayer.com
ssl.p.jwpcdn.com
17 cm.g.doubleclick.net 8 redirects u.openx.net
eus.rubiconproject.com
torontosun.com
14a779b744740689ff02eb61bf981cfe.safeframe.googlesyndication.com
15 smartcdn.gprod.postmedia.digital torontosun.com
14 assets-jpcust.jwpsrv.com torontosun.com
13 s.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
u.openx.net
eus.rubiconproject.com
ssum-sec.casalemedia.com
match.sharethrough.com
11 pagead2.googlesyndication.com torontosun.com
14a779b744740689ff02eb61bf981cfe.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
www.googletagservices.com
tpc.googlesyndication.com
11 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
9 tpc.googlesyndication.com 1 redirects 14a779b744740689ff02eb61bf981cfe.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
9 match.sharethrough.com 4 redirects s.amazon-adsystem.com
match.sharethrough.com
9 api.permutive.com 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
8 www.googletagmanager.com fem.gprod.postmedia.digital
www.googletagmanager.com
jssdkcdns.mparticle.com
7 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
6 jp-u.openx.net u.openx.net
micro.rubiconproject.com
jp-u.openx.net
6 match.adsrvr.org 6 redirects
6 ssl.p.jwpcdn.com cdn.jwplayer.com
6 ib.adnxs.com 2 redirects 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
micro.rubiconproject.com
acdn.adnxs.com
6 fonts.gstatic.com fonts.googleapis.com
5 jssdks.mparticle.com jssdkcdns.mparticle.com
5 sb.scorecardresearch.com 2 redirects fem.gprod.postmedia.digital
5 cdn.viafoura.net fem.gprod.postmedia.digital
cdn.viafoura.net
5 securepubads.g.doubleclick.net torontosun.com
securepubads.g.doubleclick.net
4 identity.mparticle.com jssdkcdns.mparticle.com
4 www.google.com 14a779b744740689ff02eb61bf981cfe.safeframe.googlesyndication.com
tpc.googlesyndication.com
4 pr-bh.ybp.yahoo.com 1 redirects jp-u.openx.net
ssum-sec.casalemedia.com
4 token.rubiconproject.com 4 redirects
4 pixel.rubiconproject.com 1 redirects eus.rubiconproject.com
4 us-u.openx.net u.openx.net
jp-u.openx.net
4 www.gstatic.com cdn.jwplayer.com
www.gstatic.com
14a779b744740689ff02eb61bf981cfe.safeframe.googlesyndication.com
4 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
micro.rubiconproject.com
4 ssum-sec.casalemedia.com 1 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
js-sec.indexww.com
4 postmedia.hub.loginradius.com fem.gprod.postmedia.digital
auth.lrcontent.com
4 config.lrcontent.com auth.lrcontent.com
4 fem.gprod.postmedia.digital torontosun.com
fem.gprod.postmedia.digital
3 sync-dsp.ad-m.asia 3 redirects
3 www.google.co.jp
3 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
3 api.viafoura.co cdn.viafoura.net
3 b1sync.zemanta.com 2 redirects torontosun.com
3 videos-fms.jwpsrv.com ssl.p.jwpcdn.com
3 secure.adnxs.com 3 redirects
3 fonts.googleapis.com torontosun.com
14a779b744740689ff02eb61bf981cfe.safeframe.googlesyndication.com
3 c.amazon-adsystem.com torontosun.com
c.amazon-adsystem.com
3 torontosun.com 1 redirects dcs-static.gprod.postmedia.digital
2 c1.adform.net 2 redirects
2 pm.w55c.net 2 redirects
2 gu.dyntrk.com 2 redirects
2 sync.mathtag.com 2 redirects
2 rtb.openx.net 1 redirects jp-u.openx.net
2 sync-tm.everesttech.net 2 redirects
2 www.facebook.com
2 analytics.google.com www.googletagmanager.com
2 events.newsroom.bi sdk.mrf.io
2 connect.facebook.net torontosun.com
connect.facebook.net
2 sdk.mrf.io torontosun.com
sdk.mrf.io
2 assets.ribn.com www.googletagmanager.com
torontosun.com
2 gum.criteo.com 1 redirects static.criteo.net
2 rtb2-useast.e-volution.ai 2 redirects
2 static.criteo.net micro.rubiconproject.com
static.criteo.net
2 cr-p3.ladsp.com 2 redirects
2 image6.pubmatic.com ads.pubmatic.com
2 eb2.3lift.com 2 redirects
2 u.openx.net 1 redirects s.amazon-adsystem.com
2 ups.analytics.yahoo.com 2 redirects
2 ads.pubmatic.com s.amazon-adsystem.com
micro.rubiconproject.com
2 imasdk.googleapis.com cdn.jwplayer.com
imasdk.googleapis.com
2 14a779b744740689ff02eb61bf981cfe.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 api.sail-personalize.com ak.sail-horizon.com
2 fastlane.rubiconproject.com micro.rubiconproject.com
2 htlb.casalemedia.com micro.rubiconproject.com
2 auth.lrcontent.com torontosun.com
cdn.viafoura.net
1 cdn.indexww.com ssum-sec.casalemedia.com
1 um.simpli.fi 1 redirects
1 match.prod.bidr.io ssum-sec.casalemedia.com
1 ad.turn.com 1 redirects
1 sync-tapi.admatrix.jp 1 redirects
1 dps.jp.cinarra.com jp-u.openx.net
1 bk.r-ad.ne.jp 1 redirects
1 tr.blismedia.com jp-u.openx.net
1 js-sec.indexww.com micro.rubiconproject.com
1 acdn.adnxs.com micro.rubiconproject.com
1 i.viafoura.co cdn.viafoura.net
1 compassdata.mrf.io sdk.mrf.io
1 flowcards.mrf.io
1 p1.parsely.com
1 c2.piano.io cdn.tinypass.com
1 cdn.parsely.com www.googletagmanager.com
1 cdn.tinypass.com experience.tinypass.com
1 mug.criteo.com
1 jssdkcdns.mparticle.com fem.gprod.postmedia.digital
1 experience.tinypass.com fem.gprod.postmedia.digital
1 prd.jwpltx.com
1 cksync.yahoo.co.jp 14a779b744740689ff02eb61bf981cfe.safeframe.googlesyndication.com
1 dsp.adkernel.com 1 redirects
1 ssbsync.smartadserver.com 1 redirects
1 cs.media.net 1 redirects
1 sync.fout.jp 1 redirects
1 www.googletagservices.com 14a779b744740689ff02eb61bf981cfe.safeframe.googlesyndication.com
1 px.ads.linkedin.com eus.rubiconproject.com
1 aax-eu.amazon-adsystem.com eus.rubiconproject.com
1 csync.loopme.me ssum-sec.casalemedia.com
1 sync.taboola.com 1 redirects
1 euexchangesync.digitaleast.mobi 1 redirects
1 pixel-us-east.rubiconproject.com 1 redirects
1 tg.socdm.com 1 redirects
1 s0.2mdn.net imasdk.googleapis.com
1 entitlements.jwplayer.com cdn.jwplayer.com
1 pixel.adsafeprotected.com cdn.adsafeprotected.com
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.co.jp securepubads.g.doubleclick.net
1 googlesync.permutive.com torontosun.com
1 bidder.criteo.com micro.rubiconproject.com
1 postmedia-d.openx.net micro.rubiconproject.com
1 hbopenbid.pubmatic.com micro.rubiconproject.com
1 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
1 cdn.permutive.com 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
1 23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
1 secure.cdn.fastclick.net torontosun.com
1 cdn.jsdelivr.net micro.rubiconproject.com
1 ads.rubiconproject.com micro.rubiconproject.com
1 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app fem.gprod.postmedia.digital
1 ak.sail-horizon.com torontosun.com
1 www.npttech.com torontosun.com
1 cdn.adsafeprotected.com torontosun.com
1 micro.rubiconproject.com torontosun.com
0 cs.nex8.net Failed jp-u.openx.net
343 127
Subject Issuer Validity Valid
torontosun.com
GTS CA 1D4		 2022-09-26 -
2022-12-25		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh
*.adsafeprotected.com
Amazon		 2022-06-21 -
2023-07-20		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-06 -
2023-06-05		 a year crt.sh
ak.sail-horizon.com
Amazon		 2022-01-06 -
2023-02-02		 a year crt.sh
gprod.postmedia.digital
GTS CA 1D4		 2022-09-16 -
2022-12-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
smartcdn.gprod.postmedia.digital
GTS CA 1D4		 2022-10-02 -
2022-12-31		 3 months crt.sh
permutive.app
Cloudflare Inc ECC CA-3		 2022-09-13 -
2022-12-12		 3 months crt.sh
secure.cdn.fastclick.net
DigiCert SHA2 Secure Server CA		 2022-01-15 -
2023-01-17		 a year crt.sh
*.prmutv.co
R3		 2022-09-28 -
2022-12-27		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
permutive.com
Cloudflare Inc ECC CA-3		 2022-02-26 -
2023-02-25		 a year crt.sh
api.permutive.com
R3		 2022-08-19 -
2022-11-17		 3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-02 -
2023-01-25		 6 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
api.sail-personalize.com
Amazon		 2022-05-25 -
2023-06-23		 a year crt.sh
jwplayer.com
Amazon		 2021-12-29 -
2023-01-25		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-21		 a year crt.sh
*.google.co.jp
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
fw.adsafeprotected.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
*.loginradius.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-13 -
2022-12-13		 a year crt.sh
*.jwplayer.com
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-22 -
2023-03-26		 a year crt.sh
entitlements.jwplayer.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2022-06-07 -
2023-05-31		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.sharethrough.com
Amazon		 2021-11-25 -
2022-12-22		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
edge01.yahoo.co.jp
Cybertrust Japan SureServer CA G4		 2022-08-05 -
2023-09-04		 a year crt.sh
viafoura.com
Amazon		 2022-09-07 -
2023-10-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
jssdkcdns.mparticle.com
R3		 2022-08-24 -
2022-11-22		 3 months crt.sh
*.ribn.com
Amazon		 2022-08-21 -
2023-09-19		 a year crt.sh
identity.mparticle.com
Go Daddy Secure Certificate Authority - G2		 2022-07-09 -
2023-07-07		 a year crt.sh
sdk.mrf.io
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-01-19 -
2023-02-20		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-07-26 -
2022-10-24		 3 months crt.sh
*.parsely.com
Amazon		 2022-06-05 -
2023-07-04		 a year crt.sh
piano.io
Cloudflare Inc ECC CA-3		 2022-04-27 -
2023-04-26		 a year crt.sh
ssl03.cert.cl03.k8s.mrf.io
R3		 2022-10-04 -
2023-01-02		 3 months crt.sh
flowcards.mrf.io
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-01-19 -
2023-02-20		 a year crt.sh
jssdks.mparticle.com
R3		 2022-08-24 -
2022-11-22		 3 months crt.sh
ssl02.cert.cl03.k8s.mrf.io
R3		 2022-09-09 -
2022-12-08		 3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-12-10 -
2022-12-09		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2022-10-16 -
2023-01-14		 3 months crt.sh
*.jp.cinarra.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-14 -
2023-06-13		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
match.prod.bidr.io
Amazon		 2022-08-19 -
2023-09-16		 a year crt.sh

This page contains 27 frames:

Primary Page: https://torontosun.com/
Frame ID: 24744A6DF567EAD05C93B681E32BA6FE
Requests: 213 HTTP requests in this frame

Frame: https://fem.gprod.postmedia.digital/v68.2/xd.html
Frame ID: F04F8C328773C429C68D070FE747A86B
Requests: 2 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_pm-db5_rbd_n-vmg_ox-db5_an-db5_3lift&dcc=t
Frame ID: AE6444E350F03E915F5F17D358623A8D
Requests: 1 HTTP requests in this frame

Frame: https://14a779b744740689ff02eb61bf981cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F39113E4AA76F6A678CBFF780E8F3D1A
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 344473C4F0F7952E034AD91C4C713B54
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.539.0_en_ca.html
Frame ID: 95E99667C9080E927D4206505E1C3DB3
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: 381D63E94A5C74AFEC7E60B2561DAA3F
Requests: 10 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: 013A326641CC117DC27AD1DABD2F3D11
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: 3E996BACC3113021A385FBAD592B2D89
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: 20463DC8E4F5F857FA25E85012D502FF
Requests: 11 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS02Y0pBb3NKRTJ1TENfTnZZOXY0dEF0UkxJYUpkSm1TdH5B
Frame ID: D90EA3FCA524D52C0F10BF070177CBF7
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: B47B07500D5B3B8A647BD0F9953ECAF7
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=2170235670873243484&ex=appnexus.com
Frame ID: 01CFF9A31D34D246E6A70C78A04D4BAF
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1549337916848776123083
Frame ID: B3839104EFF71DCB02C880DD0DCDA052
Requests: 1 HTTP requests in this frame

Frame: https://14a779b744740689ff02eb61bf981cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2101A5F60EAD02EC4CE111A93CB7F18F
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4AC8FB9B4B0279305A30F0CA086D0B3A
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js
Frame ID: 7CD70877D7EE4178DD7DB329FAB5E855
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=torontosun.com
Frame ID: 5E24483F5E45363D191591F68ABE3DC2
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4E0088E52922CE114AD47A30EF74784D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 331CCFAFB9715DEC44DF55643EFA8A5A
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 306F728409276990913C2FED0AF26B83
Requests: 1 HTTP requests in this frame

Frame: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=eda0710e-2847-4e25-9f9c-d56d6d9d553e&gdpr=0
Frame ID: 7EC97871412B309B3513136A43D40ADA
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Frame ID: 716B91C3D6384C590E704D8C8F6A0C8C
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 387664E4DB3379FED3B28A5092B9E8A3
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 4F5EEE7517E9651A35A6237BCAAD8CB0
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: B443B9137599980DA2C0CBE353166F06
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 544868347FA52A92174A02FFCECE3B01
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home | Toronto Sun Home Page | Toronto SunToronto SunUser

Page URL History Show full URLs

  1. http://torontosun.com/ HTTP 308
    https://torontosun.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

343
Requests

82 %
HTTPS

36 %
IPv6

79
Domains

127
Subdomains

90
IPs

11
Countries

4701 kB
Transfer

12306 kB
Size

100
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://torontosun.com/ HTTP 308
    https://torontosun.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 110
  • https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=8875f879-e059-46a3-98d9-f2a2549870e3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=8875f879-e059-46a3-98d9-f2a2549870e3&google_tc= HTTP 302
  • https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEL0how-TnABtRHtvE2Jp8Uk&error=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=8875f879-e059-46a3-98d9-f2a2549870e3&google_cver=1
Request Chain 112
  • https://cdn.jwplayer.com/v2/media/eIXqoUBq/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/62a3lb8d-320.jpg
Request Chain 113
  • https://cdn.jwplayer.com/v2/media/nQpwGl9i/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/rq1rbqpz-320.jpg
Request Chain 114
  • https://cdn.jwplayer.com/v2/media/X8KTVpPu/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/lpgihw6r-320.jpg
Request Chain 115
  • https://cdn.jwplayer.com/v2/media/ykN6ht0q/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/n6eatlc2-320.jpg
Request Chain 116
  • https://cdn.jwplayer.com/v2/media/0PoLgwsH/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/b9xj87ws-320.jpg
Request Chain 117
  • https://cdn.jwplayer.com/v2/media/NxVvpMi5/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/vx2h3pzn-320.jpg
Request Chain 118
  • https://cdn.jwplayer.com/v2/media/NUYBZoNw/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/csf4w93n-320.jpg
Request Chain 119
  • https://cdn.jwplayer.com/v2/media/z2bJ6vRW/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/wm2dsk5u-320.jpg
Request Chain 120
  • https://cdn.jwplayer.com/v2/media/zaYfvAnl/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/f19f8jsz-320.jpg
Request Chain 121
  • https://cdn.jwplayer.com/v2/media/CjeYKIVt/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/90mub88s-320.jpg
Request Chain 124
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_pm-db5_rbd_n-vmg_ox-db5_an-db5_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_pm-db5_rbd_n-vmg_ox-db5_an-db5_3lift&dcc=t
Request Chain 145
  • https://cdn.jwplayer.com/strips/CjeYKIVt-120.vtt HTTP 301
  • https://assets-jpcust.jwpsrv.com/strips/CjeYKIVt-120.vtt
Request Chain 149
  • https://cdn.jwplayer.com/v2/media/CjeYKIVt/poster.jpg?width=720 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/90mub88s-720.jpg
Request Chain 150
  • https://cdn.jwplayer.com/v2/media/CjeYKIVt/poster.jpg?width=640 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/90mub88s-640.jpg
Request Chain 153
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 157
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS02Y0pBb3NKRTJ1TENfTnZZOXY0dEF0UkxJYUpkSm1TdH5B
Request Chain 159
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=2170235670873243484&ex=appnexus.com
Request Chain 160
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1549337916848776123083
Request Chain 165
  • https://match.adsrvr.org/track/cmf/openx?oxid=362be014-7a60-72b5-efd1-e25f50ee3b4e&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=362be014-7a60-72b5-efd1-e25f50ee3b4e&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=811645c3-3d9c-45bf-b19a-5ec259bcb03f&ttd_puid=362be014-7a60-72b5-efd1-e25f50ee3b4e&gdpr=0&gdpr_consent=
Request Chain 166
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y0z9esCo5s0AAIFgBaYAAAAA
Request Chain 167
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AZOt03pXCPUoks8ADv76Lw8XYs8AAAGD5L4l3A
Request Chain 169
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEF-8s39vS1FaimwSraQdyrc&google_cver=1
Request Chain 170
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=L9CFFPVH-U-L047 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=L9CFFPVH-U-L047&ex=d-rubiconproject.com&status=ok
Request Chain 172
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=811645c3-3d9c-45bf-b19a-5ec259bcb03f&expiration=1668582010&gdpr=0&gdpr_consent=
Request Chain 173
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y0z9egfN3e1JwWrzaLPy4AAAFWoAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEDCW3HXbhlW6zAzwIJgMkh4&google_cver=1
Request Chain 174
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y0z9egfN3e1JwWrzaLPy4AAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMHjGeF1rlnfo9dic3WSHtE&google_cver=1
Request Chain 176
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=86d343a9-944c-4b1c-a68c-6af0c0b90e69
Request Chain 177
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=Y0z9egfN3e1JwWrzaLPy4AAA%265482 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=a68a029d-e3a4-42cc-b706-3ee07a6e70d3-tucta4682fa
Request Chain 178
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2170235670873243484
Request Chain 187
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=811645c3-3d9c-45bf-b19a-5ec259bcb03f&gdpr=0&gdpr_consent=&expires=30
Request Chain 189
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlDRkZQVkgtVS1MMDQ3
Request Chain 190
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTkwMTc0MzJjNWE5N2NhMmYyMWJlZTRkM2M1Zjk0YmYzMzAxMjc0MQ
Request Chain 191
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=wvUKzPlXR0aFbzBXjQNRWA&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=wvUKzPlXR0aFbzBXjQNRWA
Request Chain 192
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENDqfpRyi4NwgriaLLEaNcA&google_cver=1
Request Chain 193
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9CFFPVH-U-L047
Request Chain 194
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/YM7zJ7PGRsftzJmxtNDK6Q?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4624998620039241353
Request Chain 207
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDrleSZkQEQgAgYgAgyCGF8xfop_GUI HTTP 301
  • https://tpc.googlesyndication.com/simgad/16779227632314819933
Request Chain 215
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1 HTTP 302
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=7ead435e-a2cd-4cbf-8876-adb66822613f&ph=c6b01e12-aa62-4ae6-9e10-71346e597c31&r=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DF2Stothm3wg5g6opTuaPadz9%26source_user_id%3D HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=F2Stothm3wg5g6opTuaPadz9&source_user_id=f8481529-c824-4f58-aa7a-c4155a259926
Request Chain 216
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=811645c3-3d9c-45bf-b19a-5ec259bcb03f&gdpr=0&gdpr_consent=
Request Chain 217
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=811645c3-3d9c-45bf-b19a-5ec259bcb03f&gdpr=0&gdpr_consent=
Request Chain 218
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4 HTTP 302
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=$UID HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=2170235670873243484
Request Chain 221
  • https://sync.fout.jp/sync?xid=googleadex&g_pixel=&sp=1&google_gid=CAESEK8mjaO-93WS5Q3-FuwFMDw&google_cver=1&google_push=AZmPxg8mYpA3Wi2KtZojbYJHQl_tEFeMLoMsgy0ybClHjTwj1S7FNKDZ9zD2SSVcmqMqWge3efYmMVCWbd2RdNsJNLQptZdrdV2_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AZmPxg8mYpA3Wi2KtZojbYJHQl_tEFeMLoMsgy0ybClHjTwj1S7FNKDZ9zD2SSVcmqMqWge3efYmMVCWbd2RdNsJNLQptZdrdV2_&google_hm=QzRBX1hjcGNYb1BXRGI5WEpwcTFiTndSbWVB&from_google=sp1
Request Chain 222
  • https://cs.media.net/cksync?type=g&google_gid=CAESED1QTTAP-8rTTbMrEnpALzg&google_cver=1&google_push=AZmPxg8_oHugowyvbxqX1ZjTpcmyXx_XpJwaHhK9a__hktt6SW6T0PMaI3WcDPQXRA20Zm0IQDRhCrY1-qUz_q-lUOZCkc41SuY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA4OTkxNjEwNjQ1MTcxMDAwMFYxMA%3d%3d&mn_hm=MzA4OTkxNjEwNjQ1MTcxMDAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg8_oHugowyvbxqX1ZjTpcmyXx_XpJwaHhK9a__hktt6SW6T0PMaI3WcDPQXRA20Zm0IQDRhCrY1-qUz_q-lUOZCkc41SuY&gdpr=&gdpr_consent=
Request Chain 223
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEGTmI6H2vlGgKfZTk_nZ6aA&google_cver=1&google_push=AZmPxg8qhQKxFTJD9ojB-QVpmc5XDOI9M_PE0v89XPUb6G18lyD9RVQYVmXgshaXU_lKHiZIw9PdtmNMskkGwF4gXRwlOxkpSa5i HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AZmPxg8qhQKxFTJD9ojB-QVpmc5XDOI9M_PE0v89XPUb6G18lyD9RVQYVmXgshaXU_lKHiZIw9PdtmNMskkGwF4gXRwlOxkpSa5i&google_hm=NjI3MDkxMjY2MDY5ODI0NDE2MA%3D%3D
Request Chain 224
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEIPjNEysGIG6Aqo1VNDs44U&google_cver=1&google_push=AZmPxg-ta-y3Iir1-IRbflgLudKQ6vZSxwN0lMlcBPtMVJtuVuepvdTmXwSWgIipiSX81IM4SwajSdhgZZIZuLSDW-L3skLCRUOBZg HTTP 302
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEIPjNEysGIG6Aqo1VNDs44U%26google_cver%3D1%26google_push%3DAZmPxg-ta-y3Iir1-IRbflgLudKQ6vZSxwN0lMlcBPtMVJtuVuepvdTmXwSWgIipiSX81IM4SwajSdhgZZIZuLSDW-L3skLCRUOBZg HTTP 302
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A6372623606720973339&exchange=193&google_gid=CAESEIPjNEysGIG6Aqo1VNDs44U&google_cver=1&google_push=AZmPxg-ta-y3Iir1-IRbflgLudKQ6vZSxwN0lMlcBPtMVJtuVuepvdTmXwSWgIipiSX81IM4SwajSdhgZZIZuLSDW-L3skLCRUOBZg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTYzNzI2MjM2MDY3MjA5NzMzMzk&google_push=AZmPxg-ta-y3Iir1-IRbflgLudKQ6vZSxwN0lMlcBPtMVJtuVuepvdTmXwSWgIipiSX81IM4SwajSdhgZZIZuLSDW-L3skLCRUOBZg
Request Chain 226
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEGqWV1U-g8w-dnBBtOoIdeg&google_cver=1&google_push=AZmPxg9jOpQ_B6iPEB7Z8pafMUNojxZst_ky305kdp9JdSuwP3T1Va9p_Q7SWZOI46SOHCQRsby0MRdo6aiZ6BAGFh8OL0Trq4Gb1Q HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEGqWV1U-g8w-dnBBtOoIdeg&google_push=AZmPxg9jOpQ_B6iPEB7Z8pafMUNojxZst_ky305kdp9JdSuwP3T1Va9p_Q7SWZOI46SOHCQRsby0MRdo6aiZ6BAGFh8OL0Trq4Gb1Q&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg9jOpQ_B6iPEB7Z8pafMUNojxZst_ky305kdp9JdSuwP3T1Va9p_Q7SWZOI46SOHCQRsby0MRdo6aiZ6BAGFh8OL0Trq4Gb1Q&google_hm=ZmRIbHZCUU9yd2MtMzczU2NfOUQ= HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
Request Chain 227
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEF9dQd7GZbaWlpfwBvw7CHg&google_cver=1&google_push=AZmPxg-bdNkv5oT8AlKeLi36_jCMWGkAVMts9WwGel7kCwsENQH3nstWLxT6MdAoCsXaHpb3QNLABscnUWxpLYifl_WcamLXl0Faog HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MjE3MDIzNTY3MDg3MzI0MzQ4NA%3D%3D&google_gid=CAESEF9dQd7GZbaWlpfwBvw7CHg&google_cver=1&google_push=AZmPxg-bdNkv5oT8AlKeLi36_jCMWGkAVMts9WwGel7kCwsENQH3nstWLxT6MdAoCsXaHpb3QNLABscnUWxpLYifl_WcamLXl0Faog
Request Chain 230
  • https://cdn.jwplayer.com/v2/media/eIXqoUBq/poster.jpg?width=120 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/62a3lb8d-120.jpg
Request Chain 240
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=torontosun.com&sn=ChromeSyncframe&so=0&topUrl=torontosun.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=aC6fqHxIRUw5bDl3aTJ4blZIVmcwRmNEcDdVYWx1NHdFWURMV3NYWTJxNkpJcHcxeWRRUDF6dGVCdUo0NTFlZzJ5a3l5V3N1bWdkWHByWXcrYnZEZWx3alBoMmU0K29JeW1IVjJ4aktiNmtCRkxKL0RlRmNDME9xUHdJZFpOY3ZEYzB0ZStlOEErRFpFVE9YUUZJb1BMUmhtN0loQ1lOUkJJemwxU1E3MmttazVPcFpvc3phcHRZUzNjdGs0aVR0aTlRTTVMNzF6TkdWT0Y4cVRCaFJtSEQvekJVYXlYcWZhRjdyL3R0MlBMUStHTGM1N2o0OEUyeW0rMnJGcGcyZUxrRVFBM1ViaC9IZm1yRWVYdDlLUXdtejNydz09fA&cppv=2
Request Chain 262
  • https://sb.scorecardresearch.com/b?c1=2&c2=10276888&ns__t=1665990011888&ns_c=UTF-8&c8=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&c7=https%3A%2F%2Ftorontosun.com%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=10276888&ns__t=1665990011888&ns_c=UTF-8&c8=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&c7=https%3A%2F%2Ftorontosun.com%2F&c9=
Request Chain 263
  • https://sb.scorecardresearch.com/c2/10276888/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
Request Chain 321
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=Y0z9fgAAAa2XWAAO HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y0z9fgAAAa2XWAAO&_test=Y0z9fgAAAa2XWAAO
Request Chain 323
  • https://bk.r-ad.ne.jp/3/cs HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537097918&val=51070E01PBDAY008Ks9M
Request Chain 327
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=6X1qKNPmy5sJpa7og_cB9A==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 328
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=openx HTTP 302
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=openx&uid-set=1 HTTP 302
  • https://sync-tapi.admatrix.jp/data/sync.jsp?rd=https%3A%2F%2Fsync%2Ddsp%2Ead%2Dm%2Easia%2Fdsp%2Fapi%2Fsync%2Fsend%3Fs%3Dopenx%26uid%2Dset%3D1%26auid%3D HTTP 302
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=openx&uid-set=1&auid=6f77e87a-94c0-4809-9b8b-e49f4297d96d HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072588&val=Jtem-OkQ3oU-l
Request Chain 329
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fjp-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=536872786&val=0342634c-fd7e-4e00-871b-d2e4a0184057
Request Chain 330
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3420194055288005793&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 333
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=40d8634c-fd7e-4a00-af63-bf1b852e2952
Request Chain 335
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y0z9egfN3e1JwWrzaLPy4AAAFWoAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y0z9egfN3e1JwWrzaLPy4AAAFWoAAAIB
Request Chain 336
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=0178AF9324FB4FFF96C6D6E224C32305
Request Chain 337
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=07030001_634cfd7ecd89b&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030001_634cfd7ecd89b
Request Chain 338
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=FHzRPh2M1OKk6G5
Request Chain 339
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6081225796891830490&expiration=1667199614

343 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
torontosun.com/
Redirect Chain
  • http://torontosun.com/
  • https://torontosun.com/
824 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.249.109 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
109.249.111.34.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
d42f2a4626278cde03f62338049105ddbfb9f20e1e847f546a0019da32bd23d8
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-dynamic' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
max-age=300
content-encoding
gzip
content-security-policy
default-src * 'unsafe-eval' 'unsafe-dynamic' 'unsafe-inline' data: blob:
content-type
text/html; charset=utf-8
date
Mon, 17 Oct 2022 07:00:07 GMT
expires
Mon, 17 Oct 2022 07:00:23 GMT
permissions-policy
autoplay=(*), camera=(*), display-capture=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), microphone=(*), payment=(*)
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.14.2
strict-transport-security
max-age=31536000
vary
Accept-Encoding Accept-Encoding user-agent
via
1.1 google
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-pmd-backend
cheetah-nginx pmd-nginx-proxy-c7db8d578-gfg24
x-pmd-cache
HIT

Redirect headers

Cache-Control
private
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Mon, 17 Oct 2022 07:00:07 GMT
Location
https://torontosun.com:443/
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
11fbf0561da8f35f674eab4ad5c047535f202952310f7f8d695563657af3454d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27696
x-xss-protection
0
server
sffe
etag
"1366 / 249 of 1000 / last-modified: 1665796965"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 17 Oct 2022 07:00:08 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		176 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.60.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-60-22.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e23aa41677b6c7479e9f2a46fb0e8a85c5ece6c088bb9fa8938fe970fc8493ab

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 06:06:58 GMT
content-encoding
gzip
via
1.1 1e5ca059f48c688576a90d719b9ff148.cloudfront.net (CloudFront), 1.1 f5ea107910388dd712f11441721cd0ae.cloudfront.net (CloudFront)
last-modified
Thu, 06 Oct 2022 22:15:21 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P2, NRT20-C3
age
3190
x-amz-server-side-encryption
AES256
etag
W/"4c87a00941c1aa3dcbab77fc8dc08ec0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
zlGKM2ymZeLQR6tXjGmsfPtdssRwJ--s9BJw2fzZY9WV_L2DA1bEcw==
14648.js
micro.rubiconproject.com/prebid/dynamic/ 		601 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://micro.rubiconproject.com/prebid/dynamic/14648.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.81.252 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-81-252.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
70791f9acfddb9d9255bea721ba2e06a7f6ce494f72902d82206097ea14aa380

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:07 GMT
content-encoding
gzip
last-modified
Sun, 16 Oct 2022 13:41:04 GMT
server
Apache
vary
Accept-Encoding
edge-cache-tag
prod-prebid-14648_postmedia_pbjs.js
content-type
text/javascript
access-control-expose-headers
x-trp-pba
cache-control
public, must-revalidate, max-age=14400
content-length
135754
x-trp-pba
{"ruleId":"1","rulePos":0,"ruleName":"Catch All Rule","wrapperName":"14648_postmedia_pbjs","isPrimary":true,"randomProb":32,"account":14648,"device":"desktop","country":"JP","host":"torontosun.com","isMobile":false,"isTablet":false,"reqHost":"micro.rubiconproject.com","referrer":["https://torontosun.com/"],"xForwardedFor":"","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36","query":"","ranAt":"2022-10-17T07:00:07.950Z","runId":"1665990007950-9197","wrapperPath":"/prebid/14648_postmedia_pbjs.js","redirectUrl":"/prebid/get-wrapper/Catch%20All%20Rule/14648_postmedia_pbjs.js"}
expires
Mon, 17 Oct 2022 14:10:08 GMT
iasPET.1.js
cdn.adsafeprotected.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.50.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-50-69.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Sun, 16 Oct 2022 04:23:58 GMT
Content-Encoding
gzip
Via
1.1 b944914479fde4ca432e3f8eabb3743c.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Jun 2021 17:38:57 GMT
Server
AmazonS3
X-Amz-Cf-Pop
NRT57-C1
Age
95770
ETag
W/"51636de3ce868a2172f9e6996c2934e0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=604800
Connection
keep-alive
X-Amz-Cf-Id
MlH9WcSA5eJsp1-aQ9RE1yb9E156XSG33hrbGToXuQkzOwaF6duSVQ==
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f0968e72ba174df05d85d839030aff0adb94bbb544df41272934c273ba5125a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 17 Oct 2022 07:00:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 17 Oct 2022 07:00:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 17 Oct 2022 07:00:07 GMT
advertising.js
www.npttech.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.npttech.com/advertising.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5476 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:08 GMT
x-amz-version-id
hXQWgdpwSBM26VgKOeTSlm.4VT89.h9w
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
CZ7N5CTM7FEFAE4J
age
4596
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
Nc08bqSYTI4cxnGGVdKBel2QX2+4OHggGIrn63fLgmyDNsuwLnkoZ3v/BbzWze4XsabxAv1IAZc=
last-modified
Wed, 19 Jun 2019 08:25:01 GMT
server
cloudflare
etag
W/"3d6f80c860866175f58a84bbbc9217c6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zgMclV3bhBq8Z8yKJD%2FWG0YT%2F0DGGsiPOHYets80me4P2t3htJx1XvsUKlBgUjZ7xwAGuiWNL3ClFK3aX7dmqt9vMB02RZG8C4VbKtOWN2OM6ovys5Kxk4qbP6gGFie1Vdxv6K1Pjqmi4LcszzI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=28800
cf-ray
75b727ce597534f3-NRT
LoginRadiusV2.js
auth.lrcontent.com/v2/js/ 		199 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.lrcontent.com/v2/js/LoginRadiusV2.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:49e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68a335c0d87dce935fee1811892070e78c514828d50bfe2ae21fde739ec1002c
Security Headers
Name Value
Strict-Transport-Security max-age= 63072000; includeSubdomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:08 GMT
strict-transport-security
max-age= 63072000; includeSubdomains; preload
via
1.1 6b08a30faffc4f051786275c2f0fdfe2.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
gzip
age
4542
x-amz-cf-pop
NRT57-P4
cf-polished
origSize=1238069
x-cache
Hit from cloudfront
cf-bgj
minify
last-modified
Mon, 13 Dec 2021 05:19:58 GMT
server
cloudflare
etag
W/"ae3463c4a59ae100b160ed4dd5dbf4b8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75b727ce8916afbd-NRT
x-amz-cf-id
A8AnMGGg3Z4rKH9HR3j0baUs67hXbDuv6VJ0lfqDuyrmOOCfHaE7Qg==
spm.v1.min.js
ak.sail-horizon.com/spm/ 		124 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.140.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-140-16.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a8236998816487aa6623e3626d7cd50f395e3deee0732c33b150bec3cb81f9a3

