Submitted URL: http://torontosun.com/
Effective URL: https://torontosun.com/
Submission: On December 26 via manual from IN — Scanned from DE

Summary

This website contacted 116 IPs in 8 countries across 76 domains to perform 484 HTTP transactions. The main IP is 34.111.249.109, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is torontosun.com. The Cisco Umbrella rank of the primary domain is 389490.
TLS certificate: Issued by GTS CA 1D4 on October 30th 2023. Valid for: 3 months.
This is the only time torontosun.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 34.111.249.109 396982 (GOOGLE-CL...)
53 34.149.157.221 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
3 13.32.22.213 16509 (AMAZON-02)
2 23.201.255.110 16625 (AKAMAI-AS)
1 13.32.27.50 16509 (AMAZON-02)
30 34.117.54.29 396982 (GOOGLE-CL...)
1 18.239.83.116 16509 (AMAZON-02)
1 2606:4700:303... 13335 (CLOUDFLAR...)
6 2606:4700:20:... 13335 (CLOUDFLAR...)
16 22 2600:9000:238... 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
5 13.107.6.158 8068 (MICROSOFT...)
23 2a04:4e42::626 54113 (FASTLY)
1 5 18.245.60.53 16509 (AMAZON-02)
29 151.101.129.44 54113 (FASTLY)
4 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 99.86.4.128 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 184.30.211.26 16625 (AKAMAI-AS)
1 4 2a02:2638:3::c 44788 (ASN-CRITE...)
1 35.241.9.51 396982 (GOOGLE-CL...)
1 6 37.252.173.215 29990 (ASN-APPNEX)
12 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700:e6:... 13335 (CLOUDFLAR...)
4 52.209.40.41 16509 (AMAZON-02)
1 18.66.138.185 16509 (AMAZON-02)
1 104.18.35.167 13335 (CLOUDFLAR...)
9 34.107.254.252 396982 (GOOGLE-CL...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
36 35.157.246.167 16509 (AMAZON-02)
2 2602:803:c003... 26667 (RUBICONPR...)
1 34.120.63.153 396982 (GOOGLE-CL...)
2 185.64.189.112 62713 (AS-PUBMATIC)
17 35.157.104.62 16509 (AMAZON-02)
1 54.228.167.94 16509 (AMAZON-02)
2 5 172.64.151.101 13335 (CLOUDFLAR...)
1 2a02:2638:3::7 44788 (ASN-CRITE...)
1 35.186.253.211 15169 (GOOGLE)
2 99.83.154.140 16509 (AMAZON-02)
2 35.244.193.51 15169 (GOOGLE)
1 2600:9000:25e... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
4 151.101.193.44 54113 (FASTLY)
7 141.226.228.48 200478 (TABOOLA-AS)
1 152.199.22.243 15133 (EDGECAST)
2 2a00:1450:400... 15169 (GOOGLE)
2 52.7.169.247 14618 (AMAZON-AES)
1 18.164.68.88 16509 (AMAZON-02)
2 2a04:4e42:400... 54113 (FASTLY)
3 2600:9000:20a... 16509 (AMAZON-02)
1 69.173.144.137 26667 (RUBICONPR...)
3 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 35.71.131.137 16509 (AMAZON-02)
4 2a05:d018:d29... 16509 (AMAZON-02)
3 3.75.62.37 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 2600:9000:244... 16509 (AMAZON-02)
4 18.185.12.185 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
5 9 2607:ae80:192... 26558 (FREEWHEEL)
2 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
5 2600:9000:20a... 16509 (AMAZON-02)
9 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42::645 54113 (FASTLY)
6 23.211.9.109 16625 (AKAMAI-AS)
2 2600:9000:244... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 2600:1f18:44f... 14618 (AMAZON-AES)
4 2a02:26f0:710... 20940 (AKAMAI-ASN1)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 69.173.144.138 26667 (RUBICONPR...)
4 2a04:4e42:400... 54113 (FASTLY)
2 2606:4700:440... 13335 (CLOUDFLAR...)
2 2a02:2638:3::3 44788 (ASN-CRITE...)
3 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 65.9.86.53 16509 (AMAZON-02)
1 54.230.107.62 16509 (AMAZON-02)
2 3 172.217.16.194 15169 (GOOGLE)
2 52.46.128.147 16509 (AMAZON-02)
3 184.30.16.195 16625 (AKAMAI-AS)
1 77.245.57.72 36057 (WEBAIR-IN...)
4 104.18.38.76 13335 (CLOUDFLAR...)
5 2001:4860:480... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a04:4e42:200... 54113 (FASTLY)
2 198.47.127.19 3257 (GTT-BACKB...)
1 13.227.219.42 16509 (AMAZON-02)
1 143.204.98.87 16509 (AMAZON-02)
1 54.155.18.159 16509 (AMAZON-02)
2 2600:9000:211... 16509 (AMAZON-02)
3 162.19.56.86 16276 (OVH)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 141.226.230.50 200478 (TABOOLA-AS)
1 2a03:2880:f17... 32934 (FACEBOOK)
9 104.18.36.155 13335 (CLOUDFLAR...)
4 4 35.169.223.36 14618 (AMAZON-AES)
2 2 13.32.27.99 16509 (AMAZON-02)
2 2 193.0.160.131 54312 (ROCKETFUEL)
1 35.244.174.68 15169 (GOOGLE)
1 1 2620:116:800d... 16509 (AMAZON-02)
1 2a05:d018:cc3... 16509 (AMAZON-02)
1 1 35.208.249.213 15169 (GOOGLE)
1 52.202.25.219 14618 (AMAZON-AES)
3 167.235.124.60 24940 (HETZNER-AS)
8 2600:1f13:800... 16509 (AMAZON-02)
1 57.128.96.95 16276 (OVH)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 184.30.20.22 16625 (AKAMAI-AS)
1 34.98.64.218 396982 (GOOGLE-CL...)
1 151.101.1.108 54113 (FASTLY)
2 52.28.155.127 16509 (AMAZON-02)
1 1 46.228.164.13 56396 (AMOBEE)
1 1 18.134.84.26 16509 (AMAZON-02)
2 2 52.209.227.166 16509 (AMAZON-02)
1 1 46.228.164.11 56396 (AMOBEE)
1 1 35.204.74.118 396982 (GOOGLE-CL...)
484 116
Apex Domain
Subdomains
Transfer
83 postmedia.digital
smartcdn.gprod.postmedia.digital — Cisco Umbrella Rank: 83868
dcs-static.gprod.postmedia.digital — Cisco Umbrella Rank: 104504
fem.gprod.postmedia.digital — Cisco Umbrella Rank: 124762
1 MB
43 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 1931
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
ups.analytics.yahoo.com — Cisco Umbrella Rank: 307
4 KB
41 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1020
trc.taboola.com — Cisco Umbrella Rank: 648
vidstat.taboola.com — Cisco Umbrella Rank: 3027
am-trc-events.taboola.com — Cisco Umbrella Rank: 15316
images.taboola.com — Cisco Umbrella Rank: 1870
imprammp.taboola.com — Cisco Umbrella Rank: 15008
am-match.taboola.com — Cisco Umbrella Rank: 15404
am-vid-events.taboola.com — Cisco Umbrella Rank: 14680
vidstatb.taboola.com — Cisco Umbrella Rank: 5135
pips.taboola.com — Cisco Umbrella Rank: 1659
cds.taboola.com — Cisco Umbrella Rank: 1860
911 KB
23 jwplayer.com
cdn.jwplayer.com — Cisco Umbrella Rank: 2808
entitlements.jwplayer.com — Cisco Umbrella Rank: 3715
90 KB
19 jwpsrv.com
assets-jpcust.jwpsrv.com — Cisco Umbrella Rank: 3965
videos-cloudfront-usp.jwpsrv.com — Cisco Umbrella Rank: 5669
662 KB
17 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1054
3 KB
16 rubiconproject.com
micro.rubiconproject.com — Cisco Umbrella Rank: 3461
ads.rubiconproject.com — Cisco Umbrella Rank: 2324
fastlane.rubiconproject.com — Cisco Umbrella Rank: 537
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 788
eus.rubiconproject.com — Cisco Umbrella Rank: 588
token.rubiconproject.com — Cisco Umbrella Rank: 461
prebid-a.rubiconproject.com — Cisco Umbrella Rank: 3385
233 KB
15 adsafeprotected.com
cdn.adsafeprotected.com — Cisco Umbrella Rank: 3936
pixel.adsafeprotected.com — Cisco Umbrella Rank: 718
static.adsafeprotected.com — Cisco Umbrella Rank: 602
dt.adsafeprotected.com — Cisco Umbrella Rank: 567
114 KB
14 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 484
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 480
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578
10 KB
12 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
649c6ddf19c652098f9be9c57d14c43c.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
93 KB
12 qortex.ai
events.qortex.ai — Cisco Umbrella Rank: 18269
demand.qortex.ai — Cisco Umbrella Rank: 30012
6 KB
11 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 526
cdn.stickyadstv.com — Cisco Umbrella Rank: 6060
135 KB
11 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
203 KB
10 permutive.com
api.permutive.com — Cisco Umbrella Rank: 2205
cdn.permutive.com — Cisco Umbrella Rank: 2932
54 KB
9 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
707 KB
9 jwpcdn.com
ssl.p.jwpcdn.com — Cisco Umbrella Rank: 2994
449 KB
8 mparticle.com
jssdkcdns.mparticle.com — Cisco Umbrella Rank: 6243
identity.mparticle.com — Cisco Umbrella Rank: 2987
jssdks.mparticle.com — Cisco Umbrella Rank: 5600
100 KB
7 cxense.com
cdn.cxense.com — Cisco Umbrella Rank: 5183
p1cluster.cxense.com — Cisco Umbrella Rank: 9278
comcluster.cxense.com — Cisco Umbrella Rank: 4661
id.cxense.com — Cisco Umbrella Rank: 10741
82 KB
7 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 504
ads.pubmatic.com — Cisco Umbrella Rank: 544
image6.pubmatic.com — Cisco Umbrella Rank: 793
76 KB
7 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
acdn.adnxs.com — Cisco Umbrella Rank: 610
secure.adnxs.com — Cisco Umbrella Rank: 478
22 KB
7 gstatic.com
fonts.gstatic.com
www.gstatic.com
90 KB
7 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 306
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 614
aax.amazon-adsystem.com — Cisco Umbrella Rank: 410
s.amazon-adsystem.com — Cisco Umbrella Rank: 285
76 KB
6 google.com
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 2693
2 KB
6 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
889 B
6 catapultx.com
tags.catapultx.com — Cisco Umbrella Rank: 43171
193 KB
5 viafoura.net
cdn.viafoura.net — Cisco Umbrella Rank: 13686
214 KB
5 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 424
bidder.criteo.com — Cisco Umbrella Rank: 776
mug.criteo.com — Cisco Umbrella Rank: 2811
8 KB
5 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 172
6 KB
5 microsoft.com
edge-auth.microsoft.com — Cisco Umbrella Rank: 79297
307 KB
4 liadm.com
i.liadm.com — Cisco Umbrella Rank: 517
2 KB
4 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 644
cdn.indexww.com — Cisco Umbrella Rank: 1640
3 KB
4 mrf.io
sdk.mrf.io — Cisco Umbrella Rank: 9391
experiences.mrf.io — Cisco Umbrella Rank: 10349
compassdata.mrf.io — Cisco Umbrella Rank: 46456
59 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2189
21 KB
4 viafoura.co
api.viafoura.co — Cisco Umbrella Rank: 13913
i.viafoura.co — Cisco Umbrella Rank: 13734
4 KB
4 loginradius.com
postmedia.hub.loginradius.com — Cisco Umbrella Rank: 125626
1 KB
4 jwpltx.com
placement-prd.jwpltx.com
prd.jwpltx.com — Cisco Umbrella Rank: 3121
807 B
4 lrcontent.com
auth.lrcontent.com — Cisco Umbrella Rank: 61690
config.lrcontent.com — Cisco Umbrella Rank: 24348
100 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
storage.googleapis.com — Cisco Umbrella Rank: 287
imasdk.googleapis.com — Cisco Umbrella Rank: 487
537 KB
3 newsroom.bi
events.newsroom.bi — Cisco Umbrella Rank: 7439
850 B
3 google.de
www.google.de — Cisco Umbrella Rank: 6765
622 B
3 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 4856
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 6028
signal-beacon.s-onetag.com — Cisco Umbrella Rank: 6234
19 KB
3 tinypass.com
experience.tinypass.com — Cisco Umbrella Rank: 8812
cdn.tinypass.com — Cisco Umbrella Rank: 6343
buy.tinypass.com — Cisco Umbrella Rank: 6802
117 KB
3 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1352
lexicon.33across.com — Cisco Umbrella Rank: 1596
5 KB
3 torontosun.com
torontosun.com — Cisco Umbrella Rank: 389490
84 KB
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 563
1 KB
2 turn.com
d.turn.com — Cisco Umbrella Rank: 1349
ad.turn.com — Cisco Umbrella Rank: 773
841 B
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 825
2 KB
2 rezync.com
live.rezync.com — Cisco Umbrella Rank: 1785
1 KB
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 3052
p1.parsely.com — Cisco Umbrella Rank: 2300
22 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 168
91 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 631
61 KB
2 ribn.com
assets.ribn.com — Cisco Umbrella Rank: 119895
8 KB
2 sailthru.cloud
overlay-track.sailthru.cloud — Cisco Umbrella Rank: 46256
422 B
2 sail-personalize.com
api.sail-personalize.com — Cisco Umbrella Rank: 3421
2 KB
2 openx.net
rtb.openx.net — Cisco Umbrella Rank: 695
postmedia-d.openx.net — Cisco Umbrella Rank: 175076
546 B
2 media.net
prebid.media.net — Cisco Umbrella Rank: 1498
contextual.media.net — Cisco Umbrella Rank: 665
9 KB
2 fouanalytics.com
api.fouanalytics.com — Cisco Umbrella Rank: 10995
792 B
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313
3 KB
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 780
626 B
1 fwmrm.net
1f2e7.v.fwmrm.net — Cisco Umbrella Rank: 3915
595 B
1 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 902
373 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1380
181 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 749
506 B
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 408
98 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
185 B
1 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1750
134 B
1 piano.io
c2.piano.io — Cisco Umbrella Rank: 5667
2 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
65 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
17 KB
1 sailthru.com
media.sailthru.com — Cisco Umbrella Rank: 12224
58 KB
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 650
277 B
1 prmutv.co
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co — Cisco Umbrella Rank: 168411
383 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1042
17 KB
1 permutive.app
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app — Cisco Umbrella Rank: 137075
112 KB
1 npttech.com
www.npttech.com — Cisco Umbrella Rank: 7773
3 KB
1 sail-horizon.com
ak.sail-horizon.com — Cisco Umbrella Rank: 3527
33 KB
484 76
Domain Requested by
53 smartcdn.gprod.postmedia.digital torontosun.com
36 c2shb.pubgw.yahoo.com micro.rubiconproject.com
26 dcs-static.gprod.postmedia.digital torontosun.com
dcs-static.gprod.postmedia.digital
22 cdn.jwplayer.com 16 redirects torontosun.com
cdn.jwplayer.com
dcs-static.gprod.postmedia.digital
ssl.p.jwpcdn.com
17 btlr.sharethrough.com micro.rubiconproject.com
16 assets-jpcust.jwpsrv.com
14 images.taboola.com
11 events.qortex.ai tags.catapultx.com
9 www.googletagmanager.com fem.gprod.postmedia.digital
www.googletagmanager.com
jssdkcdns.mparticle.com
torontosun.com
www.google-analytics.com
9 ads.stickyadstv.com 5 redirects vidstat.taboola.com
cdn.stickyadstv.com
9 api.permutive.com 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
9 cdn.taboola.com torontosun.com
cdn.taboola.com
9 ssl.p.jwpcdn.com cdn.jwplayer.com
8 dt.adsafeprotected.com
8 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
6 eus.rubiconproject.com am-match.taboola.com
eus.rubiconproject.com
ssl.p.jwpcdn.com
micro.rubiconproject.com
6 match.adsrvr.org imprammp.taboola.com
am-match.taboola.com
ssum-sec.casalemedia.com
6 pagead2.googlesyndication.com securepubads.g.doubleclick.net
imasdk.googleapis.com
tpc.googlesyndication.com
www.googletagservices.com
6 tags.catapultx.com torontosun.com
tags.catapultx.com
5 cdn.viafoura.net fem.gprod.postmedia.digital
cdn.viafoura.net
5 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
5 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
5 ib.adnxs.com 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
micro.rubiconproject.com
acdn.adnxs.com
5 sb.scorecardresearch.com 1 redirects torontosun.com
fem.gprod.postmedia.digital
5 edge-auth.microsoft.com torontosun.com
edge-auth.microsoft.com
5 securepubads.g.doubleclick.net torontosun.com
securepubads.g.doubleclick.net
www.googletagservices.com
4 i.liadm.com 4 redirects
4 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
4 region1.analytics.google.com www.googletagmanager.com
4 identity.mparticle.com jssdkcdns.mparticle.com
4 cdn.cxense.com cdn.tinypass.com
cdn.cxense.com
4 postmedia.hub.loginradius.com fem.gprod.postmedia.digital
auth.lrcontent.com
4 pr-bh.ybp.yahoo.com imprammp.taboola.com
am-match.taboola.com
ssum-sec.casalemedia.com
4 pixel.adsafeprotected.com cdn.adsafeprotected.com
torontosun.com
4 fonts.gstatic.com fonts.googleapis.com
4 fem.gprod.postmedia.digital torontosun.com
fem.gprod.postmedia.digital
3 events.newsroom.bi sdk.mrf.io
3 jssdks.mparticle.com jssdkcdns.mparticle.com
3 www.google.de
3 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
3 ads.pubmatic.com tags.catapultx.com
ssl.p.jwpcdn.com
micro.rubiconproject.com
3 cm.g.doubleclick.net 2 redirects
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 token.rubiconproject.com eus.rubiconproject.com
3 api.viafoura.co cdn.viafoura.net
3 videos-cloudfront-usp.jwpsrv.com ssl.p.jwpcdn.com
3 ups.analytics.yahoo.com imprammp.taboola.com
am-match.taboola.com
ssum-sec.casalemedia.com
3 www.gstatic.com cdn.jwplayer.com
www.gstatic.com
3 prd.jwpltx.com
3 am-trc-events.taboola.com cdn.taboola.com
3 gum.criteo.com 1 redirects cdn.taboola.com
static.criteo.net
3 c.amazon-adsystem.com torontosun.com
c.amazon-adsystem.com
3 torontosun.com 1 redirects dcs-static.gprod.postmedia.digital
2 match.prod.bidr.io 2 redirects
2 prebid-a.rubiconproject.com micro.rubiconproject.com
2 config.lrcontent.com auth.lrcontent.com
2 cdn.indexww.com ssum-sec.casalemedia.com
2 p.rfihub.com 2 redirects
2 live.rezync.com 2 redirects
2 static.adsafeprotected.com pixel.adsafeprotected.com
torontosun.com
2 image6.pubmatic.com ads.pubmatic.com
2 js-sec.indexww.com ssl.p.jwpcdn.com
micro.rubiconproject.com
2 s.amazon-adsystem.com ssum-sec.casalemedia.com
2 connect.facebook.net torontosun.com
connect.facebook.net
2 sdk.mrf.io torontosun.com
sdk.mrf.io
2 static.criteo.net micro.rubiconproject.com
static.criteo.net
2 assets.ribn.com www.googletagmanager.com
torontosun.com
2 cdn.stickyadstv.com vidstat.taboola.com
cdn.stickyadstv.com
2 www.google.com tpc.googlesyndication.com
2 am-vid-events.taboola.com vidstat.taboola.com
2 am-match.taboola.com vidstat.taboola.com
2 overlay-track.sailthru.cloud ak.sail-horizon.com
2 imasdk.googleapis.com cdn.jwplayer.com
imasdk.googleapis.com
2 lexicon.33across.com cdn-ima.33across.com
micro.rubiconproject.com
2 api.sail-personalize.com ak.sail-horizon.com
2 htlb.casalemedia.com micro.rubiconproject.com
ssl.p.jwpcdn.com
2 hbopenbid.pubmatic.com micro.rubiconproject.com
ssl.p.jwpcdn.com
2 fastlane.rubiconproject.com micro.rubiconproject.com
2 api.fouanalytics.com tags.catapultx.com
torontosun.com
2 trc.taboola.com cdn.taboola.com
2 cdn.jsdelivr.net micro.rubiconproject.com
securepubads.g.doubleclick.net
2 auth.lrcontent.com torontosun.com
cdn.viafoura.net
1 um.simpli.fi 1 redirects
1 ad.turn.com 1 redirects
1 1f2e7.v.fwmrm.net 1 redirects
1 secure.adnxs.com 1 redirects
1 d.turn.com 1 redirects
1 acdn.adnxs.com micro.rubiconproject.com
1 postmedia-d.openx.net micro.rubiconproject.com
1 contextual.media.net micro.rubiconproject.com
1 buy.tinypass.com cdn.tinypass.com
1 id.cxense.com cdn.cxense.com
1 comcluster.cxense.com cdn.cxense.com
1 compassdata.mrf.io sdk.mrf.io
1 p1cluster.cxense.com cdn.cxense.com
1 region1.google-analytics.com www.googletagmanager.com
1 i.viafoura.co cdn.viafoura.net
1 trace.mediago.io 1 redirects
1 d.adroll.com ssum-sec.casalemedia.com
1 cms.quantserve.com 1 redirects
1 idsync.rlcdn.com ssum-sec.casalemedia.com
1 www.facebook.com
1 cds.taboola.com cdn.taboola.com
1 experiences.mrf.io sdk.mrf.io
1 p1.parsely.com
1 pips.taboola.com cdn.taboola.com
1 mug.criteo.com
1 signal-beacon.s-onetag.com get.s-onetag.com
1 onetag-geo.s-onetag.com get.s-onetag.com
1 sync.adkernel.com tags.catapultx.com
1 cdn.parsely.com www.googletagmanager.com
1 get.s-onetag.com www.googletagmanager.com
1 c2.piano.io cdn.tinypass.com
1 demand.qortex.ai tags.catapultx.com
1 www.googletagservices.com securepubads.g.doubleclick.net
1 cdn.tinypass.com experience.tinypass.com
1 jssdkcdns.mparticle.com fem.gprod.postmedia.digital
1 experience.tinypass.com fem.gprod.postmedia.digital
1 vidstatb.taboola.com
1 s0.2mdn.net imasdk.googleapis.com
1 649c6ddf19c652098f9be9c57d14c43c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 imprammp.taboola.com vidstat.taboola.com
1 prebid-server.rubiconproject.com ssl.p.jwpcdn.com
1 media.sailthru.com
1 entitlements.jwplayer.com cdn.jwplayer.com
1 storage.googleapis.com dcs-static.gprod.postmedia.digital
1 placement-prd.jwpltx.com
1 rtb.openx.net micro.rubiconproject.com
1 bidder.criteo.com micro.rubiconproject.com
1 ap.lijit.com micro.rubiconproject.com
1 prebid.media.net micro.rubiconproject.com
1 cdn.permutive.com 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
1 secure.cdn.fastclick.net torontosun.com
1 ads.rubiconproject.com micro.rubiconproject.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app fem.gprod.postmedia.digital
1 www.npttech.com torontosun.com
1 ak.sail-horizon.com torontosun.com
1 cdn.adsafeprotected.com torontosun.com
1 micro.rubiconproject.com torontosun.com
1 fonts.googleapis.com torontosun.com
484 144
Subject Issuer Validity Valid
torontosun.com
GTS CA 1D4
2023-10-30 -
2024-01-28
3 months crt.sh
gprod.postmedia.digital
GTS CA 1D4
2023-11-03 -
2024-02-01
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01
2023-02-28 -
2024-02-17
a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-03-07 -
2024-04-03
a year crt.sh
*.adsafeprotected.com
Amazon RSA 2048 M01
2023-05-22 -
2024-06-19
a year crt.sh
ak.sail-horizon.com
Amazon RSA 2048 M02
2023-12-04 -
2024-12-30
a year crt.sh
npttech.com
GTS CA 1P5
2023-10-30 -
2024-01-28
3 months crt.sh
catapultx.com
GTS CA 1P5
2023-12-14 -
2024-03-13
3 months crt.sh
jwplayer.com
Amazon RSA 2048 M02
2023-10-27 -
2024-11-23
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-04-29 -
2024-04-28
a year crt.sh
edge-auth.microsoft.com
Microsoft Azure RSA TLS Issuing CA 04
2023-11-28 -
2024-11-22
a year crt.sh
*.jwplayer.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3
2023-08-30 -
2024-09-30
a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-23 -
2024-11-22
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
permutive.app
Cloudflare Inc ECC CA-3
2023-11-06 -
2024-02-04
3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02
2023-02-20 -
2024-03-20
a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1
2023-10-03 -
2024-10-03
a year crt.sh
*.scorecardresearch.com
Sectigo RSA Organization Validation Secure Server CA
2023-12-11 -
2024-12-10
a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-12-01 -
2024-03-01
3 months crt.sh
*.prmutv.co
R3
2023-11-29 -
2024-02-27
3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2023-02-13 -
2024-03-15
a year crt.sh
qortex.ai
GTS CA 1P5
2023-12-20 -
2024-03-19
3 months crt.sh
fouanalytics.com
E1
2023-11-07 -
2024-02-05
3 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02
2023-03-29 -
2024-04-27
a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01
2023-03-16 -
2024-03-08
a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA
2023-09-06 -
2024-09-30
a year crt.sh
api.permutive.com
R3
2023-12-15 -
2024-03-14
3 months crt.sh
permutive.com
Cloudflare Inc ECC CA-3
2023-12-26 -
2024-12-25
a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2023-10-17 -
2024-04-10
6 months crt.sh
prebid.media.net
GTS CA 1D4
2023-12-24 -
2024-03-23
3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2023-04-20 -
2024-05-20
a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01
2023-06-14 -
2024-07-12
a year crt.sh
*.lijit.com
Amazon RSA 2048 M02
2023-11-21 -
2024-12-19
a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3
2023-05-21 -
2024-05-20
a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1
2023-08-18 -
2024-08-18
a year crt.sh
api.sail-personalize.com
Amazon RSA 2048 M01
2023-04-25 -
2024-05-23
a year crt.sh
lexicon.33across.com
GTS CA 1D4
2023-11-27 -
2024-02-25
3 months crt.sh
jwpltx.com
Amazon RSA 2048 M03
2023-10-12 -
2024-11-09
a year crt.sh
storage.googleapis.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
entitlements.jwplayer.com
GeoTrust TLS RSA CA G1
2023-04-11 -
2024-05-11
a year crt.sh
*.sailthru.cloud
Amazon RSA 2048 M01
2023-03-13 -
2024-04-10
a year crt.sh
media.sailthru.com
Amazon RSA 2048 M01
2023-04-05 -
2024-05-03
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2023-04-12 -
2024-05-13
a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2023-08-29 -
2024-02-21
6 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2023-12-26 -
2024-06-19
6 months crt.sh
*.doubleclick.net
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
jwpsrv.com
Amazon RSA 2048 M02
2023-03-20 -
2024-04-16
a year crt.sh
*.loginradius.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-12 -
2024-11-11
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.ads.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-04-19 -
2024-05-19
a year crt.sh
www.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
viafoura.com
Amazon RSA 2048 M02
2023-08-08 -
2024-09-06
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
jssdkcdns.mparticle.com
Go Daddy Secure Certificate Authority - G2
2023-05-02 -
2024-06-02
a year crt.sh
*.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1
2023-01-09 -
2024-02-09
a year crt.sh
*.cxense.com
DigiCert TLS RSA SHA256 2020 CA1
2023-04-14 -
2024-04-13
a year crt.sh
piano.io
Cloudflare Inc ECC CA-3
2023-03-27 -
2024-03-26
a year crt.sh
identity.mparticle.com
Go Daddy Secure Certificate Authority - G2
2023-05-08 -
2024-06-08
a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-12-15 -
2024-03-10
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-10-04 -
2024-01-02
3 months crt.sh
*.s-onetag.com
Amazon RSA 2048 M03
2023-11-04 -
2024-12-01
a year crt.sh
*.parsely.com
Amazon RSA 2048 M02
2023-05-06 -
2024-06-03
a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4
2023-01-03 -
2024-02-04
a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3
2023-09-05 -
2024-09-03
a year crt.sh
www.google.de
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
jssdks.mparticle.com
Go Daddy Secure Certificate Authority - G2
2023-09-16 -
2024-10-17
a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02
2023-07-07 -
2024-08-04
a year crt.sh
ssl03.cert.cl13.k8s.mrf.io
R3
2023-11-24 -
2024-02-22
3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01
2023-03-03 -
2024-02-19
a year crt.sh
d.adroll.com
Amazon RSA 2048 M01
2023-10-09 -
2024-11-07
a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M01
2023-05-09 -
2024-06-06
a year crt.sh
ssl02.cert.cl11.k8s.mrf.io
R3
2023-12-21 -
2024-03-20
3 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1
2023-02-10 -
2024-02-18
a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1
2023-03-27 -
2024-04-26
a year crt.sh