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 06:57:38 GMT
content-encoding
gzip
via
1.1 4ca8d239c2b4b1a578fa3c7797e67c10.cloudfront.net (CloudFront)
last-modified
Thu, 15 Sep 2022 23:20:31 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C3
age
151
etag
W/"97dd801dd26ae0172c7875245d92f506"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=600; must-revalidate
x-amz-cf-id
IqaMrR4C3Fckbm2DnfP1RWY0SDFwSeR6SNrxDELHTZHqsm_rZrsi0w==
fem.js
fem.gprod.postmedia.digital/v68.2/ 		289 KB
290 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v68.2/fem.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
cb551b3fa2346a645fcec13d4c6898a42275496fdfd545d28fa1e83a685fb42a

Request headers

Referer
https://torontosun.com/
Origin
https://torontosun.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 06:13:05 GMT
x-goog-meta-goog-reserved-file-mtime
1664979227
age
2823
x-guploader-uploadid
ADPycduFrlVCU8W3VT7dxtsCG-hEjyS90m0BCVuoJvTax6jX92-Xg95SfUERiSq9fsj3uJFOa9qmV60Zz9CB9hUoh82VTA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295834
last-modified
Wed, 05 Oct 2022 14:14:45 GMT
server
UploadServer
etag
"fb4dc24283456286a771c9780fa76f1c"
x-goog-generation
1664979285401257
x-goog-hash
crc32c=A96kSw==, md5=+03CQoNFYoanccl4D6dvHA==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-cache-hit
hit
x-goog-stored-content-length
295834
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 17 Oct 2022 07:13:05 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80a::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://torontosun.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 19:32:01 GMT
x-content-type-options
nosniff
age
386887
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 12 Oct 2023 19:32:01 GMT
NGSpv5_NC0k9P_v6ZUCbLRAHxK1EbiusdUmm.woff2
fonts.gstatic.com/s/heebo/v21/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/heebo/v21/NGSpv5_NC0k9P_v6ZUCbLRAHxK1EbiusdUmm.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80a::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a02900c2dbce0e4436db42632097edb14b149edf0e58add290771afd965ec38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://torontosun.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 23:51:50 GMT
x-content-type-options
nosniff
age
457698
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10372
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:30:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Oct 2023 23:51:50 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80a::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://torontosun.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 19:36:05 GMT
x-content-type-options
nosniff
age
386643
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 12 Oct 2023 19:36:05 GMT
Matt.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/10/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/10/Matt.jpg?quality=90&strip=all&w=466&type=webp
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
d45b8e4441375944d553843e8bbaac21681b744bfc96562bc511e44fb5ed719d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 17 Oct 2022 03:18:42 GMT
via
1.1 google
server
nginx/1.19.10
age
13286
etag
"f9d679bd40c26ac4e4b1326e2cd786d654f0dcbc"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-6564f6b646-5gcvh
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34798
PN_xRfK9oXHga0XdZsg_.woff2
fonts.gstatic.com/s/martel/v10/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/martel/v10/PN_xRfK9oXHga0XdZsg_.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80a::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b52af4f6849257bb609f2078d51dc45ad49c0f9b5ff217cf6f9c1c8afcb9a8df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://torontosun.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 22:41:25 GMT
x-content-type-options
nosniff
age
461923
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18860
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:03:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Oct 2023 22:41:25 GMT
Ikechidiadi-Ike-Kaja-HOMICIDE-10-e1643397193434.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/01/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/01/Ikechidiadi-Ike-Kaja-HOMICIDE-10-e1643397193434.jpg?quality=90&strip=all&w=466&type=webp
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
6cd5016279444904a17fea0e8624cd858e71f77baa3c46a82b06155b39249a9b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Sat, 15 Oct 2022 22:04:47 GMT
via
1.1 google
server
nginx/1.19.10
age
118521
etag
"0dcdb49fb5011e2960e52351a79a9247832132ec"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-6564f6b646-5s4kj
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67658
thumbnail_Image-1-e1665595536437.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/10/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/10/thumbnail_Image-1-e1665595536437.jpg?quality=90&strip=all&w=466&type=webp
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
59b4ee8954cb6b9961f92bebc6707f1d8a7cae7a26610df7bcabb48ce2d99e1e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Sun, 16 Oct 2022 15:05:26 GMT
via
1.1 google
server
nginx/1.19.10
age
57282
etag
"e97b3e6cf83ec2935dfbab1b1834f2f2df361dd9"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-6564f6b646-dnn9p
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44848
us-cda-border-nexus-20221016.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/10/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/10/us-cda-border-nexus-20221016.jpg?quality=90&strip=all&w=466&type=webp
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
696a9c8c86e2c76035aa8b4251b224c24280d77d2416ef0d96fd3792754cd2f0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 17 Oct 2022 05:42:04 GMT
via
1.1 google
server
nginx/1.19.10
age
4684
etag
"a17aff0b348cb736ddae6f248f664682358461a2"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-6564f6b646-fqx47
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21836
Ilya17.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/10/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/10/Ilya17.jpg?quality=90&strip=all&w=466&type=webp
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
8c0a51eddd9f9af8c07ee676c96bd69edcd7821d3e8e0478fa5ee78fa1a62e68

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 17 Oct 2022 05:09:21 GMT
via
1.1 google
server
nginx/1.19.10
age
6647
etag
"0659138493870897721c1cfaa6fc8faa478f7e0b"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-6564f6b646-hdcv7
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38734
afp_15w9ny-e1528926734865.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2018/06/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2018/06/afp_15w9ny-e1528926734865.jpg?quality=90&strip=all&w=466&type=webp
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
fce0fd9c5dfa7f1a4413b1fd6964f5bae6ce9261812d8d96643663f05ee9f4c4

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Sun, 16 Oct 2022 20:23:23 GMT
via
1.1 google
server
nginx/1.19.10
age
38205
etag
"b8cd18c061d5193d1ffd23ac3dcde4b9c69aa864"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-6564f6b646-js4ft
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36540
TS20221012ED38-scaled.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/10/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/10/TS20221012ED38-scaled.jpg?quality=90&strip=all&w=466&type=webp
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
bc6ce846acfad7dc0f4be2c2d554bf5c9d9c04021ff670685f41f61a8e8325db

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 17 Oct 2022 00:55:20 GMT
via
1.1 google
server
nginx/1.19.10
age
21888
etag
"08c660b69f46ff9571b3e41cf9f1d2a637f8c25e"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-6564f6b646-js4ft
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19674
health-coronavirus-omicron-1-e1640869995607.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2021/12/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2021/12/health-coronavirus-omicron-1-e1640869995607.jpg?quality=90&strip=all&w=466&type=webp
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
0d959eee20c946beefabcecc530391cf0cc574faa254825295d3a6faec95a5fd

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 17 Oct 2022 03:30:12 GMT
via
1.1 google
server
nginx/1.19.10
age
12597
etag
"5f59c9d808ae1453ae90d8aa4b9a108ef5184aea"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-6564f6b646-fqx47
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32178
GettyImages-1144377413-e1634147283950.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2021/10/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2021/10/GettyImages-1144377413-e1634147283950.jpg?quality=90&strip=all&w=466&type=webp
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
a15c702afa4f796b7745a610f9937611706df739a51cd4479e72b3105980d970

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 17 Oct 2022 07:00:09 GMT
via
1.1 google
server
nginx/1.19.10
etag
"908a646dc2e0b8bb88b5e16d21d8e71573c5c524"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000,public
x-cache-hit
miss
x-pmd-smart-cdn-proxy
thumbor-proxy-6564f6b646-5nvxn
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22468
cannabis-e1652038520605.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/04/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/04/cannabis-e1652038520605.jpg?quality=90&strip=all&w=466&type=webp
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
6f17c410e027f87cb43adb122a6fdc3d0034dac86e1572ae2ee54493020fdd0f

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 17 Oct 2022 05:42:05 GMT
via
1.1 google
server
nginx/1.19.10
age
4684
etag
"074229bc54a394a07fdccd516f69418a68d39c0e"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-6564f6b646-vmrfg
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32508
truncated
/ 		256 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3fde76cacc186420d0405496f66f9cd00a7c14a38a9ffa4b626a09affe83cc2a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
icon-generic-play.svg
dcs-static.gprod.postmedia.digital/12.0.2/websites/images/common-icon/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/12.0.2/websites/images/common-icon/icon-generic-play.svg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
2f28c008f0ce667d697ccc95a07377e8562c0c28dd910f864724a265f75671e4

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 06:46:10 GMT
x-goog-meta-goog-reserved-file-mtime
1664200844
age
838
x-guploader-uploadid
ADPycdtJ2VX-urKiZKe_Ivg0FwrfWOB4_z7Ubnea8H7vEGiJ8av2Uf5yrNe6Swstusgg7loTKpqvZmDOTO0H55-mKeq_-T9y462c
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1091
last-modified
Mon, 26 Sep 2022 17:24:51 GMT
server
UploadServer
etag
"34ef0f992f9fa3f5a172353b887ba82c"
x-goog-generation
1664213091103522
x-goog-hash
crc32c=+OS2xg==, md5=NO8PmS+fo/WhcjU7iHuoLA==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public, max-age=3600
x-cache-hit
hit
x-goog-stored-content-length
1091
accept-ranges
bytes
expires
Mon, 17 Oct 2022 07:46:10 GMT
23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/ 		351 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v68.2/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62394660741e79eacb0e174bce6dc9779572129e9790e0227d40a3ded73cde15

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:08 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
23dc09d6-b664-425a-a76e-0eed6a6cc102
age
3429
x-guploader-uploadid
ADPycduq_FQYIkfL7kByCFHvk15cCkjt6y-ywZMY6mkxjfdDElmOjlsKZiqmjix_YWbNpzHPPl0BbEP-ZfzWWcOAhLPe9w
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
last-modified
Fri, 14 Oct 2022 21:50:47 GMT
server
cloudflare
etag
W/"c9d4a94b97262a9f2b0a4cf1b7e8e3d4"
vary
Accept-Encoding
x-goog-generation
1665784247220486
content-type
application/javascript
x-goog-hash
crc32c=ez1wjQ==, md5=ydSpS5cmKp8rCkzxt+jj1A==
cache-control
public, max-age=900
x-goog-stored-content-length
105292
cf-ray
75b727cf5f08e3b7-NRT
expires
Mon, 17 Oct 2022 07:15:08 GMT
carousel-previous.svg
dcs-static.gprod.postmedia.digital/12.0.2/websites/images/common-icon/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/12.0.2/websites/images/common-icon/carousel-previous.svg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e5bab9427ec1d36c811e3ca40b2a1014b330dea0fc48b787041c572e1fdc4f28

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 06:46:12 GMT
x-goog-meta-goog-reserved-file-mtime
1664200844
age
836
x-guploader-uploadid
ADPycdvJ7WGBg1AsFS3HJoQenwQDyAC39zc_nmfI4BMCnkirmpkle_gHUlnHTi2bzKgMAVDYJ3tsOe1kHdRHBNP5RnBtHSaewMxc
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1204
last-modified
Mon, 26 Sep 2022 17:24:50 GMT
server
UploadServer
etag
"23fbd7cd311279a2b6eb68d8f6059047"
x-goog-generation
1664213090689333
x-goog-hash
crc32c=RxdKhw==, md5=I/vXzTESeaK262jY9gWQRw==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public, max-age=3600
x-cache-hit
hit
x-goog-stored-content-length
1204
accept-ranges
bytes
expires
Mon, 17 Oct 2022 07:46:12 GMT
carousel-next.svg
dcs-static.gprod.postmedia.digital/12.0.2/websites/images/common-icon/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/12.0.2/websites/images/common-icon/carousel-next.svg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b510ee91066f77f938f78422378a73f44818d0ee661c0ccb5ad398cc7dd6b080

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 06:46:12 GMT
x-goog-meta-goog-reserved-file-mtime
1664200844
age
836
x-guploader-uploadid
ADPycdtJ_XAiFGSRy_76bCUAxgvsyxBus4t2qRN6_hngsm8iWn0M_GvX93gzFnidFknJ1H31ZX-xVrXZEzzud0RPyF1Y5el1rj13
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1204
last-modified
Mon, 26 Sep 2022 17:24:50 GMT
server
UploadServer
etag
"735fdba5ead6fce3777e91bf3fee8dd6"
x-goog-generation
1664213090683030
x-goog-hash
crc32c=8FG2nQ==, md5=c1/bperW/ON3fpG/P+6N1g==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public, max-age=3600
x-cache-hit
hit
x-goog-stored-content-length
1204
accept-ranges
bytes
expires
Mon, 17 Oct 2022 07:46:12 GMT
postmedia-image-fallback.webp
dcs-static.gprod.postmedia.digital/12.0.2/websites/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/12.0.2/websites/images/postmedia-image-fallback.webp
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
179c493864283938999b1e6cfb14839f78f9b25d1ec30faabbf9ea18216b23e5

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 06:37:21 GMT
x-goog-meta-goog-reserved-file-mtime
1664200845
age
1367
x-guploader-uploadid
ADPycdsxwRLDpusZkb4iORmfv6dpCwxF_YHi3uRygyWCzzUomfdCf_Cbyh1W5mePP8ITDR_wtOR-gA2lCfT18KgHFY-trg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2934
last-modified
Mon, 26 Sep 2022 17:25:00 GMT
server
UploadServer
etag
"496f3aa3adffbf2280dd5f74fb6eef8f"
x-goog-generation
1664213100126349
x-goog-hash
crc32c=Qpf2ww==, md5=SW86o63/vyKA3V90+27vjw==
access-control-allow-origin
*
content-type
application/octet-stream
cache-control
public, max-age=3600
x-cache-hit
hit
x-goog-stored-content-length
2934
accept-ranges
bytes
expires
Mon, 17 Oct 2022 07:37:21 GMT
pubads_impl_2022101301.js
securepubads.g.doubleclick.net/gpt/ 		380 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js?cb=31070374
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1af2148d7bd5e2a0c9ddc1c5b9ff072996852f4f11ebc19695ba4ee08ddb9c4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 02:11:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
103696
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131264
x-xss-protection
0
last-modified
Thu, 13 Oct 2022 15:30:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 16 Oct 2023 02:11:52 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		260 B
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=torontosun.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
31f1262c9c30189e2357c102e2f866fe0c77b88fa3572df8c50531fe1e860b7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
138
x-xss-protection
0
expires
Mon, 17 Oct 2022 07:00:08 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		248 B
604 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3528&u=https%3A%2F%2Ftorontosun.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.60.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-60-22.nrt20.r.cloudfront.net
Software
Server /
Resource Hash
7beb96ef759b267b4159270a64ca009646a2e9a725882896b3dd431198b92058

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 05:19:56 GMT
via
1.1 f5ea107910388dd712f11441721cd0ae.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
NRT20-C3
age
6012
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://torontosun.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
248
x-amz-cf-id
8H7N-rnCLHWbSP9tI8pBTGN7KeLC2K1xXckxyLVcNxdpCxpUbHmNOw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.60.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-60-22.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 23:55:58 GMT
x-amz-version-id
YousslGi_alc9N7i1PBVBMNtdY1LkTzi
content-encoding
gzip
via
1.1 e799d090941c58e2047ed3ec40553f52.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT20-C3
age
25450
x-cache
Hit from cloudfront
last-modified
Thu, 06 Oct 2022 01:32:47 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
pkwBGLKiNRnd9CDgOuunUiXCk9KRzXlhqbxsY1251queF_apJUSteg==
14648-pbjs-floors.json
ads.rubiconproject.com/floors/ 		10 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/floors/14648-pbjs-floors.json
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.81.252 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-81-252.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
acc1a5377a45963a2da2d6af031ba0700e5990a33d31acbd5910450f17d410e1

Request headers

Referer
https://torontosun.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 17 Oct 2022 07:00:08 GMT
content-encoding
gzip
last-modified
Mon, 17 Oct 2022 06:41:04 GMT
server
Apache
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1500
access-control-allow-credentials
true
accept-ranges
bytes
content-length
1201
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221017
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbbb9e40b685c8fe25d229b1f9b95bff8805f9f0e94c9f68a847bd19f7eda291
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://torontosun.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 17 Oct 2022 07:00:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
14348
x-jsd-version
1.0.1495
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19153-FRA, cache-yyz4542-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"65e-aNIgZNEXwGpNMtfi9S2V59U1Aq0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=St0JWijEhoMzQLIV5rnCs%2FX38BRukCGZL62sEQ6CRabEfoJTiFX5wJI23p3Nfanlhk2iuq2YudAtP9k23ip000ljza2SvMEahWt76HNBYCQodjHkC4vDtEnSqcHJgDGyi7TR5qt1ycp%2BI%2F8xzEc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
75b727cfb876e05e-NRT
business-wire-logo.svg
dcs-static.gprod.postmedia.digital/12.0.2/websites/images/common/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/12.0.2/websites/images/common/business-wire-logo.svg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
7fb15552a88b764ca42963e71136255cecf99c6bccc6fdc68fbe0f930a516cb7

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 06:26:44 GMT
x-goog-meta-goog-reserved-file-mtime
1664200844
age
2004
x-guploader-uploadid
ADPycdt8JVKwEytxO8ZnkQksrDBTd_u4xvtvPuL67FPXKfzPEKxMiwiyTPl0zjBCQopH4ToQocrkSXlsTfLZ9pLIgJ47SA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11114
last-modified
Mon, 26 Sep 2022 17:24:49 GMT
server
UploadServer
etag
"c65c15718398ba7d64f31b6847913a4c"
x-goog-generation
1664213089937295
x-goog-hash
crc32c=oKRWcA==, md5=xlwVcYOYun1k8xtoR5E6TA==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public, max-age=3600
x-cache-hit
hit
x-goog-stored-content-length
11114
accept-ranges
bytes
expires
Mon, 17 Oct 2022 07:26:44 GMT
globe-newswire.svg
dcs-static.gprod.postmedia.digital/12.0.2/websites/images/common/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/12.0.2/websites/images/common/globe-newswire.svg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ca157b8a9c98a19c0446a974ea642d13e3b3398f328d312fd474df9f63c45fe9

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 06:26:44 GMT
x-goog-meta-goog-reserved-file-mtime
1664200844
age
2004
x-guploader-uploadid
ADPycdtOm9ss942KOQ3X4b04cyK4WqTeZG0uLV9qs-rPNAcDD-zJAOKIHV08Hq_F7-tLwwZ8fEstn9dKRUC_SUTqKsV9_Q
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14160
last-modified
Mon, 26 Sep 2022 17:24:50 GMT
server
UploadServer
etag
"898d3597d34bb62f664ab25f0ac21cd9"
x-goog-generation
1664213090336697
x-goog-hash
crc32c=HxkysQ==, md5=iY01l9NLti9mSrJfCsIc2Q==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public, max-age=3600
x-cache-hit
hit
x-goog-stored-content-length
14160
accept-ranges
bytes
expires
Mon, 17 Oct 2022 07:26:44 GMT
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.39.13.202 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-13-202.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0767c070293f17944c5246f47d8c610131ee16556a032dc3b5820bdac5ec725f

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:08 GMT
content-encoding
gzip
last-modified
Thu, 13 Oct 2022 18:14:48 GMT
server
Apache
etag
"d4ed-5eaee7c12df48-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17131
expires
Mon, 17 Oct 2022 07:15:08 GMT
icon-soc-fb.svg
dcs-static.gprod.postmedia.digital/12.0.2/websites/images/share-icons/ 		775 B
806 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/12.0.2/websites/images/share-icons/icon-soc-fb.svg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
40e562e806ce113ae7879d0dd76db82797b5c274794751c260381f2c8b283641

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 06:46:10 GMT
x-goog-meta-goog-reserved-file-mtime
1664200845
age
838
x-guploader-uploadid
ADPycdsusf07escuO7QYECKfwKscbLYfKgZd8VhNcTAlvndtanO15b20tlQ_1rAj3U73NJ0ofvjYDAp8deNUB-Q8lSbzUsIVBfU3
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
775
last-modified
Mon, 26 Sep 2022 17:25:00 GMT
server
UploadServer
etag
"993353c51244defcc16154eac23ff88d"
x-goog-generation
1664213100338404
x-goog-hash
crc32c=Z/aKUg==, md5=mTNTxRJE3vzBYVTqwj/4jQ==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public, max-age=3600
x-cache-hit
hit
x-goog-stored-content-length
775
accept-ranges
bytes
expires
Mon, 17 Oct 2022 07:46:10 GMT
icon-soc-tw.svg
dcs-static.gprod.postmedia.digital/12.0.2/websites/images/share-icons/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/12.0.2/websites/images/share-icons/icon-soc-tw.svg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
975a64dc9bbc5e1884ba8ca2e76d9b2791d16d5c9f3619bf30477cd21a8636d2

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 06:46:10 GMT
x-goog-meta-goog-reserved-file-mtime
1664200845
age
838
x-guploader-uploadid
ADPycdv0IWi-a27zYMnItqUgBWiTpYGZGFPS-nBpthIwIJRksnUTG9-Pm_Jnhbp5j6OB3jb_jRDOaRDpCSfqs_aRCr_MqBMqcnye
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1698
last-modified
Mon, 26 Sep 2022 17:25:00 GMT
server
UploadServer
etag
"df82c342c1176b84253c53e6e10eed05"
x-goog-generation
1664213100539543
x-goog-hash
crc32c=cbPk0w==, md5=34LDQsEXa4QlPFPm4Q7tBQ==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public, max-age=3600
x-cache-hit
hit
x-goog-stored-content-length
1698
accept-ranges
bytes
expires
Mon, 17 Oct 2022 07:46:10 GMT
icon-soc-yt.svg
dcs-static.gprod.postmedia.digital/12.0.2/websites/images/share-icons/ 		744 B
783 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/12.0.2/websites/images/share-icons/icon-soc-yt.svg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
99394b0f6e9f0aefd71dd6a9ad59129ff7852e7734905bead2f2cec5789e3436

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 06:05:25 GMT
x-goog-meta-goog-reserved-file-mtime
1664200845
age
3283
x-guploader-uploadid
ADPycduJEiqkQ-IS7At--QVzUATmnn0-Ee4vJBS0dHyRhLsoXGH4yI_l_tyx647QkZmSxR42bGsuPdLcJsZKNNSRIdC1ndW5M_S_
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
744
last-modified
Mon, 26 Sep 2022 17:25:00 GMT
server
UploadServer
etag
"c7b3b346ada043e6e241bca3e7f698d0"
x-goog-generation
1664213100529130
x-goog-hash
crc32c=8iXYKg==, md5=x7OzRq2gQ+biQbyj5/aY0A==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public, max-age=3600
x-cache-hit
hit
x-goog-stored-content-length
744
accept-ranges
bytes
expires
Mon, 17 Oct 2022 07:05:25 GMT
icon-soc-ig.svg
dcs-static.gprod.postmedia.digital/12.0.2/websites/images/share-icons/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/12.0.2/websites/images/share-icons/icon-soc-ig.svg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
179f43e8abd5e7bd49d05571dc29d22c9f5044eb17ca8253a49e3e28e716af61

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 06:49:28 GMT
x-goog-meta-goog-reserved-file-mtime
1664200845
age
640
x-guploader-uploadid
ADPycds06SWuqVmE69hOIDN7d6vqI3ZjbvN_9rMIQ6HHbQsGSc0nvbxzy2dJ95iFKXSI-3FmPW-TmrjvV0eQ5nL8GnvgjQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1898
last-modified
Mon, 26 Sep 2022 17:25:00 GMT
server
UploadServer
etag
"cf38c08bd0b7e49f4550f048b7c4e2cf"
x-goog-generation
1664213100347502
x-goog-hash
crc32c=bCiZ9w==, md5=zzjAi9C35J9FUPBIt8Tizw==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public, max-age=3600
x-cache-hit
hit
x-goog-stored-content-length
1898
accept-ranges
bytes
expires
Mon, 17 Oct 2022 07:49:28 GMT
shared.75ba4396012c.js
dcs-static.gprod.postmedia.digital/12.0.2/CACHE/js/ 		24 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/12.0.2/CACHE/js/shared.75ba4396012c.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3dec79bbcc485a615d697425122816930d986a3ba2f698f558462194bee16006

Request headers

Referer
https://torontosun.com/
Origin
https://torontosun.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 06:46:50 GMT
x-goog-meta-goog-reserved-file-mtime
1664200841
age
798
x-guploader-uploadid
ADPycdvtIDGORlmPedfJAEH0GZwJz-q381Ia59kJub0mXsfcL39jR0qYYacCTrj92deQBazdVk8djJ0xr1pjGu-QOQS6f5K86yyw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24106
last-modified
Mon, 26 Sep 2022 17:24:40 GMT
server
UploadServer
etag
"9207f18dd269182490b2c6efcc80c4ed"
x-goog-generation
1664213080545498
x-goog-hash
crc32c=uifHRw==, md5=kgfxjdJpGCSQssbvzIDE7Q==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-cache-hit
hit
x-goog-stored-content-length
24106
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 17 Oct 2022 07:46:50 GMT
main.ea896e2d9d40.js
dcs-static.gprod.postmedia.digital/12.0.2/CACHE/js/ 		107 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/12.0.2/CACHE/js/main.ea896e2d9d40.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ea896e2d9d40ccdd7043192c7b1516e369a47df43f1863e3044f4e9aa73a6f31

Request headers

Referer
https://torontosun.com/
Origin
https://torontosun.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 06:21:15 GMT
x-goog-meta-goog-reserved-file-mtime
1664200841
age
2333
x-guploader-uploadid
ADPycdsvMSBM9BxImuxkGL2M2xHJ2rnvnuxMtv7uqBKxTAdOTvNYNvtp4SwvrAL_88ZZIQ_D4KnNp9I0a3RmObAjD0xxJR7RiOeH
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
109204
last-modified
Mon, 26 Sep 2022 17:24:40 GMT
server
UploadServer
etag
"1b312de25eaa475b77c7437f9aad2689"
x-goog-generation
1664213080724041
x-goog-hash
crc32c=zBB5gw==, md5=GzEt4l6qR1t3x0N/mq0miQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-cache-hit
hit
x-goog-stored-content-length
109204
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 17 Oct 2022 07:21:15 GMT
xd.html
fem.gprod.postmedia.digital/v68.2/ Frame F04F 		165 B
202 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v68.2/xd.html
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v68.2/fem.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ae99851c2155f70e14ca8a15656053501bda155abb120a0cdce1def653743a25

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1852
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-length
165
content-type
text/html
date
Mon, 17 Oct 2022 06:29:16 GMT
etag
"cbd63c00c44e595ab86471ef4675bdf5"
expires
Mon, 17 Oct 2022 07:29:16 GMT
last-modified
Wed, 05 Oct 2022 14:14:47 GMT
server
UploadServer
x-cache-hit
hit
x-goog-generation
1664979287017626
x-goog-hash
crc32c=lIaU5g== md5=y9Y8AMROWVq4ZHHvRnW99Q==
x-goog-meta-goog-reserved-file-mtime
1664979227
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
165
x-guploader-uploadid
ADPycdtDDLUGOiqDNU5IaWqdesOANfihezzJdD0haoqzjf03vAdSh26UoxOzwP_59lm1EY_paBm2txXmdCOFPuWH68RmmQ
icon-lock.svg
dcs-static.gprod.postmedia.digital/12.0.2/websites/images/common-icon/ 		690 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/12.0.2/websites/images/common-icon/icon-lock.svg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
1ab332ded1376c272c0b5da6e2c26719a2dbead1844c4e695a86ea4473792d66

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 06:22:27 GMT
x-goog-meta-goog-reserved-file-mtime
1664200844
age
2261
x-guploader-uploadid
ADPycdtSx4baJ1rw5BJqT3ygdLHLKuZyCVKnFLGvIoEuls50WpFWpuVU9_YCTcDNmR1bUDvmZAtQJMfVr9_hoOFUJXylxw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
690
last-modified
Mon, 26 Sep 2022 17:24:51 GMT
server
UploadServer
etag
"987c6575a322590ac03c11e3d8344477"
x-goog-generation
1664213091139228
x-goog-hash
crc32c=GdIEQQ==, md5=mHxldaMiWQrAPBHj2DREdw==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public, max-age=3600
x-cache-hit
hit
x-goog-stored-content-length
690
accept-ranges
bytes
expires
Mon, 17 Oct 2022 07:22:27 GMT
pxid
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/v2.0/ 		46 B
392 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/v2.0/pxid?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.9.241.35.bc.googleusercontent.com
Software
Permutive /
Resource Hash
30b03de95f5e9c07ea30ebbbcd1d3f728dd1eb13d4cad35c5204cadadf6a569a

Request headers

Referer
https://torontosun.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 17 Oct 2022 07:00:08 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66
getuidj
ib.adnxs.com/ 		11 B
704 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.54 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://torontosun.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
content-type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 17 Oct 2022 07:00:08 GMT
AN-X-Request-Uuid
34a4140b-8587-431f-a2f1-251cfc17fc8e
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://torontosun.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.138.252.165; 217.138.252.165; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
Content-Length
11
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
23dc09d6-b664-425a-a76e-0eed6a6cc102-models.bin
cdn.permutive.com/models/v2/ 		23 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/models/v2/23dc09d6-b664-425a-a76e-0eed6a6cc102-models.bin
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.149.54 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2766cefef6caebe2b29cbe713606fca7529b662bcd88385e8943ce5f51efe37a

Request headers

Referer
https://torontosun.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 17 Oct 2022 07:00:08 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-oid
23dc09d6-b664-425a-a76e-0eed6a6cc102
age
415
x-guploader-uploadid
ADPycdukN25kC1vx4qXDunJDPsLa0q6TY192N9NhO1pe8VFOg87h92LHWJEIm3g2ewlFH6YRHghFR1i6Z93YnlQ5Orf76cO5T0vX
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
16321
last-modified
Mon, 17 Oct 2022 06:02:32 GMT
server
cloudflare
etag
"87e56f79d7b21c1596e02dd0f5ad7dfe"
vary
Accept-Encoding
x-goog-generation
1665986552018976
content-type
application/x-binary
access-control-allow-origin
*
x-goog-hash
crc32c=gyVIrw==, md5=h+VvedeyHBWW4C3Q9a19/g==
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=900, no-transform
x-goog-stored-content-length
16321
accept-ranges
bytes
cf-ray
75b727d07832e39b-NRT
expires
Mon, 17 Oct 2022 06:53:13 GMT
geoip
api.permutive.com/v2.0/ 		238 B
351 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
22123e474037986b3761876d17414f22372b748fbf4e76caa0bd2b506eac5ff3

Request headers

Referer
https://torontosun.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 17 Oct 2022 07:00:08 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
watson
api.permutive.com/v2.0/ 		281 B
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/watson?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
93c45b6c4d23d6de935cc95285dbd06307bb024640cb4c186ddb7cdbc091aac1

Request headers

Referer
https://torontosun.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 17 Oct 2022 07:00:08 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
208
xd.js
fem.gprod.postmedia.digital/v68.2/ Frame F04F 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v68.2/xd.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v68.2/xd.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f44091e689c0a3cc077f563375c572805cc30eb6bbf234022ec490488696010a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://fem.gprod.postmedia.digital/v68.2/xd.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 06:45:25 GMT
x-goog-meta-goog-reserved-file-mtime
1664979227
age
883
x-guploader-uploadid
ADPycduznimokyWab8EpMpIW4ma2VyNkurrqrwsbiOYcMY7EICCD46lPC3Ewcs81Fh8zYrOhg-CiN5g_8l0mvZ5gFtUSdcbzoRRo
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51818
last-modified
Wed, 05 Oct 2022 14:14:47 GMT
server
UploadServer
etag
"5936294c776b1ebec67766e99fd4802c"
x-goog-generation
1664979287085854
x-goog-hash
crc32c=uzLZuQ==, md5=WTYpTHdrHr7Gd2bpn9SALA==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=3600
x-cache-hit
hit
x-goog-stored-content-length
51818
accept-ranges
bytes
expires
Mon, 17 Oct 2022 07:45:25 GMT
91fa3ddc-6b5f-444d-9971-a8f7450ff41e
https://torontosun.com/ 		113 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://torontosun.com/91fa3ddc-6b5f-444d-9971-a8f7450ff41e
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04fce1d2bed63500f3c8a33568e74d7749629b595286807ca397de1633adccef

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length
116181
01f3e3c7-23d6-4c76-938c-4d03b68722f1
https://torontosun.com/ 		20 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://torontosun.com/01f3e3c7-23d6-4c76-938c-4d03b68722f1
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4eea21458fcac98479bc75bfe2518e6f4949c119dc9599ba9429da6a91c261b5

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length
20393
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 17 Oct 2022 07:00:08 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 17 Oct 2022 07:00:08 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 17 Oct 2022 07:00:08 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 17 Oct 2022 07:00:08 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 17 Oct 2022 07:00:08 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 17 Oct 2022 07:00:08 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 17 Oct 2022 07:00:08 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 17 Oct 2022 07:00:08 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 17 Oct 2022 07:00:08 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 17 Oct 2022 07:00:08 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 17 Oct 2022 07:00:08 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
2
content-length
0
date
Mon, 17 Oct 2022 07:00:08 GMT
server
ATS/9.1.10.25
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		967 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=3528&u=https%3A%2F%2Ftorontosun.com%2F&pid=xBV4m9HDZS70O&cb=0&ws=1600x1200&v=22.10.32118&t=2000&slots=%5B%7B%22sd%22%3A%22ad-1%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-2%22%2C%22s%22%3A%5B%226x6%22%2C%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-1%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-3%22%2C%22s%22%3A%5B%227x7%22%2C%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-2%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-4%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-3%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-5%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-4%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-6%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-5%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-7%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-6%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-8%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-7%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-9%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-8%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-10%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-9%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-11%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-10%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-12%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.45.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-45-87.nrt20.r.cloudfront.net
Software
Server /
Resource Hash
77f3cea3668cf610af9389a4bb80eaeb0c25f3303ce6c405c0383572d1f23d00

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:08 GMT
via
1.1 175f6538265283354cce43337b053872.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
NRT20-C1
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
967
x-amz-cf-id
wFl4wYb6kdwPxYBUVu6CNkuzFwftMrSqdHll6tavgmHEhkhC1v42SQ==
translator
hbopenbid.pubmatic.com/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.99.77 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://torontosun.com
date
Mon, 17 Oct 2022 07:00:07 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
93b7370c095ad34d71b2f08dcb7373ad266d3a7feee2cceef7c6aa7ec8bb6423

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 17 Oct 2022 07:00:09 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
721c3076abf2534547c1bbd67a0842c8c46542bdd476bf7b842deea1d7880230

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 17 Oct 2022 07:00:09 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
29286a8d99ee88d5b50fe2ce4aa4245aa5262895398816237b283ead33a81617

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 17 Oct 2022 07:00:09 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3577de2161ac3f30e025598bbc80e2cac55772070b29a7f1dfc76d4fd3d9a8c

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 17 Oct 2022 07:00:09 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
25ee9ec5d8ea3c3dd798495d81dea5be870f4f9ebb73ef9360c538587efcce75

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 17 Oct 2022 07:00:09 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
c6522ef0adb89fb6a8020217883da5dfe7866f553bfab7a7032b3491e78ad541

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 17 Oct 2022 07:00:09 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
95fd93e0c1e09a74885a2af6b16bfa68abc61d224ab6be9e621a7dee9d1f4129

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 17 Oct 2022 07:00:09 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
45e6fd98f776235a89af5d03ee1caebc0580a7a30d0ec8006a05403023539f6d

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 17 Oct 2022 07:00:09 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
1b82cb3a77f71a1bb2a4be919b189d1ff14ff9c82846c9f77ed521e4683f38fd

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 17 Oct 2022 07:00:09 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
60ca1c1505fd30d5c235ceda7c4a34f06cfae0c91b98ce2353906b5bde473211

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 17 Oct 2022 07:00:09 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
14f1af5e8ea87e4147d1a323232b628b279678ff618aa9a8b917436e3c4ed0b0

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 17 Oct 2022 07:00:09 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
c046764719bcc5ab7db4a91a61c0cd96eaee75215cd6430d46f6930cda00ef71

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 17 Oct 2022 07:00:09 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
66
arj
postmedia-d.openx.net/w/1.0/ 		175 B
591 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://postmedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Ftorontosun.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=1c049b36-1d21-40fb-bd2d-15b4bf2a6e28%2Cde94c065-1575-44a2-98ae-a1ad82c2af69%2C3cd4e2f8-31b4-45d5-823d-524d94d58a22%2C2651a0a4-bcbb-4b29-a261-b4a14ba94809%2C091aa042-be32-46da-9734-6ea3adefe089%2C0ec31103-0f1e-495b-a769-a3f136617f1f%2C473a8fd9-af65-4711-b30b-517651649620%2Cd3fc15b4-a5d9-41ff-9044-606c9185900d%2Ce0a8b501-5103-4a5e-a018-7b51a3fb9fae%2C35c782fc-c75f-4506-bf7b-3333d1a4e95c%2Caff6a12e-336b-4de2-be68-fff36afc51f2%2C4b5d501e-cba0-4d51-ae56-a1caf6ac8e55&nocache=1665990008505&pubcid=e587df4d-d3e7-4d42-b507-2ab734c908b3&aus=970x90%2C970x250%2C728x90%2C300x250%7C970x90%2C970x250%2C728x90%2C300x250%7C970x90%2C970x250%2C728x90%2C300x250%7C970x90%2C970x250%2C728x90%2C300x250%7C970x90%2C970x250%2C728x90%2C300x250%7C970x90%2C970x250%2C728x90%2C300x250%7C970x90%2C970x250%2C728x90%2C300x250%7C970x90%2C970x250%2C728x90%2C300x250%7C970x90%2C970x250%2C728x90%2C300x250%7C970x90%2C970x250%2C728x90%2C300x250%7C970x90%2C970x250%2C728x90%2C300x250%7C970x90%2C970x250%2C728x90%2C300x250&divids=ad-1%2Cad-2%2Cad-3%2Cad-4%2Cad-5%2Cad-6%2Cad-7%2Cad-8%2Cad-9%2Cad-10%2Cad-11%2Cad-12&aucs=%252F3081%252FSMCO_ENUR_TSUN_EN_WEB%252Findex%2523ad-1%2C%252F3081%252FSMCO_ENUR_TSUN_EN_WEB%252Findex%2523ad-2%2C%252F3081%252FSMCO_ENUR_TSUN_EN_WEB%252Findex%2523ad-3%2C%252F3081%252FSMCO_ENUR_TSUN_EN_WEB%252Findex%2523ad-4%2C%252F3081%252FSMCO_ENUR_TSUN_EN_WEB%252Findex%2523ad-5%2C%252F3081%252FSMCO_ENUR_TSUN_EN_WEB%252Findex%2523ad-6%2C%252F3081%252FSMCO_ENUR_TSUN_EN_WEB%252Findex%2523ad-7%2C%252F3081%252FSMCO_ENUR_TSUN_EN_WEB%252Findex%2523ad-8%2C%252F3081%252FSMCO_ENUR_TSUN_EN_WEB%252Findex%2523ad-9%2C%252F3081%252FSMCO_ENUR_TSUN_EN_WEB%252Findex%2523ad-10%2C%252F3081%252FSMCO_ENUR_TSUN_EN_WEB%252Findex%2523ad-11%2C%252F3081%252FSMCO_ENUR_TSUN_EN_WEB%252Findex%2523ad-12&auid=543843952%2C543843952%2C543843952%2C543843952%2C543843952%2C543843952%2C543843952%2C543843952%2C543843952%2C543843952%2C543843952%2C543843952
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
5cdebbd971717a8ce3c2a331f224db70d210da0618d281ab4a6b90cc24321942

Request headers

Referer
https://torontosun.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:00:08 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://torontosun.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165
expires
Mon, 26 Jul 1997 05:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=613230&v=7.2&ac=j&sd=1&sn=0&r=%7B%22id%22%3A%22404615c4dea9fa1%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Ftorontosun.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A12%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A12%2C%22ren%22%3Afalse%2C%22version%22%3A%227.11.1%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Ftorontosun.com%2F%22%2C%22tmax%22%3A2000%2C%22syncsPerBidder%22%3A3%2C%22pbadslot%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-10%22%2C%22adunitcode%22%3A%22ad-10%22%2C%22divId%22%3A%22ad-10%22%2C%22sn%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%224197e5e5e5817e6%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22gpid%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-1%22%2C%22tid%22%3A%221c049b36-1d21-40fb-bd2d-15b4bf2a6e28%22%7D%7D%2C%7B%22id%22%3A%2248ef2f225fa1425%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22gpid%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-2%22%2C%22tid%22%3A%22de94c065-1575-44a2-98ae-a1ad82c2af69%22%7D%7D%2C%7B%22id%22%3A%2255a7e22ca6fa63e%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22gpid%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-3%22%2C%22tid%22%3A%223cd4e2f8-31b4-45d5-823d-524d94d58a22%22%7D%7D%2C%7B%22id%22%3A%2262aa1798d4c362e%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22gpid%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-4%22%2C%22tid%22%3A%222651a0a4-bcbb-4b29-a261-b4a14ba94809%22%7D%7D%2C%7B%22id%22%3A%226943b9490d2cb13%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22gpid%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-5%22%2C%22tid%22%3A%22091aa042-be32-46da-9734-6ea3adefe089%22%7D%7D%2C%7B%22id%22%3A%22763e3d59ba25ce8%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22gpid%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-6%22%2C%22tid%22%3A%220ec31103-0f1e-495b-a769-a3f136617f1f%22%7D%7D%2C%7B%22id%22%3A%2283c1d40d374ffb%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22gpid%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-7%22%2C%22tid%22%3A%22473a8fd9-af65-4711-b30b-517651649620%22%7D%7D%2C%7B%22id%22%3A%2290e3619bca081e5%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22gpid%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-8%22%2C%22tid%22%3A%22d3fc15b4-a5d9-41ff-9044-606c9185900d%22%7D%7D%2C%7B%22id%22%3A%2297b46e307cab3d%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22gpid%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-9%22%2C%22tid%22%3A%22e0a8b501-5103-4a5e-a018-7b51a3fb9fae%22%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22e587df4d-d3e7-4d42-b507-2ab734c908b3%22%7D%5D%7D%5D%7D%7D
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3652830089ecf6ff8b72418f424ff2a5a1740ef7b0887b24457e65465d2c1213

Request headers

Referer
https://torontosun.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:00:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C%2FlFWS7117Fb22E1rwQk5gwAvXRVetwHDFgw0EEZDEmxdyAUa%2B3Cy9TwH5rOQD8u9P94U%2FXvdAjixYBfHlSG4mQx8Wp7H9pc37mAhLi08wxWHpvs%2Bi73vpg%2FT%2FZjmhYfGDnwxWdY"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://torontosun.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
75b727d14a4780ad-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
572 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=613230&v=7.2&ac=j&sd=1&sn=1&r=%7B%22id%22%3A%22404615c4dea9fa1%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Ftorontosun.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A12%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A12%2C%22ren%22%3Afalse%2C%22version%22%3A%227.11.1%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Ftorontosun.com%2F%22%2C%22tmax%22%3A2000%2C%22syncsPerBidder%22%3A3%2C%22pbadslot%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-12%22%2C%22adunitcode%22%3A%22ad-12%22%2C%22divId%22%3A%22ad-12%22%2C%22sn%22%3A1%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221111cf91c657d103%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22gpid%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-11%22%2C%22tid%22%3A%22aff6a12e-336b-4de2-be68-fff36afc51f2%22%7D%7D%2C%7B%22id%22%3A%221184bd788fd552ab%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613230%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%22%2C%22gpid%22%3A%22%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-12%22%2C%22tid%22%3A%224b5d501e-cba0-4d51-ae56-a1caf6ac8e55%22%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22e587df4d-d3e7-4d42-b507-2ab734c908b3%22%7D%5D%7D%5D%7D%7D
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3652830089ecf6ff8b72418f424ff2a5a1740ef7b0887b24457e65465d2c1213

Request headers

Referer
https://torontosun.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:00:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0xIqyrOs2yblt5up55kwkwm1PfdCmD%2B1DhRt%2BXR%2FXsy1KWyYeVF%2FA64%2FSFK56KHym9%2B%2BDx8VZP1Igm3FNQ3gnUQHxDpqoB6VdKRev4KaHN4fA%2FD49i1ZFa0caFJl8St%2FVQwMd7C0"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://torontosun.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
75b727d14a4980ad-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
cdb
bidder.criteo.com/ 		18 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.11.1&cb=79781355755&lsavail=0
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://torontosun.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 17 Oct 2022 07:00:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
prebid
ib.adnxs.com/ut/v3/ 		19 B
712 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.54 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://torontosun.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 17 Oct 2022 07:00:08 GMT
AN-X-Request-Uuid
5086e5a2-5e4a-468a-9a96-3c22b8c3ee1f
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://torontosun.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.138.252.165; 217.138.252.165; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		1 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14648&site_id=359816&zone_id=1939012&size_id=15&alt_size_ids=2%2C55%2C57&eid_pubcid.org=e587df4d-d3e7-4d42-b507-2ab734c908b3%5E1&rf=https%3A%2F%2Ftorontosun.com%2F&tg_i.aupname=%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex&tg_i.pbadslot=%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-1%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-2%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-3%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-4%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-5%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-6%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-7%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-8%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-9%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-10&tk_flint=dmpbjs_v7.11.1&x_source.tid=1c049b36-1d21-40fb-bd2d-15b4bf2a6e28%3Bde94c065-1575-44a2-98ae-a1ad82c2af69%3B3cd4e2f8-31b4-45d5-823d-524d94d58a22%3B2651a0a4-bcbb-4b29-a261-b4a14ba94809%3B091aa042-be32-46da-9734-6ea3adefe089%3B0ec31103-0f1e-495b-a769-a3f136617f1f%3B473a8fd9-af65-4711-b30b-517651649620%3Bd3fc15b4-a5d9-41ff-9044-606c9185900d%3Be0a8b501-5103-4a5e-a018-7b51a3fb9fae%3B35c782fc-c75f-4506-bf7b-3333d1a4e95c&l_pb_bid_id=15261e2ccde19da6%3B153e6de8ae56cd03%3B154eb2436d830668%3B155e97119c917466%3B15698295d34f8e66%3B15761e61a217ccca%3B158533a1755ea597%3B159fe7fdf9947972%3B160d7c296f50e114%3B161fe692dafa8e05&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-1%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-2%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-3%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-4%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-5%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-6%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-7%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-8%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-9%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-10&slots=10&rand=0.4873706389605459
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
050886b3678519ee143666168d0bfecc4a877d4e17018883bf2afbd097fe60c1

Request headers

Referer
https://torontosun.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 17 Oct 2022 07:00:08 GMT
Content-Encoding
gzip
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://torontosun.com
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
486
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		459 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14648&site_id=359816&zone_id=1939012&size_id=15&alt_size_ids=2%2C55%2C57&eid_pubcid.org=e587df4d-d3e7-4d42-b507-2ab734c908b3%5E1&rf=https%3A%2F%2Ftorontosun.com%2F&tg_i.aupname=%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex&tg_i.pbadslot=%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-11%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-12&tk_flint=dmpbjs_v7.11.1&x_source.tid=aff6a12e-336b-4de2-be68-fff36afc51f2%3B4b5d501e-cba0-4d51-ae56-a1caf6ac8e55&l_pb_bid_id=162706edeb38ae2%3B1638d572e06a134&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-11%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-12&slots=2&rand=0.5255707755900834
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f6f03a64d2299bbf4be1195f7983ca706493e9aa99d83a54e8ed230fadd8eb1c

Request headers

Referer
https://torontosun.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 17 Oct 2022 07:00:08 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://torontosun.com
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
459
Expires
Wed, 17 Sep 1975 21:32:10 GMT
44fadb2e016752bbc2bd0.js
dcs-static.gprod.postmedia.digital/12.0.2/websites/js/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/12.0.2/websites/js/44fadb2e016752bbc2bd0.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/12.0.2/CACHE/js/shared.75ba4396012c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8512a94c30dc7fda4931ae11fc195ee3f2cbad5dff1dc2567cf3725c33093b2d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 06:02:59 GMT
x-goog-meta-goog-reserved-file-mtime
1664200841
age
3429
x-guploader-uploadid
ADPycdvzyC6jEnJrEsFBCJ4TQVXeL3mk-DO9azeQZtXxRpcZoqmXTcUbCQRLxgpZDBkXDgj4KxArBkAKlY86Qy-oDHgdwGddgTQk
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7123
last-modified
Mon, 26 Sep 2022 17:25:06 GMT
server
UploadServer
etag
"17eaf306b1554c518adf25a681d7b0f2"
x-goog-generation
1664213106630192
x-goog-hash
crc32c=WGhHWA==, md5=F+rzBrFVTFGK3yWmgdew8g==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=3600
x-cache-hit
hit
x-goog-stored-content-length
7123
accept-ranges
bytes
expires
Mon, 17 Oct 2022 07:02:59 GMT
a2ab544ae6c48636370816.js
dcs-static.gprod.postmedia.digital/12.0.2/websites/js/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/12.0.2/websites/js/a2ab544ae6c48636370816.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/12.0.2/CACHE/js/shared.75ba4396012c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
d47f317138ec8083450b63c742957db8398eb19bae70913819b81dda472b6283

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 06:12:27 GMT
x-goog-meta-goog-reserved-file-mtime
1664200842
age
2861
x-guploader-uploadid
ADPycdvgWQejEBy70oAwzktpiuIX5Um6j7mY-UvsOq8GaX2KIY56Q9egNblKjTamPHlb7Go6CLXRp8qeglhnL1eHhC4i1g
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10244
last-modified
Mon, 26 Sep 2022 17:25:10 GMT
server
UploadServer
etag
"865d805f405db9b3e24e2e196b221c77"
x-goog-generation
1664213110300409
x-goog-hash
crc32c=ghE54w==, md5=hl2AX0BdubPiTi4ZayIcdw==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=3600
x-cache-hit
hit
x-goog-stored-content-length
10244
accept-ranges
bytes
expires
Mon, 17 Oct 2022 07:12:27 GMT
7448bbfb433e588899f11.js
dcs-static.gprod.postmedia.digital/12.0.2/websites/js/ 		16 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/12.0.2/websites/js/7448bbfb433e588899f11.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/12.0.2/CACHE/js/shared.75ba4396012c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
32df43a530d768d4483680f784fd97eb35f86cdc3086ea546f186254e99dac6c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 06:02:59 GMT
x-goog-meta-goog-reserved-file-mtime
1664200842
age
3429
x-guploader-uploadid
ADPycdt6KGMU_t-1UtfhBYmV8ecd2uwJ5Vp6mwH7HaECkjiE-f3k9EkNdi59_9hJEBa420YZfWKQVPNwkCxH-2o0BT0gP97ulHNl
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16335
last-modified
Mon, 26 Sep 2022 17:25:08 GMT
server
UploadServer
etag
"844dce4c9dfa4a31e3114455b1956875"
x-goog-generation
1664213108524861
x-goog-hash
crc32c=qnB/Gw==, md5=hE3OTJ36SjHjEURVsZVodQ==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=3600
x-cache-hit
hit
x-goog-stored-content-length
16335
accept-ranges
bytes
expires
Mon, 17 Oct 2022 07:02:59 GMT
3925d2ee8908d985b3272.js
dcs-static.gprod.postmedia.digital/12.0.2/websites/js/ 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/12.0.2/websites/js/3925d2ee8908d985b3272.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/12.0.2/CACHE/js/shared.75ba4396012c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
dae6f542fa2ee873b80e056bcd4c807f9d0a4fb86da790e74debb09c8a04cb93

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 06:05:25 GMT
x-goog-meta-goog-reserved-file-mtime
1664200841
age
3283
x-guploader-uploadid
ADPycdsMVsELdKYSxWfRzJwAhisG2jUM-Ej0YMgmTpcNx1IHps5h3q0G04zM5ZcvTXbh9SGaXrwyuX9Rnhzg2yndQQcgdfJyIj1b
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52614
last-modified
Mon, 26 Sep 2022 17:25:06 GMT
server
UploadServer
etag
"e6cf941211a6e40dfe1756d9dccad449"
x-goog-generation
1664213106228792
x-goog-hash
crc32c=Jcv5fA==, md5=5s+UEhGm5A3+F1bZ3MrUSQ==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=3600
x-cache-hit
hit
x-goog-stored-content-length
52614
accept-ranges
bytes
expires
Mon, 17 Oct 2022 07:05:25 GMT
5f54a515a11c045d21db9.js
dcs-static.gprod.postmedia.digital/12.0.2/websites/js/ 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/12.0.2/websites/js/5f54a515a11c045d21db9.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/12.0.2/CACHE/js/shared.75ba4396012c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
0b5bcd5e455fe140dfa582f1f66284a5af4f1de829a3341cca1720cc6b02d8ad

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 06:05:25 GMT
x-goog-meta-goog-reserved-file-mtime
1664200841
age
3283
x-guploader-uploadid
ADPycdv4qmLdyabk5vYHejZvTD7Lq8UkvA41r7b3Zd327VkyKgQRJUCwCXjnEBa8mGLZHiSdqDUHr9mbObDkTB1SOwJmY7MLJ-gz
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11948
last-modified
Mon, 26 Sep 2022 17:25:07 GMT
server
UploadServer
etag
"573821eee93af18fd784db707425fab0"
x-goog-generation
1664213107681652
x-goog-hash
crc32c=Pbs9ng==, md5=Vzgh7uk68Y/XhNtwdCX6sA==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=3600
x-cache-hit
hit
x-goog-stored-content-length
11948
accept-ranges
bytes
expires
Mon, 17 Oct 2022 07:05:25 GMT
c2a48fed442a0877888932.js
dcs-static.gprod.postmedia.digital/12.0.2/websites/js/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/12.0.2/websites/js/c2a48fed442a0877888932.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/12.0.2/CACHE/js/shared.75ba4396012c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
6e3717c11e421a2267e1ab728461aeed493cbfdfe18e0448895effd0ec2454c2

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 06:05:26 GMT
x-goog-meta-goog-reserved-file-mtime
1664200842
age
3282
x-guploader-uploadid
ADPycdu88hPxemICQOkXC7Hdr0-72yt2hCGR0Usg8RIFYfRqYFf2ak1aoCiqcIsBjKGL5VOYWKVHoi6hmFCg3O0vtkdYkA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4731
last-modified
Mon, 26 Sep 2022 17:25:11 GMT
server
UploadServer
etag
"dc3bc4a484961daf4f3c08f808b24994"
x-goog-generation
1664213111232971
x-goog-hash
crc32c=7fNu8A==, md5=3DvEpISWHa9PPAj4CLJJlA==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=3600
x-cache-hit
hit
x-goog-stored-content-length
4731
accept-ranges
bytes
expires
Mon, 17 Oct 2022 07:05:26 GMT
a7d51c8530302bc08dfa7.js
dcs-static.gprod.postmedia.digital/12.0.2/websites/js/ 		21 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/12.0.2/websites/js/a7d51c8530302bc08dfa7.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/12.0.2/CACHE/js/shared.75ba4396012c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
bf7b6275d2a54599893fded12ba1bd7f0c96495c01fe6cac2322bc0c2382b4ff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 06:05:25 GMT
x-goog-meta-goog-reserved-file-mtime
1664200841
age
3283
x-guploader-uploadid
ADPycdsrr768C-AVcYrf9otXY1flDosQo7RM9AlIAJyxpfQIJmjrk2Szt1hpAas843Pyb2euR7VGwaesX9rDcZszorc2
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21144
last-modified
Mon, 26 Sep 2022 17:25:10 GMT
server
UploadServer
etag
"437ef1f44a5266e3593d674096452d11"
x-goog-generation
1664213110514499
x-goog-hash
crc32c=I99Qgg==, md5=Q37x9EpSZuNZPWdAlkUtEQ==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=3600
x-cache-hit
hit
x-goog-stored-content-length
21144
accept-ranges
bytes
expires
Mon, 17 Oct 2022 07:05:25 GMT
0b1154d774bfa95dd27717.js
dcs-static.gprod.postmedia.digital/12.0.2/websites/js/ 		53 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/12.0.2/websites/js/0b1154d774bfa95dd27717.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/12.0.2/CACHE/js/shared.75ba4396012c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
d0f488f1761405c4d104ab6afb960dd43df877df95c3d3efc1d14a42376645ca

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 06:46:04 GMT
x-goog-meta-goog-reserved-file-mtime
1664200842
age
844
x-guploader-uploadid
ADPycduD313awTCXDdSSa_YEbFezWBcuOluUT76_bOafT4WEdXYmoLfLSMwrnilJ0AbsPEo35XHFdpIH7bu6OREDNwo95Q
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54763
last-modified
Mon, 26 Sep 2022 17:25:01 GMT
server
UploadServer
etag
"fc1f183bbe7dddd0c8b5430ee8ed5e28"
x-goog-generation
1664213101977817
x-goog-hash
crc32c=Ru5y7g==, md5=/B8YO7593dDItUMO6O1eKA==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=3600
x-cache-hit
hit
x-goog-stored-content-length
54763
accept-ranges
bytes
expires
Mon, 17 Oct 2022 07:46:04 GMT
7a8c62b980a55481fce15.js
dcs-static.gprod.postmedia.digital/12.0.2/websites/js/ 		16 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/12.0.2/websites/js/7a8c62b980a55481fce15.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/12.0.2/CACHE/js/shared.75ba4396012c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
54d22e3cfe61d7d3c91a2b45d4e0bf68f444e4ee4cd875cee9a5084dd13af0db

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 06:55:21 GMT
x-goog-meta-goog-reserved-file-mtime
1664200842
age
287
x-guploader-uploadid
ADPycdve0VsaNK6loSSASYzPkoQxRod8FsDOORO_bS3dFY6xhjhWdJa69cpyKUhloHlgjOOu6adBXwm9W29RBfZpJKNauLzr3LTR
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16766
last-modified
Mon, 26 Sep 2022 17:25:08 GMT
server
UploadServer
etag
"a0eafe00f4b14b1551806e2cd15efc2b"
x-goog-generation
1664213108961731
x-goog-hash
crc32c=MmOX9A==, md5=oOr+APSxSxVRgG4s0V78Kw==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=3600
x-cache-hit
hit
x-goog-stored-content-length
16766
accept-ranges
bytes
expires
Mon, 17 Oct 2022 07:55:21 GMT
630b966834c6cfc064fe6.js
dcs-static.gprod.postmedia.digital/12.0.2/websites/js/ 		15 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/12.0.2/websites/js/630b966834c6cfc064fe6.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/12.0.2/CACHE/js/shared.75ba4396012c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
dc37d5357099d1475d55c28ddcdc1c218ca37890be4a4b33e8e9413114c5ae0f

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 06:29:16 GMT
x-goog-meta-goog-reserved-file-mtime
1664200841
age
1852
x-guploader-uploadid
ADPycdu_R_MYNnRc4o_9PruUuMugl0sBmMcbJWIa_sAzi6LBVkM-EJQWjFYRGS051xMjIwMT56Tg8iB1IOvpdCT2D1hzcw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14919
last-modified
Mon, 26 Sep 2022 17:25:07 GMT
server
UploadServer
etag
"590d4e6307cc8c08c0f4e14c66747e81"
x-goog-generation
1664213107970014
x-goog-hash
crc32c=4EF2nA==, md5=WQ1OYwfMjAjA9OFMZnR+gQ==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=3600
x-cache-hit
hit
x-goog-stored-content-length
14919
accept-ranges
bytes
expires
Mon, 17 Oct 2022 07:29:16 GMT
2492a8a9cc03230157398.js
dcs-static.gprod.postmedia.digital/12.0.2/websites/js/ 		14 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/12.0.2/websites/js/2492a8a9cc03230157398.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/12.0.2/CACHE/js/shared.75ba4396012c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
90e125c512e72bee59bf8c3e6fd8233830709d4bb22c5791aa626ef2653a2127

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 06:26:48 GMT
x-goog-meta-goog-reserved-file-mtime
1664200842
age
2000
x-guploader-uploadid
ADPycdtLUAkLzd4olVNxit6_F8u7MT7V-sKxe0zTynnZHZtvmrDkY_5WtfVDI_YeuZuQMSHLERHopcMBltYsrmkEr7Sxow
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14321
last-modified
Mon, 26 Sep 2022 17:25:05 GMT
server
UploadServer
etag
"d4b80c4db8188442ea6036dd3eabdec5"
x-goog-generation
1664213105540888
x-goog-hash
crc32c=h/lTYA==, md5=1LgMTbgYhELqYDbdPqvexQ==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=3600
x-cache-hit
hit
x-goog-stored-content-length
14321
accept-ranges
bytes
expires
Mon, 17 Oct 2022 07:26:48 GMT
e16e1c5be88692aaebea21.js
dcs-static.gprod.postmedia.digital/12.0.2/websites/js/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/12.0.2/websites/js/e16e1c5be88692aaebea21.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/12.0.2/CACHE/js/shared.75ba4396012c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
79ac0a4f29873d7d66aa02765ae1c687af9685330ebe55210ab474058277668a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 06:29:16 GMT
x-goog-meta-goog-reserved-file-mtime
1664200842
age
1852
x-guploader-uploadid
ADPycdtSMDVTlooOk5ym7CGb1NsrrBcU2YEDjRX9glWWCKMV-mtn4foYmHOQ262y_QNAS--U_MlA2hWwEO4kMnSLANN2Ow
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10370
last-modified
Mon, 26 Sep 2022 17:25:11 GMT
server
UploadServer
etag
"2fa88f3d7c6fdf8423f9399f0e81c53d"
x-goog-generation
1664213111818040
x-goog-hash
crc32c=cnSO3A==, md5=L6iPPXxv34Qj+TmfDoHFPQ==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=3600
x-cache-hit
hit
x-goog-stored-content-length
10370
accept-ranges
bytes
expires
Mon, 17 Oct 2022 07:29:16 GMT
5159f816491fff51b93d10.js
dcs-static.gprod.postmedia.digital/12.0.2/websites/js/ 		22 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/12.0.2/websites/js/5159f816491fff51b93d10.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/12.0.2/CACHE/js/shared.75ba4396012c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
c204bb9159a6ec92eb4005aa9b807c628b06a8b34603f0634b6cf2fda75243ca

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 06:55:21 GMT
x-goog-meta-goog-reserved-file-mtime
1664200842
age
287
x-guploader-uploadid
ADPycdv6vA7fyB1w9LFKXdJqF2wwD_ExuY9GjeTAcUkvK4COOYVAmB8_UHq9IT2xz-o31nzuNv8KJghDerbyQxRP4rlZVLQ9GlkX
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22279
last-modified
Mon, 26 Sep 2022 17:25:07 GMT
server
UploadServer
etag
"0377ce8dcad3e6a65b1658522bf8e56c"
x-goog-generation
1664213107186631
x-goog-hash
crc32c=ps58Hg==, md5=A3fOjcrT5qZbFlhSK/jlbA==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=3600
x-cache-hit
hit
x-goog-stored-content-length
22279
accept-ranges
bytes
expires
Mon, 17 Oct 2022 07:55:21 GMT
63dd8b15cddfa217569419.js
dcs-static.gprod.postmedia.digital/12.0.2/websites/js/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/12.0.2/websites/js/63dd8b15cddfa217569419.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/12.0.2/CACHE/js/shared.75ba4396012c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e8fc7f1624adcfdcb70b286ee9e5c09fb3befa7258352d75f9544b55d89b8c37

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 06:46:04 GMT
x-goog-meta-goog-reserved-file-mtime
1664200842
age
844
x-guploader-uploadid
ADPycdsfYf3TlP_-6uKrs_B7j1A4XmC58afQeR-swylvROGuomOmJG17DTGv9ll0PsKHQviitZ3SDz8mVZuBTYaeCxg6V-TgXwFY
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4096
last-modified
Mon, 26 Sep 2022 17:25:08 GMT
server
UploadServer
etag
"e48024026b430134fbb21128014eaaee"
x-goog-generation
1664213108006475
x-goog-hash
crc32c=t34CUA==, md5=5IAkAmtDATT7shEoAU6q7g==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=3600
x-cache-hit
hit
x-goog-stored-content-length
4096
accept-ranges
bytes
expires
Mon, 17 Oct 2022 07:46:04 GMT
robotdog-e1665942067539.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/10/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/10/robotdog-e1665942067539.jpg?quality=90&strip=all&w=344&type=webp
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
d0d1394f93a35feb01ce128fa2cb41a90651d0ec0e1869e1ad389bbf33b269d1

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Sun, 16 Oct 2022 21:27:19 GMT
via
1.1 google
server
nginx/1.19.10
age
34369
etag
"65d783860417b395af0489fcd176f50e32b6d804"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-6564f6b646-2mw4k
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18324
toronto-police-files-july1-scaled-e1656679285529.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/07/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/07/toronto-police-files-july1-scaled-e1656679285529.jpg?quality=90&strip=all&w=344&type=webp
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
2bf2a8271fcdf83e9a9435cb5d6afd3be5b667f12ef8222aa89c0fe480010052

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 17 Oct 2022 06:14:26 GMT
via
1.1 google
server
nginx/1.19.10
age
2743
etag
"c9f6c61086057cbe4ed7a34205c97eb25b160aaf"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-6564f6b646-ndvm7
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22954
king-charles-4.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/10/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/10/king-charles-4.jpg?quality=90&strip=all&w=344&type=webp
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
e42136a4c33528bfc922c675163cdf1f948d41fda5bfcb0e8285c586cae953a3

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 17 Oct 2022 05:49:52 GMT
via
1.1 google
server
nginx/1.19.10
age
4217
etag
"887554fac19fb10982007d9b74dc37cd7edda513"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-6564f6b646-2br9d
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30632
Liz-Truss-Oct14-scaled-e1665962771735.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/10/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/10/Liz-Truss-Oct14-scaled-e1665962771735.jpg?quality=90&strip=all&w=344&type=webp
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
dd74fbff2dca7f0d343d6bbb43f8fc486b1f3807007ebd06e6afa4ee9c269f6c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 17 Oct 2022 05:49:52 GMT
via
1.1 google
server
nginx/1.19.10
age
4216
etag
"3ceb81db12f2289c97568950e06fd9b19acf90fb"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-6564f6b646-ndvm7
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12890
GettyImages-1334359656-e1665777289159.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/10/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/10/GettyImages-1334359656-e1665777289159.jpg?quality=90&strip=all&w=344&type=webp
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
ce646cb3b58c90ebcb5fd7324cc68beadc741c6df8beb0af556cf2acc45c1606

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 17 Oct 2022 05:09:23 GMT
via
1.1 google
server
nginx/1.19.10
age
6645
etag
"f5991a1386a23f7b2e39e7d712fea67598665c53"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-6564f6b646-fqx47
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11070
/
torontosun.com/api-root/media/videos/playlists/JQkbLqiZ/player/json/ 		9 KB
9 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://torontosun.com/api-root/media/videos/playlists/JQkbLqiZ/player/json/
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/12.0.2/websites/js/2492a8a9cc03230157398.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.249.109 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
109.249.111.34.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
90c9b71c06661b429200058b5d1ed00807cb45e3760dd956e77e3d0129d56a41
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-dynamic' 'unsafe-inline' data: blob:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:08 GMT
content-security-policy
default-src * 'unsafe-eval' 'unsafe-dynamic' 'unsafe-inline' data: blob:
x-content-type-options
nosniff
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9580
referrer-policy
strict-origin-when-cross-origin
last-modified
Monday, 17-Oct-2022 07:00:08 GMT
server
nginx/1.14.2
x-pmd-backend
cheetah-nginx, pmd-nginx-proxy-c7db8d578-lr7g7
vary
Accept-Encoding, Accept, Cookie, Origin
allow
GET, HEAD, OPTIONS
content-type
application/json
x-frame-options
SAMEORIGIN
cache-control
max-age=900, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
permissions-policy
autoplay=(*), camera=(*), display-capture=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), microphone=(*), payment=(*)
expires
Mon, 17 Oct 2022 07:03:14 GMT
simple
api.sail-personalize.com/v1/personalize/ 		288 B
496 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Requested by
Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.40.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash
4050bb73907cdf1546c87877c1d3fd6276c6f568de6d23a7c0e2c31861811be3

Request headers

x-lib-version
v1.0.1
accept-language
jp-JP,jp;q=0.9
authorization
Bearer b9d3df2fccd108b5eff3c44f573b2cd6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
content-type
application/json
accept
application/json
Referer
https://torontosun.com/
x-referring-url
https://torontosun.com/

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:00:09 GMT
content-encoding
gzip
allowedorigins
*
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
allowedmethods
GET,OPTIONS
cache-control
no-store
access-control-allow-credentials
true
allowedheaders
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length
195
expires
-1
simple
api.sail-personalize.com/v1/personalize/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.40.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-lib-version,x-referring-url
Access-Control-Request-Method
GET
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
access-control-allow-methods
OPTIONS,GET,POST,PUT,DELETE
access-control-allow-origin
https://torontosun.com
access-control-max-age
1800
allow
HEAD,GET,OPTIONS
content-length
18
content-type
text/plain
date
Mon, 17 Oct 2022 07:00:09 GMT
segment
api.permutive.com/adv/v2/ 		14 B
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/adv/v2/segment?new-session=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d

Request headers

Referer
https://torontosun.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 17 Oct 2022 07:00:08 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14
content-type
application/json
sync
googlesync.permutive.com/v2.0/px/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=8875f879-e059-46a3-98d9-f2a2549870e3
  • https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=8875f879-e059-46a3-98d9-f2a2549870e3&google_tc=
  • https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEL0how-TnABtRHtvE2Jp8Uk&error=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=8875f879-e059-46a3-98d9-f2a2549870e3&google_cver=1
35 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEL0how-TnABtRHtvE2Jp8Uk&error=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=8875f879-e059-46a3-98d9-f2a2549870e3&google_cver=1
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:09 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
vary
Origin
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:00:08 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEL0how-TnABtRHtvE2Jp8Uk&error=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=8875f879-e059-46a3-98d9-f2a2549870e3&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
404
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
identify
api.permutive.com/v2.0/ 		50 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
97c38613f17e246a364928ff5bbc103d0317fc594ccd2af341424981ec4cca22