This page contains 31 frames:

Primary Page: https://torontosun.com/
Frame ID: CD24DC3B41B94E30F6707BEA0E94550B
Requests: 368 HTTP requests in this frame

Frame: https://fem.gprod.postmedia.digital/v93.0/xd.html
Frame ID: 0E9AA729B9565DCB73A4CBBF2630DD8A
Requests: 2 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8B_MCLAbc-tIUe7hsfRG49aUp9nDZ-ioAAABgYID-AAnOjMPlbjdza1bO4Vo0sq3cCudmsBZOjCPnbuWbzCaLISDBmXG43O1mbs3KOVyLRraVW-HcDNbCiXHk3K18k9lkMQUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0u0HQ6fK57vehv-dtNf8_rbtf43X45AAAAAHjw____DwEAAAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwPD___-vAQCKAwI67Ha_7WX5BwAAAAAQAAAAACQAEg4ISgDIdB2c-P________-PMUCfeSPj_____4ZBD4AHHwAPQgAAAD6GXHF32SskGTwRKSgswggAAAAA1P9B25FJOkHFosr__3-_FYArAAABjKXOYrZZdAcl3sIAAAAAjFmgh8XvNzvsGr_bZf7_________zfyf-UcjFPXIlSaIg7lZzS8gAMCaX0AAADbjBgDgjQCcoEPQisFgdQJidgAAAADu_P___-sBydVwN5jYjCuTwzOxzFzGmW83Mkw8FottMTKtZt4Do7a6JS0ajtZHRFhmv-8g5LtdhofPZRAVXW-L3eE0ew7ig4ZhORkE8zNhi9FqMtksh7PlYjIYjoaj0f4MxGQwQBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCKZsi81yNty4NcvNwi0abHxrhW1kc6tsNpdvZPE4JzOHW_T6mD7G0WY5mnmRYADKXiRPi3QisXlmDtfIZTNsZsvFYGUzbDaricU0821MM-NoMRFLNCeLdCK77Jur4W4wsRlXJodnYpm5jDPfbmSYeCwW22JkWs38Ldtis5wNN27NcrNwiwYb31phG9ncKpvN5RtZPM7JzOEWvT6mj3G0WY5m_sZusFkNh8PFat_YDTar4XC4WO07TKZn6nM2Wk-S1UcotFgP35bNaVC4DBbvT2JaTLuzg2jaOzp93rKyoDP6_X6_3-_3-_1-v0HrOZgNCt8wW6tKFz_ZaictPA4GRSwRXKQTwd9zertMTodb9Lf87aa_53W3iCVK00U60Rf9bpfh4XP5K2KJ4HSRToR-t8ui_iMGHMwlq9VcN1cMlqsEAAAAAAAAAGAJppluAgAAAOBkUMvFbDJYp4PZDAazxWq5ADCGcXUBgwAAAAAAAOxyEeSV_3f7syjW2GMU8Pec3i6T0-EW_S1_u-nved2tDACjc4fZZp8RxFqtljUAAAABbAAAAAHcdONNwJkU9____z8OAACAjBx6AAAA9PuAqOj0wo9cKfgVxGg2GO4fgAqxVqvV7cZarVZAgtgNNxP4____TxAAAAAAACAHAg!&cmcv=&pix=undefined&cb=1703588816618&uv=3371&tms=1703588816618&abt=adxsub-out_vA!adxsub-out_vB!dfrc_vB!t45!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=8f88977f-3e98-4d6e-a930-8b8d97e72621&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 63DC42FB76D852090C1954F938351168
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8B_MCLAbc-tIUe7hsfRG49aUp9nDZ-ioAAABgYID-AAnOjMPlbjdza1bO4Vo0sq3cCudmsBZOjCPnbuWbzCaLISDBmXG43O1mbs3KOVyLRraVW-HcDNbCiXHk3K18k9lkMQUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0u0HQ6fK57vehv-dtNf8_rbtf43X45AAAAAHjw____DwEAAAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwPD___-vAQCKAwI67Ha_7WX5BwAAAAAQAAAAACQAEg4ISgDIdB2c-P________-PMUCfeSPj_____4ZBD4AHHwAPQgAAAD6GXHF32SskGTwRKSgswggAAAAA1P9B25FJOkHFosr__3-_FYArAAABjKXOYrZZdAcl3sIAAAAAjFmgh8XvNzvsGr_bZf7_________zfyf-UcjFPXIlSaIg7lZzS8gAMCaX0AAADbjBgDgjQCcoEPQisFgdQJidgAAAADu_P___-sBydVwN5jYjCuTwzOxzFzGmW83Mkw8FottMTKtZt4Do7a6JS0ajtZHRFhmv-8g5LtdhofPZRAVXW-L3eE0ew7ig4ZhORkE8zNhi9FqMtksh7PlYjIYjoaj0f4MxGQwQBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCKZsi81yNty4NcvNwi0abHxrhW1kc6tsNpdvZPE4JzOHW_T6mD7G0WY5mnmRYADKXiRPi3QisXlmDtfIZTNsZsvFYGUzbDaricU0821MM-NoMRFLNCeLdCK77Jur4W4wsRlXJodnYpm5jDPfbmSYeCwW22JkWs38Ldtis5wNN27NcrNwiwYb31phG9ncKpvN5RtZPM7JzOEWvT6mj3G0WY5m_sZusFkNh8PFat_YDTar4XC4WO07TKZn6nM2Wk-S1UcotFgP35bNaVC4DBbvT2JaTLuzg2jaOzp93rKyoDP6_X6_3-_3-_1-v0HrOZgNCt8wW6tKFz_ZaictPA4GRSwRXKQTwd9zertMTodb9Lf87aa_53W3iCVK00U60Rf9bpfh4XP5K2KJ4HSRToR-t8ui_iMGHMwlq9VcN1cMlqsEAAAAAAAAAGAJppluAgAAAOBkUMvFbDJYp4PZDAazxWq5ADCGcXUBgwAAAAAAAOxyEeSV_3f7syjW2GMU8Pec3i6T0-EW_S1_u-nved2tDACjc4fZZp8RxFqtljUAAAABbAAAAAHcdONNwJkU9____z8OAACAjBx6AAAA9PuAqOj0wo9cKfgVxGg2GO4fgAqxVqvV7cZarVZAgtgNNxP4____TxAAAAAAACAHAg!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 8B69FDFE24CBD83823E7D57423330B73
Requests: 3 HTTP requests in this frame

Frame: https://649c6ddf19c652098f9be9c57d14c43c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2F75609E317126FC9F5F33C3AE2EEF80
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.609.1_en_ca.html
Frame ID: 28A896A3FD9CCAEE840F8D8267C323A6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 51618844E30B261AE97B71EDA6BEF599
Requests: 1 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8B_MCLAbc-tIUe7hsfRG49aUp9nDZ-ioAAABgYID-AAnOjMPlbjdza1bO4Vo0sq3cCudmsBZOjCPnbuWbzCaLISDBmXG43O1mbs3KOVyLRraVW-HcDNbCiXHk3K18k9lkMQUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0u0HQ6fK57vehv-dtNf8_rbtf43X45AAAAAHjw____DwEAAAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwPD___-vAQCKAwI67Ha_7WX5BwAAAAAQAAAAACQAEg4ISgDIdB2c-P________-PMUCfeSPj_____4ZBD4AHHwAPQgAAAD6GXHF32SskGTwRKSgswggAAAAA1P9B25FJOkHFosr__3-_FYArAAABjKXOYrZZdAcl3sIAAAAAjFmgh8XvNzvsGr_bZf7_________zfyf-UcjFPXIlSaIg7lZzS8gAMCaX0AAADbjBgDgjQCcoEPQisFgdQJidgAAAADu_P___-sBydVwN5jYjCuTwzOxzFzGmW83Mkw8FottMTKtZt4Do7a6JS0ajtZHRFhmv-8g5LtdhofPZRAVXW-L3eE0ew7ig4ZhORkE8zNhi9FqMtksh7PlYjIYjoaj0f4MxGQwQBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCKZsi81yNty4NcvNwi0abHxrhW1kc6tsNpdvZPE4JzOHW_T6mD7G0WY5mnmRYADKXiRPi3QisXlmDtfIZTNsZsvFYGUzbDaricU0821MM-NoMRFLNCeLdCK77Jur4W4wsRlXJodnYpm5jDPfbmSYeCwW22JkWs38Ldtis5wNN27NcrNwiwYb31phG9ncKpvN5RtZPM7JzOEWvT6mj3G0WY5m_sZusFkNh8PFat_YDTar4XC4WO07TKZn6nM2Wk-S1UcotFgP35bNaVC4DBbvT2JaTLuzg2jaOzp93rKyoDP6_X6_3-_3-_1-v0HrOZgNCt8wW6tKFz_ZaictPA4GRSwRXKQTwd9zertMTodb9Lf87aa_53W3iCVK00U60Rf9bpfh4XP5K2KJ4HSRToR-t8ui_iMGHMwlq9VcN1cMlqsEAAAAAAAAAGAJppluAgAAAOBkUMvFbDJYp4PZDAazxWq5ADCGcXUBgwAAAAAAAOxyEeSV_3f7syjW2GMU8Pec3i6T0-EW_S1_u-nved2tDACjc4fZZp8RxFqtljUAAAABbAAAAAHcdONNwJkU9____z8OAACAjBx6AAAA9PuAqOj0wo9cKfgVxGg2GO4fgAqxVqvV7cZarVZAgtgNNxP4____TxAAAAAAACAHAg!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 9B7467AA2619488FB7D78BEFE668B5A8
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DA001E5D60C68E156004BDA354D21D98
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C28EC80F1B94EBC8FB9397ED6C07459A
Requests: 2 HTTP requests in this frame

Frame: https://edge-auth.microsoft.com/v0.5/signinprompt?uuid=00e95c4a-9fc2-4ce3-a8fb-dd3496dd584c&send_session_started=true&client_id=a2f5b229-db73-4076-8a05-f85b0fd8a6e8&locale=en-US&context=signin
Frame ID: BEB77752A9B734D03F32487FC023AF8A
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: AD0A4FD36BF9153A977716CBBB5E15AA
Requests: 3 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 2FEFCD1FECEAF206DCA9F87FF968EB77
Requests: 4 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=928934&campId=728x90&pubId=4811995650&chanId=165440461&placementId=6320689129&pubCreative=138435367041&pubOrder=3214528277&cb=228111808&custom=index&custom2=1&adsafe_par&impId=e19b91b2-a3de-11ee-8b37-02a8f35b7e47
Frame ID: 95E665947234F1F9E677EFD835F9A728
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvpp-K33F1zBWeoqms3jJiXqcoX9nrpE-Gb4AJWpEIrl8rfCZCv_3RKZ5ZXoR2HoabNfr3uKF62QD-wYzxjdyFD2hfMulZXoYQ1kRG-JVKYlhmcRmmDi5rUrN7xktTrYYm-z69kbxadAlsiV1rmMse0KAOFv772FWSfI_PDwUoQJg_e8LfkBfxPIsjpl-svTrttXJJ8mNKpK6LT3_XICHyKIVVLLjWiCETya-rP2ePl0uUgpVwU-lQ57uUSkBW6MANNt79PvzGh7S2vtAo_6UppJASnNQWVimV9KpmWKmUHcfVQbepjhpiG5FoY-vJa0pUj6RmK8u3Y8NFIOqotH0df1PFiKpGVzmtjwbCSw2RzNCOUmXTxpKByA3dWosf-&sai=AMfl-YRTSxq8rJ9PUJl7SkFtxDyXJ6Cfznsu2JCAxQlUlCYOaywk74XOAQSLmTRQLb7SdVVB2kLW-J0_nSJjWjti9dQINqPy_sBmZDDxuoH9pPUGjH6PJuiw0I_72Eep9KjNm6zxxHwXyvgrsi_NWyQyUM0&sig=Cg0ArKJSzFY1q2ljy8_AEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 238FE375A317814659B6F4382E5EEBE2
Requests: 7 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=202197&r=https%3A%2F%2Fdemand.qortex.ai%2Fsync%3Fakuid%3Dhttps%3A%2F%2Ftorontosun.com%7C%7BUID%7D
Frame ID: 35D9206B036622A3FF72017D67BAA5B4
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: A0ADDCFCF849AEECCF16791D3907CCF1
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Frame ID: CBA1E684BF414C7F0AD55B8DE16D608F
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 54BBC1FFC409D2DC1F80CE46C5C79DE3
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=torontosun.com
Frame ID: 3DBE03210BCAA189511CEDF7B7A67613
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 44850962901E0FC703CF16C374C81D79
Requests: 10 HTTP requests in this frame