Request headers

Referer
https://torontosun.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 17 Oct 2022 07:00:08 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
62a3lb8d-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/eIXqoUBq/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/62a3lb8d-320.jpg
10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/62a3lb8d-320.jpg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
27fbbd71a46758859f6b79fe683740f7e4f8361074f949307dd138df207a6083

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:09 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
96
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
9638
x-served-by
cache-iad-kiad7000020-IAD, cache-tyo11974-TYO
last-modified
Fri, 14 Oct 2022 19:10:54 GMT
server
nginx
x-timer
S1665990009.151970,VS0,VE166
etag
"7c4d6e42ccf210aea52cbd30f2fc0e82"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
6, 1

Redirect headers

date
Mon, 17 Oct 2022 07:00:09 GMT
via
1.1 c7f3213e2a3260f1c4aa8c8f7832ebbc.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
NRT57-C3
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/62a3lb8d-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
YKDMqbkBbyaPCu6gFka8Mkrf2cp61PvkL9QS6NcPYIJJ4luMwl2k1Q==
rq1rbqpz-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/nQpwGl9i/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/rq1rbqpz-320.jpg
21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/rq1rbqpz-320.jpg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7c91779a997bce5f8fcaab915fd0372a579562c0f4bf0f14cb6b4d131d5515f6

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:09 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
591
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS
content-length
20912
x-served-by
cache-iad-kiad7000057-IAD, cache-tyo11974-TYO
last-modified
Fri, 14 Oct 2022 18:19:11 GMT
server
nginx
x-timer
S1665990009.151882,VS0,VE154
etag
"0723a66e1eeb3f95029e912745f737dc"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
24, 0

Redirect headers

date
Mon, 17 Oct 2022 07:00:09 GMT
via
1.1 c7f3213e2a3260f1c4aa8c8f7832ebbc.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
NRT57-C3
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/rq1rbqpz-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
jWV32inIk0eNMOy03bHqV8gbAaJZ8acPeKoCOPj0LbDKnwPIUFifSg==
lpgihw6r-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/X8KTVpPu/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/lpgihw6r-320.jpg
11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/lpgihw6r-320.jpg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6eff61560a18ee88d46fe42338360d72283be1f18917873a67f173537a60b335

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:09 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
97
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
10824
x-served-by
cache-iad-kcgs7200049-IAD, cache-tyo11974-TYO
last-modified
Fri, 14 Oct 2022 16:20:05 GMT
server
nginx
x-timer
S1665990009.151762,VS0,VE165
etag
"3160fe09000df2d56d82232f6f2ca326"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
25, 1

Redirect headers

date
Mon, 17 Oct 2022 07:00:08 GMT
via
1.1 c7f3213e2a3260f1c4aa8c8f7832ebbc.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
NRT57-C3
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/lpgihw6r-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
WPvpw_OsjAJeEY7Axa1LWsu8Ph8svp1MThwJ1F_Uq-ZpQ-WBamO1GQ==
n6eatlc2-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/ykN6ht0q/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/n6eatlc2-320.jpg
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/n6eatlc2-320.jpg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
98d5e37cb6ce3ce26b2701c23ca7f5081c735b69c2083ebfdb7d5b9b164726c3

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:09 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
97
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS
content-length
14548
x-served-by
cache-iad-kcgs7200147-IAD, cache-tyo11974-TYO
last-modified
Fri, 14 Oct 2022 14:43:13 GMT
server
nginx
x-timer
S1665990009.151926,VS0,VE167
etag
"8ebbe968ddce611269a507350300edc0"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
3, 0

Redirect headers

date
Mon, 17 Oct 2022 07:00:09 GMT
via
1.1 c7f3213e2a3260f1c4aa8c8f7832ebbc.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
NRT57-C3
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/n6eatlc2-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
YeehgNpksq67AkuI-cGgHPc2Fd2qr6KWheXBBCWNx_j0eSZkJVhI8w==
b9xj87ws-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/0PoLgwsH/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/b9xj87ws-320.jpg
19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/b9xj87ws-320.jpg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b36875859aecad1a5c337e71bb4de717f4dbbad6b6e0cba7d1d5622bf4698e85

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:09 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
96
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
18857
x-served-by
cache-iad-kiad7000066-IAD, cache-tyo11974-TYO
last-modified
Fri, 14 Oct 2022 02:00:22 GMT
server
nginx
x-timer
S1665990009.152143,VS0,VE166
etag
"ad65f496583f06dcadbc7b1e570fa445"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
12, 1

Redirect headers

date
Mon, 17 Oct 2022 07:00:08 GMT
via
1.1 c7f3213e2a3260f1c4aa8c8f7832ebbc.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
NRT57-C3
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/b9xj87ws-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
R-SIywujw5DKZvncrLPTtGk5pFVDhEJ0GO_Rt9eATjRHdhaOUgjVGw==
vx2h3pzn-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/NxVvpMi5/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/vx2h3pzn-320.jpg
21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/vx2h3pzn-320.jpg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
25afd6b6846fce474679a4cc62bef611cadbf573b0d97a962f1dbe6137fcdc1c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:09 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
97
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
21815
x-served-by
cache-iad-kcgs7200157-IAD, cache-tyo11974-TYO
last-modified
Thu, 13 Oct 2022 19:14:09 GMT
server
nginx
x-timer
S1665990009.152152,VS0,VE173
etag
"5711cb0368e89d34d3d9c368bbafed5f"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
6, 1

Redirect headers

date
Mon, 17 Oct 2022 07:00:09 GMT
via
1.1 c7f3213e2a3260f1c4aa8c8f7832ebbc.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
NRT57-C3
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/vx2h3pzn-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
cW-q1vrchEq0DnT8-cvDvBFnUV-EvWIrn_b09MFixsD9uvD6yA5Jew==
csf4w93n-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/NUYBZoNw/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/csf4w93n-320.jpg
29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/csf4w93n-320.jpg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b9fe76e1434ad33572235ff9aff7c6101760ace85b9fedbaa388ea59feb25a07

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:09 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
9
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
29121
x-served-by
cache-iad-kiad7000078-IAD, cache-tyo11974-TYO
last-modified
Thu, 13 Oct 2022 17:43:20 GMT
server
nginx
x-timer
S1665990009.152347,VS0,VE153
etag
"0231880c387f1994908c563669328ae0"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
3, 1

Redirect headers

date
Mon, 17 Oct 2022 07:00:09 GMT
via
1.1 c7f3213e2a3260f1c4aa8c8f7832ebbc.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
NRT57-C3
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/csf4w93n-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
_H7L9i0nV7Eo29pkkiMi5gB5EkyiHyKlGi0SvjYHROk9kbx5JZwFtg==
wm2dsk5u-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/z2bJ6vRW/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/wm2dsk5u-320.jpg
30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/wm2dsk5u-320.jpg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d369cf1acd0ca34c0c2a45de2e9df345ab2985d0728a3f5e32b2d2b577e3d264

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:09 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
460
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS
content-length
30669
x-served-by
cache-iad-kiad7000030-IAD, cache-tyo11974-TYO
last-modified
Wed, 12 Oct 2022 23:57:32 GMT
server
nginx
x-timer
S1665990009.152355,VS0,VE164
etag
"435be2eaf0b581b276be1f42fdfacb59"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
22, 0

Redirect headers

date
Mon, 17 Oct 2022 07:00:09 GMT
via
1.1 c7f3213e2a3260f1c4aa8c8f7832ebbc.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
NRT57-C3
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/wm2dsk5u-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
4FhgwawTr0pGnEapWawv3PaIa5rasaWaZvMBzj8vijP2ZOwe8J8xPw==
f19f8jsz-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/zaYfvAnl/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/f19f8jsz-320.jpg
22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/f19f8jsz-320.jpg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
eecb1a57167d4db160e84da0069d9a331081e455594f0092cff3467999da76b2

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:09 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
365
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
22351
x-served-by
cache-iad-kcgs7200132-IAD, cache-tyo11974-TYO
last-modified
Wed, 12 Oct 2022 20:44:23 GMT
server
nginx
x-timer
S1665990009.420521,VS0,VE160
etag
"f4485784c3f4d6fd57cc0a66fa34a269"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
24, 1

Redirect headers

date
Mon, 17 Oct 2022 07:00:09 GMT
via
1.1 c7f3213e2a3260f1c4aa8c8f7832ebbc.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
NRT57-C3
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/f19f8jsz-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
zu_ZSzu3QixaHpwxxEztkHoVsAp--mkcR4G1nCXzvZwWSZpCFwAo3A==
90mub88s-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/CjeYKIVt/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/90mub88s-320.jpg
17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/90mub88s-320.jpg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7e137580c49812e09a46670774dabff4095b09a9c2fec225cca9c4d4b441ca00

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:09 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
96
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
17487
x-served-by
cache-iad-kcgs7200137-IAD, cache-tyo11974-TYO
last-modified
Fri, 14 Oct 2022 20:24:06 GMT
server
nginx
x-timer
S1665990009.152339,VS0,VE159
etag
"f080fc51d8acb9f26178a456cec7be25"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
5, 1

Redirect headers

date
Mon, 17 Oct 2022 07:00:09 GMT
via
1.1 c7f3213e2a3260f1c4aa8c8f7832ebbc.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
NRT57-C3
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/90mub88s-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
WfSYOMr6-kVh89FrgSYOJh_utTfQY3vUMMrm21c1PzL2H5jhQ_sieQ==
IrYAVodh.js
cdn.jwplayer.com/libraries/ 		119 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/libraries/IrYAVodh.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/12.0.2/websites/js/7a8c62b980a55481fce15.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2142:5000:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
ff21ef4e2519fcd6224a99c016edccf2f4b4815a33b8b1a71fc36c07839d7997

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 06:57:22 GMT
content-encoding
gzip
via
1.1 c7f3213e2a3260f1c4aa8c8f7832ebbc.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
NRT57-C3
age
166
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180
content-length
42656
x-amz-cf-id
i990Q4O_Qg7u7-JJxrJ1yVURLwvCpHbx8cSWstGjlhZ_rxANbkylmA==
JQkbLqiZ
cdn.jwplayer.com/v2/media/ 		51 B
407 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/v2/media/JQkbLqiZ
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/12.0.2/websites/js/7a8c62b980a55481fce15.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2142:5000:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
bf816b537d6e50338a0b2dd6a1d6baa58058a20d3ebd62b598f9bbf00eb81b06

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:09 GMT
content-encoding
gzip
via
1.1 219d0ad0ca0f00674a69e52f5f2719a0.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
NRT57-C3
x-cache
Error from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
content-length
69
x-amz-cf-id
a3TqTU7G0aQzFLpEeiI1vIIazxtfpBkfBDG7JsYCfr1u7fiytDUzpg==
expires
Mon, 17 Oct 2022 07:03:09
iu3
s.amazon-adsystem.com/ Frame AE64
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_pm-db5_rbd_n-vmg_ox-db5_an-db5_3lift
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_pm-db5_rbd_n-vmg_ox-db5_an-db5_3lift&dcc=t
324 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_pm-db5_rbd_n-vmg_ox-db5_an-db5_3lift&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
83b4062f5dbd9a88726fab5b46e946b7beae1cdfa3ea44a773e0858e67a8fbf9
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
324
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 17 Oct 2022 07:00:09 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
PGGHAD12XK4KNZSESGG7

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Mon, 17 Oct 2022 07:00:09 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_pm-db5_rbd_n-vmg_ox-db5_an-db5_3lift&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
BH7DZAA1VM5MP52EN2EF
events
api.permutive.com/v2.0/batch/ 		101 B
129 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
4a33ab25fe47d4dc1037d791474b0a355719165d4614218cb9ac0cdac692ad01

Request headers

Referer
https://torontosun.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 17 Oct 2022 07:00:09 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
appInfo
config.lrcontent.com/ciam/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://config.lrcontent.com/ciam/appInfo?apikey=1a9a7ccf-c3f1-4ec9-a65f-2c3e8d9510a5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:48e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers
x-requested-with
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://torontosun.com
allow
GET, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
75b727d68bf4f689-NRT
date
Mon, 17 Oct 2022 07:00:09 GMT
server
cloudflare
vary
Origin
appInfo
config.lrcontent.com/ciam/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://config.lrcontent.com/ciam/appInfo?apikey=1a9a7ccf-c3f1-4ec9-a65f-2c3e8d9510a5
Requested by
Host: auth.lrcontent.com
URL: https://auth.lrcontent.com/v2/js/LoginRadiusV2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:48e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbe74c62945bca0d7d29f9784c7462326fb4f8100313f320468c67a947a267ad

Request headers

Referer
https://torontosun.com/
X-Requested-With
XMLHttpRequest
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:09 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json
access-control-allow-origin
https://torontosun.com
cache-control
max-age=86400
cf-ray
75b727d8febff689-NRT
9c9baa9c277a560b6ea0.js
fem.gprod.postmedia.digital/v68.2/chunks/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v68.2/chunks/9c9baa9c277a560b6ea0.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v68.2/fem.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
0c92a8a981ca46cfb88a56dd166b36bac275d9ae9ab5e3af1a2421b3603bc2a1

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 06:42:18 GMT
x-goog-meta-goog-reserved-file-mtime
1664979227
age
1071
x-guploader-uploadid
ADPycdtZfxTBH4kHt-3nJmPjrFAOYgXMD30Uvog8NXl9lqN4GJ_etOlvcNsOU1OxuH_ngzE2aX2e_jGNJjR4VSM-ALFBLg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3199
last-modified
Wed, 05 Oct 2022 14:14:44 GMT
server
UploadServer
etag
"8c26f3d8cc739eccd29c6c8cb09cc85b"
x-goog-generation
1664979284605907
x-goog-hash
crc32c=Rg/Ibw==, md5=jCbz2MxznszSnGyMsJzIWw==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=3600
x-cache-hit
hit
x-goog-stored-content-length
3199
accept-ranges
bytes
expires
Mon, 17 Oct 2022 07:42:18 GMT
integrator.js
adservice.google.co.jp/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.jp/adsid/integrator.js?domain=torontosun.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js?cb=31070374
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=torontosun.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js?cb=31070374
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
pub
pixel.adsafeprotected.com/services/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=928934&slot=%7Bid:ad-1,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-2,ss:%5B6.6,1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-1,ss:%5B5.5%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-3,ss:%5B7.7,1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-2,ss:%5B5.5%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-4,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-3,ss:%5B5.5%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-5,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-4,ss:%5B5.5%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-6,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-5,ss:%5B5.5%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-7,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-6,ss:%5B5.5%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-8,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-7,ss:%5B5.5%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-9,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-8,ss:%5B5.5%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-10,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-9,ss:%5B5.5%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-11,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-10,ss:%5B5.5%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-12,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=164a5f45-4c0a-a048-766d-054a3e66eebf&url=https%253A%252F%252Ftorontosun.com%252F
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.64.63.177 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-64-63-177.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
43d194a386d669dae86a0a5374c0a58e48c409aead28f41de0771907c9c1ae3b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:09 GMT
server
nginx
x-server-name
app03.jp.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://torontosun.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
ads
securepubads.g.doubleclick.net/gampad/ 		570 KB
97 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2759004172332553&correlator=788541646122059&eid=31070374%2C44761477%2C31070232&output=ldjh&gdfp_req=1&vrg=2022101301&ptt=17&impl=fifs&iu_parts=3081%2CSMCO_ENUR_TSUN_EN_WEB%2Cindex&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C6x6%7C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C7x7%7C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250&ifi=1&adks=225519801%2C1205333068%2C2520642919%2C4150895342%2C2520642904%2C225519802%2C2520642905%2C225519797%2C2520642906%2C225519796%2C2520642907%2C225519799%2C2520642908%2C225519798%2C2520642909%2C225519793%2C2520642910%2C3169864135%2C2520642911%2C3169864134%2C997449486%2C3169863993&sfv=1-0-38&fsapi=false&prev_scp=loc%3D1%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%7Cloc%3D2%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%7Cloc%3D1%26amznbid%3D2%26amznp%3D2%7Cloc%3D3%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%7Cloc%3D2%26amznbid%3D2%26amznp%3D2%7Cloc%3D4%26refresh%3Dtrue%26rc%3D0%26amznbid%3Dvd3gn4%26amznp%3Dymgow0%26amzniid%3DJLlJS1l-wIpC-P_jXjk24PYAAAGD5L4gcAUAAA3IAQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICDz79zQ%26amznsz%3D728x90%7Cloc%3D3%26amznbid%3D2%26amznp%3D2%7Cloc%3D5%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%7Cloc%3D4%26amznbid%3D2%26amznp%3D2%7Cloc%3D6%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%7Cloc%3D5%26amznbid%3D2%26amznp%3D2%7Cloc%3D7%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%7Cloc%3D6%26amznbid%3D2%26amznp%3D2%7Cloc%3D8%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%7Cloc%3D7%26amznbid%3D2%26amznp%3D2%7Cloc%3D9%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%7Cloc%3D8%26amznbid%3D2%26amznp%3D2%7Cloc%3D10%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%7Cloc%3D9%26amznbid%3D2%26amznp%3D2%7Cloc%3D11%26refresh%3Dtrue%26rc%3D0%26amznbid%3Dvd3gn4%26amznp%3Dymgow0%26amzniid%3DJO6oD8KMUifw3W9wXrQcj3EAAAGD5L4gcAUAAA3IAQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICDhbSAt%26amznsz%3D728x90%7Cloc%3D10%26amznbid%3D2%26amznp%3D2%7Cloc%3D12%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=permutive%3D96400%252C110592%252C111761%252Crts%26puid%3D8875f879-e059-46a3-98d9-f2a2549870e3%26ptime%3D1665990008446%26prmtvvid%3D75415dad-c049-470c-a1a7-c7b41d255940%26prmtvwid%3D23dc09d6-b664-425a-a76e-0eed6a6cc102%26no_pol%3Dtrue%26page%3Dindex%26pr%3Dtsun%26sensitive%3Dn%26negative%3Dn%26et%3Dsm%26ck%3Dindex%26imp%3Dindex&sc=1&cookie_enabled=1&abxe=1&dt=1665990009390&lmt=1665990009&dlt=1665990007884&idt=556&adxs=200%2C797%2C765%2C797%2C765%2C200%2C765%2C200%2C765%2C200%2C765%2C200%2C765%2C200%2C765%2C200%2C765%2C200%2C765%2C200%2C765%2C200&adys=277%2C1803%2C2389%2C3428%2C4255%2C4286%2C4876%2C4859%2C5423%2C5432%2C5974%2C5773%2C6359%2C6114%2C6656%2C6455%2C7069%2C6796%2C7338%2C7137%2C7751%2C7478&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7C10%7C11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C20%7C21&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg%7Ch%7Ci%7Cj%7Ck%7Cl%7Cm&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Ftorontosun.com%2F&frm=20&vis=1&psz=1600x250%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250&msz=1600x-1%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1&fws=4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4&ohw=1600%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600&ga_vid=723715400.1665990009&ga_sid=1665990009&ga_hid=73540905&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js?cb=31070374
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8c4e3a8dc6ea8b61902832422d40c744ba7095442b6a21453565958899284250
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:10 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99243
x-xss-protection
0
google-lineitem-id
-1,-1,-2,-1,-2,-1,-2,-1,-2,-1,-2,-2,-2,-1,-2,-2,-2,-2,-2,-1,-2,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,-2,-1,-2,-1,-2,-1,-2,-1,-2,-2,-2,-1,-2,-2,-2,-2,-2,-1,-2,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://torontosun.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
14a779b744740689ff02eb61bf981cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F391 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://14a779b744740689ff02eb61bf981cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js?cb=31070374
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:808::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 17 Oct 2022 07:00:09 GMT
expires
Tue, 17 Oct 2023 07:00:09 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
login
postmedia.hub.loginradius.com/ssologin/ 		38 B
548 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v68.2/fem.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.139.9.236 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-9-236.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://torontosun.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
content-type
application/json

Response headers

Date
Mon, 17 Oct 2022 07:00:11 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Server
nginx
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,OPTIONS, POST, GET, PUT, OPTIONS, DELETE
Content-Type
application/json
Access-Control-Allow-Origin
https://torontosun.com
X-LoginRadius-Server
Primary - IDX - AWS
Access-Control-Allow-Credentials
true
X-Server
ms_idx_primary
Connection
keep-alive
Content-Length
38
login
postmedia.hub.loginradius.com/ssologin/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.139.9.236 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-9-236.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,OPTIONS POST, GET, PUT, OPTIONS, DELETE
Access-Control-Allow-Origin
https://torontosun.com
Connection
keep-alive
Date
Mon, 17 Oct 2022 07:00:11 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-LoginRadius-Server
Primary - IDX - AWS
X-Server
ms_idx_primary
googima.js
ssl.p.jwpcdn.com/player/v/8.26.1/ 		75 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.26.1/googima.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0b221e82d46488cb1a59643b4b25f6f250bae7e2df016e1db6ba8aa81f4204e6

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:09 GMT
content-encoding
gzip
via
1.1 varnish
age
36010
x-cache
HIT
content-length
22578
x-served-by
cache-tyo11974-TYO
last-modified
Thu, 29 Sep 2022 20:27:55 GMT
server
AmazonS3
x-timer
S1665990010.737443,VS0,VE0
etag
"ef6ff0554361d66f566446c52a31651a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, immutable
accept-ranges
bytes
x-cache-hits
1322
jwpsrv.js
ssl.p.jwpcdn.com/player/v/8.26.1/ 		62 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.26.1/jwpsrv.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d8de3829d2383650a9308f175c7017fe6f3a60c3888d6d61e089f9b19141323

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:09 GMT
content-encoding
gzip
via
1.1 varnish
age
106
x-cache
HIT
content-length
18857
x-served-by
cache-tyo11974-TYO
last-modified
Thu, 29 Sep 2022 20:27:56 GMT
server
AmazonS3
x-timer
S1665990010.737532,VS0,VE0
etag
"662d21d9cc48caa9758882be57e10e92"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, immutable
accept-ranges
bytes
x-cache-hits
15
jwplayer.core.controls.js
ssl.p.jwpcdn.com/player/v/8.26.1/ 		325 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.26.1/jwplayer.core.controls.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
891b3886dccdba5ee5a6c7a7eb571b702d0e0632fe625eab0f14661db6f18a92

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:09 GMT
content-encoding
gzip
via
1.1 varnish
age
1070154
x-cache
HIT
content-length
85628
x-served-by
cache-tyo11974-TYO
last-modified
Thu, 29 Sep 2022 20:27:49 GMT
server
AmazonS3
x-timer
S1665990010.737427,VS0,VE0
etag
"3dbbfe8911fcf10cd73c01fb12b3a0c0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
36169
JQkbLqiZ
cdn.jwplayer.com/v2/playlists/ 		56 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/v2/playlists/JQkbLqiZ
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2142:5000:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
c307b70f8116262f11ddd6ca94b02c5c884737f74e4fc2560751522092897ef7

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:09 GMT
content-encoding
gzip
via
1.1 219d0ad0ca0f00674a69e52f5f2719a0.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
NRT57-C3
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
content-length
8158
x-amz-cf-id
L5j0pWHPXlNoRYPBDYMGrXXfedqrnpy1fgVJm6yJLgbWrz_p9W4DiQ==
expires
Mon, 17 Oct 2022 07:03:09
EP4j6LNJEeu2Q2J+7u8ONQ.json
entitlements.jwplayer.com/ 		69 B
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://entitlements.jwplayer.com/EP4j6LNJEeu2Q2J+7u8ONQ.json
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.62.252 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (tkc/BEC3) /
Resource Hash
5427e10c23520fbca480e8750c7e03dc2858eee594081879ea72a559bbd9fa81

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:10 GMT
content-encoding
gzip
last-modified
Mon, 17 Oct 2022 06:42:30 GMT
server
ECAcc (tkc/BEC3)
age
1060
vary
Accept-Encoding
x-cache
HIT
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1800, s-maxage=10080
accept-ranges
bytes
content-length
75
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		380 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80c::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a28f35fb283263fe241823efcbc9f213d3d4c0b4bfe83baf0e99f9e9f42893b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
129648
x-xss-protection
0
expires
Mon, 17 Oct 2022 07:00:09 GMT
state
api.permutive.com/v1.0/ 		0
34 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v1.0/state?fetch_unseen=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 17 Oct 2022 07:00:09 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20
pr
s.amazon-adsystem.com/v3/ Frame 3444 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_pm-db5_rbd_n-vmg_ox-db5_an-db5_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a8510a4e68983dc5866babd703dcb3f1d1d1d133f86e1717231d3c79efaae3b5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_pm-db5_rbd_n-vmg_ox-db5_an-db5_3lift&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
2216
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 17 Oct 2022 07:00:10 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
CJN8AB1GPPV0ZE1ZB46M
provider.hlsjs.js
ssl.p.jwpcdn.com/player/v/8.26.1/ 		377 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.26.1/provider.hlsjs.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
acfde0191e09d9049c5304cf54ee91bc9748bc11e6ad6091ca20c7de569d29b6

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:10 GMT
content-encoding
gzip
via
1.1 varnish
age
1071905
x-cache
HIT
content-length
112497
x-served-by
cache-tyo11974-TYO
last-modified
Thu, 29 Sep 2022 20:27:52 GMT
server
AmazonS3
x-timer
S1665990010.082530,VS0,VE0
etag
"0814ed1c84aed38165abc0800edcbffb"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
31788
CjeYKIVt-120.vtt
assets-jpcust.jwpsrv.com/strips/
Redirect Chain
  • https://cdn.jwplayer.com/strips/CjeYKIVt-120.vtt
  • https://assets-jpcust.jwpsrv.com/strips/CjeYKIVt-120.vtt
4 KB
895 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets-jpcust.jwpsrv.com/strips/CjeYKIVt-120.vtt
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d8da4a7a52c8bb87985bde289bca921e387a0f997503c061bf7dbc5d1442528c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:10 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
615
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
525
x-served-by
cache-iad-kiad7000050-IAD, cache-nrt-rjtf7700053-NRT
last-modified
Fri, 14 Oct 2022 20:20:54 GMT
server
nginx
x-timer
S1665990010.313590,VS0,VE2
etag
"556a36b40179edbc0473c1c7db5154f6"
vary
Accept-Encoding
content-type
text/vtt
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
11, 1

Redirect headers

date
Mon, 17 Oct 2022 07:00:10 GMT
via
1.1 219d0ad0ca0f00674a69e52f5f2719a0.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
NRT57-C3
x-cache
Miss from cloudfront
content-type
text/html
location
https://assets-jpcust.jwpsrv.com/strips/CjeYKIVt-120.vtt
access-control-allow-origin
*
content-length
166
x-amz-cf-id
kW8GOs6na6ua0GUdnuuhRJ27uzibJupGTngb1CDOCp_XNwccpnJGNg==
provider.cast.js
ssl.p.jwpcdn.com/player/v/8.26.1/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.26.1/provider.cast.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
79940cfffd1ba3c7b8aaed4626b1e59f2513d5cfd1fe3509a0ce19fbd4b81844

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:10 GMT
content-encoding
gzip
via
1.1 varnish
age
1159847
x-cache
HIT
content-length
10060
x-served-by
cache-tyo11974-TYO
last-modified
Thu, 29 Sep 2022 20:27:52 GMT
server
AmazonS3
x-timer
S1665990010.139469,VS0,VE0
etag
"5e5a0ee699e32dfdd15b25070ab9c80e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
13129
related.js
ssl.p.jwpcdn.com/player/v/8.26.1/ 		106 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.26.1/related.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7c0952d361c8163b5335557d223de2a5f6b73491bcff6d522f87df9e9e1b4551

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:10 GMT
content-encoding
gzip
via
1.1 varnish
age
1077690
x-cache
HIT
content-length
25386
x-served-by
cache-tyo11974-TYO
last-modified
Thu, 29 Sep 2022 20:27:54 GMT
server
AmazonS3
x-timer
S1665990010.139456,VS0,VE0
etag
"360546fdfd689d5313c57f1d76ac14c5"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
24514
CjeYKIVt.m3u8
cdn.jwplayer.com/manifests/ 		2 KB
863 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/manifests/CjeYKIVt.m3u8
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.26.1/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2142:5000:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
c334528aa72a966ed26229a47c6e559782fd5074556a36a49ea95beee66f09ef

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:10 GMT
content-encoding
gzip
via
1.1 219d0ad0ca0f00674a69e52f5f2719a0.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
NRT57-C3
x-cache
Miss from cloudfront
content-type
application/vnd.apple.mpegurl; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180
content-length
543
x-amz-cf-id
R0anLQAo9wfalJW_-RLs95PNhaNZ743FcI7YO7FsuiTk_mVeW3AZ5w==
90mub88s-720.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/CjeYKIVt/poster.jpg?width=720
  • https://assets-jpcust.jwpsrv.com/thumbnails/90mub88s-720.jpg
64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/90mub88s-720.jpg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
72b2b9bd53374011aa33ff707951cd8ccf015d5ab3bb04f745c0255e2608036a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:10 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
460
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS
content-length
65143
x-served-by
cache-iad-kiad7000174-IAD, cache-tyo11974-TYO
last-modified
Fri, 14 Oct 2022 20:24:05 GMT
server
nginx
x-timer
S1665990010.330391,VS0,VE188
etag
"1d2be6fc067556f6a7dc9a164b8755a3"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
22, 0

Redirect headers

date
Mon, 17 Oct 2022 07:00:10 GMT
via
1.1 c7f3213e2a3260f1c4aa8c8f7832ebbc.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
NRT57-C3
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/90mub88s-720.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
q9pQwzAANX4IrmVbz3J0Ws-mG4H9-_V4qkJQQKIu6qp7dR5dL_t51Q==
90mub88s-640.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/CjeYKIVt/poster.jpg?width=640
  • https://assets-jpcust.jwpsrv.com/thumbnails/90mub88s-640.jpg
52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/90mub88s-640.jpg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
450cf0c1ba4a5d776980cec4785f994f6593d0f57cf5b7b9fb4176c66253778d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:10 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
383
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
52862
x-served-by
cache-iad-kjyo7100066-IAD, cache-tyo11974-TYO
last-modified
Fri, 14 Oct 2022 20:24:06 GMT
server
nginx
x-timer
S1665990010.328462,VS0,VE164
etag
"34028ba3153ef13ba69b27ae161ef5b1"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
12, 1

Redirect headers

date
Mon, 17 Oct 2022 07:00:10 GMT
via
1.1 c7f3213e2a3260f1c4aa8c8f7832ebbc.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
NRT57-C3
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/90mub88s-640.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
WFZfE_PBuN0ibIM86C5nQQUm1czobrV5yi5WtGnhTshi7cTq4m8D7A==
bridge3.539.0_en_ca.html
imasdk.googleapis.com/js/core/ Frame 95E9 		687 KB
221 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.539.0_en_ca.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80c::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4b69eab49204892974662bf7327d62ca6da2f41aa1e1a97a57835e0aeef6c21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
25145
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
226553
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Mon, 17 Oct 2022 00:01:05 GMT
expires
Tue, 17 Oct 2023 00:01:05 GMT
last-modified
Tue, 11 Oct 2022 21:54:17 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:808::2006 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 17 Oct 2022 07:00:10 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 381D
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d59ef55d1b5ea2c46193eb73b6c721904b65e1ffab230bdb59337bd63af796a1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
75b727dc283ce37c-NRT
content-encoding
br
content-type
text/html
date
Mon, 17 Oct 2022 07:00:10 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lKBWcCkf3td6Q2xF4CVFgKVBmuYjQ90yqCEJ6wbt5PEwCrRn7%2Fob1Fkt%2BqJ%2B%2Bsmff2QF023BljYE2WTFWKYEHKmIWGKg3Lg2u65AUyufTDK6zee5eKPBARGmBRAc2WhAUJN%2BYGU%2FYUOwpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
75b727dc1afee01d-NRT
content-length
0
date
Mon, 17 Oct 2022 07:00:10 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KYZDHNjD1RlQqim8pYKcCoeCRkDGgyDgxLV9XN3llsL2CF6HM7i2ue%2FKqEUgUqqOJHVO%2B2k2VkGShYquhp2829fLFEuLeL7paZmJE2nZDKUhld68u8ytqDhcgenNiuQULgteWLge08k%2Bcw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
match.sharethrough.com/jwumXNuB/v1/ Frame 013A 		427 B
612 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.228.50.99 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-50-99.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
5e1231f11225dddec88ade4c08414de646997f67ed9630af1b40e68f315a0b40

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

content-length
427
date
Mon, 17 Oct 2022 07:00:10 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3E99 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.193.52.229 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-193-52-229.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=84882
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 17 Oct 2022 07:00:10 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 18 Oct 2022 06:34:52 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 2046 		281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.42.45.197 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-42-45-197.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 17 Oct 2022 07:00:10 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame D90E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS02Y0pBb3NKRTJ1TENfTnZZOXY0dEF0UkxJYUpkSm1TdH5B
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS02Y0pBb3NKRTJ1TENfTnZZOXY0dEF0UkxJYUpkSm1TdH5B
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 17 Oct 2022 07:00:10 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
2VV3PBE0BHNW674SC80N

Redirect headers

age
0
content-length
0
date
Mon, 17 Oct 2022 07:00:10 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS02Y0pBb3NKRTJ1TENfTnZZOXY0dEF0UkxJYUpkSm1TdH5B
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000
cm
u.openx.net/w/1.0/ Frame B47B 		583 B
669 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
8191bde931aae454277f481136e14c79258cbb040d36d2c54cfa3a97f5f0e089

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
359
content-type
text/html
date
Mon, 17 Oct 2022 07:00:10 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ecm3
s.amazon-adsystem.com/ Frame 01CF
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=2170235670873243484&ex=appnexus.com
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=2170235670873243484&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 17 Oct 2022 07:00:10 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
JM020E2ZYTR62EZ1N8SS

Redirect headers

AN-X-Request-Uuid
647c8751-dc41-416e-a870-1d95607bec62
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Mon, 17 Oct 2022 07:00:10 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://s.amazon-adsystem.com/ecm3?id=2170235670873243484&ex=appnexus.com
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
217.138.252.165; 217.138.252.165; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
X-XSS-Protection
0
ecm3
s.amazon-adsystem.com/ Frame B383
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1549337916848776123083
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1549337916848776123083
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 17 Oct 2022 07:00:10 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
9BQAA0K503GJ9HN9PX85

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 17 Oct 2022 07:00:10 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1549337916848776123083
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 17 Oct 2022 07:00:10 GMT
usync.js
eus.rubiconproject.com/ Frame 2046 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.42.45.197 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-42-45-197.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
bee3b19f1331b6c2b4a1d2bf36ec561adda701f0c33b49d0e6c22d91dbe868f6

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Mon, 17 Oct 2022 07:00:10 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=42234
Connection
keep-alive
Content-Length
9424
Expires
Mon, 17 Oct 2022 18:44:04 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 3E99 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=31764162&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.99.243 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:09 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame B47B 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=6efd9c69-66ca-c94f-2fdf-60c838ddf0ae
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Oct 2022 07:00:10 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
H3R6BMFN7MZVSV8AR6B2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame B47B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=362be014-7a60-72b5-efd1-e25f50ee3b4e&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=362be014-7a60-72b5-efd1-e25f50ee3b4e&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=811645c3-3d9c-45bf-b19a-5ec259bcb03f&ttd_puid=362be014-7a60-72b5-efd1-e25f50ee3b4e&gdpr=0&gdpr_consent=
43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=811645c3-3d9c-45bf-b19a-5ec259bcb03f&ttd_puid=362be014-7a60-72b5-efd1-e25f50ee3b4e&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:00:10 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:00:10 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=811645c3-3d9c-45bf-b19a-5ec259bcb03f&ttd_puid=362be014-7a60-72b5-efd1-e25f50ee3b4e&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame B47B
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y0z9esCo5s0AAIFgBaYAAAAA
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y0z9esCo5s0AAIFgBaYAAAAA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:00:10 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
41
Date
Mon, 17 Oct 2022 07:00:10 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":41,"gdpr":false,"ipv4":"217.138.252.165","key":"Y0z9esCo5s0AAIFgBaYAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad144"}
X-SO-Key
Y0z9esCo5s0AAIFgBaYAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad144
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y0z9esCo5s0AAIFgBaYAAAAA
Cache-Control
private
X-SO-HostName
m-ad144.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
164
Content-Length
0
X-SO-LB-Hostname
a-tgng40009.dc2p.scaleout.jp
X-SO-IP
217.138.252.165
sd
jp-u.openx.net/w/1.0/ Frame B47B
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AZOt03pXCPUoks8ADv76Lw8XYs8AAAGD5L4l3A
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AZOt03pXCPUoks8ADv76Lw8XYs8AAAGD5L4l3A
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:00:10 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:00:10 GMT
via
1.1 5ccbd9a30e71bc6d60a459aaef339124.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
NRT57-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AZOt03pXCPUoks8ADv76Lw8XYs8AAAGD5L4l3A
cache-control
no-cache
content-length
0
x-amz-cf-id
TmegrBbMX90DozI5njQ53_eSDAHqmpLZ11uP_7jXtn6kHs9YBC7azA==
expires
-1
pixel
cm.g.doubleclick.net/ Frame B47B 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MWE0NDMzZGUtYjMxNy0yYzExLWZhMzEtYjhlNjlhMGNmNTJl
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:00:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame B47B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEF-8s39vS1FaimwSraQdyrc&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEF-8s39vS1FaimwSraQdyrc&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:00:10 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:00:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEF-8s39vS1FaimwSraQdyrc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 2046
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=L9CFFPVH-U-L047
  • https://s.amazon-adsystem.com/ecm3?id=L9CFFPVH-U-L047&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=L9CFFPVH-U-L047&ex=d-rubiconproject.com&status=ok
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Oct 2022 07:00:11 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Q2H404Z4GE1W2MQ5RR6P
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=L9CFFPVH-U-L047&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0228ab361cece0438ff9eb16e4e5890e
Expires
0
truncated
/ Frame 95E9 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
rum
dsum-sec.casalemedia.com/ Frame 381D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=811645c3-3d9c-45bf-b19a-5ec259bcb03f&expiration=1668582010&gdpr=0&gdpr_consent=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=811645c3-3d9c-45bf-b19a-5ec259bcb03f&expiration=1668582010&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
23.90.68.235 , India, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Oct 2022 07:00:10 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:00:10 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=811645c3-3d9c-45bf-b19a-5ec259bcb03f&expiration=1668582010&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
usermatchredir
ssum-sec.casalemedia.com/ Frame 381D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y0z9egfN3e1JwWrzaLPy4AAAFWoAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEDCW3HXbhlW6zAzwIJgMkh4&google_cver=1
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEDCW3HXbhlW6zAzwIJgMkh4&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:00:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NYvzHRiv5dcvE%2Bv5ZV9a1LLypOSYbPasNyL7XRkKKqhiJXnGDOO8%2B13xi2sHYxQjYNe7ny0zFw6z6mgZsIiNibClkVV5Kug%2FdMcaj%2F3VaTCKz48qmDfKZJ62KJkkNd8u64GM3rYqE9nbNw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
75b727dcc90ce37c-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:00:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEDCW3HXbhlW6zAzwIJgMkh4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 381D
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y0z9egfN3e1JwWrzaLPy4AAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMHjGeF1rlnfo9dic3WSHtE&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMHjGeF1rlnfo9dic3WSHtE&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
23.90.68.235 , India, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Oct 2022 07:00:10 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:00:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMHjGeF1rlnfo9dic3WSHtE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 381D 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y0z9egfN3e1JwWrzaLPy4AAAFWoAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Oct 2022 07:00:10 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
6M5Q1DSPVVAFABY5J0VR
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 381D
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=86d343a9-944c-4b1c-a68c-6af0c0b90e69
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=86d343a9-944c-4b1c-a68c-6af0c0b90e69
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
23.90.68.235 , India, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Oct 2022 07:00:10 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=86d343a9-944c-4b1c-a68c-6af0c0b90e69
date
Mon, 17 Oct 2022 07:00:10 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
content-type
text/html; charset=utf-8
rum
dsum-sec.casalemedia.com/ Frame 381D
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=Y0z9egfN3e1JwWrzaLPy4AAA%265482
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=a68a029d-e3a4-42cc-b706-3ee07a6e70d3-tucta4682fa
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=a68a029d-e3a4-42cc-b706-3ee07a6e70d3-tucta4682fa
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
23.90.68.235 , India, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Oct 2022 07:00:10 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=a68a029d-e3a4-42cc-b706-3ee07a6e70d3-tucta4682fa
date
Mon, 17 Oct 2022 07:00:10 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
53645
crum
dsum-sec.casalemedia.com/ Frame 381D
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2170235670873243484
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2170235670873243484
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
23.90.68.235 , India, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Oct 2022 07:00:10 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 17 Oct 2022 07:00:10 GMT
AN-X-Request-Uuid
ce569d92-06e4-41db-a232-6348f5d64a38
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2170235670873243484
Connection
keep-alive
X-Proxy-Origin
217.138.252.165; 217.138.252.165; 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
csync.loopme.me/ Frame 381D 		0
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ac6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:10 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
75b727dcbc9eaf54-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ecm3
s.amazon-adsystem.com/ Frame 381D 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=Y0z9egfN3e1JwWrzaLPy4AAAFWoAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Oct 2022 07:00:10 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
CYEP7C3WCCT2H4QQQZMQ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 95E9 		0
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?aot=ib&tte=f&lid=158&sdkv=h.3.539.0&id=ima_html5&c=3560494686573405&domain=torontosun.com
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:00:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 95E9 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?blob=nullPromise&lid=155&sdkv=h.3.539.0&id=ima_html5&c=3560494686573405&domain=torontosun.com
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:00:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
14a779b744740689ff02eb61bf981cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2101 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://14a779b744740689ff02eb61bf981cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js?cb=31070374
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 17 Oct 2022 07:00:09 GMT
expires
Tue, 17 Oct 2023 07:00:09 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cast_framework.js
www.gstatic.com/cast/sdk/libs/sender/1.0/ 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf016295997068c6cd58f52c4fca8fdec2806b76e09b12521fcf734e0fcbf5f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12390
x-xss-protection
0
last-modified
Mon, 06 Jul 2020 23:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="chrome-dongle"
vary
Accept-Encoding
report-to
{"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type
text/javascript
cache-control
private, max-age=0
accept-ranges
bytes
expires
Mon, 17 Oct 2022 07:00:10 GMT
cast_sender.js
www.gstatic.com/eureka/clank/106/ 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/106/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 10:24:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74143
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15116
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 15:10:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Mon, 17 Oct 2022 10:24:27 GMT
CjeYKIVt-33887826.mp4.m3u8
videos-fms.jwpsrv.com/634da63a_0xac6baa113864889929e8fa4681e5c476bb295210/content/conversions/ReDAXyY4/videos/ 		1 KB
545 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://videos-fms.jwpsrv.com/634da63a_0xac6baa113864889929e8fa4681e5c476bb295210/content/conversions/ReDAXyY4/videos/CjeYKIVt-33887826.mp4.m3u8
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.26.1/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
otfp /
Resource Hash
20dfc451c307c4c7e9105f217af5b7eee9534e464e5ea485899aa7b29de143d6

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:10 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-backend
https://s3-external-1.amazonaws.com
age
159563
x-cache
HIT, HIT
fastly-stats
otfp=1
content-length
230
x-served-by
cache-iad-kiad7000151-IAD, cache-nrt-rjtf7700053-NRT
server
otfp
x-timer
S1665990010.433067,VS0,VE1
etag
"JISmii6VpjN0n9Wp52QLmM9wHwZvD4gtuf_ao0VQRN3BgvlpD8lcoMjq6SpSTCe0WeKyrr9bQvwIJPi2NMrOfNb0Cw"
vary
Accept-Encoding
content-type
application/x-mpegurl
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt
x-cache-hits
104, 1
tap.php
pixel.rubiconproject.com/ Frame 2046
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=811645c3-3d9c-45bf-b19a-5ec259bcb03f&gdpr=0&gdpr_consent=&expires=30
42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=811645c3-3d9c-45bf-b19a-5ec259bcb03f&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
750589468d5634b7e99830971becaf64
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:00:10 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=811645c3-3d9c-45bf-b19a-5ec259bcb03f&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
dcm
aax-eu.amazon-adsystem.com/s/ Frame 2046 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.126.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Oct 2022 07:00:11 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SHRMTMGBDZV0FEWWE4M1
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2046
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlDRkZQVkgtVS1MMDQ3
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlDRkZQVkgtVS1MMDQ3
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:00:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlDRkZQVkgtVS1MMDQ3
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6683ee3a8662a9679fcacb9fe223a3f8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 2046
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTkwMTc0MzJjNWE5N2NhMmYyMWJlZTRkM2M1Zjk0YmYzMzAxMjc0MQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTkwMTc0MzJjNWE5N2NhMmYyMWJlZTRkM2M1Zjk0YmYzMzAxMjc0MQ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:00:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTkwMTc0MzJjNWE5N2NhMmYyMWJlZTRkM2M1Zjk0YmYzMzAxMjc0MQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6683ee3a8662a9679fcacb9fe223a3f8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 2046
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=wvUKzPlXR0aFbzBXjQNRWA&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=wvUKzPlXR0aFbzBXjQNRWA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=wvUKzPlXR0aFbzBXjQNRWA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Oct 2022 07:00:11 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
6ES600B1EGD0NZZSHB6J
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=wvUKzPlXR0aFbzBXjQNRWA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
750589468d5634b7e99830971becaf64
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 2046
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENDqfpRyi4NwgriaLLEaNcA&google_cver=1
42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENDqfpRyi4NwgriaLLEaNcA&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
b2a5c63b17f16a8024ffc6259157eaa8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:00:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENDqfpRyi4NwgriaLLEaNcA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame 2046
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9CFFPVH-U-L047
0
573 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9CFFPVH-U-L047
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:10 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 59E4C7381E094BD9B68DD4CEE24D4F11 Ref B: TYO01EDGE1514 Ref C: 2022-10-17T07:00:10Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXrNYbN2DZARsT6nR2lkw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9CFFPVH-U-L047
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
dbbc2dbf689859fb5870b364473d5441
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 2046
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/YM7zJ7PGRsftzJmxtNDK6Q?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4624998620039241353
42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4624998620039241353
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
750589468d5634b7e99830971becaf64
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Mon, 17 Oct 2022 07:00:11 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4624998620039241353
content-length
0
CjeYKIVt-33887826.mp4-1.ts
videos-fms.jwpsrv.com/634da63a_0xac6baa113864889929e8fa4681e5c476bb295210/content/conversions/ReDAXyY4/videos/ 		171 KB
171 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://videos-fms.jwpsrv.com/634da63a_0xac6baa113864889929e8fa4681e5c476bb295210/content/conversions/ReDAXyY4/videos/CjeYKIVt-33887826.mp4-1.ts
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.26.1/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
otfp /
Resource Hash
6cb233c380197e43bb72a7f59ee39aa721bacfb9c7d932603a45118bc87cedde

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:10 GMT
via
1.1 varnish, 1.1 varnish
x-backend
https://s3-external-1.amazonaws.com
age
159495
x-cache
HIT, HIT
fastly-stats
otfp=1
content-length
174840
x-served-by
cache-iad-kiad7000044-IAD, cache-nrt-rjtf7700053-NRT
server
otfp
x-timer
S1665990010.462345,VS0,VE1
etag
"6oWbRUbFwDU2sgsqMTq14kjLwv62OA1Zic5zkDXJssb4TX_FffNby-bXQIdD0MSqwOQ-s7EQ9pwDEqYNoFMpK98umA"
content-type
video/mp2t
x-fastly-otfp-info
ss=0.000 sl=4.000 vl=118.625 rs=320x180
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt
x-cache-hits
69, 1
css
fonts.googleapis.com/ Frame 2101 		656 B
456 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E5%8F%B0%E4%BB%8A%E3%82%A4%E3%83%87%E3%83%BC%E5%B8%82%E3%83%A5%E3%83%AA-%E3%83%80%E3%81%99%E5%8C%97%E3%83%83%E6%9D%B1%E4%BA%AC%E3%83%8B%E3%81%90%E3%83%8F%E3%82%AB%E4%BA%88%20%E3%83%8E%E7%B4%84
Requested by
Host: 14a779b744740689ff02eb61bf981cfe.safeframe.googlesyndication.com
URL: https://14a779b744740689ff02eb61bf981cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0bf89b04ad4a45d3f378f620d6b2c58b9185758bf025d2fd2cf4293a04b68eff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://14a779b744740689ff02eb61bf981cfe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 17 Oct 2022 07:00:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 17 Oct 2022 07:00:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 17 Oct 2022 07:00:10 GMT
css
fonts.googleapis.com/ Frame 2101 		4 KB
621 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: 14a779b744740689ff02eb61bf981cfe.safeframe.googlesyndication.com
URL: https://14a779b744740689ff02eb61bf981cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://14a779b744740689ff02eb61bf981cfe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 17 Oct 2022 07:00:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 17 Oct 2022 05:27:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 17 Oct 2022 07:00:10 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 2101 		2 KB
956 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 14a779b744740689ff02eb61bf981cfe.safeframe.googlesyndication.com
URL: https://14a779b744740689ff02eb61bf981cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:805::2001 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://14a779b744740689ff02eb61bf981cfe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 18:56:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43418
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 30 Oct 2022 18:56:32 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 2101 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Ch9YFef1MY7GOIYXm8gXw8JSQCeH84_BlyffSiYAP_9a4xMsIEAEg4pn9D2CJ88WE9BOgAbC6odcDyAEJ4AIAqAMByAPLBKoE4AFP0EAKqKXM6OxkQk4-xDRUdgmloVwypGTvanMGLrsMgcvKG5zNA1i1vCabHxGITE1aECuzhk8o6zB0myVOjebyE-oLSLuozyJhlSrYW0WmTUpRCAllgxs4zwrO6R9qsCuyEe0V-NmSQGkwT99p0hJKOFuJyeF1iOhJwGHgh7VBFJhJqdHTrAn8LxUolhqZm7dVpyhDWm-dRRAmccYO3FgyFlgoExLnGkdz0j1Ayw_Ao7CSiP8hqE4BNRvqQqAIXcJf5_QSsPt9iGT55PtLieNRO1s6zpV8aj_zsLC57JbIKMAE-tacrt0D4AQBkgUECAQYAZIFBAgFGASgBi6AB5Wet3eoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQicwJ0ggPCIBhEAEYHTICigI6AoBAgAoDyAsB2BMM0BUBgBcBshceChwIABIUcHViLTU2MTEwNTM2NjI2MTMzOTAYzfUR&sigh=xkQgHHzvJqw&uach_m=[UACH]&cid=CAQSOwDq26N9Y5OXvS-rrucPpjfrI_EzuDTkNOE0AEQyW-zo83_y_D9pyktjbo3fOeG1_s4d8N-PYoEoVZo0GAEgDg&template_id=494
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://14a779b744740689ff02eb61bf981cfe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/ Frame 2101 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/abg_lite_fy2021.js
Requested by
Host: 14a779b744740689ff02eb61bf981cfe.safeframe.googlesyndication.com
URL: https://14a779b744740689ff02eb61bf981cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:805::2001 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://14a779b744740689ff02eb61bf981cfe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 18:56:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43418
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9578
x-xss-protection
0
server
cafe
etag
2674910403068493586
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 30 Oct 2022 18:56:32 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 2101 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/window_focus_fy2021.js
Requested by
Host: 14a779b744740689ff02eb61bf981cfe.safeframe.googlesyndication.com
URL: https://14a779b744740689ff02eb61bf981cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:805::2001 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://14a779b744740689ff02eb61bf981cfe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 18:54:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43562
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 30 Oct 2022 18:54:08 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 2101 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 14a779b744740689ff02eb61bf981cfe.safeframe.googlesyndication.com
URL: https://14a779b744740689ff02eb61bf981cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:805::2001 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://14a779b744740689ff02eb61bf981cfe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 18:54:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43562
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7570
x-xss-protection
0
server
cafe
etag
17992891929817281641
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 30 Oct 2022 18:54:08 GMT
l
www.google.com/ads/measurement/ Frame 2101 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSh7S3FxqDjepCVN7nm7JcIyUrYSSoMq6pi1lCSNWtESMYzLJdR40lckI6wPdf_nFOa8CvPGDjG62KhmKaQMUzxu2xu0g
Requested by
Host: 14a779b744740689ff02eb61bf981cfe.safeframe.googlesyndication.com
URL: https://14a779b744740689ff02eb61bf981cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://14a779b744740689ff02eb61bf981cfe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2101 		152 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 14a779b744740689ff02eb61bf981cfe.safeframe.googlesyndication.com
URL: https://14a779b744740689ff02eb61bf981cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://14a779b744740689ff02eb61bf981cfe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47415
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1665574756386403"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 17 Oct 2022 07:00:10 GMT
1d54d8cacad5994e062108e03542c880.js
www.gstatic.com/mysidia/ Frame 2101 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/1d54d8cacad5994e062108e03542c880.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 14a779b744740689ff02eb61bf981cfe.safeframe.googlesyndication.com
URL: https://14a779b744740689ff02eb61bf981cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://14a779b744740689ff02eb61bf981cfe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 07:17:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
430967
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13786
x-xss-protection
0
last-modified
Mon, 10 Oct 2022 20:37:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 10 Jan 2023 07:17:23 GMT
truncated
/ Frame 2101 		287 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin
https://14a779b744740689ff02eb61bf981cfe.safeframe.googlesyndication.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
16779227632314819933
tpc.googlesyndication.com/simgad/ Frame 2101
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDrleSZkQEQgAgYgAgyCGF8xfop_GUI
  • https://tpc.googlesyndication.com/simgad/16779227632314819933
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16779227632314819933
Requested by
Host: 14a779b744740689ff02eb61bf981cfe.safeframe.googlesyndication.com
URL: https://14a779b744740689ff02eb61bf981cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
2404:6800:400a:805::2001 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://14a779b744740689ff02eb61bf981cfe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 23:52:42 GMT
x-content-type-options
nosniff
age
457648
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8502
x-xss-protection
0
last-modified
Mon, 09 Sep 2019 09:27:55 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 11 Oct 2023 23:52:42 GMT

Redirect headers

date
Sun, 16 Oct 2022 18:00:07 GMT
x-content-type-options
nosniff
server
cafe
age
46803
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/16779227632314819933
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 15 Nov 2022 18:00:07 GMT
d1af6617-076b-4a54-929c-cf8c83346e5d
https://torontosun.com/ 		84 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://torontosun.com/d1af6617-076b-4a54-929c-cf8c83346e5d
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3dfc273cb08d312f5a2b0bb010ac8b5fa33c6555cf26e4a14cc8e0210b1c695c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length
85591
Content-Type
text/javascript
publishertag.prebid.123.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.123.js
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 03 May 2022 11:21:03 GMT
server
nginx
etag
W/"6271101f-15b58"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 18 Oct 2022 07:00:10 GMT
CjeYKIVt-33887832.mp4.m3u8
videos-fms.jwpsrv.com/634da63a_0x10d72f8ebd4e0b77a74cfb1221de74ea40c8c8a5/content/conversions/ReDAXyY4/videos/ 		1 KB
424 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://videos-fms.jwpsrv.com/634da63a_0x10d72f8ebd4e0b77a74cfb1221de74ea40c8c8a5/content/conversions/ReDAXyY4/videos/CjeYKIVt-33887832.mp4.m3u8
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.26.1/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
otfp /
Resource Hash
489153e37dd251189be1c2930d0d849f5cb727288978deec8a83a5fd2667aada

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:10 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-backend
https://s3-external-1.amazonaws.com
age
203643
x-cache
HIT, HIT
fastly-stats
otfp=1
content-length
230
x-served-by
cache-iad-kcgs7200119-IAD, cache-nrt-rjtf7700053-NRT
server
otfp
x-timer
S1665990011.527678,VS0,VE1
etag
"K8-wnbuBh42hJGXK8wWD78hy8k1T852jrg5Ha48rkY-fD_MsVKZgx_nSAuxYOjt6VK4RqdDQUkPeWl7GNgrDgDxCvw"
vary
Accept-Encoding
content-type
application/x-mpegurl
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt
x-cache-hits
100, 1
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4AC8 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 14a779b744740689ff02eb61bf981cfe.safeframe.googlesyndication.com
URL: https://14a779b744740689ff02eb61bf981cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://14a779b744740689ff02eb61bf981cfe.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

age
72840
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 16 Oct 2022 10:46:10 GMT
etag
48472445140208031
expires
Mon, 17 Oct 2022 10:46:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
publishertag.prebid.js
static.criteo.net/js/ld/ 		88 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b39c934479cfe0991a6eea4f9a0597eebea9da311d8ca1aebffd48fef946b5b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 01 Oct 2022 02:55:29 GMT
server
nginx
etag
W/"6337ac21-161a8"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 18 Oct 2022 07:00:10 GMT
truncated
/ Frame 2101 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af5ed7b03f52f737ae0ed9872b1bfc2e788fe668844b3e72244244fa282b1f5d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
ecm3
s.amazon-adsystem.com/ Frame 013A 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=2b4775af-08d0-4e25-989a-e1b61afe9b41
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Oct 2022 07:00:10 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
PX580BWKYWDW7NWBRAX0
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 013A
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=7ead435e-a2cd-4cbf-8876-adb66822613f&ph=c6b01e12-aa62-4ae6-9e10-71346e597c31&r=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DF2...
  • https://match.sharethrough.com/sync/v1?source_id=F2Stothm3wg5g6opTuaPadz9&source_user_id=f8481529-c824-4f58-aa7a-c4155a259926
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=F2Stothm3wg5g6opTuaPadz9&source_user_id=f8481529-c824-4f58-aa7a-c4155a259926
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
13.228.50.99 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-50-99.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:10 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

date
Mon, 17 Oct 2022 07:00:10 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://match.sharethrough.com/sync/v1?source_id=F2Stothm3wg5g6opTuaPadz9&source_user_id=f8481529-c824-4f58-aa7a-c4155a259926
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
v1
match.sharethrough.com/sync/ Frame 013A
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=811645c3-3d9c-45bf-b19a-5ec259bcb03f&gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=811645c3-3d9c-45bf-b19a-5ec259bcb03f&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
13.228.50.99 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-50-99.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:10 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:00:10 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=811645c3-3d9c-45bf-b19a-5ec259bcb03f&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
v1
match.sharethrough.com/sync/ Frame 013A
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=811645c3-3d9c-45bf-b19a-5ec259bcb03f&gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=811645c3-3d9c-45bf-b19a-5ec259bcb03f&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
13.228.50.99 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-50-99.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:10 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:00:10 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=811645c3-3d9c-45bf-b19a-5ec259bcb03f&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
v1
match.sharethrough.com/sync/ Frame 013A
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=$UID
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=2170235670873243484
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=2170235670873243484
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
13.228.50.99 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-50-99.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:10 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Mon, 17 Oct 2022 07:00:10 GMT
AN-X-Request-Uuid
780e4b1b-6aed-4635-8586-67ab7c66669a
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=2170235670873243484
Connection
keep-alive
X-Proxy-Origin
217.138.252.165; 217.138.252.165; 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
font
fonts.gstatic.com/l/ Frame 2101 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/l/font?kit=-F6pfjtqLzI2JPCgQBnw7HFQMisq12Uzp8f2lVaDTgsRVy3cOVp04yeFxwOuovfz3sCtf8TDREGPjDyFPduIiV6L1hggzcVLLXJROCEkmYVx_-_AbM9Hh9Mf-3Wr6hACzoAYyl2ruZ9sgd1gzPk&skey=fbc48de1c6e1b00c&v=v42
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E5%8F%B0%E4%BB%8A%E3%82%A4%E3%83%87%E3%83%BC%E5%B8%82%E3%83%A5%E3%83%AA-%E3%83%80%E3%81%99%E5%8C%97%E3%83%83%E6%9D%B1%E4%BA%AC%E3%83%8B%E3%81%90%E3%83%8F%E3%82%AB%E4%BA%88%20%E3%83%8E%E7%B4%84
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80a::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d4ac965ec96d56dee74eeb95377d97489132414d591515b7e6f651206937ed05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://14a779b744740689ff02eb61bf981cfe.safeframe.googlesyndication.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 04:17:55 GMT
x-content-type-options
nosniff
age
9735
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8444
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 23:11:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
private, max-age=86400
timing-allow-origin
*
expires
Mon, 17 Oct 2022 04:17:55 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2101 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80a::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://14a779b744740689ff02eb61bf981cfe.safeframe.googlesyndication.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 19:36:05 GMT
x-content-type-options
nosniff
age
386645
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 12 Oct 2023 19:36:05 GMT
pixel
cm.g.doubleclick.net/ Frame 4AC8
Redirect Chain
  • https://sync.fout.jp/sync?xid=googleadex&g_pixel=&sp=1&google_gid=CAESEK8mjaO-93WS5Q3-FuwFMDw&google_cver=1&google_push=AZmPxg8mYpA3Wi2KtZojbYJHQl_tEFeMLoMsgy0ybClHjTwj1S7FNKDZ9zD2SSVcmqMqWge3efYmM...
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AZmPxg8mYpA3Wi2KtZojbYJHQl_tEFeMLoMsgy0ybClHjTwj1S7FNKDZ9zD2SSVcmqMqWge3efYmMVCWbd2RdNsJNLQptZdrdV2_&google_hm=QzRBX1hjcGNYb1BXRGI...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AZmPxg8mYpA3Wi2KtZojbYJHQl_tEFeMLoMsgy0ybClHjTwj1S7FNKDZ9zD2SSVcmqMqWge3efYmMVCWbd2RdNsJNLQptZdrdV2_&google_hm=QzRBX1hjcGNYb1BXRGI5WEpwcTFiTndSbWVB&from_google=sp1
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:00:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 17 Oct 2022 07:00:11 GMT
Strict-Transport-Security
max-age=15768000
Server
nginx
Transfer-Encoding
chunked
P3P
CP="ADM NOI OUR"
Location
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AZmPxg8mYpA3Wi2KtZojbYJHQl_tEFeMLoMsgy0ybClHjTwj1S7FNKDZ9zD2SSVcmqMqWge3efYmMVCWbd2RdNsJNLQptZdrdV2_&google_hm=QzRBX1hjcGNYb1BXRGI5WEpwcTFiTndSbWVB&from_google=sp1
Cache-Control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection
keep-alive
pixel
cm.g.doubleclick.net/ Frame 4AC8
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESED1QTTAP-8rTTbMrEnpALzg&google_cver=1&google_push=AZmPxg8_oHugowyvbxqX1ZjTpcmyXx_XpJwaHhK9a__hktt6SW6T0PMaI3WcDPQXRA20Zm0IQDRhCrY1-qUz_q-lUOZCkc41SuY
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA4OTkxNjEwNjQ1MTcxMDAwMFYxMA%3d%3d&mn_hm=MzA4OTkxNjEwNjQ1MTcxMDAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg8_oHugowyvbxqX1ZjTpcmyXx_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA4OTkxNjEwNjQ1MTcxMDAwMFYxMA%3d%3d&mn_hm=MzA4OTkxNjEwNjQ1MTcxMDAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg8_oHugowyvbxqX1ZjTpcmyXx_XpJwaHhK9a__hktt6SW6T0PMaI3WcDPQXRA20Zm0IQDRhCrY1-qUz_q-lUOZCkc41SuY&gdpr=&gdpr_consent=
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:00:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 17 Oct 2022 07:00:10 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA4OTkxNjEwNjQ1MTcxMDAwMFYxMA%3d%3d&mn_hm=MzA4OTkxNjEwNjQ1MTcxMDAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg8_oHugowyvbxqX1ZjTpcmyXx_XpJwaHhK9a__hktt6SW6T0PMaI3WcDPQXRA20Zm0IQDRhCrY1-qUz_q-lUOZCkc41SuY&gdpr=&gdpr_consent=
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
X-MNET-HL2
E
Expires
Mon, 17 Oct 2022 07:00:10 GMT
pixel
cm.g.doubleclick.net/ Frame 4AC8
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEGTmI6H2vlGgKfZTk_nZ6aA&google_cver=1&google_push=AZmPxg8qhQKxFTJD9ojB-QVpmc5XDOI9M_PE0v89XPUb6G18lyD9RVQYVmXgshaXU_lKHiZIw9Pdtm...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AZmPxg8qhQKxFTJD9ojB-QVpmc5XDOI9M_PE0v89XPUb6G18lyD9RVQYVmXgshaXU_lKHiZIw9PdtmNMskkGwF4gXRwlOxkpSa5i&google_hm=NjI3MDkxMj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AZmPxg8qhQKxFTJD9ojB-QVpmc5XDOI9M_PE0v89XPUb6G18lyD9RVQYVmXgshaXU_lKHiZIw9PdtmNMskkGwF4gXRwlOxkpSa5i&google_hm=NjI3MDkxMjY2MDY5ODI0NDE2MA%3D%3D
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:00:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AZmPxg8qhQKxFTJD9ojB-QVpmc5XDOI9M_PE0v89XPUb6G18lyD9RVQYVmXgshaXU_lKHiZIw9PdtmNMskkGwF4gXRwlOxkpSa5i&google_hm=NjI3MDkxMjY2MDY5ODI0NDE2MA%3D%3D
date
Mon, 17 Oct 2022 07:00:10 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame 4AC8
Redirect Chain
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEIPjNEysGIG6Aqo1VNDs44U&google_cver=1&google_push=AZmPxg-ta-y3Iir1-IRbflgLudKQ6vZSxwN0lMlcBPtMVJtuVuepvdTmXwSWgIipiSX81IM4SwajSdhg...
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEIPjNEysGIG6Aqo1VNDs44U%26google_cver%3D1%26google_push%3DAZmPxg-ta-y3Iir1-IRbfl...
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A6372623606720973339&exchange=193&google_gid=CAESEIPjNEysGIG6Aqo1VNDs44U&google_cver=1&google_push=AZmPxg-ta-y3Iir1-IRbflgLudKQ6vZSxwN0lMlcBPtMVJtuVuep...
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTYzNzI2MjM2MDY3MjA5NzMzMzk&google_push=AZmPxg-ta-y3Iir1-IRbflgLudKQ6vZSxwN0lMlcBPtMVJtuVuepvdTmXwSWgIipiSX81IM4SwajSdh...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTYzNzI2MjM2MDY3MjA5NzMzMzk&google_push=AZmPxg-ta-y3Iir1-IRbflgLudKQ6vZSxwN0lMlcBPtMVJtuVuepvdTmXwSWgIipiSX81IM4SwajSdhgZZIZuLSDW-L3skLCRUOBZg
Protocol
H3
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:00:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTYzNzI2MjM2MDY3MjA5NzMzMzk&google_push=AZmPxg-ta-y3Iir1-IRbflgLudKQ6vZSxwN0lMlcBPtMVJtuVuepvdTmXwSWgIipiSX81IM4SwajSdhgZZIZuLSDW-L3skLCRUOBZg
Date
Mon, 17 Oct 2022 07:00:11 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
sspsync
cksync.yahoo.co.jp/ Frame 4AC8 		35 B
620 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cksync.yahoo.co.jp/sspsync?ptr=12703&google_gid=CAESEBD5Vah2ECdc4eBr9uYSN-s&google_cver=1&google_push=AZmPxg-POtr_MVMUtVR__Uozor8NlOyDd9t0mpWnpRbwUDsBLngoP52uOtj0yWsCFJp3WtnS_qrlpgJpiG6Xt0ETUayP_7Ca2SgCDg
Requested by
Host: 14a779b744740689ff02eb61bf981cfe.safeframe.googlesyndication.com
URL: https://14a779b744740689ff02eb61bf981cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
183.79.249.124 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
Software
ATS /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:10 GMT
x-content-type-options
nosniff
server
ATS
age
0
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
private, no-store, no-cache
cross-origin-resource-policy
cross-origin
content-length
35
x-xss-protection
1; mode=block
/
b1sync.zemanta.com/usersync/googleadx/ Frame 4AC8
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEGqWV1U-g8w-dnBBtOoIdeg&google_cver=1&google_push=AZmPxg9jOpQ_B6iPEB7Z8pafMUNojxZst_ky305kdp9JdSuwP3T1Va9p_Q7SWZOI46SOHCQRsby0MRdo6aiZ6...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEGqWV1U-g8w-dnBBtOoIdeg&google_push=AZmPxg9jOpQ_B6iPEB7Z8pafMUNojxZst_ky305kdp9JdSuwP3T1Va9p_Q7SWZOI46SOHCQRsby0MRdo6aiZ6...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg9jOpQ_B6iPEB7Z8pafMUNojxZst_ky305kdp9JdSuwP3T1Va9p_Q7SWZOI46SOHCQRsby0MRdo6aiZ6BAGFh8OL0Trq4Gb1Q&google_hm=ZmRIbHZCUU9yd2MtMz...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
26 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
HTTP/1.1
Server
64.202.112.127 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Mon, 17 Oct 2022 07:00:11 GMT
Content-Length
26
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:00:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4AC8
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEF9dQd7GZbaWlpfwBvw7CHg&google_cver=1&google_push=AZmPxg-bdNkv5oT8A...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MjE3MDIzNTY3MDg3MzI0MzQ4NA%3D%3D&google_gid=CAESEF9dQd7GZbaWlpfwBvw7CHg&google_cver=1&google_push=AZmPxg-bdNkv5oT8AlKeLi36_jCMWGkAVM...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MjE3MDIzNTY3MDg3MzI0MzQ4NA%3D%3D&google_gid=CAESEF9dQd7GZbaWlpfwBvw7CHg&google_cver=1&google_push=AZmPxg-bdNkv5oT8AlKeLi36_jCMWGkAVMts9WwGel7kCwsENQH3nstWLxT6MdAoCsXaHpb3QNLABscnUWxpLYifl_WcamLXl0Faog
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:00:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 17 Oct 2022 07:00:10 GMT
AN-X-Request-Uuid
b9770ea1-e24a-4a35-a147-69185f21c251
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MjE3MDIzNTY3MDg3MzI0MzQ4NA%3D%3D&google_gid=CAESEF9dQd7GZbaWlpfwBvw7CHg&google_cver=1&google_push=AZmPxg-bdNkv5oT8AlKeLi36_jCMWGkAVMts9WwGel7kCwsENQH3nstWLxT6MdAoCsXaHpb3QNLABscnUWxpLYifl_WcamLXl0Faog
Connection
keep-alive
X-Proxy-Origin
217.138.252.165; 217.138.252.165; 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 4AC8 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JNck9_wFKPATFJ0KEN8yyQoEpvUbgZZhAyxRDIx_nap8UNmUj-DSTWF2wgFpYzyD8S7ijgPgCWQQ
Requested by
Host: 14a779b744740689ff02eb61bf981cfe.safeframe.googlesyndication.com
URL: https://14a779b744740689ff02eb61bf981cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:10 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js
pagead2.googlesyndication.com/bg/ Frame 7CD7 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec9114246d6354284832e8623b156ead037da4840b78134aaff6a2673e620b96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://14a779b744740689ff02eb61bf981cfe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 09:35:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77095
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15945
x-xss-protection
0
last-modified
Tue, 11 Oct 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 16 Oct 2023 09:35:15 GMT
62a3lb8d-120.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/eIXqoUBq/poster.jpg?width=120
  • https://assets-jpcust.jwpsrv.com/thumbnails/62a3lb8d-120.jpg
3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/62a3lb8d-120.jpg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4c15897b61bab2232b33b0cef2c455a79ff6de0ec8c5dd4757f4f3b10fc01045