Frame: https://experiences.mrf.io/marfeelpass/statics/dw-check.html?v=5
Frame ID: 2847F675C71EACBD354657F7DB7880F7
Requests: 1 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: 69392F05B059B21EB40419BE2B454F77
Requests: 4 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: FF95D16C29CB61CF2E98157D0F479277
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUKB9454&prvid=2012%2C2034%2C2033%2C2055%2C172%2C2030%2C3020%2C251%2C233%2C2027%2C236%2C237%2C459%2C70%2C97%2C55%2C77%2C2023%2C2022%2C3012%2C262%2C461%2C244%2C201%2C2039%2C246%2C4%2C203%2C326%2C10000%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: DA6DD598BD2EBBA8DB7C2AF0CB4B11C8
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 943E9056CCACA5C9BD2B96570708FD92
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 2DD3B0A23462F270ED2CAEA918AB8731
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Frame ID: 26A3F1E7947F2A48F2FD67C6252556F0
Requests: 2 HTTP requests in this frame

Frame: https://postmedia-d.openx.net/w/1.0/pd
Frame ID: C38F61B12A71C466B97233F7788CB1EB
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 9AD7A8610DB55797FD924C30E9CD20C8
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 940BF9BE6B922AB9B7BFC930CE585307
Requests: 10 HTTP requests in this frame

Screenshot

Page Title

Home | Toronto Sun Home Page | Toronto SunToronto SunUser

Page URL History Show full URLs

  1. http://torontosun.com/ HTTP 308
    https://torontosun.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

484
Requests

93 %
HTTPS

45 %
IPv6

76
Domains

144
Subdomains

116
IPs

8
Countries

7685 kB
Transfer

20969 kB
Size

88
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://torontosun.com/ HTTP 308
    https://torontosun.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30
  • https://sb.scorecardresearch.com/cs/10276888/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Request Chain 201
  • https://cdn.jwplayer.com/v2/media/mnOdOa0o/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/TaOiBxoA-320.jpg
Request Chain 202
  • https://cdn.jwplayer.com/v2/media/cdIpL8VQ/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/uDuhWjUY-320.jpg
Request Chain 203
  • https://cdn.jwplayer.com/v2/media/GR3jpDbx/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/TgsWRjmF-320.jpg
Request Chain 204
  • https://cdn.jwplayer.com/v2/media/c4xuUrdr/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/utxQ1h4V-320.jpg
Request Chain 205
  • https://cdn.jwplayer.com/v2/media/2sNxZ0gT/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/L31MQBYO-320.jpg
Request Chain 206
  • https://cdn.jwplayer.com/v2/media/PDAMnU7d/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/9sev93go-320.jpg
Request Chain 207
  • https://cdn.jwplayer.com/v2/media/v79FIiil/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/Zf1AXq92-320.jpg
Request Chain 208
  • https://cdn.jwplayer.com/v2/media/BVmLIs1u/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/hf5ed4bb-320.jpg
Request Chain 209
  • https://cdn.jwplayer.com/v2/media/HAO41nOF/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/z5MaMTCR-320.jpg
Request Chain 210
  • https://cdn.jwplayer.com/v2/media/cHejodfp/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/tizx8bns-320.jpg
Request Chain 241
  • https://cdn.jwplayer.com/tracks/W1v3pshE.srt HTTP 301
  • https://assets-jpcust.jwpsrv.com/tracks/W1v3pshE.srt
Request Chain 243
  • https://cdn.jwplayer.com/strips/cHejodfp-120.vtt HTTP 301
  • https://assets-jpcust.jwpsrv.com/strips/cHejodfp-120.vtt
Request Chain 247
  • https://cdn.jwplayer.com/v2/media/cHejodfp/poster.jpg?width=720 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/tizx8bns-720.jpg
Request Chain 248
  • https://cdn.jwplayer.com/v2/media/cHejodfp/poster.jpg?width=640 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/tizx8bns-640.jpg
Request Chain 283
  • https://cdn.jwplayer.com/strips/cHejodfp-120.jpg HTTP 301
  • https://assets-jpcust.jwpsrv.com/strips/cHejodfp-120.jpg
Request Chain 299
  • https://cdn.jwplayer.com/v2/media/mnOdOa0o/poster.jpg?width=120 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/TaOiBxoA-120.jpg
Request Chain 361
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=N2M2YjI3Zjc3NDZmZmFlMzQxMzFlYzlhZjVhZjJmNzM=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 362
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=7c6b27f7746ffae34131ec9af5af2f73&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 387
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 393
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=torontosun.com&sn=ChromeSyncframe&so=0&topUrl=torontosun.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=xODTV3xUb2FKdmN3bkZkTkhxUm16bEVKblpYTldIWitreEhIdXhpZThUOHJwSWVaWkEzZXVWdDFDMG1mYXh5WFNtOUtpWDhRMGk3UUtiYXc3TjhZNEJWdnQ5ZlNMdWs0dTBEdWZtMTJ6c0JEbmdPYnluT3RNdzlBR1VoTjFiWitpSmpHSFhHY2Z1MzduRDhQYXRyVzZDVXRxZGdHY2ZodGFTbm5YN1dXRHB2ZGpZSlNhQ0pPekhXcmRkNzZIR1o2VTVPL1ZHNlBINmhWS0I1bUc2azQ5RGM5aVNRdDZFTE1oa25sUnZ5UFRndUV5T3RsR2kxRzBqRVkwNWFSZjF2OUxiT0g0MWhTbWsrQTdEKzBzWEN3dGNnM244RWQyQmpRVTE3RHNxNnFTWGo5ajEwRT18&cppv=2
Request Chain 417
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZYqz0m6zenr-WnMW4Yv4egAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEAv7sBRsep8jsOYe1pNOI0&google_cver=1
Request Chain 418
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZYqz0m6zenr-WnMW4Yv4egAA%262192&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZYqz0m6zenr-WnMW4Yv4egAA%262192&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=8f1b489b12ca4be8b9e34bba424f9e06 HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=8f1b489b-12ca-4be8-b9e3-4bba424f9e06 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=a5dab82f-85dd-4b75-b22a-c9c63ab14b98%3A1703588819.554331&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Da5dab82f-85dd-4b75-b22a-c9c63ab14b98%253A1703588819.554331%26_%3D1703588819.557544&cb=1703588819.5575771 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5141210828919920119&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Da5dab82f-85dd-4b75-b22a-c9c63ab14b98%253A1703588819.554331%26_%3D1703588819.557544 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=a5dab82f-85dd-4b75-b22a-c9c63ab14b98%3A1703588819.554331&_=1703588819.557544
Request Chain 419
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZYqz0m6zenr_WnMW4Yv4egAACJAAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEOfTOiVRV6ATUDClEP1-Xoo&google_cver=1
Request Chain 421
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=6z_Bwr85nZHwb8mR727Ulb89n8HwOMiR5DrcCGat
Request Chain 423
  • https://trace.mediago.io/ju/cs/indexexchange HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=f5ef61ca1b1110322vw9lx00lqm8spn5
Request Chain 469
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZYqz0m6zenr-WnMW4Yv4egAA%262192&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP 302
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=8578811126011980186 HTTP 303
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Request Chain 471
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4195899266418327305
Request Chain 473
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZYqz0m6zenr_WnMW4Yv4egAACJAAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=7c6b27f7746ffae34131ec9af5af2f73&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&34673=ZYqz0m6zenr_WnMW4Yv4egAACJAAAAAB&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=uml1539_7317997515030696558&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://ads.stickyadstv.com/user-registering?userId=AAE6707LFWgAABSCbY5OJg&dataProviderId=817&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0
Request Chain 474
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5141210828919920119
Request Chain 475
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7427677541886537623
Request Chain 476
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=FB17BF74C3C646839D3139755CDF1FFC

484 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
torontosun.com/
Redirect Chain
  • http://torontosun.com/
  • https://torontosun.com/
547 KB
81 KB
Document
General
Full URL
https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.249.109 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
109.249.111.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
7672a0db280b61f83892416822dc4ec77ee91b3da4117875cefcbce7e1c326d3
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=180
content-encoding
gzip
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
content-type
text/html; charset=utf-8
date
Tue, 26 Dec 2023 11:06:54 GMT
expires
Tue, 26 Dec 2023 11:08:26 GMT
last-modified
Tue, 26 Dec 2023 11:03:56 GMT
permissions-policy
autoplay=(*), camera=(*), display-capture=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), microphone=(*), payment=(*)
referrer-policy
strict-origin-when-cross-origin
server
istio-envoy
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-dcs-cache-page
HIT
x-envoy-decorator-operation
pmd-nginx-proxy.nginx-proxy.svc.cluster.local:80/*
x-envoy-upstream-service-time
2
x-frame-options
SAMEORIGIN
x-pmd-backend
pmd-nginx-proxy-85ff6bc9fc-tt5mn
x-pmd-cache
HIT

Redirect headers

Cache-Control
private
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Tue, 26 Dec 2023 11:06:54 GMT
Location
https://torontosun.com:443/
auston-scaled.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/
50 KB
50 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/auston-scaled.jpg?quality=90&strip=all&w=466&type=webp&sig=L1BwVbIb0Mj3SwZc99UXkg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
fec349607d764bfe018bd231f32f372195aba2bd2f88a6eb74ab4b70437ccd3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Tue, 26 Dec 2023 01:40:19 GMT
via
1.1 google
server
nginx/1.18.0
age
33995
etag
"9895a0913d7414a6d5ea42b3f11f480bc8bbc5de"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-vj775
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51354
css
fonts.googleapis.com/
7 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
64bd62679fbefcfd46fb16c93bccda65b4716fdb1714a7d0912f14601dc082e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 26 Dec 2023 11:06:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 26 Dec 2023 11:06:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 26 Dec 2023 11:06:54 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
90 KB
29 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b90d8f242030e61a9d4e6d32982768f442553d9f7c193b2c88bb65fc9351bdd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29230
x-xss-protection
0
server
cafe
etag
298 / 19717 / m202312060101 / config-hash: 17400476758908410755
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 11:06:54 GMT
apstag.js
c.amazon-adsystem.com/aax2/
282 KB
70 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-213.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 10:21:22 GMT
content-encoding
gzip
via
1.1 b04a6cb0bde4a78c29099913e07f9056.cloudfront.net (CloudFront), 1.1 f891d17fa862cc74a05434e03fa58dca.cloudfront.net (CloudFront)
last-modified
Tue, 12 Dec 2023 22:20:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-C2
age
2733
x-amz-server-side-encryption
AES256
etag
W/"d6937d02acbbf691a008906e9d0617e0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
MOuL_3zA1_dzlfjlxI2a52ajXCaiDN2j_bjtFdok7LmDKcEFrelAww==
14648.js
micro.rubiconproject.com/prebid/dynamic/
617 KB
166 KB
Script
General
Full URL
https://micro.rubiconproject.com/prebid/dynamic/14648.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-255-110.deploy.static.akamaitechnologies.com
Software
Apache/2.4.37 (rocky) OpenSSL/1.1.1k /
Resource Hash
ad4a3f8a6ec984242a523a715b85bb4711d363858ea3ff1ca884fcfe3f12852a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:54 GMT
content-encoding
gzip
server
Apache/2.4.37 (rocky) OpenSSL/1.1.1k
vary
accept-encoding, referer
edge-cache-tag
prod-prebid-14648_The_Toronto_Sun.js
content-type
text/javascript;charset=UTF-8
cache-control
public, must-revalidate, max-age=14400
content-length
169436
expires
Tue, 26 Dec 2023 11:51:11 GMT
iasPET.1.js
cdn.adsafeprotected.com/
22 KB
7 KB
Script
General
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-50.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 23 Dec 2023 04:05:28 GMT
Content-Encoding
gzip
Via
1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Jun 2021 17:38:57 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-C2
Age
284487
ETag
W/"51636de3ce868a2172f9e6996c2934e0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=604800
Connection
keep-alive
X-Amz-Cf-Id
1jeFRLRP6IdFF76PPoohv5k-2_QlLClxuhaG9oXkCzuNjsWP5UFMsg==
output.e13822da2ca5.css
dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/
29 KB
3 KB
Stylesheet
General
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/output.e13822da2ca5.css
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e13822da2ca587d1d53b050cb267bbfea098e785e496dfb833bf4ae38555a087

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:56:20 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014123
age
573034
x-guploader-uploadid
ABPtcPriuI_wlCmNCvChEefKB9wtfmNuN4LkvuRoMKLFh8Gwy19YuSyNMukJIrP0tJdcDx-1oZg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2528
last-modified
Tue, 19 Dec 2023 19:46:05 GMT
server
UploadServer
etag
W/"e294df1b7807772797bf8455e49389d1"
vary
Accept-Encoding
x-goog-generation
1703015165240881
x-goog-hash
crc32c=7LFLRw==, md5=4pTfG3gHdyeXv4RV5JOJ0Q==
access-control-allow-origin
*
content-type
text/css
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
29809
accept-ranges
none
output.aae9a9d2b305.css
dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/
89 KB
14 KB
Stylesheet
General
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/output.aae9a9d2b305.css
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
959d0d916d267c94ec1d1bfb179a81166bbb5cb22d6a2e90ea35c4b57941cb8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 20:00:28 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014123
age
572786
x-guploader-uploadid
ABPtcPoR7ERkXrPHw_ujYzVmTebOLga-o-gKYnmjrAt0jG0YUJ3_CknGyIIOcHBSiUSzvTiBr2CcG96TFg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14512
last-modified
Tue, 19 Dec 2023 19:46:03 GMT
server
UploadServer
etag
W/"54ca4296baf7810e4e11ba0fb7a875f7"
vary
Accept-Encoding
x-goog-generation
1703015163616121
x-goog-hash
crc32c=ASXRuQ==, md5=VMpClrr3gQ5OEboPt6h19w==
access-control-allow-origin
*
content-type
text/css
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
91335
accept-ranges
none
output.69d7190ec3c2.css
dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/
70 KB
8 KB
Stylesheet
General
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/output.69d7190ec3c2.css
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
9f85a8964e063aa66ae22e30e1e86722714e1fcca4a00ee718a34123620e98a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 20:00:28 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014123
age
572786
x-guploader-uploadid
ABPtcPol4Wd6IWmvyz9bVbc2QfUYlzVTrxZedun5GstALifxVtmmPtlzEXCrV85UvSfDv1fT06Su4ppOsA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7621
last-modified
Tue, 19 Dec 2023 19:46:01 GMT
server
UploadServer
etag
W/"8c86b41813052df1cc90c98a30275029"
vary
Accept-Encoding
x-goog-generation
1703015161532854
x-goog-hash
crc32c=ytC9tQ==, md5=jIa0GBMFLfHMkMmKMCdQKQ==
access-control-allow-origin
*
content-type
text/css
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
71252
accept-ranges
none
output.e747a4a877d9.css
dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/
28 KB
5 KB
Stylesheet
General
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/output.e747a4a877d9.css
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
6bff84e7d1f5c524b06d6b572ca20870ec894706e6f2b96f60e4cd18f238bfb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 23:39:11 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014123
age
559663
x-guploader-uploadid
ABPtcPr-yTU-nMQvvloXHX7fOyel0N_4SvY3-ypZf66vkPtreo71Ij18Mt3tmDdAVY6Skhs3Grnf_Xv0Nmttytg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4704
last-modified
Tue, 19 Dec 2023 19:46:05 GMT
server
UploadServer
etag
W/"b93e6faff3dd2d5a67e56bc8653cdae4"
vary
Accept-Encoding
x-goog-generation
1703015165583970
x-goog-hash
crc32c=ZGZM3g==, md5=uT5vr/PdLVpn5WvIZTza5A==
access-control-allow-origin
*
content-type
text/css
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
28644
accept-ranges
none
spm.v1.min.js
ak.sail-horizon.com/spm/
98 KB
33 KB
Script
General
Full URL
https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.83.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-116.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8ed1c626af66981552aac1e9cd693fb3bbf73411f1af5ad340723545258fab7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 10:57:17 GMT
content-encoding
gzip
via
1.1 459ec09472abb8544521a9b5cc6706ce.cloudfront.net (CloudFront)
last-modified
Tue, 29 Aug 2023 21:44:22 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P5
age
578
x-amz-server-side-encryption
AES256
etag
W/"edee28fbd3a5c9f3c17e0333554b5646"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=600; must-revalidate
x-amz-cf-id
7RDSM5kkCTI2BkItz5gc936dXpBAEqa6DiPvjfON95hwPH_EIOfGGw==
fem.js
fem.gprod.postmedia.digital/v93.0/
380 KB
107 KB
Script
General
Full URL
https://fem.gprod.postmedia.digital/v93.0/fem.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
cae693444d5c4b70988da3ee41b0c3809de3f7701f474183ed8a446be6c970a5

Request headers

Referer
https://torontosun.com/
Origin
https://torontosun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 20:00:34 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1702321262
age
572780
x-guploader-uploadid
ABPtcPqIy8XZnHkoH7I2IkvbMw18VDciaa_EgYB3qUEtGwo0CW0ViHd80dKDCVNY4iz3kXLP-1xw55je_g
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
109102
last-modified
Mon, 11 Dec 2023 19:02:01 GMT
server
UploadServer
etag
W/"614b2d032ff8e38b1fff2badbf038f1a"
vary
Accept-Encoding
x-goog-generation
1702321321950203
x-goog-hash
crc32c=K4lC0Q==, md5=YUstAy/444sf/yutvwOPGg==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
389565
accept-ranges
none
content-type
application/javascript
advertising.js
www.npttech.com/
6 KB
3 KB
Script
General
Full URL
https://www.npttech.com/advertising.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:4222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:55 GMT
x-amz-version-id
AqISHxpKTQvORh8RqBdMoHK.Vq6tURDV
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
S5WF0H3TGAQGBTFP
age
6646
alt-svc
h3=":443"; ma=86400
x-amz-id-2
dGbH/G76wbuQoq8NuBMPfhz9uB4hhhPJ43HtaiY8J/GQFt+mh/f9HvqJS4Y9/pMrgvFwaWPYNYw=
last-modified
Tue, 18 Oct 2022 13:20:01 GMT
server
cloudflare
etag
W/"df0e1827cd8f289a645f38d8fecaf6e0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RgLeO2raA3YcM5JJCgcybtGhB6AFRzwxT9Izuyx%2B4GbZ2gKo0fytSmBwfexC8qtrw4jlqctkSzptgi7hfP40JN5msK7VVZiVU6wBtLrNEScedPKpZDhdceK9yhQkxlB99Vjnqu99aAGbVeQtY2E%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=28800
cf-ray
83b8db6ee9fa1e49-FRA
bootstrapper
tags.catapultx.com/
24 KB
5 KB
Script
General
Full URL
https://tags.catapultx.com/bootstrapper?group-id=QiUOkGRFYUWNdgFd8CThQ&video-container=.jw-wrapper
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fe4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
eaa1fe6daa6d6efa271e07a942dd6cd521cf367b0f2a1470512f43dc315ad50c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:55 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Wed, 13 Dec 2023 15:58:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"121"
x-powered-by
Express
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=26CQq7gNqKO3Oarnsdx%2FNIOUoUmhP%2FDWnsOgjnQsb0kQc7EATSflnXVVztBfLR68IXQbFK69tqr40XII3xOMiwlKmRoPfiqeRLaOEDhOWoWXeGsRHWbf8UP8ylr50ZrpD4rO781iP46FLNompBdWNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=180
cf-ray
83b8db6edaa41cab-FRA
embed.js
cdn.jwplayer.com/v2/sites/ReDAXyY4/placements/
58 KB
22 KB
Script
General
Full URL
https://cdn.jwplayer.com/v2/sites/ReDAXyY4/placements/embed.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:238d:c000:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
a075f92744836d04b6d6baea13c646a1376afa236c13827f37e52420050b3a64

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:54 GMT
content-encoding
gzip
via
1.1 00f66bc6263192200d1a0cdb83e969f8.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P1
age
1
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
x-robots-tag
noindex, indexifembedded
content-length
22525
x-amz-cf-id
VAIHrB9OppmdZKK5FTIe94uJV0z7mQebb7pon66_YVXm18YOQsLEZg==
GettyImages-1874733389-e1703516476237.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/
26 KB
26 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/GettyImages-1874733389-e1703516476237.jpg?quality=90&strip=all&w=466&type=webp&sig=jEOD85y79p_CFNF4KmgfVg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
dae258bd59c5ef795f209e7f3e8839f4cf59290f04c9df464d38af8805dbd841