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:11 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
498
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
2644
x-served-by
cache-iad-kjyo7100038-IAD, cache-tyo11974-TYO
last-modified
Fri, 14 Oct 2022 19:10:54 GMT
server
nginx
x-timer
S1665990011.909057,VS0,VE153
etag
"97e9bdba139775ca84d9dd2fe3645bd5"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
14, 1

Redirect headers

date
Mon, 17 Oct 2022 07:00:10 GMT
via
1.1 c7f3213e2a3260f1c4aa8c8f7832ebbc.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
NRT57-C3
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/62a3lb8d-120.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
jmdE-xGDbAPBWmdDhwIzTZIRqwmmqbHTWveaR-TWWf8KSGRpz5D-Ug==
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022101301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js?cb=31070374
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
55341255ed7759905fcd82a297de74e5afde2b1a66cb1136974cc7eb80731460
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11241
x-xss-protection
0
ping.gif
prd.jwpltx.com/v1/jwplayer6/ 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prd.jwpltx.com/v1/jwplayer6/ping.gif?h=1825494425&e=e&n=0456860001669559&abc=0&aid=EP4j6LNJEeu2Q2J%2B7u8ONQ&amp=0&ask=LMrDKwIV&at=1&c=1&ccp=0&cp=0&d=0&eb=0&ed=6&emi=tlbujf15c3o6&i=0&id=CjeYKIVt&lid=t8aq5i43q3h5&lsa=set&mt=0&pbd=1&pbr=1&pgi=t5c5ghj0oho0&ph=1&pid=IrYAVodh&pii=0&pl=282&plc=20&pli=1izru3e161a6&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&pu=https%3A%2F%2Ftorontosun.com%2F&pv=8.26.1&pyc=0&s=0&sdk=0&stc=1&stpe=0&t=RAYS%20OF%20SUNSHINE%3A%20Our%20Top%205%20SUNshine%20girls%20for%20September%202022&tv=3.40.0&vb=1&vi=1&vl=90&wd=501&ab=1&cae=0&cb=1&cdid=player-1&cme=0&dd=1&fed=JQkbLqiZ&flc=1&fv=&ga=0&lng=en-CA&mk=hls&mu=https%3A%2F%2Fcdn.jwplayer.com%2Fmanifests%2FCjeYKIVt.m3u8&pbc=0&pd=2&pdr=&plng=en-CA&plt=2650&pni=1&po=0&pogt=%20Toronto%20Sun&rf=%2F%2Fcdn.jwplayer.com%2Fv2%2Fplaylists%2FuzU5KAZg%3Frelated_media_id%3DMEDIAID&sn=%7B%22controlbar%22%3A%7B%22background%22%3A%22rgba(0%2C0%2C0%2C0)%22%2C%22icons%22%3A%22rgba(255%2C255%2C255%2C0.8)%22%2C%22iconsActive%22%3A%22%23FFFFFF%22%2C%22text%22%3A%22%23FFFFFF%22%7D%2C%22menus%22%3A%7B%22background%22%3A%22%23333333%22%2C%22text%22%3A%22rgba(255%2C255%2C255%2C0.8)%22%2C%22textActive%22%3A%22%23FFFFFF%22%7D%2C%22timeslider%22%3A%7B%22progress%22%3A%22%23F2F2F2%22%2C%22rail%22%3A%22rgba(255%2C255%2C255%2C0.3)%22%7D%2C%22tooltips%22%3A%7B%22background%22%3A%22%23FFFFFF%22%2C%22text%22%3A%22%23000000%22%7D%7D&sp=0&st=470&sa=1665990010139
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-served-by
cache-tyo11974-TYO
date
Mon, 17 Oct 2022 07:00:11 GMT
via
1.1 varnish
server
nginx
accept-ranges
bytes
x-cache
MISS
x-cache-hits
0
syncframe
gum.criteo.com/ Frame 5E24 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=torontosun.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
3c194ef9dbec4dcbd08cd14e2a2ee0f88368e8ca11b6c6600cf47019d16680c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 17 Oct 2022 07:00:11 GMT
server
Kestrel
server-processing-duration-in-ticks
311263
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
load
experience.tinypass.com/xbuilder/experience/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://experience.tinypass.com/xbuilder/experience/load?aid=KlFb8Hg2nS
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v68.2/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdf5d5b6df703dc9f57f4d32390ffc5174c32dacec3be929d445f3e6d311fc15
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:11 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
EXPIRED
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
Mb4yvjrO0SZ
pragma
wn
prod-dash-10-0-113-156
last-modified
Mon, 17 Oct 2022 04:17:01 GMT
server
cloudflare
vary
accept-encoding
content-type
application/javascript;charset=utf-8
server-time
0.011
cache-control
public, max-age=1800
cf-ray
75b727e469a40aa8-NRT
expires
Mon, 17 Oct 2022 07:30:11 GMT
vf-v2.js
cdn.viafoura.net/ 		762 KB
180 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/vf-v2.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v68.2/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c4:e600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dc4ec47e3bf9d17f97c94a5b114f2fbd8be8ddded6c9983b7fab6a031e0253eb

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
DrBijZizg1uiJq1itd5LPR7f918RWeOw
content-encoding
br
via
1.1 05b52ebd1d9d2db399265308f57d87bc.cloudfront.net (CloudFront)
date
Mon, 17 Oct 2022 06:55:51 GMT
x-amz-cf-pop
NRT57-C2
age
280
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 13 Oct 2022 15:45:54 GMT
server
AmazonS3
etag
W/"9ce0e752c19695f5da9389ebed7b9fd7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
x-amz-cf-id
885DYPPLw2dHfweUd10AXL15LNSGn_Kl9jHd0Q8DTJ5iv4OQZk_pyQ==
gtm.js
www.googletagmanager.com/ 		322 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v68.2/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:820::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
70407dd66391fa1576e7a87838e1167505800484311622fa4f2ecd9810b44266
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
85637
x-xss-protection
0
last-modified
Mon, 17 Oct 2022 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 17 Oct 2022 07:00:11 GMT
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v68.2/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.42.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-42-42.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 19:26:54 GMT
content-encoding
gzip
via
1.1 81f996ec256b4b15c47b23df66cf2372.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-C5
age
62662
x-amz-server-side-encryption
AES256
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
fm33CdUxI1qWYlI-j2a5_PQRyureW1ZhaurYe0iXkrmaJY8TMugoPg==
mparticle.js
jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/ 		223 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v68.2/fem.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
d2fbfba2b3618733653ea262352c207efd354f91023ad95c74a30f4589296444

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-served-by
cache-iad-kcgs7200117-IAD, cache-nrt-rjtf7700043-NRT
date
Mon, 17 Oct 2022 07:00:11 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
server
Kestrel
age
17
x-timer
S1665990012.647784,VS0,VE166
x-origin-name
fastlyshield--shield_ssl_cache_iad_kcgs7200117_IAD
x-cache
HIT, MISS
content-type
application/javascript
vary
Accept, Accept-Encoding
cache-control
public, max-age=3600
accept-ranges
bytes
content-length
55289
x-cache-hits
22, 0
gtm.js
www.googletagmanager.com/ 		129 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v68.2/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:820::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3d3e0a2ef13fe2ca79a06ad53dc610f8b2a1c6cff7579da784ca958a6e8678f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41162
x-xss-protection
0
last-modified
Mon, 17 Oct 2022 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 17 Oct 2022 07:00:11 GMT
sid
mug.criteo.com/ Frame 5E24
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=torontosun.com&sn=ChromeSyncframe&so=0&topUrl=torontosun.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=aC6fqHxIRUw5bDl3aTJ4blZIVmcwRmNEcDdVYWx1NHdFWURMV3NYWTJxNkpJcHcxeWRRUDF6dGVCdUo0NTFlZzJ5a3l5V3N1bWdkWHByWXcrYnZEZWx3alBoMmU0K29JeW1IVjJ4aktiNmtCRkxKL0RlRmNDME9xUHdJZF...
431 B
651 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=aC6fqHxIRUw5bDl3aTJ4blZIVmcwRmNEcDdVYWx1NHdFWURMV3NYWTJxNkpJcHcxeWRRUDF6dGVCdUo0NTFlZzJ5a3l5V3N1bWdkWHByWXcrYnZEZWx3alBoMmU0K29JeW1IVjJ4aktiNmtCRkxKL0RlRmNDME9xUHdJZFpOY3ZEYzB0ZStlOEErRFpFVE9YUUZJb1BMUmhtN0loQ1lOUkJJemwxU1E3MmttazVPcFpvc3phcHRZUzNjdGs0aVR0aTlRTTVMNzF6TkdWT0Y4cVRCaFJtSEQvekJVYXlYcWZhRjdyL3R0MlBMUStHTGM1N2o0OEUyeW0rMnJGcGcyZUxrRVFBM1ViaC9IZm1yRWVYdDlLUXdtejNydz09fA&cppv=2
Protocol
H2
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
aabf2f7c4e75538756e5059984dc7d154c7ed77763c07252a412632858df82c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:00:11 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1547155
expires
0

Redirect headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:00:10 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=aC6fqHxIRUw5bDl3aTJ4blZIVmcwRmNEcDdVYWx1NHdFWURMV3NYWTJxNkpJcHcxeWRRUDF6dGVCdUo0NTFlZzJ5a3l5V3N1bWdkWHByWXcrYnZEZWx3alBoMmU0K29JeW1IVjJ4aktiNmtCRkxKL0RlRmNDME9xUHdJZFpOY3ZEYzB0ZStlOEErRFpFVE9YUUZJb1BMUmhtN0loQ1lOUkJJemwxU1E3MmttazVPcFpvc3phcHRZUzNjdGs0aVR0aTlRTTVMNzF6TkdWT0Y4cVRCaFJtSEQvekJVYXlYcWZhRjdyL3R0MlBMUStHTGM1N2o0OEUyeW0rMnJGcGcyZUxrRVFBM1ViaC9IZm1yRWVYdDlLUXdtejNydz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
424578
content-length
0
expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js?cb=31070374
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:400a:805::2001 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 17 Oct 2022 07:00:11 GMT
gtm.js
www.googletagmanager.com/ 		96 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KJC8VVB&l=gtm_data_layer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:820::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
39b28b6b997b386628c1318a08508ac080b9a48b4e3df036bf80f9b062284c5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38238
x-xss-protection
0
last-modified
Mon, 17 Oct 2022 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 17 Oct 2022 07:00:11 GMT
gtm.js
www.googletagmanager.com/ 		270 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:820::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ffef94afd2111c59ec7e2a97dfadb30cd36bd9c975ff591ecd25aa4c9281229f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
82040
x-xss-protection
0
last-modified
Mon, 17 Oct 2022 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 17 Oct 2022 07:00:11 GMT
v2
api.viafoura.co/v2/torontosun.com/bootstrap/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/torontosun.com/bootstrap/v2
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4832:c2a7:8a22:497d:150b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a800a78c6aaca406a3e15e9145aaf29d72f2ec863f36cf523765e2397432fd91

Request headers

Accept
application/json, text/plain, */*
Referer
https://torontosun.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

x-instance-id
i-0f1b85d51d49a5d78
pragma
no-cache
date
Mon, 17 Oct 2022 07:00:12 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://torontosun.com
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Mon, 17 Oct 2022 07:00:12 GMT
v2
api.viafoura.co/v2/torontosun.com/bootstrap/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/torontosun.com/bootstrap/v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4832:c2a7:8a22:497d:150b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
access-control-allow-origin
https://torontosun.com
access-control-max-age
1728000
cache-control
max-age=0
date
Mon, 17 Oct 2022 07:00:12 GMT
expires
Mon, 17 Oct 2022 07:00:12 GMT
server
nginx/1.18.0 (Ubuntu)
activeview
pagead2.googlesyndication.com/pcs/ Frame 2101 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss0NThat8b6OyfPzclqv7XzPozskFBMB5ZjY2FEK8i0JS_8FA3cVwURN-GLBsunn6Wh6iQL5HSpYSu98EXnnNFW5W6bpmxhr0RMQj_cAUF0EaInTt40uO-6rcp1QWtgn0rUr8evD6EYW3mjdPjLSk_x3KGSPRLqEA&sai=AMfl-YQ-O-T9QB_O4h2OWW31QNTxBAGQguIgdsoG65uitVIiGl3bBvur17fWJPckM1iaoci441WC9SDyyav1ImcyHNCvC1AhXZ4PbwKRaBX-1Z6kxaPBLlVJ1Q-SdQTFIA&sig=Cg0ArKJSzN9AlSP5NvE-EAE&cid=CAQSOwDq26N9Y5OXvS-rrucPpjfrI_EzuDTkNOE0AEQyW-zo83_y_D9pyktjbo3fOeG1_s4d8N-PYoEoVZo0GAEgDg&id=lidar2&mcvt=1046&p=152,315,402,1285&mtos=1046,1046,1046,1046,1046&tos=1046,0,0,0,0&v=20221012&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=225519801&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665990010339&rpt=358&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://14a779b744740689ff02eb61bf981cfe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:00:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4E00 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:400a:805::2001 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
263726
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 14 Oct 2022 05:44:45 GMT
expires
Sat, 14 Oct 2023 05:44:45 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 331C 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f9f663030b784a45334e1ced6045b101848c874715db789c8b29c5ae56c94099
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Q7FRF2En5hS7s0rcN-ZwjA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-Q7FRF2En5hS7s0rcN-ZwjA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 17 Oct 2022 07:00:11 GMT
expires
Mon, 17 Oct 2022 07:00:11 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ribn.min.js
assets.ribn.com/production/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.ribn.com/production/ribn.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:221a:ea00:7:75d4:e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d22c2b457592d1f744afe93fdca6657e1985e47f0fade89674ae45ebce1d6428

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 03:35:39 GMT
content-encoding
br
via
1.1 1a32d5b63476b853ffc0505ea6996c7a.cloudfront.net (CloudFront)
last-modified
Wed, 28 Oct 2020 14:49:59 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P2
age
12280
etag
W/"6b213f30955b664fd78dc9e388b17e54"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
3GEega1GxqY-QsPVWResI5lDcaadvV9evtJmySotOgwdE-iwY7D2Lw==
ribn-postmedia.min.js
assets.ribn.com/v2/production/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.ribn.com/v2/production/ribn-postmedia.min.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:221a:ea00:7:75d4:e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c81cab8c63d469329c0e0724770c6c8622f0d5d1fb8b6f919b6d7dddfadba190

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 23:46:45 GMT
content-encoding
br
via
1.1 1a32d5b63476b853ffc0505ea6996c7a.cloudfront.net (CloudFront)
last-modified
Wed, 01 Sep 2021 18:06:03 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P2
age
26305
etag
W/"baaa6497dd2dea88d8fdb6d6cca08cf2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
yW1zkCO3SMgpQqVV_pAvvBWelcqXwVrBmjTaCMFjnYgAXQp6-wUjrw==
tinypass.min.js
cdn.tinypass.com/api/ 		323 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tinypass.com/api/tinypass.min.js?version=2
Requested by
Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=KlFb8Hg2nS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11ae3fc00d0db52c666cc1a1aef8233d1f3f1f8d1219a8af7f622fda5ba56081
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:11 GMT
x-amz-version-id
oVhyHYUbFsAwDEUWy9RJ71dsNuSD280z
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=86400; includeSubDomains
x-amz-request-id
BSJ3MKYQ3Q9T9ZFK
age
146
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
J85n55xNuhPewpXAO4rMIjMUMLUyDAWqCBtoIKs50wpQtI9QevBEHQ8hdti//Zr2BpRBbEX3whs=
last-modified
Fri, 14 Oct 2022 11:07:29 GMT
server
cloudflare
etag
W/"46021d061a4567601b7a4cbc9efd88fa"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
75b727e5eaef0aa8-NRT
expires
Mon, 17 Oct 2022 11:00:11 GMT
7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js
pagead2.googlesyndication.com/bg/ Frame 4E00 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec9114246d6354284832e8623b156ead037da4840b78134aaff6a2673e620b96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 09:35:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77096
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15945
x-xss-protection
0
last-modified
Tue, 11 Oct 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 16 Oct 2023 09:35:15 GMT
identify
identity.mparticle.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-mp-key
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type,x-mp-key
access-control-allow-methods
POST
access-control-allow-origin
*
age
1105
date
Mon, 17 Oct 2022 07:00:11 GMT
server
Kestrel
strict-transport-security
max-age=900
via
1.1 varnish
x-cache
HIT
x-cache-hits
57
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by
cache-nrt-rjtf7700047-NRT
x-timer
S1665990012.953265,VS0,VE0
gtm.js
www.googletagmanager.com/ 		135 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TR7GVNJ&l=dl_mparticle
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:820::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cf09c65d6a68e7f95c1999b73531ca404379b806ff4c824544a38733b8b37440
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46834
x-xss-protection
0
last-modified
Mon, 17 Oct 2022 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 17 Oct 2022 07:00:11 GMT
gtm.js
www.googletagmanager.com/ 		143 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MW2G74V&l=mp_data_layer
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:820::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
99fbbdeeb918f200e1b4805018cf1927d83fba34ceeae529202f81c3c3f030f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47731
x-xss-protection
0
last-modified
Mon, 17 Oct 2022 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 17 Oct 2022 07:00:11 GMT
identify
identity.mparticle.com/v1/ 		176 B
301 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
66a47c9ba57b7b1975a0f62122d6cbf18d9de1b86bae72c9024f10db11c976d8
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

x-mp-key
us1-99b65fde89a1a145894d2d51d283cc83
Referer
https://torontosun.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

x-served-by
cache-nrt-rjtf7700047-NRT
date
Mon, 17 Oct 2022 07:00:12 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=900
server
Kestrel
x-timer
S1665990012.955193,VS0,VE199
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-cache
MISS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-cache-hits
0
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 17 Oct 2022 06:13:25 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
2806
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Mon, 17 Oct 2022 08:13:25 GMT
marfeel-sdk.js
sdk.mrf.io/statics/ 		85 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cc8a32173718cdfdb85ba6e476409d03a7c172fa9c58554c361ee831edd90b18

Request headers

Referer
https://torontosun.com/
Origin
https://torontosun.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:11 GMT
content-encoding
br
x-b3-traceid
b8558824ef4d4988a46bfde9fa5175ef
x-amz-cf-pop
NRT57-P4
x-cache
RefreshHit from cloudfront, HIT
mrf-cache-status
H
x-b3-traceid-primal
60f9daeaa3674b289eaa959c5b8da614
content-length
23721
x-served-by
cache-nrt-rjtf7700045-NRT
last-modified
Thu, 13 Oct 2022 09:34:56 GMT
server
AmazonS3
x-timer
S1665990012.952407,VS0,VE1
etag
W/"1ce5546acaa250d55f28aae33c7f064a"
access-control-max-age
3600
access-control-allow-methods
GET
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
i66hg4ragyzDTFIH0XGbIaB3unnf7yXhsB8JxjHYJ05V3sxIiZb9yQ==
x-cache-hits
1
fbevents.js
connect.facebook.net/en_US/ 		102 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
df95c359e3559c219087fcb7d390b577cbd6577c0338d18644bd275149c62a86
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 17 Oct 2022 07:00:11 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
27029
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
CcOePa4TzJ/9b7Zr6md9Y4Clmz5KxtQFHOEqJKhHcvQqfgtqyQ9zMf/mlT3jeDZ8YfRBBCeCmNJ7prvQ1UqoGA==
x-fb-trip-id
382461245
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		215 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-H792QCFZPV&l=gtm_data_layer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:820::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4dbabdd7d13407410506be9cf88bd3def5a6c9ffc51cc10239c51bcb16936487
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76508
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 17 Oct 2022 07:00:11 GMT
p.js
cdn.parsely.com/keys/torontosun.com/ 		74 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/torontosun.com/p.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.212.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-212-64.nrt57.r.cloudfront.net
Software
nginx /
Resource Hash
00698cc466589ce4f6d134fe18cbd2c69d2323c1302d60ffd277de76b328d3de

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
public
date
Sun, 16 Oct 2022 22:24:43 GMT
content-encoding
gzip
via
1.1 50d80cbc4f2c3fd4b5c67fa188a4e928.cloudfront.net (CloudFront)
last-modified
Thu, 06 Oct 2022 13:09:26 GMT
server
nginx
x-amz-cf-pop
NRT57-P4
age
30928
etag
W/"633ed386-1278f"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
Wrla9p4BzJ_vaPZnt3rHByYlEj-rcEab-45lyOX11qk8Fr4hd5fuQw==
expires
Mon, 17 Oct 2022 22:24:43 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=10276888&ns__t=1665990011888&ns_c=UTF-8&c8=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&c7=https%3A%2F%2Ftorontosun.com%2F&c9=
  • https://sb.scorecardresearch.com/b2?c1=2&c2=10276888&ns__t=1665990011888&ns_c=UTF-8&c8=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&c7=https%3A%2F%2Ftorontosun.com%2F&c9=
0
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=10276888&ns__t=1665990011888&ns_c=UTF-8&c8=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&c7=https%3A%2F%2Ftorontosun.com%2F&c9=
Protocol
H2
Server
65.9.42.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-42-42.nrt12.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:12 GMT
via
1.1 81f996ec256b4b15c47b23df66cf2372.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT12-C5
x-amz-cf-id
3Jpztg-GoGSFl2CI7KzAlEge9LdsFRbMulMasHfD6u_h8_g6Ef43BA==
x-cache
Miss from cloudfront

Redirect headers

location
/b2?c1=2&c2=10276888&ns__t=1665990011888&ns_c=UTF-8&c8=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&c7=https%3A%2F%2Ftorontosun.com%2F&c9=
date
Mon, 17 Oct 2022 07:00:12 GMT
via
1.1 81f996ec256b4b15c47b23df66cf2372.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT12-C5
content-length
0
x-amz-cf-id
Sy02yoJMhm9nQkWttceTDVZVaJT8x919zlzuFUtk_RZPjrR260y_hQ==
x-cache
Miss from cloudfront
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/10276888/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
358 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol
H2
Server
65.9.42.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-42-42.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 06:49:36 GMT
via
1.1 81f996ec256b4b15c47b23df66cf2372.cloudfront.net (CloudFront)
last-modified
Mon, 01 Mar 2021 20:42:20 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-C5
age
637
x-amz-server-side-encryption
AES256
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
0
x-amz-cf-id
g4WJ45PJYWiNBzZDSp5-yC0e4APqH5zt1a0App18AMTKir8uhnNf5w==

Redirect headers

location
/internal-c2/default/cs.js
date
Mon, 17 Oct 2022 07:00:12 GMT
via
1.1 81f996ec256b4b15c47b23df66cf2372.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT12-C5
content-length
0
x-amz-cf-id
g_BPwV-LfRX6N4EhriYueC_X9nV40sEXfE6iTaKhCI7x92woiIJuIA==
x-cache
Miss from cloudfront
execute
c2.piano.io/xbuilder/experience/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2.piano.io/xbuilder/experience/execute?aid=KlFb8Hg2nS
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js?version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b1e37ec93409fa80a5af2a230c2ff44d26a420066df7b0a0bb48c2bfa1f101c
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://torontosun.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 17 Oct 2022 07:00:12 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
g62pgcowup
pragma
no-cache
server
cloudflare
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://torontosun.com
access-control-expose-headers
Composer-Request-Control-Policy
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
75b727e6dd0eafa6-NRT
sodar
pagead2.googlesyndication.com/pagead/ Frame 331C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022101301&jk=2759004172332553&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=73540905&t=pageview&_s=1&dl=https%3A%2F%2Ftorontosun.com%2F&ul=en-us&de=UTF-8&dt=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YChACAABBAAAACAEK~&jid=781217681&gjid=501064959&cid=723715400.1665990009&tid=UA-213173459-5&_gid=1175094330.1665990012&_r=1&gtm=2wgaa0P3Q4QHW&cd2=2022-10-17T07%3A00%3A11.883%2B00%3A00&cd7=anonymous&cd17=0&cd23=Toronto%20Sun&cd24=Cheetah&cd25=12.0.2&cd26=v68.2&cd27=0&cd28=GTM-P3Q4QHW&cd29=41&cd31=index&cd52=index&cd65=false&cd1=723715400.1665990009&z=1384854731
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://torontosun.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:00:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://torontosun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=73540905&t=pageview&_s=1&dl=https%3A%2F%2Ftorontosun.com%2F&ul=en-us&de=UTF-8&dt=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCjACAABBAAAACAEK~&jid=1048190356&gjid=865284931&cid=723715400.1665990009&tid=UA-114648105-14&_gid=1175094330.1665990012&_r=1&gtm=2wgaa0P3Q4QHW&z=1601479777
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://torontosun.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:00:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://torontosun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
p1.parsely.com/plogger/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1665990012021&plid=428efe60-b959-4c6b-9a5e-fe6eaa80cedf&idsite=torontosun.com&url=https%3A%2F%2Ftorontosun.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22login_status%22%3A%22anonymous%22%7D&sid=1&surl=https%3A%2F%2Ftorontosun.com%2F&sref=&sts=1665990012016&slts=0&title=Home+%7C+Toronto+Sun+Home+Page+%7C+Toronto+Sun&date=Mon+Oct+17+2022+07%3A00%3A12+GMT%2B0000+(GMT)&action=pageview&pvid=a8a1cdaa-b1b2-4328-9f84-36be5775bba4&u=pid%3D5162f9d2-b01a-4794-b7e8-6da4715c8e37
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.242.33.86 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-242-33-86.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Mon, 17 Oct 2022 07:00:12 GMT
Cache-Control
no-cache
Last-Modified
Monday, 17-Oct-2022 07:00:12 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
1685973801652415
connect.facebook.net/signals/config/ 		295 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1685973801652415?v=2.9.85&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cb901f560eb27ac4ea6ce970e0ed0587b362ed0851ea6f4c9dcd78821a5df4a1
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 17 Oct 2022 07:00:12 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
86911
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
R9Z/Y8OkLx2NYJOpu6CJRt+30bnfbx38JuyjxhkzGN17JVz9Qc0GhCr+bWV803N/q4b4ofmHttpHWFNKVwaoOw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 4E00 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?fU6IlA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:400a:805::2001 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:12 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
js
www.googletagmanager.com/gtag/ 		211 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-7GC5VRWDF9&l=mp_data_layer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MW2G74V&l=mp_data_layer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:820::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
619c7c32677c49a7a6ee6affb1b79521bddd6ef4c22bb8ca5fa4ba829becab41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
75485
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 17 Oct 2022 07:00:12 GMT
ingest.php
events.newsroom.bi/ 		50 B
915 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
188.40.80.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy02.cl03.k8s.mrf.io
Software
istio-envoy /
Resource Hash
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63

Request headers

Referer
https://torontosun.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryuDnEAWrIS5gbdxSg

Response headers

date
Mon, 17 Oct 2022 07:00:12 GMT
content-encoding
gzip
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://torontosun.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
66
2ab9e41f637117411f01.js
sdk.mrf.io/statics/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.mrf.io/statics/2ab9e41f637117411f01.js
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9dc58b9d5dce9d8376aad3a8e76e00a6bd0cae6ce73eb761ebcffaca48b3b553

Request headers

Referer
https://torontosun.com/
Origin
https://torontosun.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:12 GMT
content-encoding
br
x-b3-traceid
7eb198d3e1ee48e59ae5863c305bbc0d
x-amz-cf-pop
NRT57-P4
x-cache
RefreshHit from cloudfront, HIT
mrf-cache-status
H
x-b3-traceid-primal
57203b7094fc46db8116fef8721f8b53
content-length
5119
x-served-by
cache-nrt-rjtf7700045-NRT
last-modified
Tue, 11 Oct 2022 09:51:14 GMT
server
AmazonS3
x-timer
S1665990012.057730,VS0,VE2
etag
W/"f6213a58ec85f8a87858e0aea4b6c729"
access-control-max-age
3600
access-control-allow-methods
GET
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
kGhLs_q5cXFi2BT3PHqG8FQ9zslg2z1rIItJVgpvVRTMzJd4CGkgQA==
x-cache-hits
1
active
flowcards.mrf.io/json/ 		16 B
377 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://flowcards.mrf.io/json/active?site_id=1528&page_technology=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
78b558bd2357fbe7ad52804fb3af1b8664b23db096b1deb22d215dde25b152bf

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:13 GMT
content-encoding
gzip
x-b3-traceid
d92046f46b74464fb42793acfbaa4b29
x-cache
MISS
mrf-cache-status
M
x-envoy-upstream-service-time
1
x-b3-traceid-primal
d92046f46b74464fb42793acfbaa4b29
content-length
42
x-served-by
cache-tyo11980-TYO
server
istio-envoy
x-timer
S1665990012.133501,VS0,VE1058
vary
origin
x-req-backend
F_origin_1_croupier
access-control-allow-origin
*
content-type
application/json; charset=utf-8
cache-control
max-age=300
accept-ranges
bytes
x-cache-hits
0
collect
analytics.google.com/g/ 		0
346 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-H792QCFZPV&gtm=2oeaa0&_p=73540905&_gaz=1&cid=723715400.1665990009&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=QI&_s=1&sid=1665990012&sct=1&seg=0&dl=https%3A%2F%2Ftorontosun.com%2F&dt=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&en=ad_impression&_fv=1&_ss=1&_c=1&ep.query_id=CPGu37XY5voCFQWzvAodcDgFkg
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H792QCFZPV&l=gtm_data_layer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:00:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://torontosun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
346 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-H792QCFZPV&cid=723715400.1665990009&gtm=2oeaa0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H792QCFZPV&l=gtm_data_layer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4008:c15::9b Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:00:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://torontosun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.jp/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.jp/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-H792QCFZPV&cid=723715400.1665990009&gtm=2oeaa0&aip=1&z=178830253
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81c::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:00:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		7 B
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-213173459-5&cid=723715400.1665990009&jid=781217681&gjid=501064959&_gid=1175094330.1665990012&_u=YChACAAABAAAACAEK~&z=1480645077
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4008:c15::9b Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://torontosun.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 17 Oct 2022 07:00:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://torontosun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1685973801652415&ev=PageView&dl=https%3A%2F%2Ftorontosun.com%2F&rl=&if=false&ts=1665990012141&sw=1600&sh=1200&v=2.9.85&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22514537319740368%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22CAD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22503487844400487%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22CAD%22%7D%7D%7D&par[2]=%7B%22extractorID%22%3A%221042784969583558%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22CAD%22%7D%7D%7D&par[3]=%7B%22extractorID%22%3A%22858678751523779%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[4]=%7B%22extractorID%22%3A%221127243281129742%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[5]=%7B%22extractorID%22%3A%22497819211464386%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1665990012140.23905684&it=1665990012030&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 17 Oct 2022 07:00:12 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
Forwarding
jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/Forwarding
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-tyo11947-TYO
date
Mon, 17 Oct 2022 07:00:12 GMT
via
1.1 varnish
server
Kestrel
x-timer
S1665990012.225559,VS0,VE328
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
x-cache-hits
0
Forwarding
jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 		0
197 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/Forwarding
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-tyo11947-TYO
date
Mon, 17 Oct 2022 07:00:12 GMT
via
1.1 varnish
server
Kestrel
x-timer
S1665990012.225677,VS0,VE313
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
x-cache-hits
0
identify
identity.mparticle.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-mp-key
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type,x-mp-key
access-control-allow-methods
POST
access-control-allow-origin
*
age
1106
date
Mon, 17 Oct 2022 07:00:12 GMT
server
Kestrel
strict-transport-security
max-age=900
via
1.1 varnish
x-cache
HIT
x-cache-hits
58
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by
cache-nrt-rjtf7700047-NRT
x-timer
S1665990012.198318,VS0,VE0
identify
identity.mparticle.com/v1/ 		176 B
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
6b66be7ad36a51793c1b3760c0aa833c35f18dc4ff2b6ff11d6db9920a52fe11
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

x-mp-key
us1-99b65fde89a1a145894d2d51d283cc83
Referer
https://torontosun.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

x-served-by
cache-nrt-rjtf7700047-NRT
date
Mon, 17 Oct 2022 07:00:12 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=900
server
Kestrel
x-timer
S1665990012.200468,VS0,VE196
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-cache
MISS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-cache-hits
0
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=73540905&t=pageview&_s=1&dl=https%3A%2F%2Ftorontosun.com%2F&ul=en-us&de=UTF-8&dt=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCjACEABBAAAACAEK~&jid=1983491721&gjid=92228556&cid=723715400.1665990009&tid=UA-238413164-10&_gid=1175094330.1665990012&_r=1&gtm=2wgaa0TR7GVNJ&cd2=https%3A%2F%2Ftorontosun.com%2F&cd3=false&cd4=Chrome&cd5=en-US&cd6=desktop&cd7=suns&cd9=v68.2&cd10=index&cd11=Cheetah&cd12=12.0.2&cd14=HTML&cd22=index&cd23=false&cd1=Toronto%20Sun&cd8=torontosun.com&cd13=anonymous&cd80=C8534EDA-F2CB-4D6F-A34E-8747F0EE3610&cd81=-4317876906688121244&cd82=GTM-TR7GVNJ&cd83=4&z=1653643314
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://torontosun.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:00:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://torontosun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TR7GVNJ&l=dl_mparticle
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 17 Oct 2022 06:13:25 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
2807
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Mon, 17 Oct 2022 08:13:25 GMT
Forwarding
jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/Forwarding
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-tyo11947-TYO
date
Mon, 17 Oct 2022 07:00:12 GMT
via
1.1 varnish
server
Kestrel
x-timer
S1665990012.225668,VS0,VE440
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
x-cache-hits
0
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=73540905&t=pageview&_s=1&dl=https%3A%2F%2Ftorontosun.com%2F&ul=en-us&de=UTF-8&dt=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCjACEABBAAAACAEK~&jid=1949232805&gjid=1111224839&cid=723715400.1665990009&tid=UA-138335866-30&_gid=1175094330.1665990012&_r=1&gtm=2wgaa0MW2G74V&cd2=https%3A%2F%2Ftorontosun.com%2F&cd3=false&cd4=Chrome&cd5=en-US&cd6=desktop&cd7=suns&cd9=v68.2&cd10=index&cd11=Cheetah&cd12=12.0.2&cd14=HTML&cd23=index&cd24=false&cd1=Toronto%20Sun&cd8=torontosun.com&cd13=anonymous&cd83=-4317876906688121244&cd84=C8534EDA-F2CB-4D6F-A34E-8747F0EE3610&z=2076709413
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://torontosun.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:00:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://torontosun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-7GC5VRWDF9&gtm=2oeaa0&_p=73540905&cid=723715400.1665990009&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1665990012&sct=1&seg=0&dl=https%3A%2F%2Ftorontosun.com%2F&dt=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&en=page_view&_fv=1&_ss=1&ep.mp_ca_adblocker_enabled=false&ep.mp_ca_brand=Toronto%20Sun&ep.mp_ca_browser=Chrome&ep.mp_ca_browser_language=en-US&ep.mp_ca_device_type=desktop&ep.mp_ca_division=suns&ep.mp_ca_domain=torontosun.com&ep.mp_ca_fem_version=v68.2&ep.mp_ca_page_type=index&ep.mp_ca_page_url=https%3A%2F%2Ftorontosun.com%2F&ep.mp_ca_platform=Cheetah&ep.mp_ca_platform_version=12.0.2&ep.mp_ca_view_type=HTML&ep.mp_ca_user_status=anonymous&ep.mp_screen_view_main_category=index&ep.mp_screen_view_metered_content=false
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7GC5VRWDF9&l=mp_data_layer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:00:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://torontosun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Forwarding
jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/Forwarding
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-tyo11947-TYO
date
Mon, 17 Oct 2022 07:00:12 GMT
via
1.1 varnish
server
Kestrel
x-timer
S1665990012.225643,VS0,VE328
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
x-cache-hits
0
identify
api.permutive.com/v2.0/ 		50 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
97c38613f17e246a364928ff5bbc103d0317fc594ccd2af341424981ec4cca22

Request headers

Referer
https://torontosun.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 17 Oct 2022 07:00:12 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-213173459-5&cid=723715400.1665990009&jid=781217681&_u=YChACAAABAAAACAEK~&z=744182739
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:00:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.jp/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.jp/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-213173459-5&cid=723715400.1665990009&jid=781217681&_u=YChACAAABAAAACAEK~&z=744182739
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:81c::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:00:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		7 B
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-238413164-10&cid=723715400.1665990009&jid=1983491721&gjid=92228556&_gid=1175094330.1665990012&_u=aCjACEABBAAAACAEK~&z=319441075
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4008:c15::9b Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://torontosun.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 17 Oct 2022 07:00:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://torontosun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
api.permutive.com/v2.0/batch/ 		101 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
b4499363cee61831ccf457305f52a16e15693edfdc687846be3eb1fdb9b30427

Request headers

Referer
https://torontosun.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 17 Oct 2022 07:00:12 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-238413164-10&cid=723715400.1665990009&jid=1983491721&_u=aCjACEABBAAAACAEK~&z=902741831
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:00:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.jp/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.jp/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-238413164-10&cid=723715400.1665990009&jid=1983491721&_u=aCjACEABBAAAACAEK~&z=902741831
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:81c::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:00:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
jssdks.mparticle.com/v3/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 		42 B
150 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v3/JS/us1-99b65fde89a1a145894d2d51d283cc83/events
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
a86f7c99e50fe3ca01531367eb58ad9ad1bab9cc2d5186d45a3567ebc4904d2c

Request headers

Accept
text/plain;charset=UTF-8
Referer
https://torontosun.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-tyo11947-TYO
date
Mon, 17 Oct 2022 07:00:12 GMT
content-encoding
gzip
via
1.1 varnish
server
Kestrel
x-timer
S1665990012.435331,VS0,VE325
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-cache-hits
0
audiences
api.permutive.com/audience-matching/v1/id/8875f879-e059-46a3-98d9-f2a2549870e3/ 		12 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/audience-matching/v1/id/8875f879-e059-46a3-98d9-f2a2549870e3/audiences?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
/
Resource Hash
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78

Request headers

Referer
https://torontosun.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 17 Oct 2022 07:00:12 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12
content-type
application/json
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022101301&jk=2759004172332553&bg=!lZalltLNAAYeOJy_Pjg7ACkAdvg8Wl_StIxDoC692J1LUFDem7be9eldpoLWYGq1QqM03_TvYelPLgIAAAEgUgAAAAhoAQcKAEaGePo0LgaLnVKyAmI84iBo-3OmaJcVbS9msXF_vpJ8JQoE8WC-HBmao54oqOjWI0nyUbHgSQQPInqlqziyVNvzaDwghJuZmQKl7q9jlBzNjSPhGIJ843k71KlmTA7Kzjkl4DtDXKX880n0JNR69JozfG020q9C5C9YVluetvqTKJfbdLRGvjLZYzfUwSiKbtjCubLOsMuFV5Ld2sy_765rXIYGShejHrfABXW1qNs0pq56D7Q7lpuNf6GrktGfMGkgGMfVYKlqsW9cCxziy2LPvd8CgMwd0_672MybcTmoEWyBeL5H_3K_LANN8ka5hqWlFwijmpAeL9EXCITodSIs_AU7GL8vfIZnTR3YYjWYyxFvvKwNLGAxr6FAz9jkO_3hi05g2BPRE5dpnwZVnMC9osJcGbojzBPPnyISPnwwCWEMCVQeSakSmfI00v28ybGYiZCu2Jf6fyr6C9TX70TG_bXSHl3_QXW3S55SNZ65tZ10HXpGbZlRdz3YnTu0LH8wqn268mo7gt7TxdMGH4MhmHY6HL8pwFlOpGyC9h5Wm4shv3sPPOjWJGlyENrmzjRdE_Jm89yoMU5z5QNJ_qoOTrRS189_z6guxvXAhK9uU0bzvmmdystBU81NxEwQjvc6xj8J3wlhxttC0QCrXEsVpIxu6gD3iI3VwLNgYuAon0e9VTQw-i1nM7B4cqAkzd6JLq-NRC6-b8NQdmuM3fU7pqpeWOSS85PFCl3B_Limlg4eP0r8uqn5V50AsuzXHwHDIAp_-0htTJYaIHj_U4DT56pLmoG6Ycl5bJXOV3VDXjXdJ9vBMyfb3PazXY90f3GvL97gptMyveFGlgdj-r2j4Zl6w1qYjc7-VVPeSr4e3fsPLw9RizIOpW717qVUhtqyJEDE-hitCWUrCBIfnMHT-X8W7vNvuRud13blIGLDphQsUbVBu6z7hrP2jd47eY2CZsHx10h5ZZK2UsMdYftL1l1NM8v2GfoaoremzHM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
/
www.facebook.com/tr/ Frame 306F 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://torontosun.com
Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://torontosun.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Mon, 17 Oct 2022 07:00:12 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
thirdpartycookie
api.viafoura.co/v2/torontosun.com/ 		45 B
648 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/torontosun.com/thirdpartycookie?section=
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4832:c2a7:8a22:497d:150b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356

Request headers

Accept
application/json, text/plain, */*
Referer
https://torontosun.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-instance-id
i-0f1b85d51d49a5d78
pragma
no-cache
date
Mon, 17 Oct 2022 07:00:12 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://torontosun.com
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Mon, 17 Oct 2022 07:00:12 GMT
intl-messageformat.a4ef0e649974cb372878.js
cdn.viafoura.net/chunks/vendors~languages/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vendors~languages/intl-messageformat.a4ef0e649974cb372878.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:20c4:e600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
762eeb92b277eef33cc3ef5fc63495008e3b4acd1e2c1fb715f5862e0712afbc

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 15:46:25 GMT
x-amz-version-id
pHpt9H6uBKZ8DV0M6XEwR..tJwtvKLdq
content-encoding
br
via
1.1 9801e8033d74f27768b5fc2b08beb3b4.cloudfront.net (CloudFront)
age
314029
x-amz-cf-pop
NRT57-C2
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 13 Oct 2022 15:45:38 GMT
server
AmazonS3
etag
W/"b8e773ab0eff812ceb4bd563731002bc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
eD2UEfwiksdvP__YfekFsLvlvvB1kaRU-cIulTv7vK0iZ5XxQVZLWQ==
intl-messageformat.f3fde70d82770da763c7.js
cdn.viafoura.net/chunks/languages/ 		135 B
525 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/intl-messageformat.f3fde70d82770da763c7.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:20c4:e600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5ef452b9ff354b8636489adc750433a6018b443aa5dbfb2080eb0bdb375c70be

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 15:47:20 GMT
x-amz-version-id
YiMDMFy3Lr1yeEzFE5TC4WYXlvM_2E_g
via
1.1 9801e8033d74f27768b5fc2b08beb3b4.cloudfront.net (CloudFront)
age
313974
x-amz-cf-pop
NRT57-C2
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
135
last-modified
Thu, 13 Oct 2022 15:45:35 GMT
server
AmazonS3
etag
"f09313b3e53415363d28f3a2f15d9cf8"
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
x8eZpYIVLlzoyBKb0YFwuf8xZ4nG12mrvXtJZ6yKMZD1wwWQcnZj7g==
en-us-base-json.39c96c8731ba19b47976.js
cdn.viafoura.net/chunks/languages/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/en-us-base-json.39c96c8731ba19b47976.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:20c4:e600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e4e144d0f7e3340b6b86f7a78d2ff3e271e62ef5367ebf3d62e364a2e1d8a095

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 15:46:25 GMT
x-amz-version-id
MZg3MOrYdd4PZu.ViSjgjG1KDvJRoHdb
content-encoding
br
via
1.1 9801e8033d74f27768b5fc2b08beb3b4.cloudfront.net (CloudFront)
age
314029
x-amz-cf-pop
NRT57-C2
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 13 Oct 2022 15:45:31 GMT
server
AmazonS3
etag
W/"08c341ce7db2241e4dc86292fc4119d7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
PCsVFXOLiL0NmIeS4mHWQnN9UsbzQHcYH8YOjk8Sa7tHzL936HL17g==
rfv.php
compassdata.mrf.io/ 		9 B
522 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://compassdata.mrf.io/rfv.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
188.40.80.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy02.cl03.k8s.mrf.io
Software
istio-envoy /
Resource Hash
33d1ac9a7675915ea91dc30c4addb6cdbd2f9b448cdb7dab206638f1ea5c77e4

Request headers

Referer
https://torontosun.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundarykLqPt6CZjdK5tWb4

Response headers

date
Mon, 17 Oct 2022 07:00:13 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://torontosun.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
9
LoginRadiusV2.js
auth.lrcontent.com/v2/ 		199 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.lrcontent.com/v2/LoginRadiusV2.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:49e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68a335c0d87dce935fee1811892070e78c514828d50bfe2ae21fde739ec1002c
Security Headers
Name Value
Strict-Transport-Security max-age= 63072000; includeSubdomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:13 GMT
strict-transport-security
max-age= 63072000; includeSubdomains; preload
via
1.1 52eebfbfd28090bd4e5e9be4b8a24fb2.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
gzip
age
5863
x-amz-cf-pop
NRT57-P4
cf-polished
origSize=1238069
x-cache
Hit from cloudfront
cf-bgj
minify
last-modified
Mon, 13 Dec 2021 05:19:58 GMT
server
cloudflare
etag
W/"ae3463c4a59ae100b160ed4dd5dbf4b8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75b727edef93afbd-NRT
x-amz-cf-id
Rckpd3XGjbPfQvUI5K0cEjX_3twpAxUMGspN0acXtI6mUQv5JjNA8g==
ingest
i.viafoura.co/v3/torontosun.com/ 		67 B
391 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://i.viafoura.co/v3/torontosun.com/ingest
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.147.89.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-89-146.compute-1.amazonaws.com
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://torontosun.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://torontosun.com
date
Mon, 17 Oct 2022 07:00:13 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/png
content-length
67
expires
Fri, 01 Jan 1990 00:00:00 GMT
svod-module-js.6177dde15a12ddc5ccee.js
cdn.viafoura.net/chunks/vuex_store/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vuex_store/svod-module-js.6177dde15a12ddc5ccee.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:20c4:e600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7f6600ebf733ebd7ba834a9962334719bdfb4e6a98e57651a938dfea4d4884ae

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 15:46:55 GMT
x-amz-version-id
ReIvgTU_IS_p15HFkcFCFcR8OXSxxdBY
content-encoding
br
via
1.1 9801e8033d74f27768b5fc2b08beb3b4.cloudfront.net (CloudFront)
age
313999
x-amz-cf-pop
NRT57-C2
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 13 Oct 2022 15:45:37 GMT
server
AmazonS3
etag
W/"20eee53fe9c7afcf26919ad7623132e6"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
rRjAsWtHpaNqrqmSGPIxNbnWfn84kXUz2wBRcBvDhgDKWVULWv8jFA==
appInfo
config.lrcontent.com/ciam/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://config.lrcontent.com/ciam/appInfo?apikey=1a9a7ccf-c3f1-4ec9-a65f-2c3e8d9510a5
Requested by
Host: auth.lrcontent.com
URL: https://auth.lrcontent.com/v2/LoginRadiusV2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:48e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbe74c62945bca0d7d29f9784c7462326fb4f8100313f320468c67a947a267ad

Request headers

Referer
https://torontosun.com/
X-Requested-With
XMLHttpRequest
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:13 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json
access-control-allow-origin
https://torontosun.com
cache-control
max-age=86400
cf-ray
75b727ef4b25f689-NRT
appInfo
config.lrcontent.com/ciam/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://config.lrcontent.com/ciam/appInfo?apikey=1a9a7ccf-c3f1-4ec9-a65f-2c3e8d9510a5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:48e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers
x-requested-with
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://torontosun.com
allow
GET, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
75b727ee1907f689-NRT
date
Mon, 17 Oct 2022 07:00:13 GMT
server
cloudflare
vary
Origin
login
postmedia.hub.loginradius.com/ssologin/ 		38 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Requested by
Host: auth.lrcontent.com
URL: https://auth.lrcontent.com/v2/LoginRadiusV2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.139.9.236 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-9-236.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://torontosun.com/
X-Requested-With
XMLHttpRequest
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Mon, 17 Oct 2022 07:00:13 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Server
nginx
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,OPTIONS, POST, GET, PUT, OPTIONS, DELETE
Content-Type
application/json
Access-Control-Allow-Origin
https://torontosun.com
X-LoginRadius-Server
Primary - IDX - AWS
Access-Control-Allow-Credentials
true
X-Server
ms_idx_primary
Connection
keep-alive
Content-Length
38
login
postmedia.hub.loginradius.com/ssologin/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.139.9.236 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-9-236.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
x-requested-with
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,OPTIONS POST, GET, PUT, OPTIONS, DELETE
Access-Control-Allow-Origin
https://torontosun.com
Connection
keep-alive
Date
Mon, 17 Oct 2022 07:00:13 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-LoginRadius-Server
Primary - IDX - AWS
X-Server
ms_idx_primary
multimedia.php
events.newsroom.bi/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/multimedia.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/2ab9e41f637117411f01.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
188.40.80.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy02.cl03.k8s.mrf.io
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
pd
jp-u.openx.net/w/1.0/ Frame 7EC9 		851 B
487 B 		Document
General
Check archive.org
Download Go to
Full URL
https://jp-u.openx.net/w/1.0/pd?plm=10&ph=eda0710e-2847-4e25-9f9c-d56d6d9d553e&gdpr=0
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
822d19c9cc13eec9f050608444417a62b048a4ebc4a1a9ab5f83f77263273e6f

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
468
content-type
text/html
date
Mon, 17 Oct 2022 07:00:14 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 716B 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.193.52.229 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-193-52-229.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=84878
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 17 Oct 2022 07:00:14 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 18 Oct 2022 06:34:52 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 3876 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.193.52.206 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-193-52-206.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 17 Oct 2022 07:00:14 GMT
ETag
"623de86a-cf34"
Expires
Tue, 18 Oct 2022 07:00:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 4F5E 		281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.42.45.197 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-42-45-197.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 17 Oct 2022 07:00:14 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame B443 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
75b727f60df4e39b-NRT
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 17 Oct 2022 07:00:14 GMT
expires
Mon, 17 Oct 2022 11:00:14 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 4F5E 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.42.45.197 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-42-45-197.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
bee3b19f1331b6c2b4a1d2bf36ec561adda701f0c33b49d0e6c22d91dbe868f6

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Mon, 17 Oct 2022 07:00:14 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=42230
Connection
keep-alive
Content-Length
9424
Expires
Mon, 17 Oct 2022 18:44:04 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 716B 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=93249349&p=160305&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.99.243 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:14 GMT
content-length
0
sd
us-u.openx.net/w/1.0/ Frame 7EC9
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=Y0z9fgAAAa2XWAAO
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y0z9fgAAAa2XWAAO&_test=Y0z9fgAAAa2XWAAO
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y0z9fgAAAa2XWAAO&_test=Y0z9fgAAAa2XWAAO
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=eda0710e-2847-4e25-9f9c-d56d6d9d553e&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:00:14 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-nrt-rjtf7700047-NRT
pragma
no-cache
date
Mon, 17 Oct 2022 07:00:14 GMT
via
1.1 varnish
server
Varnish
x-timer
S1665990015.626492,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y0z9fgAAAa2XWAAO&_test=Y0z9fgAAAa2XWAAO
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
openx
tr.blismedia.com/v1/api/sync/ Frame 7EC9 		0
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/openx
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=eda0710e-2847-4e25-9f9c-d56d6d9d553e&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:14 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sd
jp-u.openx.net/w/1.0/ Frame 7EC9
Redirect Chain
  • https://bk.r-ad.ne.jp/3/cs
  • https://jp-u.openx.net/w/1.0/sd?id=537097918&val=51070E01PBDAY008Ks9M
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537097918&val=51070E01PBDAY008Ks9M
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=eda0710e-2847-4e25-9f9c-d56d6d9d553e&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:00:14 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-store, no-cache
Date
Mon, 17 Oct 2022 07:00:14 GMT
Server
nginx
P3P
CP="NON DSP COR CURa ADMa DEVa CUSo TAIa PSDo OUR BUS UNI COM NAV STA"
location
//jp-u.openx.net/w/1.0/sd?id=537097918&val=51070E01PBDAY008Ks9M
cache-control
private, no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
X-SID
159f32b0
pxd
dps.jp.cinarra.com/ Frame 7EC9 		95 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=1&USER_ID=50997d14-64b5-88f9-e5d9-500bc37284b0
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=eda0710e-2847-4e25-9f9c-d56d6d9d553e&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.176.32.10 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-176-32-10.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Mon, 17 Oct 2022 07:00:14 GMT
Connection
keep-alive
Content-Length
95
Content-Type
image/png
a2ec8650-eacc-e0fc-de06-f4aaafb9f607
pr-bh.ybp.yahoo.com/sync/openx/ Frame 7EC9 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/a2ec8650-eacc-e0fc-de06-f4aaafb9f607?gdpr=0
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=eda0710e-2847-4e25-9f9c-d56d6d9d553e&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2406:da18:929:5a00:ba11:d0cb:83c:9b08 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:14 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
openx
cs.nex8.net/cs/ Frame 7EC9 		0
0
dds
rtb.openx.net/sync/ Frame 7EC9
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=6X1qKNPmy5sJpa7og_cB9A==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=eda0710e-2847-4e25-9f9c-d56d6d9d553e&gdpr=0
Protocol
H3
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:00:14 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
na6gkbdic2ksa1reh2ui1rh0mhrvapll

Redirect headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:00:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
jp-u.openx.net/w/1.0/ Frame 7EC9
Redirect Chain
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=openx
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=openx&uid-set=1
  • https://sync-tapi.admatrix.jp/data/sync.jsp?rd=https%3A%2F%2Fsync%2Ddsp%2Ead%2Dm%2Easia%2Fdsp%2Fapi%2Fsync%2Fsend%3Fs%3Dopenx%26uid%2Dset%3D1%26auid%3D
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=openx&uid-set=1&auid=6f77e87a-94c0-4809-9b8b-e49f4297d96d
  • https://jp-u.openx.net/w/1.0/sd?id=537072588&val=Jtem-OkQ3oU-l
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072588&val=Jtem-OkQ3oU-l
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=eda0710e-2847-4e25-9f9c-d56d6d9d553e&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:00:14 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 17 Oct 2022 07:00:14 GMT
Server
nginx
Location
https://jp-u.openx.net/w/1.0/sd?id=537072588&val=Jtem-OkQ3oU-l
Cache-Control
no-store,no-cache
Connection
close
Content-Length
0
expires
-1
sd
jp-u.openx.net/w/1.0/ Frame 7EC9
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fjp-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://jp-u.openx.net/w/1.0/sd?id=536872786&val=0342634c-fd7e-4e00-871b-d2e4a0184057
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=536872786&val=0342634c-fd7e-4e00-871b-d2e4a0184057
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=eda0710e-2847-4e25-9f9c-d56d6d9d553e&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:00:14 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Mon, 17 Oct 2022 07:00:14 GMT
Server
MT3 4539 98cc2da master nrt-pixel-x15 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://jp-u.openx.net/w/1.0/sd?id=536872786&val=0342634c-fd7e-4e00-871b-d2e4a0184057
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 17 Oct 2022 07:00:13 GMT
sd
us-u.openx.net/w/1.0/ Frame 7EC9
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3420194055288005793&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3420194055288005793&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=eda0710e-2847-4e25-9f9c-d56d6d9d553e&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:00:14 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3420194055288005793&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 17 Oct 2022 07:00:14 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
usermatch
ssum-sec.casalemedia.com/ Frame 5448 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b4d7a92c256551999565f8460ca0e6e49996f5f3156d0311a76b220b52fdd64

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
75b727f63c1ae37c-NRT
content-encoding
br
content-type
text/html
date
Mon, 17 Oct 2022 07:00:14 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fOOSen9ZhugAtqZdO6%2BNneu2ARIItcdvl3JKXHke6zmT3teohWhRziYKfcoeJeUyAFFtFELA7vsBBfpNaROgRcVLjVJAi8QqBDxxXl0WKp1PTkeh02XasUfwq5SbZsF9%2B5T1L23WQelI0g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
Y0z9egfN3e1JwWrzaLPy4AAAFWoAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 5448 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y0z9egfN3e1JwWrzaLPy4AAAFWoAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2406:da18:929:5a00:ba11:d0cb:83c:9b08 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:14 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame 5448
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=40d8634c-fd7e-4a00-af63-bf1b852e2952
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=40d8634c-fd7e-4a00-af63-bf1b852e2952
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.90.68.235 , India, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Oct 2022 07:00:14 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Mon, 17 Oct 2022 07:00:14 GMT
Server
MT3 4539 98cc2da master nrt-pixel-x21 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=40d8634c-fd7e-4a00-af63-bf1b852e2952
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 17 Oct 2022 07:00:13 GMT
ie
match.prod.bidr.io/cookie-sync/ Frame 5448 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.115.196.111 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-115-196-111.ap-northeast-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
Date
Mon, 17 Oct 2022 07:00:14 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
Y0z9egfN3e1JwWrzaLPy4AAAFWoAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 5448
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y0z9egfN3e1JwWrzaLPy4AAAFWoAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y0z9egfN3e1JwWrzaLPy4AAAFWoAAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y0z9egfN3e1JwWrzaLPy4AAAFWoAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2406:da18:929:5a00:ba11:d0cb:83c:9b08 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:14 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y0z9egfN3e1JwWrzaLPy4AAAFWoAAAIB
date
Mon, 17 Oct 2022 07:00:14 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 5448
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=0178AF9324FB4FFF96C6D6E224C32305
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=0178AF9324FB4FFF96C6D6E224C32305
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.90.68.235 , India, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Oct 2022 07:00:14 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

date
Mon, 17 Oct 2022 07:00:14 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=0178AF9324FB4FFF96C6D6E224C32305
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 16 Oct 2022 07:00:14 GMT
crum
dsum-sec.casalemedia.com/ Frame 5448
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=07030001_634cfd7ecd89b&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030001_634cfd7ecd89b
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030001_634cfd7ecd89b
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.90.68.235 , India, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Oct 2022 07:00:14 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

date
Mon, 17 Oct 2022 07:00:14 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030001_634cfd7ecd89b
content-type
text/html; charset=UTF-8
cache-control
no-cache
access-control-allow-headers
Origin
crum
dsum-sec.casalemedia.com/ Frame 5448
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=FHzRPh2M1OKk6G5
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=FHzRPh2M1OKk6G5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.90.68.235 , India, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Oct 2022 07:00:14 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 17 Oct 2022 07:00:14 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/5502e06#5502e06d7dbe3c52c9a5559e1550ac262fba6e07 i-062a250e8c9e3d8af@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=FHzRPh2M1OKk6G5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 5448
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6081225796891830490&expiration=1667199614
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6081225796891830490&expiration=1667199614
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.90.68.235 , India, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Oct 2022 07:00:14 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:00:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6081225796891830490&expiration=1667199614
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
htw-pixel.gif
cdn.indexww.com/ht/ Frame 5448 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y0z9egfN3e1JwWrzaLPy4AAA%265482
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:00:14 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
30562
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
75b727f73902f8f3-NRT
content-length
43
expires
Tue, 18 Oct 2022 07:00:14 GMT
async_usersync
ib.adnxs.com/ Frame 3876 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.54 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Oct 2022 07:00:14 GMT
AN-X-Request-Uuid
f84fd879-3a1a-49a3-9785-7953cfb25d58
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.138.252.165; 217.138.252.165; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 95E9 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?cslots=0&dispcorr=1&streamcorr=1&isgptpresent=1&loc=https%3A%2F%2Ftorontosun.com%2F&ref=https%3A%2F%2Ftorontosun.com%2F&gcasclass=1&vpaidadapter=f&ifstate=-1&lid=70&sdkv=h.3.539.0&id=ima_html5&c=3560494686573405&domain=torontosun.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:00:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 95E9 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?csrvinit=1&lid=151&sdkv=h.3.539.0&id=ima_html5&c=3560494686573405&domain=torontosun.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:00:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 3876 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.54 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Oct 2022 07:00:15 GMT
AN-X-Request-Uuid
e6e8caaa-d523-47a0-ad67-88f2a991b5dd
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.138.252.165; 217.138.252.165; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
collect
analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-H792QCFZPV&gtm=2oeaa0&_p=73540905&cid=723715400.1665990009&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=Q&_s=2&dl=https%3A%2F%2Ftorontosun.com%2F&sid=1665990012&sct=1&seg=1&dt=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&en=page_view&ep.debug_mode=false&ep.gtm_version=41&ep.gtm_container_id=GTM-P3Q4QHW&ep.ad_blocker_enabled=false&ep.user_status=anonymous&ep.page_type=index&ep.platform=Cheetah&ep.platform_version=12.0.2&ep.fem_version=v68.2&ep.brand=Toronto%20Sun&ep.timestamp=2022-10-17T07%3A00%3A12.112%2B00%3A00&ep.ga_client_id=723715400.1665990009&ep.main_category=index&ep.metered_content=false&_et=25&up.client_id=723715400.1665990009
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H792QCFZPV&l=gtm_data_layer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:00:17 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://torontosun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cs.nex8.net
URL
https://cs.nex8.net/cs/openx

Verdicts & Comments Add Verdict or Comment

154 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| setNptTechAdblockerCookie object| script function| BlockAdBlock object| blockAdBlock object| LRNameSpace object| LoginRadiusDefaults function| LoginRadiusUtility function| LoginRadiusApiFramework function| setLoginRadiusDefaultSchema function| setLoginRadiusModuleFunctions function| LoginRadiusHooksModel function| SetLoginRadiusCommonFunctions function| LoginRadiusControllers function| LoginRadiusV2 function| FormValidator object| hash object| modern_script_elem object| legacy_script_elem object| ytAdTargetingLoadEvent function| script_onload string| locSrc object| ytVideoAdTargetingConfig object| webpackJsonpFrontEndModules object| tp object| FrontEndModules object| googletag object| aax object| permutive object| apstag object| pbjs object| ggeac object| google_tag_data object| google_js_reporting_queue boolean| apstagLOADED object| pbjsChunk object| _pbjsGlobals object| __permutive undefined| google_measure_js_timing object| Criteo object| webpackChunkdjango_content_services object| PublisherCommonId object| Sailthru object| jwDefaults object| webpackChunkjwplayer function| jwplayer number| timeoutId object| __iasPET object| googleToken object| googleIMState function| processGoogleToken object| diagPixSentCodes object| __iasAdRefreshConfig number| google_unique_id object| gaGlobal string| iasScores object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| closure_lm_42663 object| closure_lm_562764 object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_123 object| Criteo_prebid_123 object| cast object| vf object| vfQ object| dataLayer object| mParticle object| gtm_data_layer object| COMSCORE function| udm_ object| _comscore object| GoogleGcLKhOms object| google_tag_manager object| _vfP boolean| vfLoaded function| setImmediate function| clearImmediate object| viafoura function| postscribe object| google_tag_manager_external function| onYouTubeIframeAPIReady object| Ribn object| mpOneTrustKit object| GoogleTagManagerKit function| OptanonWrapper object| dl_mparticle object| mp_data_layer string| GoogleAnalyticsObject function| ga function| e function| t object| marfeel function| fbq function| _fbq object| PARSELY function| autotrack function| gtag function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| _typeof boolean| pnFullTPVersion number| pnInitPerformance boolean| pnHasPolyfilled object| pn string| __tpVersion object| SWG function| ___tp object| gaplugins object| gaData function| _ga_originalSendHitTask object| webpackChunk_marfeel_marfeel_sdk object| __mrfCompass object| PianoESPConfig object| google_image_requests