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Tue, 26 Dec 2023 01:54:42 GMT
via
1.1 google
server
nginx/1.18.0
age
33132
etag
"4d46634c22aea3cae6d23ae006d3d8fd6e06e329"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-pzlh2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26632
Justin_trudeau_election_poll_polls_4x3.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/11/
20 KB
21 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/11/Justin_trudeau_election_poll_polls_4x3.jpg?quality=90&strip=all&w=466&type=webp&sig=oYR5Nh6gwFUWjR1zOMZbnw
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
f10125c259335f2674a873608114dd8a53b26047c966e048be9cfb26d1e7a86b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Tue, 26 Dec 2023 01:54:42 GMT
via
1.1 google
server
nginx/1.18.0
age
33132
etag
"6a5621474afcf9c2a6751dfd94fd1629af2547e4"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-pzlh2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20924
victoria-police-chief-del-manak.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/
27 KB
28 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/victoria-police-chief-del-manak.jpg?quality=90&strip=all&w=466&type=webp&sig=ResRtIWr4rAYl-QuI-XA-g
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
a7c06737ff8e146d47c8bc6dacafe0b4f5cbbade1b6d17e6fa3a6823b488bf99

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Tue, 26 Dec 2023 09:23:14 GMT
via
1.1 google
server
nginx/1.18.0
age
6221
etag
"1f23e9488ddf7a2274e0ad1912255ad777751c1b"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-pzlh2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28132
taylor-swift-1-scaled-e1703549309822.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/
24 KB
24 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/taylor-swift-1-scaled-e1703549309822.jpg?quality=90&strip=all&w=466&type=webp&sig=rE0IMJFk8bGKKiPydkVtaw
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
b174ce5b49e067604583b662aca2fba1bc6ddfe36ca28f409e1cdc7821a6d52b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Tue, 26 Dec 2023 09:11:38 GMT
via
1.1 google
server
nginx/1.18.0
age
6917
etag
"61d719a68f257042aa45f0b2719eea8a3d312224"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-7b4b5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24152
britain-royals-christmas.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/
54 KB
54 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/britain-royals-christmas.jpg?quality=90&strip=all&w=466&type=webp&sig=YzSeagyaW0w1Zzqzokz1FA
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
ee817657482702feff28665dbbc9a14faf3cd46fb981f379a066384697ae5937

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 25 Dec 2023 13:06:47 GMT
via
1.1 google
server
nginx/1.18.0
age
79208
etag
"f99d835898f0e47ca02b91378b3a4e2302f39fda"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-7b4b5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55298
Russia-Ukraine-War-Christmas-scaled-e1703547953201.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/
41 KB
41 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/Russia-Ukraine-War-Christmas-scaled-e1703547953201.jpg?quality=90&strip=all&w=466&type=webp&sig=LaxZkNuKvtFYQybH4i2QUg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
7f333fd1de797ec062a970352a8e371056a1ec444373b1f82666411c29939b3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Tue, 26 Dec 2023 09:11:38 GMT
via
1.1 google
server
nginx/1.18.0
age
6917
etag
"7e5ad0b53fdfdc5ec12ba6e7988bcf6e1685de58"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-hqfvf
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42328
GettyImages-1199611574-scaled-e1703525372519.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/
27 KB
27 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/GettyImages-1199611574-scaled-e1703525372519.jpg?quality=90&strip=all&w=466&type=webp&sig=mK3CpPDlYMl_XF2mrNTGmA
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
5339ae913d588db3d513c068ee315cd1a25de7eb53687d335d5d9dc1136ecbae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Tue, 26 Dec 2023 09:11:38 GMT
via
1.1 google
server
nginx/1.18.0
age
6917
etag
"f99acdf8618ada0345bda86bc9a408bd09194821"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-pzlh2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27316
que-teen-death-20231225.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/
38 KB
38 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/que-teen-death-20231225.jpg?quality=90&strip=all&w=466&type=webp&sig=KkbWHaJo8zim6ChKIgAVVg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
6716529e24ce8352c5938829f7bdb7f466da42277269a7e54cc7e3867d12c248

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Tue, 26 Dec 2023 09:23:15 GMT
via
1.1 google
server
nginx/1.18.0
age
6220
etag
"dbf1a2532f0476ff24c210275d77840973c63e42"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-hqfvf
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38924
TS2023126JB007.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/03/
36 KB
36 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/03/TS2023126JB007.jpg?quality=90&strip=all&w=466&type=webp&sig=oEQEAAKbjzq2hJZ1b2gLjQ
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
98c70c0f61a5e4c27669e5369d8b2940cf1603d14a979b1f11cfd8f67ef96a9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 25 Dec 2023 22:33:00 GMT
via
1.1 google
server
nginx/1.18.0
age
45235
etag
"88ba67d6d6c6814bc57f8648e7d108eb9fdc200a"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-wldx2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36964
LoginRadiusV2.js
auth.lrcontent.com/v2/js/
211 KB
49 KB
Script
General
Full URL
https://auth.lrcontent.com/v2/js/LoginRadiusV2.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdd5eb5886d055428379d1938f01e5a186f7f8dbf3efc851ad9e04914302eb59
Security Headers
Name Value
Strict-Transport-Security max-age= 63072000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:55 GMT
strict-transport-security
max-age= 63072000; includeSubdomains; preload
via
1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
gzip
age
4957
x-amz-cf-pop
FRA56-C1
cf-polished
origSize=1336927
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cf-bgj
minify
last-modified
Mon, 04 Dec 2023 07:20:23 GMT
server
cloudflare
etag
W/"34dedade3a8f1aa4aa0db4d3bf475de7"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=14400
cf-ray
83b8db6eec9f1e3e-FRA
x-amz-cf-id
pffvfcoshufRDG99e2DGbfXrgrovYTw8wlMlJdJhksqAZ2q26n_wXA==
expires
Tue, 26 Dec 2023 15:06:55 GMT
ms_auth_client.min.js
edge-auth.microsoft.com/js/
279 KB
280 KB
Script
General
Full URL
https://edge-auth.microsoft.com/js/ms_auth_client.min.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.6.158 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
bingforbusiness.com
Software
/
Resource Hash
feb2160dccd8b0345096a272f9753c529fa2f32b843400805851dc714372d9d5
Security Headers
Name Value
Content-Security-Policy script-src 'strict-dynamic' 'nonce-EtPOFwMvfzEzRafkNWX0uE1139zdUjD4FJkf1u6ihQsYDMZ6lzjuGmwvj+fTBywNDLtACoryrm5TvDbmG0XD2tGw6U6jolkYK7QhvWE3YpSFN/XXaj4GJDh5u9QOzXeWBewGXPFuCL7X7cD546LKI6RctQtrex/9315Xh0VnATk=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
script-src 'strict-dynamic' 'nonce-EtPOFwMvfzEzRafkNWX0uE1139zdUjD4FJkf1u6ihQsYDMZ6lzjuGmwvj+fTBywNDLtACoryrm5TvDbmG0XD2tGw6U6jolkYK7QhvWE3YpSFN/XXaj4GJDh5u9QOzXeWBewGXPFuCL7X7cD546LKI6RctQtrex/9315Xh0VnATk=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';
date
Tue, 26 Dec 2023 11:06:54 GMT
last-modified
Sat, 11 Nov 2023 09:01:52 GMT
x-msedge-ref
Ref A: AA6A1E30E82148C4B9B459B4D63EF38D Ref B: AMS231032601025 Ref C: 2023-12-26T11:06:55Z
etag
"1da147db6265b08"
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
285448
shared.883fef4c2994.js
dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/
20 KB
8 KB
Script
General
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
185113239a6613ca82207e73bb41dcc84ce2274da2732f6ece828c207f2f060c

Request headers

Referer
https://torontosun.com/
Origin
https://torontosun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:55:19 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014123
age
573096
x-guploader-uploadid
ABPtcPoMz2UnmlKQLZY6Hl8AIagOjKfXHg-NfjyCDwszAFY60VJMJRpodibfjJ5Gz6l8eDfZ_co
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7515
last-modified
Tue, 19 Dec 2023 19:46:06 GMT
server
UploadServer
etag
W/"9821e7f2a511b6c16c288d392dd2c55d"
vary
Accept-Encoding
x-goog-generation
1703015166560299
x-goog-hash
crc32c=nd/6aQ==, md5=mCHn8qURtsFsKI05LdLFXQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
20870
accept-ranges
none
content-type
application/javascript
main.de60ce74dc51.js
dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/
134 KB
46 KB
Script
General
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/main.de60ce74dc51.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
de60ce74dc51181fe850f249ae75cc015cbf18c96b9e44f5a40e9cc56b0ba85b

Request headers

Referer
https://torontosun.com/
Origin
https://torontosun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:55:19 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014123
age
573096
x-guploader-uploadid
ABPtcPo5bSDRwfW4q_NuYQ5J-UQFFDH-8HBbZp5zdn4sN05pqUytI__F51o7sJ3cYZoUi9XAKSw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46391
last-modified
Tue, 19 Dec 2023 19:46:06 GMT
server
UploadServer
etag
W/"0482cd44a5474059f0144f00e198305f"
vary
Accept-Encoding
x-goog-generation
1703015166460645
x-goog-hash
crc32c=6y/t+g==, md5=BILNRKVHQFnwFE8A4ZgwXw==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
136827
accept-ranges
none
content-type
application/javascript
geo.json
cdn.jwplayer.com/v2/
40 B
276 B
Fetch
General
Full URL
https://cdn.jwplayer.com/v2/geo.json
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/v2/sites/ReDAXyY4/placements/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:238d:c000:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4de084d8fca9ea129b962bb08ca954168391abd13473a0eb6f60a0cd4145a2be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 26 Dec 2023 11:05:38 GMT
via
1.1 ca1ae3b3ff3d7a9e41b26e307972401e.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P1
age
77
x-amz-cf-id
AV8TLCimTRHAf68vuaOuE34UrsMLzdDikcy6U03WS8uEDhcI_dzlvA==
x-cache
Hit from cloudfront
index.js
ssl.p.jwpcdn.com/player/services/jwpsrv/v/4/
68 KB
20 KB
Script
General
Full URL
https://ssl.p.jwpcdn.com/player/services/jwpsrv/v/4/index.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/v2/sites/ReDAXyY4/placements/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6f733263ba0d482063be46904102884233d3e14ebc2818968db52579a7bdaf83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:55 GMT
content-encoding
gzip
via
1.1 varnish
age
3172
x-cache
HIT
content-length
20535
x-served-by
cache-sof1510032-SOF
last-modified
Wed, 13 Dec 2023 06:00:18 GMT
server
AmazonS3
x-timer
S1703588815.224225,VS0,VE1
etag
"1d1853b5560baf12b94fc6c5f4860bd2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
1
beacon.js
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/10276888/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
4 KB
2 KB
Script
General
Full URL
https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Server
18.245.60.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-53.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 07:02:00 GMT
content-encoding
gzip
via
1.1 14b30c40b56ef4c9699e1ca92d5cdc08.cloudfront.net (CloudFront)
last-modified
Thu, 07 Dec 2023 12:02:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P5
age
14696
x-amz-server-side-encryption
AES256
etag
W/"77ff4ede4693897337a38594321529a3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
m4Ga5OUbCjBX5he03gFk6XRm0a0TrgZJGfi0IvJkLJvmlFLpd4gMrA==

Redirect headers

date
Tue, 26 Dec 2023 11:06:55 GMT
via
1.1 14b30c40b56ef4c9699e1ca92d5cdc08.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P5
x-cache
Miss from cloudfront
location
/internal-cs/default/beacon.js
content-length
0
x-amz-cf-id
9YwiiMP-tIqYKKZUHbeniNrBU7VuvMIPbmXxk9WxADTW41ephkwCQg==
loader.js
cdn.taboola.com/libtrc/postmedia1-network/
180 KB
46 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/postmedia1-network/loader.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
052ec17aa98d25dcc86bbb8110da92c57f8ee6bcb8e803cd9f730c8b6c7eeff7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
juQJlgfw1v9gvbEJut567Cjx6ppcROLm
content-encoding
gzip
via
1.1 varnish
date
Tue, 26 Dec 2023 11:06:55 GMT
x-amz-request-id
Y43CC3HS8D076A2H
age
30
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
FAILED
content-length
46598
x-amz-id-2
jiqN2Doo2mHQo6IK0wmtE7D1uFrqBpL2+eJNiZEr4F5Z+1OaDts/+Qg5V1VqibEC/0Fj6dghGyY=
x-served-by
cache-fra-etou8220039-FRA
last-modified
Mon, 25 Dec 2023 10:42:13 GMT
server
AmazonS3
x-timer
S1703588815.177615,VS0,VE1
etag
"c2e7a0053b0247adb9886dd3c34c6f8f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
52
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
truncated
/
256 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3fde76cacc186420d0405496f66f9cd00a7c14a38a9ffa4b626a09affe83cc2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://torontosun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 08:54:09 GMT
x-content-type-options
nosniff
age
7966
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Dec 2024 08:54:09 GMT
icon-generic-play.svg
dcs-static.gprod.postmedia.digital/15.1.1/websites/images/common-icon/
1 KB
770 B
Image
General
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/images/common-icon/icon-generic-play.svg
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/output.e747a4a877d9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
2f28c008f0ce667d697ccc95a07377e8562c0c28dd910f864724a265f75671e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/output.e747a4a877d9.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 20:05:29 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014127
age
572486
x-guploader-uploadid
ABPtcPoYMQ0JVSqhOWNVtXWgp0XAv8ASiIiiZv3UopiBZOM6TrsY63Gltenddj5RYlCqwg7jo-33F3Xk
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
501
last-modified
Tue, 19 Dec 2023 19:46:52 GMT
server
UploadServer
etag
W/"34ef0f992f9fa3f5a172353b887ba82c"
vary
Accept-Encoding
x-goog-generation
1703015212812511
x-goog-hash
crc32c=+OS2xg==, md5=NO8PmS+fo/WhcjU7iHuoLA==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
1091
accept-ranges
none
NGSpv5_NC0k9P_v6ZUCbLRAHxK1EbiusdUmm.woff2
fonts.gstatic.com/s/heebo/v22/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/heebo/v22/NGSpv5_NC0k9P_v6ZUCbLRAHxK1EbiusdUmm.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41fa01c782917e3f2c7ec4c60602f471ee628280908b71da13d4b127626ac85b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://torontosun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 04:59:09 GMT
x-content-type-options
nosniff
age
22066
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11076
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:52:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Dec 2024 04:59:09 GMT
carousel-previous.svg
dcs-static.gprod.postmedia.digital/15.1.1/websites/images/common-icon/
1 KB
758 B
Image
General
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/images/common-icon/carousel-previous.svg
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/output.69d7190ec3c2.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e5bab9427ec1d36c811e3ca40b2a1014b330dea0fc48b787041c572e1fdc4f28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/output.69d7190ec3c2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:56:21 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014127
age
573034
x-guploader-uploadid
ABPtcPpEzgi5RSHXFNunFa5JbDCIhmPQstyyC0oADHMcVrtFuw53M80oEJNg6LGJUtHXIwolNxE
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
519
last-modified
Tue, 19 Dec 2023 19:46:51 GMT
server
UploadServer
etag
W/"23fbd7cd311279a2b6eb68d8f6059047"
vary
Accept-Encoding
x-goog-generation
1703015211974405
x-goog-hash
crc32c=RxdKhw==, md5=I/vXzTESeaK262jY9gWQRw==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
1204
accept-ranges
none
carousel-next.svg
dcs-static.gprod.postmedia.digital/15.1.1/websites/images/common-icon/
1 KB
728 B
Image
General
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/images/common-icon/carousel-next.svg
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/output.69d7190ec3c2.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b510ee91066f77f938f78422378a73f44818d0ee661c0ccb5ad398cc7dd6b080

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/output.69d7190ec3c2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:56:21 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014127
age
573034
x-guploader-uploadid
ABPtcPr1-ug3VGuUzjB9j2-LaUvYqHm5r08kuNQ8uefvl3dKi435EnuoeGWYMeXG_Xw5tGaiTjE
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
520
last-modified
Tue, 19 Dec 2023 19:46:51 GMT
server
UploadServer
etag
W/"735fdba5ead6fce3777e91bf3fee8dd6"
vary
Accept-Encoding
x-goog-generation
1703015211936704
x-goog-hash
crc32c=8FG2nQ==, md5=c1/bperW/ON3fpG/P+6N1g==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
1204
accept-ranges
none
PN_xRfK9oXHga0XdZsg_.woff2
fonts.gstatic.com/s/martel/v10/
18 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/martel/v10/PN_xRfK9oXHga0XdZsg_.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b52af4f6849257bb609f2078d51dc45ad49c0f9b5ff217cf6f9c1c8afcb9a8df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://torontosun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 08:52:02 GMT
x-content-type-options
nosniff
age
8093
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18860
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:03:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Dec 2024 08:52:02 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://torontosun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 16:39:21 GMT
x-content-type-options
nosniff
age
325654
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Dec 2024 16:39:21 GMT
icon-fire.svg
dcs-static.gprod.postmedia.digital/15.1.1/websites/images/common-icon/
835 B
1 KB
Image
General
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/images/common-icon/icon-fire.svg
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/output.69d7190ec3c2.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a345a18e5d3f6c07451cb14dd480bfad123f03663912b581265d617d4725fe9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/output.69d7190ec3c2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:56:21 GMT
x-goog-meta-goog-reserved-file-mtime
1703014127
age
573034
x-guploader-uploadid
ABPtcPpdmLrylKyS56cYQJc_hJOX-dx0u7EPfaHUQIao5Pb9QfwJH44iW_zjm8bRAOSCV1HbSJg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
835
last-modified
Tue, 19 Dec 2023 19:46:52 GMT
server
UploadServer
etag
"9c6e99306a671d196d8945273b28bfe8"
x-goog-generation
1703015212683442
x-goog-hash
crc32c=0k5Zig==, md5=nG6ZMGpnHRltiUUnOyi/6A==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
835
accept-ranges
bytes
truncated
/
2 B
2 B
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
text/plain;charset=US-ASCII
postmedia-image-fallback.webp
dcs-static.gprod.postmedia.digital/15.1.1/websites/images/
3 KB
3 KB
Image
General
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/images/postmedia-image-fallback.webp
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
179c493864283938999b1e6cfb14839f78f9b25d1ec30faabbf9ea18216b23e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:56:15 GMT
x-goog-meta-goog-reserved-file-mtime
1703014127
age
573040
x-guploader-uploadid
ABPtcPqpyW-kxvh3_quJmFkutMkiAUvKqG-B-ld5tITMh56KVDOttqDIJqZ_accKthUVLzpPCpWZ0vrU6IynEPg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2934
last-modified
Tue, 19 Dec 2023 19:47:10 GMT
server
UploadServer
etag
"496f3aa3adffbf2280dd5f74fb6eef8f"
x-goog-generation
1703015230909151
x-goog-hash
crc32c=Qpf2ww==, md5=SW86o63/vyKA3V90+27vjw==
access-control-allow-origin
*
content-type
application/octet-stream
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
2934
accept-ranges
bytes
23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/
454 KB
112 KB
Script
General
Full URL
https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v93.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:29aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aff6c2743f2252279f0f406b7d452f213f551dfacc1f66b117822458796bbdc6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:55 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
23dc09d6-b664-425a-a76e-0eed6a6cc102
age
0
x-guploader-uploadid
ABPtcPqr5r1INDrtv2drmPmKnrUcC5UQZnelRbQhzulPjx-g2nEUdl1rKZkaPzvsoLLN7C1JJsNPQQV35fAa7m4
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
content-length
114496
last-modified
Wed, 13 Dec 2023 14:45:53 GMT
server
cloudflare
etag
"1789c53237f634e187c714d75e7228d9"
vary
Accept-Encoding
x-goog-generation
1702478753777915
content-type
application/javascript
x-goog-hash
crc32c=pzIw5Q==, md5=F4nFMjf2NOGHxxTXXnIo2Q==
cache-control
public, max-age=900
x-goog-stored-content-length
114496
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83b8db6feb603a43-FRA
expires
Tue, 26 Dec 2023 11:21:55 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/
431 KB
135 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 08:15:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
10283
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138180
x-xss-protection
0
server
cafe
etag
6854214708762155125
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 25 Dec 2024 08:15:32 GMT
3528
config.aps.amazon-adsystem.com/configs/
532 B
799 B
Script
General
Full URL
https://config.aps.amazon-adsystem.com/configs/3528
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-128.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
79dee0042597950493e8956e9090ddc47c3decbfd1df6331349296d96ea51c0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:00:38 GMT
via
1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
377
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
532
x-amz-cf-id
4uWxOaH4pZXlqpyzYZMOJdP_eQqsSwXvdAuprMG9HiFPoh45-kYXjg==
config
c.amazon-adsystem.com/cdn/prod/
353 B
709 B
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3528&u=https%3A%2F%2Ftorontosun.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-213.fra56.r.cloudfront.net
Software
Server /
Resource Hash
d00b4c8953cdf25f549728ad667759e6f7650b5bf6146ecd3ec7c087bd3265b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 06:32:13 GMT
via
1.1 f891d17fa862cc74a05434e03fa58dca.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C2
age
16482
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://torontosun.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
353
x-amz-cf-id
cSKgg5o0UNHBX8PAsL0_KA8OfDnhwt1690pIRWOU0KaU0srujLDhrQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-213.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 22b9ddafebf39d72780d68dad970d218.cloudfront.net (CloudFront)
date
Tue, 26 Dec 2023 08:12:37 GMT
x-amz-cf-pop
FRA56-C2
age
21402
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
VRnXAneFAqxj2Z9ZS7NSOkMX9oXe92kGygwKiPBbhUTbqw91IfDdfw==
14648-pbjs-floors.json
ads.rubiconproject.com/floors/
69 KB
6 KB
Fetch
General
Full URL
https://ads.rubiconproject.com/floors/14648-pbjs-floors.json
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-255-110.deploy.static.akamaitechnologies.com
Software
Apache/2.4.37 (rocky) OpenSSL/1.1.1k /
Resource Hash
e734bc18e7f9f3bffe6b448f97d2375d3f2b2c6ee916ca88f91a960894deea59

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 26 Dec 2023 11:06:55 GMT
content-encoding
gzip
last-modified
Tue, 26 Dec 2023 10:40:34 GMT
server
Apache/2.4.37 (rocky) OpenSSL/1.1.1k
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1500
access-control-allow-credentials
true
accept-ranges
bytes
content-length
5967
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/
2 KB
2 KB
Fetch
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231226
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d54fc1c2a96384ae7c1f3301deb6cc0a17760a4e6023825ad1062fa528859afb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 26 Dec 2023 11:06:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
25565
x-jsd-version
1.0.1914
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-lga21933-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"639-5YVTFnSMOeQggNU8bfClmJPO9VQ"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aCfBUsSwbQs655scZ8i8Ku%2FRfOeqVv2A3H%2FUktKgY9cqCtdqEr9mIBg0w8c4b%2FgBI9PvsVnmPf4PYP9Fg3I2Nz2TPcaOtEt1U%2BJyMDCAGz%2FyCZHFcoihzCdvqH0mAcQ0vNClu3oTwTTj6WPPsYg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
83b8db702c270368-FRA
impl.20231225-6-RELEASE.js
cdn.taboola.com/libtrc/
833 KB
173 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/impl.20231225-6-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/postmedia1-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
feae53d22286d941bf9257a5118cc4276b26e7db5d92560740453f0ebf87d94f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
AwLlJYDA_Huzbudax0PAaw3JM.i2SLd2
content-encoding
br
via
1.1 varnish
date
Tue, 26 Dec 2023 11:06:55 GMT
x-amz-request-id
1QCC4C90RD2PBRE5
age
2930
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
176357
x-amz-id-2
BPctFW+4KR76dfUf97TNx/X4pVBuMNxnGcci4QlA9J++5ZkjFHcNYOWmMyp0zGMZkpVKzZALuaw=
x-served-by
cache-fra-etou8220039-FRA
last-modified
Mon, 25 Dec 2023 10:09:59 GMT
server
AmazonS3-br
x-timer
S1703588815.354153,VS0,VE0
etag
"212145d3d7b8d719535e59957b503b39"
vary
Accept-Encoding
content-type
application/javascript
abp
20
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
8670
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/
54 KB
17 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:55 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Tue, 26 Dec 2023 11:21:55 GMT
fgi-60th-anniversary-media-46-e1703528420127.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/
14 KB
14 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/fgi-60th-anniversary-media-46-e1703528420127.jpg?quality=90&strip=all&w=344&type=webp&sig=mbUvLj4WCratigswmYjEiA
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
58a4aa546c8d0abb76683f33ee34bc0b1f812c2a7d845e5a7d03c690a0d35a6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 25 Dec 2023 20:08:18 GMT
via
1.1 google
server
nginx/1.18.0
age
53917
etag
"3d7abebd5dadcda5c9973dd5b7e82da372a57d4a"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-hqpqq
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14066
marjorie-taylor-greene-swatting.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/
17 KB
17 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/marjorie-taylor-greene-swatting.jpg?quality=90&strip=all&w=344&type=webp&sig=GibzVh8ney8ia0UfJiJ4cw
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
396239aacf6f37b643c5515d649e134b0bc4e6cd244d4eea3d7fce3c5d5af40e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Tue, 26 Dec 2023 11:06:55 GMT
via
1.1 google
server
nginx/1.18.0
etag
"1d7fa29825a18b3082808620e958a0e12cf2dc64"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
miss
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-5ldmj
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17338
barbara_cramer_mcdonalds-e1703530821660.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/
16 KB
16 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/barbara_cramer_mcdonalds-e1703530821660.jpg?quality=90&strip=all&w=344&type=webp&sig=jX5yFqXMrdQ6gHXRZYu4ow
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
753bd1cc6fdb0a689669eca552f3c676c8153da4a886dd7f44f69487247c1a04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 25 Dec 2023 22:49:52 GMT
via
1.1 google
server
nginx/1.18.0
age
44223
etag
"da5694ebf8d470778698a8178bd15915d726ef08"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-5ldmj
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16234
colorado-mall-shooting.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/
12 KB
12 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/colorado-mall-shooting.jpg?quality=90&strip=all&w=344&type=webp&sig=Ko2NQRvcDfNor5fCEpuXvQ
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
2e25ca1505913933a4ce669a73fafd2d8f7c6420c64a9fb62ebeb12dd7a00d04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 25 Dec 2023 13:15:19 GMT
via
1.1 google
server
nginx/1.18.0
age
78696
etag
"fe206da445f91f27bbb11a594072ef0872367f16"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-wldx2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12112
ye-social-media-e1703508321763.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/
16 KB
16 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/ye-social-media-e1703508321763.jpg?quality=90&strip=all&w=344&type=webp&sig=tQbo9elhx8C3vJhcG8UcOQ
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
3073b7274232527e308fe8dde7ffa3f3e24a4b6041c33d26e9f14ba7cee9abe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Tue, 26 Dec 2023 03:53:46 GMT
via
1.1 google
server
nginx/1.18.0
age
25989
etag
"d85968c9fef977794fc0e9b18795ecd5a9e802bf"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-5ldmj
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15926
auston-scaled.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/
31 KB
31 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/auston-scaled.jpg?quality=90&strip=all&w=344&type=webp&sig=Spr0SYU4LI5klBhvlhD7vQ
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
6c4fd1fd8364038a4dbfecdbe0f2c5931cc7baf819d0d519aa95b5f02185f6f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 25 Dec 2023 23:38:42 GMT
via
1.1 google
server
nginx/1.18.0
age
41293
etag
"8d8789701d24a4b33851e15f04623d6317c0a87e"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-fzfc8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32158
CP169737062-scaled-e1703462012665.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/
36 KB
36 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/CP169737062-scaled-e1703462012665.jpg?quality=90&strip=all&w=344&type=webp&sig=d_g4J1EBr_b712n3GlrA8A
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
b79e9625008569a11ba68696878e72f8469621f61f4f8a805cfd2137192a8034

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 25 Dec 2023 01:38:16 GMT
via
1.1 google
server
nginx/1.18.0
age
120519
etag
"3b9aaccd371927698c6a1db72292993da9e37aef"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-hqpqq
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37006
Justin_trudeau_election_poll_polls_4x3.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/11/
14 KB
14 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/11/Justin_trudeau_election_poll_polls_4x3.jpg?quality=90&strip=all&w=344&type=webp&sig=922OPS9hzj6vCa-akp3KQQ
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
0f3a04d1c8ced4e48ce226c76644ee587301359faa5b026099b747b56c0f9c42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 25 Dec 2023 19:28:56 GMT
via
1.1 google
server
nginx/1.18.0
age
56279
etag
"7454c788f8fb98afbc1ee74fa5450ebb9c0a2caf"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-5ldmj
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13998
GettyImages-1874733389-e1703516476237.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/
15 KB
15 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/GettyImages-1874733389-e1703516476237.jpg?quality=90&strip=all&w=344&type=webp&sig=uU9oThHdOsOo3EfYAzle6w
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
7e323d52efd4a00b0b21c726fe5521ee57375307b7954a89701e5743738025ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 25 Dec 2023 16:06:02 GMT
via
1.1 google
server
nginx/1.18.0
age
68453
etag
"f51c091127fee4a87e35f5d11f5c8e6aa86b0217"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-pzlh2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15306
GettyImages-1244612008-e1703519052136.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/
8 KB
8 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/GettyImages-1244612008-e1703519052136.jpg?quality=90&strip=all&w=344&type=webp&sig=KRbLKIWazcPOZkvW9LDrKw
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
550fd53cfac71935fcb47df7167aa4341676df54b664ccfa036bb3b3e1cff9d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 25 Dec 2023 15:56:59 GMT
via
1.1 google
server
nginx/1.18.0
age
68996
etag
"95a7e270501da9f04c4f5fe85d0b776f9285b5a1"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-p6sz2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7814
GettyImages-1254842202.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2020/11/
9 KB
9 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2020/11/GettyImages-1254842202.jpg?quality=90&strip=all&w=344&type=webp&sig=hWw9GGX7d67EZpXaZDYbRA
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
3bdd66f75a3e158453a1841639637ab7385e2a39ff16d356925d1c6b3e52f6b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 25 Dec 2023 12:11:34 GMT
via
1.1 google
server
nginx/1.18.0
age
82521
etag
"cd7c331eb12a8ff3f350a2c48d6afd40059c9f98"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-fzfc8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9646
1855295404-scaled-e1703369559129.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/
27 KB
27 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/1855295404-scaled-e1703369559129.jpg?quality=90&strip=all&w=344&type=webp&sig=cfODu7fw3KQrZuar5idmRQ
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
7918980d5450a74e052a40d8fa9f5a8d43115eae68e4eb780128ff161a7a7c55

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 25 Dec 2023 12:07:43 GMT
via
1.1 google
server
nginx/1.18.0
age
82752
etag
"fe41f9415c272e8dfe81d8ce14d91c2e9d0a96e2"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-pzlh2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27956
tuesday-letters.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2019/10/
36 KB
36 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2019/10/tuesday-letters.jpg?quality=90&strip=all&w=344&type=webp&sig=MB0E7GHLcngK6RrXF-MYNg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
de42a33c87ab66be436b99c0872c94b6eb3e321d31aa998e43ce752d118928a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Tue, 26 Dec 2023 09:11:24 GMT
via
1.1 google
server
nginx/1.18.0
age
6931
etag
"57dc0b5ab0670cb08b39ae36195e0c0858afed66"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-phphk
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37238
1227-biz-nk-recycling-e1703358889836.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/
21 KB
21 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/1227-biz-nk-recycling-e1703358889836.jpg?quality=90&strip=all&w=344&type=webp&sig=4jRCIJBJSh3pE6Q93htZsg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
e47decd7b73d4691434071d58733d578d6d014d7c966c522bef3e7d1dc00aeeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 25 Dec 2023 11:35:43 GMT
via
1.1 google
server
nginx/1.18.0
age
84672
etag
"e815e4bcfd387b965a172d46433fbe7e66bc356b"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-hqpqq
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21644
book-e1703041270797.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/
15 KB
15 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/book-e1703041270797.jpg?quality=90&strip=all&w=344&type=webp&sig=L8aJw9RT5ChoFZV8w9-dsA
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
ce0fc14328932a6e155917967a3272809b5410b626c3633cb452beb52c48b6dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Tue, 26 Dec 2023 08:32:22 GMT
via
1.1 google
server
nginx/1.18.0
age
9273
etag
"275b55120be2d723cb559391cf84b4f648409a03"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-pzlh2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15574
barnes-scaled.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/
18 KB
18 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/barnes-scaled.jpg?quality=90&strip=all&w=344&type=webp&sig=RRB3cePkMUJa64XkaS-ZQw
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
1eee204af99428fc405720d3e11ba5f557948476544545dd1c995b8df0d1a9ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Tue, 26 Dec 2023 09:24:01 GMT
via
1.1 google
server
nginx/1.18.0
age
6174
etag
"cb8e449869f3abd8e5baa42e4f9d2339dc3f7b47"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-phphk
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18732
hko-iihf-world-canada-captains.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/
14 KB
14 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/hko-iihf-world-canada-captains.jpg?quality=90&strip=all&w=344&type=webp&sig=yQI3SFVScdia0PGr-5722g
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
87b03d0602d0cdebdc297ef41671ec80540ce25c54869bff9205720148532622

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 25 Dec 2023 08:38:44 GMT
via
1.1 google
server
nginx/1.18.0
age
95291
etag
"ec987de1acf6a5811ac98588ba73d382242bd875"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-fzfc8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14534
CP151705625-scaled-e1703382187932.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/
24 KB
24 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/CP151705625-scaled-e1703382187932.jpg?quality=90&strip=all&w=344&type=webp&sig=Ylrsy7BpnRGdSGrWH2oigQ
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
a5d0c40f6aae2be2b7568e73f385fe84a1ec23398d8dc786c2ef80a4123c02e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Tue, 26 Dec 2023 09:24:01 GMT
via
1.1 google
server
nginx/1.18.0
age
6174
etag
"35ec7f6a183d1e7f8e0dc7c3c2ecd25339f03d8e"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-hqfvf
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24840
RaptorsGamer-1-scaled-e1703388023364.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/
26 KB
26 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/RaptorsGamer-1-scaled-e1703388023364.jpg?quality=90&strip=all&w=344&type=webp&sig=ksI0kPFzHyuZVgoKcJAsmg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
e23b0fe5f5a5a128b125349e044943ec78738cdca637bf24d2a98acc3ad35029

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Tue, 26 Dec 2023 09:24:01 GMT
via
1.1 google
server
nginx/1.18.0
age
6174
etag
"dcad286f730cd2e50a5db28e445bf7febb8e44be"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-phphk
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26346
1769773047-scaled-e1703473027696.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/
27 KB
27 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/1769773047-scaled-e1703473027696.jpg?quality=90&strip=all&w=344&type=webp&sig=njiAo1gl0_8QnKcp2Q1eUQ
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
c59f46722ece3cf30399960470954e8074c4ea661346d1d9ea6809f94a080d43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Tue, 26 Dec 2023 09:24:01 GMT
via
1.1 google
server
nginx/1.18.0
age
6174
etag
"05ff3b390cae561deaf2de42e519908dbca80f64"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-hqpqq
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27642
sweden-beyonc.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/05/
17 KB
17 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/05/sweden-beyonc.jpg?quality=90&strip=all&w=344&type=webp&sig=ecJAZeTsT-dW6KeX4FzI2Q
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
15e93eaa812cbd05284cb4ab89715ab362c63622e51a34f25ef9294c90719ec1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Tue, 26 Dec 2023 04:24:56 GMT
via
1.1 google
server
nginx/1.18.0
age
24119
etag
"edbe89974ac73324d55f4ba18b41b71d83ce664c"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-phphk
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17866
madonna.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/08/
16 KB
16 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/08/madonna.jpg?quality=90&strip=all&w=344&type=webp&sig=Gn6p1eWo3sdYWRLhLjAYSA
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
9d276edfca3d8bd9602377796da8f620f44d1ab1c84b97fcb7ccf0f768a37499

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Tue, 26 Dec 2023 07:56:33 GMT
via
1.1 google
server
nginx/1.18.0
age
11422
etag
"4915620c89a9d871957ddd4e737675a4ca42e59c"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-phphk
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16392
Olivia-Rodrigo-Guts-e1703278445464.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/
17 KB
17 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/Olivia-Rodrigo-Guts-e1703278445464.jpg?quality=90&strip=all&w=344&type=webp&sig=DNhS1SeNTRrwgdm0EkDXyA
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
505abb8f43b0c4e043d56584b03a3218652f378ff6ab3f5d9a7603bc71f6383d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 25 Dec 2023 15:13:25 GMT
via
1.1 google
server
nginx/1.18.0
age
71610
etag
"0945582a8e6ed63a811e2ce1aa4a31401111c01b"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-7b4b5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17672
NUP_171451_0003-scaled-e1703194244876.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/
9 KB
9 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/NUP_171451_0003-scaled-e1703194244876.jpg?quality=90&strip=all&w=344&type=webp&sig=dKwu2KXhInxc5hFJ0hcV6g
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
8a30971a2612643e99ffd7bef876ef2047c0fb19cd0d86a3c525dfa180a28598

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Tue, 26 Dec 2023 09:24:06 GMT
via
1.1 google
server
nginx/1.18.0
age
6169
etag
"ddf6f57d6ea51a91aaacc1a118fb935ff502f76f"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-p6sz2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8816
GettyImages-1459345882-scaled-e1703252716285.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/
21 KB
21 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/GettyImages-1459345882-scaled-e1703252716285.jpg?quality=90&strip=all&w=344&type=webp&sig=vCodH2pl67JMOX4Zls8Akg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
cb2d455bcc90dc41c124a6deede16900086c16c4c43cfa5ada9073d39bafba3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 25 Dec 2023 11:16:51 GMT
via
1.1 google
server
nginx/1.18.0
age
85804
etag
"b784f105b106d1b129fa321ffc56b17cccd51d13"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-wldx2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21922
GettyImages-1457385092-scaled-e1703189613260.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/
12 KB
12 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/GettyImages-1457385092-scaled-e1703189613260.jpg?quality=90&strip=all&w=344&type=webp&sig=q1QiV04i3HDQF94tRZyNyA
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
c118232e8a98feecbf658394f8781178175ed831c2900270adb7983f03fa1e39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 25 Dec 2023 11:46:54 GMT
via
1.1 google
server
nginx/1.18.0
age
84001
etag
"01fc3bfd8e42cba5bbcc9c55d89ca4a045885658"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-pzlh2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12078
mean-girls-2023-12-20.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/
24 KB
24 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/mean-girls-2023-12-20.jpg?quality=90&strip=all&w=344&type=webp&sig=cM4pRt4SxT9IjnKkA3mUBg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
bf558863611ee0819dc7de3fdd8075de34aa52cbf73b57407099ead1f5dd9581

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Tue, 26 Dec 2023 09:11:26 GMT
via
1.1 google
server
nginx/1.18.0
age
6929
etag
"99104af9687a8758c5cb0d5ec50eaa59ee80915a"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-wldx2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24992
GettyImages-1480408731-scaled-e1691805455529.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/08/
16 KB
16 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/08/GettyImages-1480408731-scaled-e1691805455529.jpg?quality=90&strip=all&w=344&type=webp&sig=28MmSnqAeu2C_XeokRjIMA
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
2dd999812bf3b4acbd83297aa3db1a4273c71c2f8d13b4fe14580814aa9055b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Sun, 24 Dec 2023 04:41:50 GMT
via
1.1 google
server
nginx/1.18.0
age
195905
etag
"db2ab288d33692c3139239aae6a02b857b932fa0"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-7b4b5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16836
VILLA-e1703267740377.png
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/
19 KB
19 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/VILLA-e1703267740377.png?quality=90&strip=all&w=344&type=webp&sig=aCgrZMPwvIWO-gqb7OftyQ
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
db208dc24768b12f6523669aab6675ed30e78c41af4b820adef78229b9d8275c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Fri, 22 Dec 2023 18:47:35 GMT
via
1.1 google
server
nginx/1.18.0
age
317960
etag
"5f6496b8a9c81c12972ad47b19cd9e8582a1338f"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-phphk
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19376
GettyImages-624084050.jpeg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/12/
27 KB
27 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/12/GettyImages-624084050.jpeg?quality=90&strip=all&w=344&type=webp&sig=bKruBxQiASEQgmThSiS3PA
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
b9d563addef16ac42c163e80f3e0dbcac7cd2bbddfdaaae55a764060a9be8e89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Sat, 23 Dec 2023 16:26:52 GMT
via
1.1 google
server
nginx/1.18.0
age
240003
etag
"0b930d8c045487253ca0f9bd3a3582764f6c1edb"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-hqfvf
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28028
GettyImages-1313322732-e1702575614861.jpeg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/12/
34 KB
34 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/12/GettyImages-1313322732-e1702575614861.jpeg?quality=90&strip=all&w=344&type=webp&sig=FzG_B7980-VgAye5RgIung
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
0f68d66dce6c72cd87197dd2a9f1c8193fea1437a9ee52583951ca4eb6b2c37d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Fri, 15 Dec 2023 15:20:34 GMT
via
1.1 google
server
nginx/1.18.0
age
935181
etag
"1af641047c6cf12388c0ee5f340e36e010f342ad"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-hxbkz
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34534
GettyImages-1270066825.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/11/
16 KB
16 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/11/GettyImages-1270066825.jpg?quality=90&strip=all&w=344&type=webp&sig=nOdhy2_lEabnm6Q-e9wQXQ
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
0b3524719b834ad9b4945cff49f307c5e55185f5f12c861657f0e1ec3547b32b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Fri, 15 Dec 2023 15:41:53 GMT
via
1.1 google
server
nginx/1.18.0
age
933902
etag
"bf8273f7bdb60751753c787f15886d5e38a2f493"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-6jd5t
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16268
GettyImages-1492721775.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/12/
14 KB
14 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/12/GettyImages-1492721775.jpg?quality=90&strip=all&w=344&type=webp&sig=iojEpq5Fb7bfAyTxTUX0pA
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
713cf1b92aef8138209b11f0be256ac040cf052e2337651ee8f1a332ec4ac41d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Fri, 08 Dec 2023 20:39:55 GMT
via
1.1 google
server
nginx/1.18.0
age
1520820
etag
"ae66898dad962eb442170b79eea3fa28df0d3d12"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-vj775
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14340
GettyImages-1375708994.jpeg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/12/
11 KB
11 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/12/GettyImages-1375708994.jpeg?quality=90&strip=all&w=344&type=webp&sig=nKJbuDhR1HrVsF_xl_Mg5Q
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
2c475544d1646769da7cf08fb9667703ef8fa9d14fe4fbdf4a8740af6df178d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Mon, 11 Dec 2023 13:01:44 GMT
via
1.1 google
server
nginx/1.18.0
age
1289111
etag
"bd180e9beeec220ea462912c98d9398c075e307a"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-phphk
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11086
aston-martin-db6-electric-conversion-by-lunaz_TAkinshete-03.jpg
smartcdn.gprod.postmedia.digital/driving/wp-content/uploads/2023/12/
10 KB
10 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/driving/wp-content/uploads/2023/12/aston-martin-db6-electric-conversion-by-lunaz_TAkinshete-03.jpg?quality=90&strip=all&w=344&type=webp&sig=mNZljimK3nKLxezOCCPrIg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
a4b945ecae722e2d4c2f28474548e09fb6f570aa48299e54a59d0f3a7301d591