100 Cookies

Domain/Path Name / Value
torontosun.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.torontosun.com/ Name: pbjs_sharedId
Value: e587df4d-d3e7-4d42-b507-2ab734c908b3
.torontosun.com/ Name: permutive-id
Value: 8875f879-e059-46a3-98d9-f2a2549870e3
torontosun.com/ Name: political-ad-opt-out
Value: {"data":false,"exp":604800000,"ts":1665990008615,"mac":-1915909623}
torontosun.com/ Name: __adblocker
Value: false
.23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/ Name: pxid
Value: 143c7ad0-058e-42fa-9341-1b6ab4cabe3f
torontosun.com/ Name: sailthru_pageviews
Value: 1
.openx.net/ Name: i
Value: e587df4d-d3e7-4d42-b507-2ab734c908b3|1665990008
.doubleclick.net/ Name: IDE
Value: AHWqTUnsu9iG53Fn4GQslFInNSzgMFAggz4hBNTe_d7rWQS15DiIva0ra75xFBRJWrU
.rubiconproject.com/ Name: khaos
Value: L9CFFPVH-U-L047
torontosun.com/ Name: sailthru_content
Value: 2daf89bab868e9ce42ab0131ed955a5b
torontosun.com/ Name: sailthru_visitor
Value: e7b1dd4b-5af1-471d-adc5-fd9b0057b627
.yahoo.com/ Name: A3
Value: d=AQABBHn9TGMCEHT474CDJnqe3avWsFxp3lQFEgEBAQFOTmNWYwAAAAAA_eMAAA&S=AQAAAh9BgDBYshFBK28JD9cv57I
.amazon-adsystem.com/ Name: ad-id
Value: A9XIRA96MU-ojIIJBohjm0U
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.adnxs.com/ Name: uuid2
Value: 2170235670873243484
.casalemedia.com/ Name: CMID
Value: Y0z9egfN3e1JwWrzaLPy4AAA
.casalemedia.com/ Name: CMPS
Value: 5482
.casalemedia.com/ Name: CMPRO
Value: 5482
.adsrvr.org/ Name: TDID
Value: 811645c3-3d9c-45bf-b19a-5ec259bcb03f
.torontosun.com/ Name: __gads
Value: ID=6a788fc7ce25f90a:T=1665990009:S=ALNI_MZWFVodzfaGVR9K7wPPIcmCchqNQQ
.torontosun.com/ Name: __gpi
Value: UID=00000b6447af5387:T=1665990009:RT=1665990009:S=ALNI_MZhzEy4Cum0dTEV6UaxP5h3JR03jg
.ladsp.com/ Name: cr
Value: 1
.ladsp.com/ Name: smn_uid
Value: D2oPEa3BCHoP1MCqzmoNPA7--i8PF2I
.ladsp.com/ Name: lum
Value: CNzL-KW-MBIFCAMQ0AU
.openx.net/ Name: univ_id
Value: 537072971|811645c3-3d9c-45bf-b19a-5ec259bcb03f|1665990010354542
.3lift.com/ Name: tluid
Value: 1549337916848776123083
.taboola.com/ Name: t_gid
Value: a68a029d-e3a4-42cc-b706-3ee07a6e70d3-tucta4682fa
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNjY1OTkwMDEwfQ
.sharethrough.com/ Name: stx_user_id
Value: 2b4775af-08d0-4e25-989a-e1b61afe9b41
.yahoo.co.jp/ Name: XA
Value: 28ahcuphkpvbq&sd=B&t=1665990010&u=1665990010&v=1
.yahoo.co.jp/ Name: XB
Value: 28ahcuphkpvbq&b=3&s=e2
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGY2FzYWxlEgsIotuguuiFmDsQBRIWCgdydWJpY29uEgsIlJm0v-iFmDsQBRIbCgxzaGFyZXRocm91Z2gSCwigmdTC6IWYOxAFGAEgASgCMgsIoJHX7_6FmDsQBTgBWgxzaGFyZXRocm91Z2hgAg..
.media.net/ Name: visitor-id
Value: 3089916106451710000V10
.media.net/ Name: data-g
Value: CAESED1QTTAP-8rTTbMrEnpALzg~~3
.smartadserver.com/ Name: pid
Value: 6270912660698244160
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&12c85ce7-0105-4b52-8c25-61f035f8564b"
.linkedin.com/ Name: lidc
Value: "b=TGST07:s=T:r=T:a=T:p=T:g=2451:u=1:x=1:i=1665990010:t=1666076410:v=2:sig=AQGHEP2PWr-K0jvKcjbRzo8EqMFo2WWr"
.fout.jp/ Name: uid
Value: C4A_XcpcXoPWDb9XJpq1bNwRmeA
.zemanta.com/ Name: zuid
Value: fdHlvBQOrwc-373Sc_9D
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTML2QDckBC74WlqbBgMWySGKid6DeFnocd9faNbREqVm3L03Xu8kU1swYT6SDLWOqTjcbcoWLoK2ZeBxGCOXoSK1cSqm9qu5Ignc6UO785F0Pw==
.criteo.com/ Name: uid
Value: deeb4050-2e95-4dd3-bc4f-8e9220330d5d
torontosun.com/ Name: x-id
Value: {"data":{"adLight":false,"id":"0ci07awogiqt6blxwv2lrl73okjd968k","updated":1665990011576},"exp":604800000,"ts":1665990011576,"mac":265871380}
fem.gprod.postmedia.digital/ Name: x-id
Value: {"data":{"adLight":false,"id":"0ci07awogiqt6blxwv2lrl73okjd968k","updated":1665990011576},"exp":604800000,"ts":1665990011590,"mac":265873116}
.adkernel.com/ Name: ADKUID
Value: A6372623606720973339
.torontosun.com/ Name: cto_bundle
Value: FBtwa195aDBoS3JzU2tJNCUyRkNUTnpiMmFnTTNFNHVhRE5rJTJCN2RZak1LVzNramlxc3JlZDRtdWlJT3RwVUlDbnZnVWlNTGx4MGFtTDBCVGFyOFlmamlxYWduUEdWb3ZyJTJCbTkyRm1OT3NyMkJXbEpacFRXYktkQ3lJMzhBTjg5eGFvcnFUTHVwczAxOERGZCUyRjZwWWtiNkltYjRZZyUzRCUzRA
.e-volution.ai/ Name: ADK_EX_193
Value: 1
.e-volution.ai/ Name: ADKUID
Value: A6372623606720973339
.torontosun.com/ Name: _pprv
Value: eyJjb25zZW50Ijp7IjAiOnsibW9kZSI6Im9wdC1pbiJ9LCIxIjp7Im1vZGUiOiJvcHQtaW4ifSwiMiI6eyJtb2RlIjoib3B0LWluIn0sIjMiOnsibW9kZSI6Im9wdC1pbiJ9LCI0Ijp7Im1vZGUiOiJvcHQtaW4ifSwiNSI6eyJtb2RlIjoib3B0LWluIn0sIjYiOnsibW9kZSI6Im9wdC1pbiJ9LCI3Ijp7Im1vZGUiOiJvcHQtaW4ifX19
.torontosun.com/ Name: _pctx
Value: %7Bu%7DN4IgDghg5gpgagSxgdwJIBMQC4QBsCcAxgGbEDOARmQOzIBOAHBQHYDWzIANCAK5kx0y2Zj1y5ufAQGUALhBl9sICMwD2HbmQQyYGYaNwBfIA
.torontosun.com/ Name: _pcid
Value: %7B%22browserId%22%3A%22l9cffsbstg8dq1lo%22%7D
torontosun.com/ Name: __pnahc
Value: 0
.torontosun.com/ Name: _gid
Value: GA1.2.1175094330.1665990012
.torontosun.com/ Name: _gat_UA-213173459-5
Value: 1
.torontosun.com/ Name: _gat_UA-114648105-14
Value: 1
.torontosun.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://torontosun.com/%22%2C%22sref%22:%22%22%2C%22sts%22:1665990012016%2C%22slts%22:0}
.torontosun.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=5162f9d2-b01a-4794-b7e8-6da4715c8e37%22%2C%22session_count%22:1%2C%22last_session_ts%22:1665990012016}
.torontosun.com/ Name: ___nrbic
Value: %7B%22previousVisit%22%3A1665990012%2C%22currentVisitStarted%22%3A1665990012%2C%22sessionId%22%3A%22f9c49cbe-8545-4e2a-803b-393c825614f3%22%2C%22sessionVars%22%3A%5B%5D%2C%22visitedInThisSession%22%3Atrue%2C%22pagesViewed%22%3A1%2C%22landingPage%22%3A%22https%3A//torontosun.com/%22%2C%22referrer%22%3A%22%22%7D
.torontosun.com/ Name: ___nrbi
Value: %7B%22firstVisit%22%3A1665990012%2C%22userId%22%3A%22a12b0f6f-0eb2-4ee5-8bf7-a0edd0bef9fe%22%2C%22userVars%22%3A%5B%5D%2C%22futurePreviousVisit%22%3A1665990012%2C%22timesVisited%22%3A1%7D
.torontosun.com/ Name: compass_uid
Value: a12b0f6f-0eb2-4ee5-8bf7-a0edd0bef9fe
.torontosun.com/ Name: _ga_H792QCFZPV
Value: GS1.1.1665990012.1.1.1665990012.60.0.0
.scorecardresearch.com/ Name: UID
Value: 19Bc6026c365a9ba8011ced1665990012
.torontosun.com/ Name: _fbp
Value: fb.1.1665990012140.23905684
.piano.io/ Name: __cf_bm
Value: wDXCtFOBQPh3p8LMp1U3eeY42HNlMo2bqbDmmLzcwPc-1665990012-0-AVaN+rnydMxfdeBB0QPRimyStyAG+ei0KVqhJpaCCdUV43N4fYNifR7/maNDwjf8dzaFayj5CFOZJ2NzTbg7Ahg=
.torontosun.com/ Name: __tbc
Value: %7Bkpex%7DqOejh57gviOsEq2ijx2khTRDpKEHJmXsmgLfg6KBCXkJ9Kh59IgJJWivn_wOdkz4
.torontosun.com/ Name: __pat
Value: -14400000
.torontosun.com/ Name: __pvi
Value: eyJpZCI6InYtMjAyMi0xMC0xNy0wNy0wMC0xMS05NTAtSVpVYlVnczZhRjJBejhpVi01MzFmZDkwODcyNDA2MGIzMGRjZjAzNzU1NzU3ODA2ZCIsImRvbWFpbiI6Ii50b3JvbnRvc3VuLmNvbSIsInRpbWUiOjE2NjU5OTAwMTIxOTB9
.torontosun.com/ Name: xbc
Value: %7Bkpex%7DS2jpItMXokdWimgHUfn8l5AUSMJ5-2tMvsuZ9cG39YN8KP4Vd5UYb8gpORopZeNvmqxPlXlW7ZPLERzXYyTVpw
.torontosun.com/ Name: _gat_UA-238413164-10
Value: 1
.torontosun.com/ Name: _gat_UA-138335866-30
Value: 1
.torontosun.com/ Name: _ga_7GC5VRWDF9
Value: GS1.1.1665990012.1.0.1665990012.0.0.0
.torontosun.com/ Name: _ga
Value: GA1.1.723715400.1665990009
.torontosun.com/ Name: mprtcl-v4_4662F03F
Value: {'gs':{'ie':1|'dt':'us1-99b65fde89a1a145894d2d51d283cc83'|'av':'1.0.0'|'cgid':'f64fdf6c-f206-45fb-958d-b9eff1d3f5a5'|'das':'a49277ce-02e7-4487-937d-76f93f4582a1'|'csm':'WyItNDMxNzg3NjkwNjY4ODEyMTI0NCJd'|'sid':'C8534EDA-F2CB-4D6F-A34E-8747F0EE3610'|'les':1665990012426|'ssd':1665990011869}|'l':1|'-4317876906688121244':{'fst':1665990012168|'ui':'eyIwIjoiMGNpMDdhd29naXF0NmJseHd2MmxybDczb2tqZDk2OGsifQ=='}|'cu':'-4317876906688121244'}
events.newsroom.bi/ Name: 1528_u
Value: a12b0f6f-0eb2-4ee5-8bf7-a0edd0bef9fe
events.newsroom.bi/ Name: 1528_s
Value: f9c49cbe-8545-4e2a-803b-393c825614f3
events.newsroom.bi/ Name: 1528_lv
Value: null
.viafoura.co/ Name: VfSess
Value: 2ftfsdj6nfqjg6bsjggbvehbqr
.viafoura.co/ Name: vfThirdpartyCookiesEnabled
Value: true
torontosun.com/ Name: _vfz
Value: torontosun%2Ecom.00000000-0000-4000-8000-d11b93482c8b.1665990013.1.medium=direct|source=|sharer_uuid=|terms=
.torontosun.com/ Name: _vfa
Value: torontosun%2Ecom.00000000-0000-4000-8000-d11b93482c8b.0e7117de-7cb2-42ce-9cfe-652f218691ec.1665990013.1665990013.1665990013.1
.torontosun.com/ Name: _vfb
Value: torontosun%2Ecom.00000000-0000-4000-8000-d11b93482c8b.2..1665990013....
.viafoura.co/ Name: vfDeviceId
Value: 4dbeedff-d7c7-45af-af7a-8ded9d194487
.ads.pubmatic.com/ Name: KCCH
Value: YES
.openx.net/ Name: pd
Value: v2|1665990010.4|lYvOjEiuhI.iasnuIjIvGlQkqkalUvH
.ad-m.asia/ Name: uid
Value: EvT705lcpC
.analytics.yahoo.com/ Name: IDSYNC
Value: "18y3~27ri:175w~27ri"
.r-ad.ne.jp/ Name: r_ad_token
Value: 51070E01PBDAY008Ks9M
.admatrix.jp/ Name: uid
Value: 6f77e87a-94c0-4809-9b8b-e49f4297d96d
.blismedia.com/ Name: b
Value: 634CFD7EC0A040EDE48C7C67BLIS
.mathtag.com/ Name: uuid
Value: 0342634c-fd7e-4e00-871b-d2e4a0184057
.casalemedia.com/ Name: CMTS
Value: 5484
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y0z9fgAAAa2XWAAO
.turn.com/ Name: uid
Value: 3420194055288005793
.simpli.fi/ Name: suid
Value: 0178AF9324FB4FFF96C6D6E224C32305
.adform.net/ Name: C
Value: 1
.w55c.net/ Name: wfivefivec
Value: FHzRPh2M1OKk6G5
.adform.net/ Name: uid
Value: 6081225796891830490
.dyntrk.com/ Name: dyn_u
Value: 07030001_634cfd7ecd89b
.w55c.net/ Name: matchcasale
Value: 5

25 Console Messages

Source Level URL
Text
security error URL: https://torontosun.com/
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://fem.gprod.postmedia.digital/v68.2/fem.js
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
worker error URL: https://torontosun.com/
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
worker error URL: https://torontosun.com/
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://c.amazon-adsystem.com/aax2/apstag.js(Line 1)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
network error URL: https://cdn.jwplayer.com/v2/media/JQkbLqiZ
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js?cb=31070374(Line 17)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
rendering warning URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js(Line 9)
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
security error URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 573)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 534)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 534)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js?cb=31070374(Line 9)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
worker error URL: https://torontosun.com/
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
network error URL: https://cksync.yahoo.co.jp/sspsync?ptr=12703&google_gid=CAESEBD5Vah2ECdc4eBr9uYSN-s&google_cver=1&google_push=AZmPxg-POtr_MVMUtVR__Uozor8NlOyDd9t0mpWnpRbwUDsBLngoP52uOtj0yWsCFJp3WtnS_qrlpgJpiG6Xt0ETUayP_7Ca2SgCDg
Message:
Failed to load resource: the server responded with a status of 400 ()
security error URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js(Line 1)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://tpc.googlesyndication.com/sodar/sodar2.js(Line 31)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://tpc.googlesyndication.com/sodar/sodar2.js(Line 31)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://connect.facebook.net/en_US/fbevents.js(Line 23)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://connect.facebook.net/en_US/fbevents.js(Line 23)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js(Line 2)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js(Line 2)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js(Line 2)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js(Line 2)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js(Line 2)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
network error URL: https://cs.nex8.net/cs/openx
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-dynamic' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

14a779b744740689ff02eb61bf981cfe.safeframe.googlesyndication.com
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
ads.pubmatic.com
ads.rubiconproject.com
adservice.google.co.jp
adservice.google.com
ak.sail-horizon.com
analytics.google.com
api.permutive.com
api.sail-personalize.com
api.viafoura.co
assets-jpcust.jwpsrv.com
assets.ribn.com
auth.lrcontent.com
b1sync.zemanta.com
bidder.criteo.com
bk.r-ad.ne.jp
c.amazon-adsystem.com
c1.adform.net
c2.piano.io
c2shb.pubgw.yahoo.com
cdn.adsafeprotected.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.jwplayer.com
cdn.parsely.com
cdn.permutive.com
cdn.tinypass.com
cdn.viafoura.net
cksync.yahoo.co.jp
cm.g.doubleclick.net
compassdata.mrf.io
config.lrcontent.com
connect.facebook.net
cr-p3.ladsp.com
cs.media.net
cs.nex8.net
csync.loopme.me
dcs-static.gprod.postmedia.digital
dps.jp.cinarra.com
dsp.adkernel.com
dsum-sec.casalemedia.com
eb2.3lift.com
entitlements.jwplayer.com
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
events.newsroom.bi
experience.tinypass.com
fastlane.rubiconproject.com
fem.gprod.postmedia.digital
flowcards.mrf.io
fonts.googleapis.com
fonts.gstatic.com
googlesync.permutive.com
gu.dyntrk.com
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.viafoura.co
ib.adnxs.com
identity.mparticle.com
image6.pubmatic.com
imasdk.googleapis.com
jp-u.openx.net
js-sec.indexww.com
jssdkcdns.mparticle.com
jssdks.mparticle.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
micro.rubiconproject.com
mug.criteo.com
p1.parsely.com
pagead2.googlesyndication.com
pixel-us-east.rubiconproject.com
pixel.adsafeprotected.com
pixel.rubiconproject.com
pm.w55c.net
postmedia-d.openx.net
postmedia.hub.loginradius.com
pr-bh.ybp.yahoo.com
prd.jwpltx.com
px.ads.linkedin.com
rtb.openx.net
rtb2-useast.e-volution.ai
s.amazon-adsystem.com
s0.2mdn.net
sb.scorecardresearch.com
sdk.mrf.io
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
smartcdn.gprod.postmedia.digital
ssbsync.smartadserver.com
ssl.p.jwpcdn.com
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
sync-dsp.ad-m.asia
sync-tapi.admatrix.jp
sync-tm.everesttech.net
sync.fout.jp
sync.mathtag.com
sync.taboola.com
tg.socdm.com
token.rubiconproject.com
torontosun.com
tpc.googlesyndication.com
tr.blismedia.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
videos-fms.jwpsrv.com
www.facebook.com
www.google-analytics.com
www.google.co.jp
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.npttech.com
cs.nex8.net
103.229.205.243
103.231.99.243
103.231.99.77
103.43.90.117
103.43.90.54
104.18.13.76
104.18.18.126
104.18.19.126
104.19.149.54
13.115.196.111
13.228.50.99
13.229.33.3
13.32.50.69
13.35.45.87
141.226.231.48
142.250.196.130
151.101.130.207
151.101.130.49
151.101.2.207
152.195.62.252
174.137.133.49
18.139.9.236
18.176.32.10
18.177.11.95
18.178.52.42
18.65.168.61
18.65.212.64
182.161.74.11
182.161.74.18
183.79.249.124
185.84.60.30
188.40.80.165
2001:4860:4802:32::181
2001:df2:a300:bbbb::135
202.131.200.82
202.131.200.84
202.232.238.37
202.241.208.52
23.106.127.165
23.106.69.73
23.193.52.206
23.193.52.229
23.193.52.29
23.39.13.202
23.41.81.252
23.42.45.197
23.90.68.235
2404:6800:4004:801::2002
2404:6800:4004:808::2001
2404:6800:4004:808::2002
2404:6800:4004:808::2006
2404:6800:4004:80a::2003
2404:6800:4004:80b::2002
2404:6800:4004:80c::200a
2404:6800:4004:81c::2003
2404:6800:4004:820::2008
2404:6800:4004:822::200a
2404:6800:4004:824::200e
2404:6800:4004:825::2004
2404:6800:4004:826::2002
2404:6800:4004:826::2003
2404:6800:4004:827::2002
2404:6800:4008:c15::9b
2404:6800:400a:805::2001
2406:2600:4::1
2406:2600:4::b
2406:da18:929:5a00:ba11:d0cb:83c:9b08
2600:1f18:44f0:4832:c2a7:8a22:497d:150b
2600:9000:20c4:e600:8:2ae1:d740:93a1
2600:9000:2142:5000:1:a3fa:7cc0:93a1
2600:9000:221a:ea00:7:75d4:e40:93a1
2602:803:c006:158::65
2606:4700:10::6816:48e8
2606:4700:10::6816:49e8
2606:4700:3030::6815:5476
2606:4700::6810:2a41
2606:4700::6810:5514
2606:4700::6811:b7b1
2606:4700::6812:551
2606:4700::6813:ac6c
2620:1ec:21::14
2a03:2880:f00f:8:face:b00c:0:1
2a03:2880:f10f:83:face:b00c:0:25de
2a04:4e42:200::645
2a04:4e42:600::626
2a04:4e42::645
3.33.220.150
34.107.254.252
34.111.249.109
34.117.54.29
34.126.167.117
34.149.157.221
34.95.81.168
34.96.105.8
34.98.64.218
35.186.253.211
35.241.9.51
35.244.159.8
35.71.178.8
44.242.33.86
52.46.143.56
52.77.152.198
52.95.126.160
54.147.89.146
54.64.63.177
64.202.112.127
65.9.42.42
69.173.151.100
75.2.40.13
8.39.36.141
8.39.36.142
99.84.140.16
99.84.60.22
00698cc466589ce4f6d134fe18cbd2c69d2323c1302d60ffd277de76b328d3de
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
04fce1d2bed63500f3c8a33568e74d7749629b595286807ca397de1633adccef
050886b3678519ee143666168d0bfecc4a877d4e17018883bf2afbd097fe60c1
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0767c070293f17944c5246f47d8c610131ee16556a032dc3b5820bdac5ec725f
0b221e82d46488cb1a59643b4b25f6f250bae7e2df016e1db6ba8aa81f4204e6
0b5bcd5e455fe140dfa582f1f66284a5af4f1de829a3341cca1720cc6b02d8ad
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bf89b04ad4a45d3f378f620d6b2c58b9185758bf025d2fd2cf4293a04b68eff
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c92a8a981ca46cfb88a56dd166b36bac275d9ae9ab5e3af1a2421b3603bc2a1
0d959eee20c946beefabcecc530391cf0cc574faa254825295d3a6faec95a5fd
11ae3fc00d0db52c666cc1a1aef8233d1f3f1f8d1219a8af7f622fda5ba56081
11fbf0561da8f35f674eab4ad5c047535f202952310f7f8d695563657af3454d
14f1af5e8ea87e4147d1a323232b628b279678ff618aa9a8b917436e3c4ed0b0
179c493864283938999b1e6cfb14839f78f9b25d1ec30faabbf9ea18216b23e5
179f43e8abd5e7bd49d05571dc29d22c9f5044eb17ca8253a49e3e28e716af61
18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee
1ab332ded1376c272c0b5da6e2c26719a2dbead1844c4e695a86ea4473792d66
1af2148d7bd5e2a0c9ddc1c5b9ff072996852f4f11ebc19695ba4ee08ddb9c4a
1b82cb3a77f71a1bb2a4be919b189d1ff14ff9c82846c9f77ed521e4683f38fd
20dfc451c307c4c7e9105f217af5b7eee9534e464e5ea485899aa7b29de143d6
22123e474037986b3761876d17414f22372b748fbf4e76caa0bd2b506eac5ff3
25afd6b6846fce474679a4cc62bef611cadbf573b0d97a962f1dbe6137fcdc1c
25ee9ec5d8ea3c3dd798495d81dea5be870f4f9ebb73ef9360c538587efcce75
2766cefef6caebe2b29cbe713606fca7529b662bcd88385e8943ce5f51efe37a
27fbbd71a46758859f6b79fe683740f7e4f8361074f949307dd138df207a6083
29286a8d99ee88d5b50fe2ce4aa4245aa5262895398816237b283ead33a81617
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78
2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133
2bf2a8271fcdf83e9a9435cb5d6afd3be5b667f12ef8222aa89c0fe480010052
2f28c008f0ce667d697ccc95a07377e8562c0c28dd910f864724a265f75671e4
30b03de95f5e9c07ea30ebbbcd1d3f728dd1eb13d4cad35c5204cadadf6a569a
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
31f1262c9c30189e2357c102e2f866fe0c77b88fa3572df8c50531fe1e860b7d
32df43a530d768d4483680f784fd97eb35f86cdc3086ea546f186254e99dac6c
33d1ac9a7675915ea91dc30c4addb6cdbd2f9b448cdb7dab206638f1ea5c77e4
3652830089ecf6ff8b72418f424ff2a5a1740ef7b0887b24457e65465d2c1213
39b28b6b997b386628c1318a08508ac080b9a48b4e3df036bf80f9b062284c5d
39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3c194ef9dbec4dcbd08cd14e2a2ee0f88368e8ca11b6c6600cf47019d16680c9
3d3e0a2ef13fe2ca79a06ad53dc610f8b2a1c6cff7579da784ca958a6e8678f3
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dec79bbcc485a615d697425122816930d986a3ba2f698f558462194bee16006
3dfc273cb08d312f5a2b0bb010ac8b5fa33c6555cf26e4a14cc8e0210b1c695c
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fde76cacc186420d0405496f66f9cd00a7c14a38a9ffa4b626a09affe83cc2a
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4050bb73907cdf1546c87877c1d3fd6276c6f568de6d23a7c0e2c31861811be3
40e562e806ce113ae7879d0dd76db82797b5c274794751c260381f2c8b283641
43d194a386d669dae86a0a5374c0a58e48c409aead28f41de0771907c9c1ae3b
450cf0c1ba4a5d776980cec4785f994f6593d0f57cf5b7b9fb4176c66253778d
45e6fd98f776235a89af5d03ee1caebc0580a7a30d0ec8006a05403023539f6d
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831
489153e37dd251189be1c2930d0d849f5cb727288978deec8a83a5fd2667aada
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a33ab25fe47d4dc1037d791474b0a355719165d4614218cb9ac0cdac692ad01
4c15897b61bab2232b33b0cef2c455a79ff6de0ec8c5dd4757f4f3b10fc01045
4dbabdd7d13407410506be9cf88bd3def5a6c9ffc51cc10239c51bcb16936487
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eea21458fcac98479bc75bfe2518e6f4949c119dc9599ba9429da6a91c261b5
5427e10c23520fbca480e8750c7e03dc2858eee594081879ea72a559bbd9fa81
54d22e3cfe61d7d3c91a2b45d4e0bf68f444e4ee4cd875cee9a5084dd13af0db
55341255ed7759905fcd82a297de74e5afde2b1a66cb1136974cc7eb80731460
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59b4ee8954cb6b9961f92bebc6707f1d8a7cae7a26610df7bcabb48ce2d99e1e
5a02900c2dbce0e4436db42632097edb14b149edf0e58add290771afd965ec38
5b4d7a92c256551999565f8460ca0e6e49996f5f3156d0311a76b220b52fdd64
5cdebbd971717a8ce3c2a331f224db70d210da0618d281ab4a6b90cc24321942
5e1231f11225dddec88ade4c08414de646997f67ed9630af1b40e68f315a0b40
5ef452b9ff354b8636489adc750433a6018b443aa5dbfb2080eb0bdb375c70be
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce
60ca1c1505fd30d5c235ceda7c4a34f06cfae0c91b98ce2353906b5bde473211
619c7c32677c49a7a6ee6affb1b79521bddd6ef4c22bb8ca5fa4ba829becab41
61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62394660741e79eacb0e174bce6dc9779572129e9790e0227d40a3ded73cde15
66a47c9ba57b7b1975a0f62122d6cbf18d9de1b86bae72c9024f10db11c976d8
68a335c0d87dce935fee1811892070e78c514828d50bfe2ae21fde739ec1002c
696a9c8c86e2c76035aa8b4251b224c24280d77d2416ef0d96fd3792754cd2f0
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b66be7ad36a51793c1b3760c0aa833c35f18dc4ff2b6ff11d6db9920a52fe11
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cb233c380197e43bb72a7f59ee39aa721bacfb9c7d932603a45118bc87cedde
6cd5016279444904a17fea0e8624cd858e71f77baa3c46a82b06155b39249a9b
6e3717c11e421a2267e1ab728461aeed493cbfdfe18e0448895effd0ec2454c2
6eff61560a18ee88d46fe42338360d72283be1f18917873a67f173537a60b335
6f17c410e027f87cb43adb122a6fdc3d0034dac86e1572ae2ee54493020fdd0f
70407dd66391fa1576e7a87838e1167505800484311622fa4f2ecd9810b44266
70791f9acfddb9d9255bea721ba2e06a7f6ce494f72902d82206097ea14aa380
721c3076abf2534547c1bbd67a0842c8c46542bdd476bf7b842deea1d7880230
72b2b9bd53374011aa33ff707951cd8ccf015d5ab3bb04f745c0255e2608036a
733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b
762eeb92b277eef33cc3ef5fc63495008e3b4acd1e2c1fb715f5862e0712afbc
77f3cea3668cf610af9389a4bb80eaeb0c25f3303ce6c405c0383572d1f23d00
78b558bd2357fbe7ad52804fb3af1b8664b23db096b1deb22d215dde25b152bf
79940cfffd1ba3c7b8aaed4626b1e59f2513d5cfd1fe3509a0ce19fbd4b81844
79ac0a4f29873d7d66aa02765ae1c687af9685330ebe55210ab474058277668a
7beb96ef759b267b4159270a64ca009646a2e9a725882896b3dd431198b92058
7c0952d361c8163b5335557d223de2a5f6b73491bcff6d522f87df9e9e1b4551
7c91779a997bce5f8fcaab915fd0372a579562c0f4bf0f14cb6b4d131d5515f6
7e137580c49812e09a46670774dabff4095b09a9c2fec225cca9c4d4b441ca00
7f6600ebf733ebd7ba834a9962334719bdfb4e6a98e57651a938dfea4d4884ae
7fb15552a88b764ca42963e71136255cecf99c6bccc6fdc68fbe0f930a516cb7
8191bde931aae454277f481136e14c79258cbb040d36d2c54cfa3a97f5f0e089
822d19c9cc13eec9f050608444417a62b048a4ebc4a1a9ab5f83f77263273e6f
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
83b4062f5dbd9a88726fab5b46e946b7beae1cdfa3ea44a773e0858e67a8fbf9
8512a94c30dc7fda4931ae11fc195ee3f2cbad5dff1dc2567cf3725c33093b2d
891b3886dccdba5ee5a6c7a7eb571b702d0e0632fe625eab0f14661db6f18a92
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8c0a51eddd9f9af8c07ee676c96bd69edcd7821d3e8e0478fa5ee78fa1a62e68
8c4e3a8dc6ea8b61902832422d40c744ba7095442b6a21453565958899284250
8d8de3829d2383650a9308f175c7017fe6f3a60c3888d6d61e089f9b19141323
90c9b71c06661b429200058b5d1ed00807cb45e3760dd956e77e3d0129d56a41
90e125c512e72bee59bf8c3e6fd8233830709d4bb22c5791aa626ef2653a2127
93b7370c095ad34d71b2f08dcb7373ad266d3a7feee2cceef7c6aa7ec8bb6423
93c45b6c4d23d6de935cc95285dbd06307bb024640cb4c186ddb7cdbc091aac1
95fd93e0c1e09a74885a2af6b16bfa68abc61d224ab6be9e621a7dee9d1f4129
975a64dc9bbc5e1884ba8ca2e76d9b2791d16d5c9f3619bf30477cd21a8636d2
97c38613f17e246a364928ff5bbc103d0317fc594ccd2af341424981ec4cca22
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
98d5e37cb6ce3ce26b2701c23ca7f5081c735b69c2083ebfdb7d5b9b164726c3
99394b0f6e9f0aefd71dd6a9ad59129ff7852e7734905bead2f2cec5789e3436
99fbbdeeb918f200e1b4805018cf1927d83fba34ceeae529202f81c3c3f030f1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b1e37ec93409fa80a5af2a230c2ff44d26a420066df7b0a0bb48c2bfa1f101c
9dc58b9d5dce9d8376aad3a8e76e00a6bd0cae6ce73eb761ebcffaca48b3b553
a15c702afa4f796b7745a610f9937611706df739a51cd4479e72b3105980d970
a28f35fb283263fe241823efcbc9f213d3d4c0b4bfe83baf0e99f9e9f42893b9
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a800a78c6aaca406a3e15e9145aaf29d72f2ec863f36cf523765e2397432fd91
a8236998816487aa6623e3626d7cd50f395e3deee0732c33b150bec3cb81f9a3
a8510a4e68983dc5866babd703dcb3f1d1d1d133f86e1717231d3c79efaae3b5
a86f7c99e50fe3ca01531367eb58ad9ad1bab9cc2d5186d45a3567ebc4904d2c
aabf2f7c4e75538756e5059984dc7d154c7ed77763c07252a412632858df82c3
acc1a5377a45963a2da2d6af031ba0700e5990a33d31acbd5910450f17d410e1
acfde0191e09d9049c5304cf54ee91bc9748bc11e6ad6091ca20c7de569d29b6
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ae99851c2155f70e14ca8a15656053501bda155abb120a0cdce1def653743a25
af5ed7b03f52f737ae0ed9872b1bfc2e788fe668844b3e72244244fa282b1f5d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b36875859aecad1a5c337e71bb4de717f4dbbad6b6e0cba7d1d5622bf4698e85
b39c934479cfe0991a6eea4f9a0597eebea9da311d8ca1aebffd48fef946b5b7
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4499363cee61831ccf457305f52a16e15693edfdc687846be3eb1fdb9b30427
b4b69eab49204892974662bf7327d62ca6da2f41aa1e1a97a57835e0aeef6c21
b510ee91066f77f938f78422378a73f44818d0ee661c0ccb5ad398cc7dd6b080
b52af4f6849257bb609f2078d51dc45ad49c0f9b5ff217cf6f9c1c8afcb9a8df
b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12
b9fe76e1434ad33572235ff9aff7c6101760ace85b9fedbaa388ea59feb25a07
bbbb9e40b685c8fe25d229b1f9b95bff8805f9f0e94c9f68a847bd19f7eda291
bbe74c62945bca0d7d29f9784c7462326fb4f8100313f320468c67a947a267ad
bc6ce846acfad7dc0f4be2c2d554bf5c9d9c04021ff670685f41f61a8e8325db
bee3b19f1331b6c2b4a1d2bf36ec561adda701f0c33b49d0e6c22d91dbe868f6
bf7b6275d2a54599893fded12ba1bd7f0c96495c01fe6cac2322bc0c2382b4ff
bf816b537d6e50338a0b2dd6a1d6baa58058a20d3ebd62b598f9bbf00eb81b06
c046764719bcc5ab7db4a91a61c0cd96eaee75215cd6430d46f6930cda00ef71
c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870
c204bb9159a6ec92eb4005aa9b807c628b06a8b34603f0634b6cf2fda75243ca
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c307b70f8116262f11ddd6ca94b02c5c884737f74e4fc2560751522092897ef7
c334528aa72a966ed26229a47c6e559782fd5074556a36a49ea95beee66f09ef
c6522ef0adb89fb6a8020217883da5dfe7866f553bfab7a7032b3491e78ad541
c81cab8c63d469329c0e0724770c6c8622f0d5d1fb8b6f919b6d7dddfadba190
ca157b8a9c98a19c0446a974ea642d13e3b3398f328d312fd474df9f63c45fe9
cb551b3fa2346a645fcec13d4c6898a42275496fdfd545d28fa1e83a685fb42a
cb901f560eb27ac4ea6ce970e0ed0587b362ed0851ea6f4c9dcd78821a5df4a1
cc8a32173718cdfdb85ba6e476409d03a7c172fa9c58554c361ee831edd90b18
cdf5d5b6df703dc9f57f4d32390ffc5174c32dacec3be929d445f3e6d311fc15
ce646cb3b58c90ebcb5fd7324cc68beadc741c6df8beb0af556cf2acc45c1606
cf016295997068c6cd58f52c4fca8fdec2806b76e09b12521fcf734e0fcbf5f5
cf09c65d6a68e7f95c1999b73531ca404379b806ff4c824544a38733b8b37440
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0d1394f93a35feb01ce128fa2cb41a90651d0ec0e1869e1ad389bbf33b269d1
d0f488f1761405c4d104ab6afb960dd43df877df95c3d3efc1d14a42376645ca
d22c2b457592d1f744afe93fdca6657e1985e47f0fade89674ae45ebce1d6428
d2fbfba2b3618733653ea262352c207efd354f91023ad95c74a30f4589296444
d369cf1acd0ca34c0c2a45de2e9df345ab2985d0728a3f5e32b2d2b577e3d264
d42f2a4626278cde03f62338049105ddbfb9f20e1e847f546a0019da32bd23d8
d45b8e4441375944d553843e8bbaac21681b744bfc96562bc511e44fb5ed719d
d47f317138ec8083450b63c742957db8398eb19bae70913819b81dda472b6283
d4ac965ec96d56dee74eeb95377d97489132414d591515b7e6f651206937ed05
d59ef55d1b5ea2c46193eb73b6c721904b65e1ffab230bdb59337bd63af796a1
d8da4a7a52c8bb87985bde289bca921e387a0f997503c061bf7dbc5d1442528c
dae6f542fa2ee873b80e056bcd4c807f9d0a4fb86da790e74debb09c8a04cb93
dc37d5357099d1475d55c28ddcdc1c218ca37890be4a4b33e8e9413114c5ae0f
dc4ec47e3bf9d17f97c94a5b114f2fbd8be8ddded6c9983b7fab6a031e0253eb
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd74fbff2dca7f0d343d6bbb43f8fc486b1f3807007ebd06e6afa4ee9c269f6c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df95c359e3559c219087fcb7d390b577cbd6577c0338d18644bd275149c62a86
e23aa41677b6c7479e9f2a46fb0e8a85c5ece6c088bb9fa8938fe970fc8493ab
e3577de2161ac3f30e025598bbc80e2cac55772070b29a7f1dfc76d4fd3d9a8c
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42136a4c33528bfc922c675163cdf1f948d41fda5bfcb0e8285c586cae953a3
e4e144d0f7e3340b6b86f7a78d2ff3e271e62ef5367ebf3d62e364a2e1d8a095
e5bab9427ec1d36c811e3ca40b2a1014b330dea0fc48b787041c572e1fdc4f28
e8fc7f1624adcfdcb70b286ee9e5c09fb3befa7258352d75f9544b55d89b8c37
ea896e2d9d40ccdd7043192c7b1516e369a47df43f1863e3044f4e9aa73a6f31
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec9114246d6354284832e8623b156ead037da4840b78134aaff6a2673e620b96
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
eecb1a57167d4db160e84da0069d9a331081e455594f0092cff3467999da76b2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0968e72ba174df05d85d839030aff0adb94bbb544df41272934c273ba5125a6
f44091e689c0a3cc077f563375c572805cc30eb6bbf234022ec490488696010a
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6f03a64d2299bbf4be1195f7983ca706493e9aa99d83a54e8ed230fadd8eb1c
f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9
f9f663030b784a45334e1ced6045b101848c874715db789c8b29c5ae56c94099
fce0fd9c5dfa7f1a4413b1fd6964f5bae6ce9261812d8d96643663f05ee9f4c4
ff21ef4e2519fcd6224a99c016edccf2f4b4815a33b8b1a71fc36c07839d7997
ffef94afd2111c59ec7e2a97dfadb30cd36bd9c975ff591ecd25aa4c9281229f