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-pmd-smartcdn-requester
driving
date
Sun, 24 Dec 2023 11:17:47 GMT
via
1.1 google
server
nginx/1.18.0
age
172148
etag
"6f9c6b33b7d40ab627117e2cab742701d2fa04ea"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-fzfc8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10398
Minnie-and-Mickey-at-Disneys-Magic-Kingdom-1-e1702608189348.jpg
smartcdn.gprod.postmedia.digital/driving/wp-content/uploads/2023/12/
25 KB
25 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/driving/wp-content/uploads/2023/12/Minnie-and-Mickey-at-Disneys-Magic-Kingdom-1-e1702608189348.jpg?quality=90&strip=all&w=344&type=webp&sig=DVhAhLzZe4N30SpkW91igA
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
f9238b6bdb43098f65ec6e26ea8ab4ec117bc94af8095e882725e56332ef54dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-pmd-smartcdn-requester
driving
date
Sat, 23 Dec 2023 11:07:18 GMT
via
1.1 google
server
nginx/1.18.0
age
259177
etag
"78da9a0ee02149d8e48d0aab35406f46e9dfba3f"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-fzfc8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25122
Medium-15790-ThenewMcLarenGTS-scaled-e1703273184898.jpg
smartcdn.gprod.postmedia.digital/driving/wp-content/uploads/2023/12/
9 KB
9 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/driving/wp-content/uploads/2023/12/Medium-15790-ThenewMcLarenGTS-scaled-e1703273184898.jpg?quality=90&strip=all&w=344&type=webp&sig=1L4YLJv07a_MtwY5oxfdkA
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
f4d8d5315f40f5ae7d8d715f4bff0d9f906432af559a01affe6a3b8095335e97

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-pmd-smartcdn-requester
driving
date
Fri, 22 Dec 2023 21:59:06 GMT
via
1.1 google
server
nginx/1.18.0
age
306469
etag
"90494dd7a923a8e730772b7e20d59d73d144acd8"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-wldx2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9386
tesla-model-S-X-dealership-EV-store-e1703269765942.jpg
smartcdn.gprod.postmedia.digital/driving/wp-content/uploads/2023/09/
20 KB
20 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/driving/wp-content/uploads/2023/09/tesla-model-S-X-dealership-EV-store-e1703269765942.jpg?quality=90&strip=all&w=344&type=webp&sig=eT0JxuhhiimhlZ5z0vbrCA
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
f73f828d84fea8c32831ae88a4ddcc3a1811fd3028184c622a0327050e3c20c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-pmd-smartcdn-requester
driving
date
Fri, 22 Dec 2023 19:30:08 GMT
via
1.1 google
server
nginx/1.18.0
age
315407
etag
"c30a48e7ae06481497930abd5de8c3134c3277ca"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-wldx2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20096
Porsche-911-Generations-TAkinshete-e1703265964917.jpg
smartcdn.gprod.postmedia.digital/driving/wp-content/uploads/2023/12/
12 KB
12 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/driving/wp-content/uploads/2023/12/Porsche-911-Generations-TAkinshete-e1703265964917.jpg?quality=90&strip=all&w=344&type=webp&sig=keJi865oJQGu7_eU4RPxmQ
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
c0db3e9458387e2a421e00547f53e89b946c685d38ff7f9b2915cd05ccc268e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-pmd-smartcdn-requester
driving
date
Fri, 22 Dec 2023 18:33:13 GMT
via
1.1 google
server
nginx/1.18.0
age
318822
etag
"a9216f08ec5543967840d45eff20d3b0aef37a57"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-p6sz2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12180
ssg-patricia.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/
14 KB
14 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/ssg-patricia.jpg?quality=90&strip=all&w=344&type=webp&sig=Pi8MQ7kEf4JZK5puZn02uA
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
5d36841bf0a45aa9c54bc18eb777f48e12c4bcb6f879b4fec327d998029faa26

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Tue, 26 Dec 2023 10:13:29 GMT
via
1.1 google
server
nginx/1.18.0
age
3206
etag
"c77b482d029ae26623f412fc2cca26b4a1d40dde"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-7b4b5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13846
SSGCarrie.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/
10 KB
10 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/SSGCarrie.jpg?quality=90&strip=all&w=344&type=webp&sig=TZqksNP0dvuKNAO1qEDGnA
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
9f490ec3ad15784474683b1b14ba067fcada18d17a4b59572477e97ed99890d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Tue, 26 Dec 2023 10:13:29 GMT
via
1.1 google
server
nginx/1.18.0
age
3206
etag
"9601bdfc87e6482d1a854406effbe5aaabababf9"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-pzlh2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9876
SSGKathrynMain-2023-12-24.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/
18 KB
18 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/SSGKathrynMain-2023-12-24.jpg?quality=90&strip=all&w=344&type=webp&sig=qPUa_nadTmE6gSgOFFcvGw
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
c69d6d08fbf8e708b5f1314c9cad09a2bcc1b2f14bea5d32d841831d890e0fdd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Mon, 25 Dec 2023 07:08:01 GMT
via
1.1 google
server
nginx/1.18.0
age
100734
etag
"2dd4b8edabeb885d4da9a00954bf41a680b0dbd6"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-wldx2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18236
SSGKiara.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/
10 KB
10 KB
Image
General
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/SSGKiara.jpg?quality=90&strip=all&w=344&type=webp&sig=utJs-4PvJVe7oEhg1lV2_Q
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
2f212a930478b8afde146a869af520e293536fdbd2f39e76d5b8ebb4b269f0a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Sun, 24 Dec 2023 09:11:27 GMT
via
1.1 google
server
nginx/1.18.0
age
179728
etag
"b9e45e5d86325fb9e37bf7d01a3f499067f56253"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-hqpqq
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10238
32706f37b53a9a036ef932.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/
9 KB
2 KB
Script
General
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/32706f37b53a9a036ef932.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3110eaa86beb20727aa97ee97ce3de0cf5d2da465ad31a28cf69cfbd797dd009

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:58:11 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014124
age
572924
x-guploader-uploadid
ABPtcPpULYBopFs_POKxImdr3QFr65YYak0qk5n2Od-5aAPs1QbFZX5Y42QtQ5LeO4ut4zeQX3loGmWcGg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2270
last-modified
Tue, 19 Dec 2023 19:47:16 GMT
server
UploadServer
etag
W/"97ee4f19464be4991db5a66eedd20b7b"
vary
Accept-Encoding
x-goog-generation
1703015236794885
x-goog-hash
crc32c=7aqNJw==, md5=l+5PGUZL5JkdtaZu7dILew==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
8968
accept-ranges
none
688c080cafcfa4457b823.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/
11 KB
4 KB
Script
General
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/688c080cafcfa4457b823.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f8859622b014c35916f294efc76fdb684a5681149809636416851b765d4eaf39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:56:15 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014125
age
573040
x-guploader-uploadid
ABPtcPpLaP7LbeI-csy23G-tKuNDxf2-0C34thms6fjyqkhkNrKzWbKKK5OZPvi5t1WaihUJtljEe-MwbNWIfl0
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3751
last-modified
Tue, 19 Dec 2023 19:47:18 GMT
server
UploadServer
etag
W/"732fda2c30c3393b58bf994c348513e9"
vary
Accept-Encoding
x-goog-generation
1703015238971652
x-goog-hash
crc32c=Vq7U3Q==, md5=cy/aLDDDOTtYv5lMNIUT6Q==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
11752
accept-ranges
none
f8ea7554630384877a2617.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/
14 KB
4 KB
Script
General
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/f8ea7554630384877a2617.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
1185218883cb5ec765c3292aaaccf15869b99c089b1c938266134666608a6ba1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:56:15 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014124
age
573040
x-guploader-uploadid
ABPtcPqVuokl9Sto8wnKf2_stHHTWUdzM5SpPMpI9vULTRtDB_3sVjfDTXTur5kdZEvfoqJqCLIH6s4YpT7euOw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4455
last-modified
Tue, 19 Dec 2023 19:47:20 GMT
server
UploadServer
etag
W/"63ac658e3632ca1e5a0f6645b4912a38"
vary
Accept-Encoding
x-goog-generation
1703015240772266
x-goog-hash
crc32c=Q2a+sw==, md5=Y6xljjYyyh5aD2ZFtJEqOA==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
14083
accept-ranges
none
7380f428297495c9787e0.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/
7 KB
3 KB
Script
General
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/7380f428297495c9787e0.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8d3d191d44b6a042adb3ac86d403f8eaa0f7d28056ce74fb3ec3bc65aff5178f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:56:15 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014125
age
573040
x-guploader-uploadid
ABPtcPqilRsbIBaiqgoeaC1_2pCeLAA6cUY84C_ceX2ThvN59OO0q4CT1p-3Yz-5CvKEGkme0-HzWfy0cQ4xmcc
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2825
last-modified
Tue, 19 Dec 2023 19:47:19 GMT
server
UploadServer
etag
W/"16a345a6eb36c4391df09d45582d99e7"
vary
Accept-Encoding
x-goog-generation
1703015239108648
x-goog-hash
crc32c=eCv7Ug==, md5=FqNFpus2xDkd8J1FWC2Z5w==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
6981
accept-ranges
none
836d4e0fd22a7dc68a052.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/
35 KB
11 KB
Script
General
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/836d4e0fd22a7dc68a052.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
102879bcdf1bb8d7079cbf09cd33581139013f7a0b109c64fd2a8f9511f3cbf7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:57:33 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014124
age
572962
x-guploader-uploadid
ABPtcPrfCIKBmi__OnzD8myBXUGlKROk9y3-FffnSw-kLzbDI6wNVWSWXAX6jF1iYR890JkTtgZNiFwR0g
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11016
last-modified
Tue, 19 Dec 2023 19:47:19 GMT
server
UploadServer
etag
W/"40601ecfe330a5efc9af7222edd73d39"
vary
Accept-Encoding
x-goog-generation
1703015239470643
x-goog-hash
crc32c=1HdvsQ==, md5=QGAez+Mwpe/Jr3Ii7dc9OQ==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
35648
accept-ranges
none
6a86c658a5e7c0d0e7db5.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/
10 KB
3 KB
Script
General
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/6a86c658a5e7c0d0e7db5.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
6be53e044a8e84e3c66d8eb5d2f359feba5b32c072ef3456830f32acedb163a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:59:32 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014125
age
572843
x-guploader-uploadid
ABPtcPp8WG3jb_JNIJsfSgCH09qXK67qDBEnC41gch8aj1PptesLH29E_WzfTp5Evt6eqDeMJ37lA-VheQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3497
last-modified
Tue, 19 Dec 2023 19:47:19 GMT
server
UploadServer
etag
W/"58c394221ccae33c2c42f73f3470f6f5"
vary
Accept-Encoding
x-goog-generation
1703015239045531
x-goog-hash
crc32c=hNkDkQ==, md5=WMOUIhzK4zwsQvc/NHD29Q==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
10705
accept-ranges
none
990b9e18d9293f53494350.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/
224 B
253 B
Script
General
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/990b9e18d9293f53494350.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e3f16a99683ec813507fab742f11167db01a3c2ced3fdaa6f1ea859d2f9f4fe2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:59:32 GMT
x-goog-meta-goog-reserved-file-mtime
1703014124
age
572843
x-guploader-uploadid
ABPtcPpRqj9yw4htb1g_jbBdNe9N3qCqwJDY1lgi_XYf5X0AALXVurnO3Q5DRZzB1fDb668CS6sUSxf0lA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
224
last-modified
Tue, 19 Dec 2023 19:47:19 GMT
server
UploadServer
etag
"f2717194027d340cf5c65feefc7ab9b0"
x-goog-generation
1703015239620849
x-goog-hash
crc32c=YHGd/A==, md5=8nFxlAJ9NAz1xl/u/Hq5sA==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
224
accept-ranges
bytes
1ef368c136434f274a3128.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/
11 KB
4 KB
Script
General
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/1ef368c136434f274a3128.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
c2a7c80301032f20f90d00a75cef91a4af5a7fa04651eaac3281f66466c8e8dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:59:32 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014125
age
572843
x-guploader-uploadid
ABPtcPrO6o7ycZpIf1Apd8tfyyJgt3pZ7ZfcjMTQ4NEbHhk3JCL6956Xt3r06zqMid-XJnjHYlgsvWBzFQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3678
last-modified
Tue, 19 Dec 2023 19:47:15 GMT
server
UploadServer
etag
W/"811b1520f4ab50634eefe75c81fe95b2"
vary
Accept-Encoding
x-goog-generation
1703015235676437
x-goog-hash
crc32c=+Tp0ug==, md5=gRsVIPSrUGNO7+dcgf6Vsg==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
11527
accept-ranges
none
cf5d329b7f5a70d26c0a18.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/
750 B
779 B
Script
General
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/cf5d329b7f5a70d26c0a18.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
0bc0805d442ae7ead864b82381c168035e8d70535e6f6acea31f4f1caf65ae58

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:59:32 GMT
x-goog-meta-goog-reserved-file-mtime
1703014125
age
572843
x-guploader-uploadid
ABPtcPqbKJGqzMu-XuubOzxHhf6UDcevt3XkSfEortEWH3-z-zrjCDHsTclvKq8CRBTDLp-jZM5p7YcZVQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
750
last-modified
Tue, 19 Dec 2023 19:47:20 GMT
server
UploadServer
etag
"95321bd12efb680204d12be98f3d7ba4"
x-goog-generation
1703015240256252
x-goog-hash
crc32c=WLxsPQ==, md5=lTIb0S77aAIE0Svpjz17pA==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
750
accept-ranges
bytes
286b462e1048adda4f6f36.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/
2 KB
1 KB
Script
General
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/286b462e1048adda4f6f36.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
77f014b24f1d51b9e8feb12df701a957c14c0be286d6c914975afd019d15a79a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:56:45 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014125
age
573010
x-guploader-uploadid
ABPtcPqweYuqV1rfZh2pHtJ__wMrq4KLA9pVHun5zjej9w8qqcb_uDPQ7AbIY84VQNBlIFCjlPIuuNcwWw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1072
last-modified
Tue, 19 Dec 2023 19:47:16 GMT
server
UploadServer
etag
W/"3d636269883d1e0a8bcb405d83e6136d"
vary
Accept-Encoding
x-goog-generation
1703015236440261
x-goog-hash
crc32c=MY5NLg==, md5=PWNiaYg9HgqLy0Bdg+YTbQ==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
2461
accept-ranges
none
cb72fc449da58641945238.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/
10 KB
3 KB
Script
General
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/cb72fc449da58641945238.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
5d410b4aea9f38a035bdc4323315891f9e798d297e3e3db8d000f6e63f54cb51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:59:32 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014124
age
572843
x-guploader-uploadid
ABPtcPrFnM_4lUl_FnJ0Jf_U3w8Gt4damCzO1tzvKMgmilUnEizZY_2l4o5LOykhVXf3v4NvvI7H6JcGQg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2982
last-modified
Tue, 19 Dec 2023 19:47:20 GMT
server
UploadServer
etag
W/"48956c4b87ff7d0af1cbae347e1d78eb"
vary
Accept-Encoding
x-goog-generation
1703015240228053
x-goog-hash
crc32c=zWYpSg==, md5=SJVsS4f/fQrxy640fh146w==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
10050
accept-ranges
none
b
sb.scorecardresearch.com/
0
224 B
Image
General
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=10276888&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1703588815426&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Ftorontosun.com%2F&c8=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&c9=
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-53.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:55 GMT
via
1.1 14b30c40b56ef4c9699e1ca92d5cdc08.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P5
x-amz-cf-id
0o_GLwmcyCiYZF7SOiBJm2aQbpY6W0_ugvNQlaTfYsMnfGP5Ri8UaQ==
x-cache
Miss from cloudfront
4f4d1628a8065ccff16624.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/
6 KB
2 KB
Script
General
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/4f4d1628a8065ccff16624.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
43a42702c59bc37d11cb776ffd904de25fe945c6028ef290dabfd0e977a88366

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:56:15 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014125
age
573040
x-guploader-uploadid
ABPtcPq2hsjQrbkyA_aSFS6M5rHpR3asPh4jrLnz5mzrrx6H46vNui-o-A7Wt5E7SN6uHSo39KPxevJeevTJWBk
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2086
last-modified
Tue, 19 Dec 2023 19:47:18 GMT
server
UploadServer
etag
W/"c6326d88acc6beb06cf9db5fffaee6c6"
vary
Accept-Encoding
x-goog-generation
1703015238307588
x-goog-hash
crc32c=hqW8ug==, md5=xjJtiKzGvrBs+dtf/67mxg==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
6047
accept-ranges
none
4c053bd7593db896d5bd4.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/
15 KB
4 KB
Script
General
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/4c053bd7593db896d5bd4.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
87b85c256b170188318d0d8c695f43153651f18ee7a4788101b65da65ae0b85d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:56:15 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014124
age
573040
x-guploader-uploadid
ABPtcPqxCLymMa2pcj3Axa-IJ2qILLxWhqfqNJD_4vXA-PTO6Qtdb_UnbiRhJkrizNxvPG-qp5Hu4_BH8SVx2Cs
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4392
last-modified
Tue, 19 Dec 2023 19:47:18 GMT
server
UploadServer
etag
W/"7483c234c6571a1ccf1dad53c7ccc622"
vary
Accept-Encoding
x-goog-generation
1703015238079242
x-goog-hash
crc32c=cT/cag==, md5=dIPCNMZXGhzPHa1Tx8zGIg==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
15526
accept-ranges
none
a22185a71907d8927c8537.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/
224 B
264 B
Script
General
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/a22185a71907d8927c8537.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e6214b2559f67192d41d07d928357497936f068d2953d63646bbfe104b1d68c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:56:15 GMT
x-goog-meta-goog-reserved-file-mtime
1703014125
age
573040
x-guploader-uploadid
ABPtcPonFINoCYHU1i8JUh4wm81sJqVNWam3oZkaBgvAb_qs-Lp_Z9JGJ1F7hd-j1_GUTDjslCrtBM_t-UCW_wg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
224
last-modified
Tue, 19 Dec 2023 19:47:19 GMT
server
UploadServer
etag
"4ee0e989a064cf6630bf9ebee4879191"
x-goog-generation
1703015239741862
x-goog-hash
crc32c=jUJANA==, md5=TuDpiaBkz2Ywv56+5IeRkQ==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
224
accept-ranges
bytes
4c782041f95f0f6fefe033.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/
7 KB
3 KB
Script
General
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/4c782041f95f0f6fefe033.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
20582a562e7f2dc93433aacd707d211c81695c576a4b6e54d95815fa6bf9a21b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:57:21 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014124
age
572974
x-guploader-uploadid
ABPtcPpFIikPvboiFl66UTwsC7lp6hzk3L1tz1v3PTl6KRf-8lWKaLAqSqGV9B_WfFbTiNtJAUSrjwSTzA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2519
last-modified
Tue, 19 Dec 2023 19:47:18 GMT
server
UploadServer
etag
W/"68b3d4946b53a10877ed46666a6f47ce"
vary
Accept-Encoding
x-goog-generation
1703015238074608
x-goog-hash
crc32c=pf9+YQ==, md5=aLPUlGtToQh37UZmam9Hzg==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
6721
accept-ranges
none
sync
gum.criteo.com/
46 B
303 B
Script
General
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231225-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:54 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
337209
expires
60
json
trc.taboola.com/postmedia-torontosun/trc/3/
69 KB
21 KB
XHR
General
Full URL
https://trc.taboola.com/postmedia-torontosun/trc/3/json?tim=12%3A06%3A55.478&lti=deflated&data=%7B%22id%22%3A396%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1703500931564%2C%22vi%22%3A1703588815475%2C%22cv%22%3A%2220231225-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Ftorontosun.com%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Ftorontosun.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A8164%2C%22nsid%22%3A%22postmedia1-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-a%3Apub%3Dpostmedia1-network%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Homepage%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Homepage%20Thumbnails%22%2C%22cd%22%3A7785.5625%2C%22mw%22%3A628.5%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CBelow%20Homepage%20Thumbnails%3Dthumbnails-a%3Apub%3Dpostmedia1-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231225-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b5f80d2baceacb14ec5d88f52ad8e3ef64cffb0ae65661cc99ad55b439fa814e

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
610
date
Tue, 26 Dec 2023 11:06:56 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.8979166666666667
x-fastly-to-nlb-rtt
7283
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220039-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1703588816.507907,VS0,VE610
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
pxid
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/v2.0/
46 B
383 B
XHR
General
Full URL
https://23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/v2.0/pxid?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.9.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.9.241.35.bc.googleusercontent.com
Software
Permutive /
Resource Hash
db954c9e00f68bb7532a4cd5b5f269465d2d421762d4388b0492fc512ccdb8ac

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 26 Dec 2023 11:06:55 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66
getuidj
ib.adnxs.com/
11 B
571 B
XHR
General
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 11:06:55 GMT
an-x-request-uuid
a25d0f98-5196-4426-8e89-5aa5a89bee0e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://torontosun.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.109; 80.255.7.109; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
11
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
1e1934e3-9763-4994-9b1b-be1a96677b3d
https://torontosun.com/
161 KB
0
Other
General
Full URL
blob:https://torontosun.com/1e1934e3-9763-4994-9b1b-be1a96677b3d
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4d07fb45f295358e44b45f21d0af5da1fb53b4dfcc329ed52e4696105926a66e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
165087
Content-Type
fc7acbdf-c07d-4ee4-bcc7-8d6b2a81f713
https://torontosun.com/
161 KB
0
Other
General
Full URL
blob:https://torontosun.com/fc7acbdf-c07d-4ee4-bcc7-8d6b2a81f713
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4d07fb45f295358e44b45f21d0af5da1fb53b4dfcc329ed52e4696105926a66e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
165087
Content-Type
player-event
events.qortex.ai/api/v1/
0
0
Fetch
General
Full URL
https://events.qortex.ai/api/v1/player-event
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/bootstrapper?group-id=QiUOkGRFYUWNdgFd8CThQ&video-container=.jw-wrapper
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 26 Dec 2023 11:06:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JAG26d65LgwA5toZ%2BACO%2BUaepUdVsOrq7yXGT0LOcZ4IJETtriRigijpGDuf5ENQ4Xy8d4H05bw8oScikeYq%2FX6Ym2XnLmDsMtm%2BlbZAd80O3OOCqnyki%2B8%2F2axFd8H2NNeqp7f8w2VRuxM4FxI%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
83b8db7228c72bba-FRA
content-length
0
cx-bootstrapper-init
tags.catapultx.com/cxo/
49 KB
9 KB
Script
General
Full URL
https://tags.catapultx.com/cxo/cx-bootstrapper-init
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/bootstrapper?group-id=QiUOkGRFYUWNdgFd8CThQ&video-container=.jw-wrapper
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fe4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ba7e0e72735ea304bac8a43e87c2da1b7ee2d6705e8548a2fde134beb08d7b48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Dec 2023 15:58:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
46
etag
W/"121"
x-powered-by
Express
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KjLApdELW%2FZSifE%2Btf5K4ctl27f1%2BhAe5WUBIIHx84ca2t4f21cvevwydIC78V%2F5%2FFaKuJYD3chtvRG6oA7AjGPQbKgZx8LzyDtjWyuzdb3I2U54eIaijeuvQkKdOb1hd0NNDzWxubcgsKgcut1xsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=180
cf-ray
83b8db717d9e1cab-FRA
init-3392tkd9ir9ggbv3f0mu.js
api.fouanalytics.com/api/
0
303 B
Script
General
Full URL
https://api.fouanalytics.com/api/init-3392tkd9ir9ggbv3f0mu.js
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/bootstrapper?group-id=QiUOkGRFYUWNdgFd8CThQ&video-container=.jw-wrapper
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c926 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 11:06:55 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=42K9oEswARouxfIFOMc%2BoaoaJFN6gf0eVi575Vw%2FiExB2hsNCSVU%2BDv5DbNGMwNE8uRTMXPeIiGaqswUSctApabBatLcIys2q8aqe6riUli23x1jkm9609EMP7XvgsUznbt3VguSV8AqZ72aZtyLceDZ3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
cf-ray
83b8db72396f9010-FRA
alt-svc
h3=":443"; ma=86400
expires
0
noscript-3392tkd9ir9ggbv3f0mu.gif
api.fouanalytics.com/api/
0
489 B
Image
General
Full URL
https://api.fouanalytics.com/api/noscript-3392tkd9ir9ggbv3f0mu.gif
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c926 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 11:06:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bSRHjvpwWWIjFM5%2Bdy9%2Bqo4NXgCAuLMX90FM1N9NS5LrNeTqbCOMOR6hVmLY7cRB09048qZDuhyP9TwDAKIZqdtUYjh%2Byddqtll8wMCOVZl%2FfHZ7ks4h%2BTNrPs5E88tWhIymXJ7c%2FNFjCh1jVvvRJa2ttw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
cf-ray
83b8db72296e9010-FRA
alt-svc
h3=":443"; ma=86400
expires
0
xd.html
fem.gprod.postmedia.digital/v93.0/ Frame 0E9A
165 B
201 B
Document
General
Full URL
https://fem.gprod.postmedia.digital/v93.0/xd.html
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v93.0/fem.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
531dd530899d5c89c1c766c0ca463c5e319a84044ebde699ec95b633807025a5

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
572763
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=31622400
content-length
165
content-type
text/html
date
Tue, 19 Dec 2023 20:00:52 GMT
etag
"e66a4f59260370c7eb851d9880e08527"
last-modified
Mon, 11 Dec 2023 19:02:03 GMT
server
UploadServer
x-cache-hit
hit
x-goog-generation
1702321323873559
x-goog-hash
crc32c=e89JmA== md5=5mpPWSYDcMfrhR2YgOCFJw==
x-goog-meta-goog-reserved-file-mtime
1702321262
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
165
x-guploader-uploadid
ABPtcPqRm53FvtkFzpv-MFbACQp5tHNOTmOC_ARKiQZfIOk5EO-Bpl1SJGzGbPfFKRVmgTTc0hg
pub
pixel.adsafeprotected.com/services/
3 KB
3 KB
XHR
General
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=928934&slot=%7Bid:ad-1,ss:%5B1200.90,970.90,728.90%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-2,ss:%5B6.6,1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-2,ss:%5B8.8%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-3,ss:%5B7.7,1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-3,ss:%5B8.8%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-4,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-4,ss:%5B8.8%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-5,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-5,ss:%5B8.8%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-6,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-6,ss:%5B8.8%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-7,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-7,ss:%5B8.8%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-8,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-8,ss:%5B8.8%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-9,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-9,ss:%5B8.8%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-10,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=aeb50db5-2ffb-9b9f-e1c3-1a033b861180&url=https%253A%252F%252Ftorontosun.com%252F
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.40.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-40-41.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
794b6178833d451edc8fa152ab07b01da4b25c88c4c17368e5e4cfd46ab8f956

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:55 GMT
server
nginx
x-server-name
app13.ie.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://torontosun.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
bid
aax.amazon-adsystem.com/e/dtb/
64 B
502 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3528&u=https%3A%2F%2Ftorontosun.com%2F&pid=TrO2GdMkrCQ0k&cb=0&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22sd%22%3A%22ad-1%22%2C%22s%22%3A%5B%221200x90%22%2C%22970x90%22%2C%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22ad-2%22%2C%22s%22%3A%5B%226x6%22%2C%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-2%22%2C%22s%22%3A%5B%228x8%22%5D%7D%2C%7B%22sd%22%3A%22ad-3%22%2C%22s%22%3A%5B%227x7%22%2C%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-3%22%2C%22s%22%3A%5B%228x8%22%5D%7D%2C%7B%22sd%22%3A%22ad-4%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-4%22%2C%22s%22%3A%5B%228x8%22%5D%7D%2C%7B%22sd%22%3A%22ad-5%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-5%22%2C%22s%22%3A%5B%228x8%22%5D%7D%2C%7B%22sd%22%3A%22ad-6%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-6%22%2C%22s%22%3A%5B%228x8%22%5D%7D%2C%7B%22sd%22%3A%22ad-7%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-7%22%2C%22s%22%3A%5B%228x8%22%5D%7D%2C%7B%22sd%22%3A%22ad-8%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-8%22%2C%22s%22%3A%5B%228x8%22%5D%7D%2C%7B%22sd%22%3A%22ad-9%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-9%22%2C%22s%22%3A%5B%228x8%22%5D%7D%2C%7B%22sd%22%3A%22ad-10%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.138.185 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-138-185.fra60.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:55 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P4
x-amz-rid
E6WJVYW5WR98D1JQE51R
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
hbkKDWURPwNXmcwV7BPje6dGeu2r_4f6bvVnnAmu7ZxBibCSLZgbug==
ob.js
cdn-ima.33across.com/
11 KB
5 KB
Script
General
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c707d5798e40035ef5aa307db04e295703514d654b1e65fa62b04492c687c255

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:55 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 20 Dec 2023 19:21:40 GMT
server
cloudflare
age
486093
etag
W/"65833ec4-2d18"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
83b8db72ad22266d-TXL
expires
Fri, 29 Dec 2023 11:06:55 GMT
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/
732 B
1 KB
Script
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
34451
x-jsd-version
master
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230031-FRA
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1XrU3GIDu%2BQjeyAr0Z7c2QW2iEcgDt8zMECEquLNiEM3zB8dzylNxt7NDaLb4owqDNseXtLc6%2BCEBOaPFZzWHM71gs7DVDD1mGcZNuSP3RbB87qvEzm8rzj0tw%2B1Tmwj55%2Fw%2FttNNHcGxtB7S%2FU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
83b8db7269af1da4-FRA
geoip
api.permutive.com/v2.0/
209 B
329 B
XHR
General
Full URL
https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
9d799961163bc310e9b528b76ced3dd459085488c92a0713ce48f2ee67c4a06b

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 26 Dec 2023 11:06:55 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
144
watson
api.permutive.com/v2.0/
281 B
264 B
XHR
General
Full URL
https://api.permutive.com/v2.0/watson?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
93c45b6c4d23d6de935cc95285dbd06307bb024640cb4c186ddb7cdbc091aac1

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 26 Dec 2023 11:06:55 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
208
xd.js
fem.gprod.postmedia.digital/v93.0/ Frame 0E9A
67 KB
21 KB
Script
General
Full URL
https://fem.gprod.postmedia.digital/v93.0/xd.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v93.0/xd.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8923b4f2bb98765736f23c71a08a37e09f44734e5ebff0bd587f4db5ab1c9c8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fem.gprod.postmedia.digital/v93.0/xd.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 20:00:53 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1702321262
age
572762
x-guploader-uploadid
ABPtcPpfuQShCWzWCxMfaILPbLBcoATMlxHemsErTFn7n15TzTpu0X0TtmxEJhNg6pjofAKnWD8
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21176
last-modified
Mon, 11 Dec 2023 19:02:03 GMT
server
UploadServer
etag
W/"2139b791b942c7780fd5e1534f6192af"
vary
Accept-Encoding
x-goog-generation
1702321323904544
x-goog-hash
crc32c=05N7iw==, md5=ITm3kblCx3gP1eFTT2GSrw==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
68978
accept-ranges
none
23dc09d6-b664-425a-a76e-0eed6a6cc102-models.bin
cdn.permutive.com/models/v2/
76 KB
52 KB
XHR
General
Full URL
https://cdn.permutive.com/models/v2/23dc09d6-b664-425a-a76e-0eed6a6cc102-models.bin
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:7711 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4312c5a65078131ab9179720a03709fd63a2ab380413cb6c705022168889417

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 26 Dec 2023 11:06:55 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-oid
23dc09d6-b664-425a-a76e-0eed6a6cc102
age
0
x-guploader-uploadid
ABPtcPrg7l0mEGQmy85msSbwlqux3A3isI2nIEbSuuhe_1qGcjb1VoL1ZdBlEr_eb1-JpqRqDWI
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
52770
last-modified
Tue, 26 Dec 2023 06:02:25 GMT
server
cloudflare
etag
"b9276adffb77f7655641e85c6f2a35e7"
vary
Accept-Encoding
x-goog-generation
1703570545456422
content-type
application/x-binary
access-control-allow-origin
*
x-goog-hash
crc32c=0eTmuQ==, md5=uSdq3/t392VWQehcbyo15w==
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=900, no-transform
x-goog-stored-content-length
52770
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83b8db732cbf3a61-FRA
expires
Tue, 26 Dec 2023 10:13:11 GMT
identify
api.permutive.com/v2.0/
50 B
254 B
XHR
General
Full URL
https://api.permutive.com/v2.0/identify?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
edfe8fd9e5fd546323a16162a06d4eb2ff331ad230e1b3f48d2ec97862511d04

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 26 Dec 2023 11:06:55 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 26 Dec 2023 11:06:55 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 26 Dec 2023 11:06:55 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 26 Dec 2023 11:06:55 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 26 Dec 2023 11:06:55 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 26 Dec 2023 11:06:55 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 26 Dec 2023 11:06:55 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 26 Dec 2023 11:06:55 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 26 Dec 2023 11:06:55 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 26 Dec 2023 11:06:55 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 26 Dec 2023 11:06:55 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 26 Dec 2023 11:06:55 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 26 Dec 2023 11:06:55 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 26 Dec 2023 11:06:55 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 26 Dec 2023 11:06:55 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 26 Dec 2023 11:06:55 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 26 Dec 2023 11:06:55 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 26 Dec 2023 11:06:55 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 26 Dec 2023 11:06:55 GMT
server
ATS/9.1.10.94
fastlane.json
fastlane.rubiconproject.com/a/api/
19 KB
10 KB
Fetch
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14648&site_id=359816&zone_id=1939012&size_id=2%3B15%3B15%3B15%3B15%3B15%3B15%3B15%3B15%3B15&alt_size_ids=55%3B2%2C55%2C57%3B2%2C10%2C43%2C44%2C55%2C57%3B2%2C55%2C57%3B2%2C10%2C43%2C44%2C55%2C57%3B2%2C55%2C57%3B2%2C10%2C43%2C44%2C55%2C57%3B2%2C55%2C57%3B2%2C10%2C43%2C44%2C55%2C57%3B2%2C55%2C57&eid_pubcid.org=6c5a40ec-08c3-4123-896b-e1d591c2a4c5%5E1&rf=https%3A%2F%2Ftorontosun.com%2F&tg_i.domain=torontosun.com&tg_i.page=https%3A%2F%2Ftorontosun.com%2F&tg_i.aupname=%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex&tg_i.pbadslot=%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-1%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-2%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-native-2%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-3%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-native-3%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-4%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-native-4%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-5%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-native-5%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-6&tk_flint=dmpbjs_v8.23.0&x_source.tid=4065033b-6747-44cd-8b6c-5b4fff309b66&l_pb_bid_id=2b518330595b15%3B3172c763352ee4%3B431097f267ad61%3B5bbbc2b3b32626%3B6b7a4147a220a2%3B7f69f57f50edd2%3B88dd76999d8156%3B972dcf01329e7f%3B10266f85b2c8c74%3B11e129436b34393&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=1edfcac8-6480-428c-8cee-bac89925eac0%3B3523e468-8a7c-44b4-b771-acaa3bd86a28%3B421c41a4-0079-4963-b0df-c01349b7ad25%3B35703ab9-4bc3-408c-bfba-60df07756a1c%3B0e20063e-ae65-41ee-a729-0617b25a36e8%3B12d18810-4586-4ef1-8b21-2f41f4dbbf06%3Bf286210c-57ac-4669-a224-36f3d9bee246%3B2e8e0366-7f19-4764-94d9-1725763e6d0e%3Bfabd24f4-a6bc-4ef7-883f-fb71c4869f3d%3B348b0861-aabb-4579-ad20-6350bfa092df&rp_maxbids=1&p_gpid=%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-1%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-2%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-native-2%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-3%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-native-3%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-4%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-native-4%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-5%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-native-5%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-6&slots=10&rand=0.5226304252150502
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e03479d42a13b23253b2cc60ad422692550d5639cc2422d1bac97793386fc016

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 11:06:56 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://torontosun.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
10 KB
8 KB
Fetch
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14648&site_id=359816&zone_id=1939012&size_id=15&alt_size_ids=2%2C10%2C43%2C44%2C55%2C57%3B2%2C55%2C57%3B2%2C10%2C43%2C44%2C55%2C57%3B2%2C55%2C57%3B2%2C10%2C43%2C44%2C55%2C57%3B2%2C55%2C57%3B2%2C10%2C43%2C44%2C55%2C57%3B2%2C55%2C57&eid_pubcid.org=6c5a40ec-08c3-4123-896b-e1d591c2a4c5%5E1&rf=https%3A%2F%2Ftorontosun.com%2F&tg_i.domain=torontosun.com&tg_i.page=https%3A%2F%2Ftorontosun.com%2F&tg_i.aupname=%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex&tg_i.pbadslot=%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-native-6%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-7%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-native-7%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-8%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-native-8%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-9%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-native-9%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-10&tk_flint=dmpbjs_v8.23.0&x_source.tid=4065033b-6747-44cd-8b6c-5b4fff309b66&l_pb_bid_id=1291c822ad1d0fd%3B137739a20fb1f73%3B14eff68a120ef3a%3B15036ee7374306e%3B1649cde74aabf84%3B17caefe90099987%3B18dce178bf866ea%3B1983422d2a996f4&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=ef6776ac-4ebc-43aa-9cfe-cef34e7cc8e1%3Bfab2b97a-1f88-4aef-8474-ee2b20d90429%3B409275ae-b84e-4ccc-a7bb-f194c327a5d2%3B62afdd1b-8ef2-4dfe-9cbf-d13e2e22cd38%3B028eef16-08c2-41b8-afbd-9c1e7675063f%3Be20ffffb-c700-40ab-b1aa-e15e74b7806a%3B44495180-5cf2-4d23-8cfa-6d345338e064%3Bf6de1f5a-1858-4406-8adb-103da2be0903&rp_maxbids=1&p_gpid=%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-native-6%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-7%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-native-7%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-8%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-native-8%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-9%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-native-9%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-10&slots=8&rand=0.32754928260292715
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a6e48a10869da4b9d1400d6d66e0a7a9ce143a5abfd49a43e15173396d41c48f

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 11:06:56 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://torontosun.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
prebid.media.net/rtb/
1 KB
1008 B
Fetch
General
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUKB9454
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
949dda098b8a2b3932d0cad7fb83d84d48b51e4c12322df6e8b840bb64fa1095

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 11:06:55 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
128
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 26 Dec 2023 11:06:55 GMT
prebid
ib.adnxs.com/ut/v3/
2 KB
1 KB
Fetch
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
cf2a249b6acac994077c7d64187bed0156e339c3a5880fa55664c0537495720b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 11:06:55 GMT
content-encoding
gzip
an-x-request-uuid
4fc59ace-e646-4216-b120-9bcbe00d8454
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://torontosun.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.109; 80.255.7.109; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/
372 B
1 KB
Fetch
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
cfc0020fe9912d17a4468c6b13a3d8e0652045ede122b90c8e1506a92561843a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 11:06:55 GMT
an-x-request-uuid
6b67a56f-9d3c-4cf6-ad02-5021da555956
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://torontosun.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.109; 80.255.7.109; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
372
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/
0
112 B
Fetch
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://torontosun.com
date
Tue, 26 Dec 2023 11:06:54 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/
0
156 B
Fetch
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.104.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-104-62.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://torontosun.com
date
Tue, 26 Dec 2023 11:06:55 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
156 B
Fetch
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.104.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-104-62.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://torontosun.com
date
Tue, 26 Dec 2023 11:06:55 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
156 B
Fetch
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.104.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-104-62.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://torontosun.com
date
Tue, 26 Dec 2023 11:06:55 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
156 B
Fetch
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.104.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-104-62.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://torontosun.com
date
Tue, 26 Dec 2023 11:06:55 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
156 B
Fetch
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.104.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-104-62.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://torontosun.com
date
Tue, 26 Dec 2023 11:06:55 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
156 B
Fetch
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.104.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-104-62.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://torontosun.com
date
Tue, 26 Dec 2023 11:06:56 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
156 B
Fetch
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.104.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-104-62.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://torontosun.com
date
Tue, 26 Dec 2023 11:06:55 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
156 B
Fetch
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.104.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-104-62.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://torontosun.com
date
Tue, 26 Dec 2023 11:06:55 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
156 B
Fetch
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.104.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-104-62.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://torontosun.com
date
Tue, 26 Dec 2023 11:06:55 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
157 B
Fetch
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.104.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-104-62.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://torontosun.com
date
Tue, 26 Dec 2023 11:06:55 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
156 B
Fetch
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.104.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-104-62.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://torontosun.com
date
Tue, 26 Dec 2023 11:06:55 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
156 B
Fetch
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.104.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-104-62.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://torontosun.com
date
Tue, 26 Dec 2023 11:06:55 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
156 B
Fetch
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.104.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-104-62.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://torontosun.com
date
Tue, 26 Dec 2023 11:06:55 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
156 B
Fetch
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.104.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-104-62.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://torontosun.com
date
Tue, 26 Dec 2023 11:06:55 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
156 B
Fetch
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.104.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-104-62.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://torontosun.com
date
Tue, 26 Dec 2023 11:06:55 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
156 B
Fetch
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.104.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-104-62.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://torontosun.com
date
Tue, 26 Dec 2023 11:06:55 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
156 B
Fetch
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.104.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-104-62.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://torontosun.com
date
Tue, 26 Dec 2023 11:06:55 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
bid
ap.lijit.com/rtb/
25 B
277 B
Fetch
General
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.23.0
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.167.94 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-167-94.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
0ff5c88a64e768534d17ef7b357eb0dd7c284469fc56e492d3bdb8d99dcc928e

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 26 Dec 2023 11:06:56 GMT
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
25
bidRequest
c2shb.pubgw.yahoo.com/
66 B
116 B
Fetch
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
86b69c2cea3bc40279e996b911d5ed43bac1d0c3384c04180b4fbc8720dee5ab

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
application/json

Response headers

date
Tue, 26 Dec 2023 11:06:56 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/
66 B
116 B
Fetch
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
628fc8670ba4c900abac8d77c8b90306670b5af7e1e79b46d5d6caa694ec2c41

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
application/json

Response headers

date
Tue, 26 Dec 2023 11:06:56 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/
66 B
116 B
Fetch
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
b0781b3a574a64e29f199af2e64bed3ce943042828f43a3466fd24a06c1236c1

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
application/json

Response headers

date
Tue, 26 Dec 2023 11:06:56 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/
66 B
116 B
Fetch
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
d3556e639754873dd0ba95e2eb78a0da1ad2f0b4714741890e6224fc6340fb17

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
application/json

Response headers

date
Tue, 26 Dec 2023 11:06:56 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/
66 B
341 B
Fetch
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
b13b23619ccb23b7e4c2b9657571889ce1b778f8d73ea63b8bd5b15c7d47b034

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
application/json

Response headers

date
Tue, 26 Dec 2023 11:06:56 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/
66 B
116 B
Fetch
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e2619d52cb1409d4d9e72a454e68893fbac6b5d340635a9e21502d4b14b9a658

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
application/json

Response headers

date
Tue, 26 Dec 2023 11:06:56 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/
66 B
116 B
Fetch
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
5f609d990d592b1748b7bd0625aa52f482f9de91c0c32ae4bf4ee4febd4a4790

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
application/json

Response headers

date
Tue, 26 Dec 2023 11:06:56 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/
66 B
116 B
Fetch
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
00bb93abdc97dd79a59eb0df6b74fd066cc0159fce694133ab54ae20629d90cb

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
application/json

Response headers

date
Tue, 26 Dec 2023 11:06:56 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/
66 B
116 B
Fetch
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
c8e9c4ffb18fda87c5a80012347ba15fc4b2d948429d5097da3088cf88866fc2

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
application/json

Response headers

date
Tue, 26 Dec 2023 11:06:56 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/
66 B
116 B
Fetch
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
4d3c6b7651cc2c0d12e13b65464ce70039d9fb715c71ed90e783f2c9d770e02c

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
application/json

Response headers

date
Tue, 26 Dec 2023 11:06:56 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/
66 B
117 B
Fetch
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
22782db40fb576cceb88769b3ff6d1684b4e0a084f470044fb7477ff04ce8565

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
application/json

Response headers

date
Tue, 26 Dec 2023 11:06:56 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
82
bidRequest
c2shb.pubgw.yahoo.com/
66 B
116 B
Fetch
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
d220c2d57035de01bb651a92e1ee4595baffe75ac9536360938c859f73314445

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
application/json

Response headers

date
Tue, 26 Dec 2023 11:06:56 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/
66 B
116 B
Fetch
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
1961b82434a0e2c06ee4ba1e50943065c834c3856626c529482b2be9d46fd28b

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
application/json

Response headers

date
Tue, 26 Dec 2023 11:06:56 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/
66 B
116 B
Fetch
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
711abdf8df8e27c3afad12c7218a827aea92e5b948b1019f4cbea4afefe78278

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
application/json

Response headers

date
Tue, 26 Dec 2023 11:06:56 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/
66 B
116 B
Fetch
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
1ab6b413de460ca2460abd2aaccc8fbf68e60514ebdd44f882ba17045267d5b3

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
application/json

Response headers

date
Tue, 26 Dec 2023 11:06:56 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/
66 B
116 B
Fetch
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
db8116b1dae2139b5c0bb53b1ade08c16fb96276991f128a7929de9d9c7c9f21

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
application/json

Response headers

date
Tue, 26 Dec 2023 11:06:56 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/
66 B
116 B
Fetch
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e77dd2c01cd1ae65aa2b4fbf5330522389a2688330bf3d8b8ac984eab9c31571

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
application/json

Response headers

date
Tue, 26 Dec 2023 11:06:56 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/
66 B
116 B
Fetch
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
690e6dbf49196d0ef5b3adcaedd735dd4493bbf1937fcec44125703db7d21f72

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
application/json

Response headers

date
Tue, 26 Dec 2023 11:06:56 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
84
pbjs
htlb.casalemedia.com/openrtb/
38 B
550 B
Fetch
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=613230
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a72ba4069310896e76e39d400cfd4e2f0cf4272401a3e34c1d2e09ef50b8507

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 11:06:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TVobWFw85Yg9wPEvdA%2FjhnKuRb1yIERR6VuiwSo29tmkBe8fLbITZ%2B%2BobR1qpEIc%2FEHwHgf11HIbg4nfamRGg0KmH0lFvdjX2xeWWrVL9%2FFfevzAKU%2FkTtdICtk2213Qm3swGiZw"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://torontosun.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
83b8db737d48453a-TXL
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
cdb
bidder.criteo.com/
0
193 B
Fetch
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.23.0&cb=52727036612&lsavail=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://torontosun.com
date
Tue, 26 Dec 2023 11:06:55 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebidjs
rtb.openx.net/openrtbb/
53 B
248 B
Fetch
General
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
b28b20486a38d067590430bda71b788382d03a28c1c10f406842f281d3e6ebf8

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 26 Dec 2023 11:06:55 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
/
torontosun.com/api-root/media/videos/playlists/JQkbLqiZ/player/json/
12 KB
3 KB
Fetch
General
Full URL
https://torontosun.com/api-root/media/videos/playlists/JQkbLqiZ/player/json/
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/688c080cafcfa4457b823.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.249.109 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
109.249.111.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
06f893db5bf54cbc2b8ef8831af4761923e0fb0e7cd3eecc4c9625bda3a27d9b
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:55 GMT
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-content-type-options
nosniff
content-encoding
gzip
x-envoy-decorator-operation
pmd-nginx-proxy.nginx-proxy.svc.cluster.local:80/*
via
1.1 google
x-envoy-upstream-service-time
6
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
referrer-policy
strict-origin-when-cross-origin
last-modified
Tuesday, 26-Dec-2023 11:06:55 GMT
server
istio-envoy
x-pmd-backend
pmd-nginx-proxy-85ff6bc9fc-qcxgx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,Accept, Cookie, Origin
content-type
application/json
allow
GET, HEAD, OPTIONS
cache-control
max-age=900,no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
permissions-policy
autoplay=(*), camera=(*), display-capture=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), microphone=(*), payment=(*)
expires
Tue, 26 Dec 2023 11:17:35 GMT
simple
api.sail-personalize.com/v1/personalize/
9 KB
2 KB
Fetch
General
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Requested by
Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash
c9e472aff2d93f3cac06b80e66f6ab2437e7214f8ea08e66e6796cde59bc91c0

Request headers

x-lib-version
v1.0.1
accept-language
de-DE,de;q=0.9
authorization
Bearer b9d3df2fccd108b5eff3c44f573b2cd6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
application/json
accept
application/json
Referer
https://torontosun.com/
x-referring-url
https://torontosun.com/

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 11:06:56 GMT
content-encoding
gzip
allowedorigins
*
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
allowedmethods
GET,OPTIONS
cache-control
no-store
access-control-allow-credentials
true
allowedheaders
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
expires
-1
simple
api.sail-personalize.com/v1/personalize/ Frame
0
0
Preflight
General
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-lib-version,x-referring-url
Access-Control-Request-Method
GET
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
access-control-allow-methods
OPTIONS,GET,POST,PUT,DELETE
access-control-allow-origin
https://torontosun.com
access-control-max-age
1800
allow
HEAD,GET,OPTIONS
content-length
18
content-type
text/plain
date
Tue, 26 Dec 2023 11:06:56 GMT
envelope
lexicon.33across.com/v1/
49 B
249 B
XHR
General
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a0000344KfnAAE&src=esp&ver=1.3.0
Requested by
Host: cdn-ima.33across.com
URL: https://cdn-ima.33across.com/ob.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 26 Dec 2023 11:06:56 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://torontosun.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
ping.gif
placement-prd.jwpltx.com/v1/placement/
0
201 B
Image
General
Full URL
https://placement-prd.jwpltx.com/v1/placement/ping.gif?h=-1990853133&e=pll&n=9370373776800989&aid=EP4j6LNJEeu2Q2J%2B7u8ONQ&plv=0.13.0&sa=1703588815370
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25e8:1200:15:2b26:f200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:56 GMT
via
1.1 602c4232f2a46df23c54a6eec1d7e048.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
AMS1-P3
x-amz-cf-id
Yt5WO-CFgKpgj4TwiKRhT2I-_0ABUfac9xHVLzjSvCXwD5AImon_vw==
x-cache
Miss from cloudfront
comscore.js
storage.googleapis.com/pmd-dev-northamerica-northeast1-asset-analytics-pub/js/
168 KB
168 KB
Script
General
Full URL
https://storage.googleapis.com/pmd-dev-northamerica-northeast1-asset-analytics-pub/js/comscore.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/836d4e0fd22a7dc68a052.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
276b5244682738d09b1f2ea556faf7d6d967c844fa95c762c121a0957ebe4503

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 10:49:05 GMT
age
1071
x-guploader-uploadid
ABPtcPqaOyzTp9IU6phJyIvSl-nRvIdx7acmXmJmeOCj7MGfCrWevMCTQ1IXQlyxc3aU3Onc7AT8R5gC
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
171739
last-modified
Tue, 13 Sep 2022 19:04:43 GMT
server
UploadServer
etag
"702fb2c84c6e8b364a6130cb860c7987"
x-goog-generation
1663095883714722
x-goog-hash
crc32c=aQkgGQ==, md5=cC+yyExuizZKYTDLhgx5hw==
content-type
text/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
171739
accept-ranges
bytes
expires
Tue, 26 Dec 2023 11:49:05 GMT
pub
pixel.adsafeprotected.com/services/
298 B
530 B
XHR
General
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=928934&slot=%7Bid:jw-ad-1,ss:%5B640.480%5D,p:undefined,t:video%7D&wr=1600.1200&sr=1600.1200&sessionId=aeb50db5-2ffb-9b9f-e1c3-1a033b861180&url=https%253A%252F%252Ftorontosun.com%252F
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.40.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-40-41.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
7a7befe39e6a83d97bda6cf9cc19df631dbc5df019e08f855b64f7d19359ab2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:56 GMT
server
nginx
x-server-name
app05.ie.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://torontosun.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
TaOiBxoA-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/mnOdOa0o/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/TaOiBxoA-320.jpg
13 KB
13 KB
Image
General
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/TaOiBxoA-320.jpg
Protocol
H2
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
756fde2fa1e339c22573c19550f8d2a02925901ff2d51c43ff9273d6e66cea6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:56 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
267
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
13376
x-served-by
cache-iad-kiad7000074-IAD, cache-sof1510032-SOF
last-modified
Fri, 22 Dec 2023 01:15:11 GMT
server
nginx
x-timer
S1703588816.164852,VS0,VE108
etag
"297aaf4f20954d3d3c08bebc94cdb1fe"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
14113, 1

Redirect headers

date
Tue, 26 Dec 2023 11:06:56 GMT
via
1.1 00f66bc6263192200d1a0cdb83e969f8.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P1
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/TaOiBxoA-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
Ma76I7fohl8GU6X7p59AEYA6QYzjW8wNEyxQcpLwNY00crZeuudCcg==
uDuhWjUY-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/cdIpL8VQ/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/uDuhWjUY-320.jpg
35 KB
34 KB
Image
General
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/uDuhWjUY-320.jpg
Protocol
H2
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d23255ab7e396afbc76bafff1652ddba30d6aac53571dcda9f04b05fab9e3cea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:56 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
123
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
35116
x-served-by
cache-iad-kcgs7200065-IAD, cache-sof1510032-SOF
last-modified
Thu, 21 Dec 2023 22:10:23 GMT
server
nginx
x-timer
S1703588816.160944,VS0,VE109
etag
"e3a05fe509705da2d68e653947dce099"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
15075, 1

Redirect headers

date
Tue, 26 Dec 2023 11:06:56 GMT
via
1.1 00f66bc6263192200d1a0cdb83e969f8.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P1
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/uDuhWjUY-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
gbMBkXWx56GaawOgO6lPa71nVTSzijG8fu7Hm3NkOqKXPS93iDS4gw==
TgsWRjmF-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/GR3jpDbx/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/TgsWRjmF-320.jpg
18 KB
18 KB
Image
General
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/TgsWRjmF-320.jpg
Protocol
H2
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
130d4bb86f0b0e400a6ef02e6fa9e9275c3d678948cb62484b6a6b8c4b24f821

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:56 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
123
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
18376
x-served-by
cache-iad-kiad7000118-IAD, cache-sof1510032-SOF
last-modified
Thu, 21 Dec 2023 20:18:04 GMT
server
nginx
x-timer
S1703588816.077148,VS0,VE110
etag
"3b7c4ed88b09800ccb8ebfe3417cd487"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
15556, 1

Redirect headers

date
Tue, 26 Dec 2023 11:06:40 GMT
via
1.1 00f66bc6263192200d1a0cdb83e969f8.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P1
age
16
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/TgsWRjmF-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Hit from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
hpgNkLItKhmuhZgp9JQSRJU6OrUjdsTOr_QLfWypxeAty6ajL84PQA==
utxQ1h4V-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/c4xuUrdr/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/utxQ1h4V-320.jpg
24 KB
25 KB
Image
General
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/utxQ1h4V-320.jpg
Protocol
H2
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
571997b2716e6c23f6913231d40bf28e7b83619df029822b91835780ee1860b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:56 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
267
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
24816
x-served-by
cache-iad-kiad7000143-IAD, cache-sof1510032-SOF
last-modified
Thu, 21 Dec 2023 18:29:12 GMT
server
nginx
x-timer
S1703588816.229141,VS0,VE125
etag
"6f7511f06d98cee7fb2987067f9b62f7"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
16932, 1

Redirect headers

date
Tue, 26 Dec 2023 11:06:56 GMT
via
1.1 00f66bc6263192200d1a0cdb83e969f8.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P1
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/utxQ1h4V-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
_PYcp8zQpZaBiBTz07gvX7yIRfxmEUrLuazaCD_IsOr-kk3fen5vNg==
L31MQBYO-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/2sNxZ0gT/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/L31MQBYO-320.jpg
9 KB
8 KB
Image
General
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/L31MQBYO-320.jpg
Protocol
H2
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b157bf43c8e8076447c479262fd1eca97717ead9f21be7de6aa037d17870d2f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:56 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
266
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
8496
x-served-by
cache-iad-kcgs7200038-IAD, cache-sof1510032-SOF
last-modified
Thu, 21 Dec 2023 17:51:15 GMT
server
nginx
x-timer
S1703588816.076795,VS0,VE109
etag
"d4ae9057c38900edc63ccbd260420b2a"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
15700, 1

Redirect headers

date
Tue, 26 Dec 2023 11:04:58 GMT
via
1.1 00f66bc6263192200d1a0cdb83e969f8.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P1
age
118
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/L31MQBYO-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Hit from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
XF6AwKX8xxx8tu3bJMzudO0Ve1iENh8Nv39nEoz_EOP3kJjHiTpIYw==
9sev93go-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/PDAMnU7d/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/9sev93go-320.jpg
21 KB
22 KB
Image
General
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/9sev93go-320.jpg
Protocol
H2
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fd7bfad3299520c2c005c414b9702c0f40a2094d24de148cdafd0af15bee12fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:56 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
286
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
21939
x-served-by
cache-iad-kiad7000087-IAD, cache-sof1510032-SOF
last-modified
Wed, 20 Dec 2023 23:14:04 GMT
server
nginx
x-timer
S1703588816.169846,VS0,VE109
etag
"fd96d28e0d6ed6ae570b7c051149c8c1"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
20381, 1

Redirect headers

date
Tue, 26 Dec 2023 11:06:56 GMT
via
1.1 00f66bc6263192200d1a0cdb83e969f8.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P1
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/9sev93go-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
0PJnH5QmzlkJ7GgUD7KhNqMYXrSXKE787pZ5S5MVj-JAig7ZsnZJ-A==
Zf1AXq92-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/v79FIiil/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/Zf1AXq92-320.jpg
29 KB
28 KB
Image
General
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/Zf1AXq92-320.jpg
Protocol
H2
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0fb13755f48f76d5f735ecd01a2587fcbf83c35331457319c8487d2d08fdfb9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:56 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
116
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
28407
x-served-by
cache-iad-kjyo7100020-IAD, cache-sof1510032-SOF
last-modified
Wed, 20 Dec 2023 19:08:52 GMT
server
nginx
x-timer
S1703588816.076798,VS0,VE112
etag
"473c600291b3a67ac76031ae85349e7a"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
19573, 1

Redirect headers

date
Tue, 26 Dec 2023 11:06:40 GMT
via
1.1 00f66bc6263192200d1a0cdb83e969f8.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P1
age
16
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/Zf1AXq92-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Hit from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
3JPid_PwR00Yr-0DTKD6MEGHlKn7Kxo78OosY50LrZZHAYRmodvUMg==
hf5ed4bb-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/BVmLIs1u/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/hf5ed4bb-320.jpg
19 KB
19 KB
Image
General
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/hf5ed4bb-320.jpg
Protocol
H2
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
409d607542cc5168aba0c687341ce22f2b9226973601c3985a834bc86e6c9208

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:56 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
449
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
19320
x-served-by
cache-iad-kcgs7200021-IAD, cache-sof1510032-SOF
last-modified
Wed, 20 Dec 2023 17:31:00 GMT
server
nginx
x-timer
S1703588816.077120,VS0,VE109
etag
"c77ed210073f18de2a9ad5a96c099a92"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
25028, 1

Redirect headers

date
Tue, 26 Dec 2023 11:04:26 GMT
via
1.1 00f66bc6263192200d1a0cdb83e969f8.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P1
age
150
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/hf5ed4bb-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Hit from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
uJrz36XBtWlaCno8GQK6fVVBVVn7XD281Id-W-Rfr1uLkPTbBUrFOA==
z5MaMTCR-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/HAO41nOF/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/z5MaMTCR-320.jpg
21 KB
21 KB
Image
General
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/z5MaMTCR-320.jpg
Protocol
H2
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
26ab1a7d07674c24ba2bc48d029538bbe28b2d1189fe1a296af1d968c516a662

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:56 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
266
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
20681
x-served-by
cache-iad-kjyo7100124-IAD, cache-sof1510032-SOF
last-modified
Wed, 20 Dec 2023 00:40:03 GMT
server
nginx
x-timer
S1703588816.077100,VS0,VE109
etag
"f919b67327f4f038391dc95d3b4c1647"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
26969, 1

Redirect headers

date
Tue, 26 Dec 2023 11:06:40 GMT
via
1.1 00f66bc6263192200d1a0cdb83e969f8.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P1
age
16
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/z5MaMTCR-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Hit from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
AK5N9pK9OSSm2Ymeqk03-EhugMqNhS08ft-JE2hrvqQBJniPrulsIQ==
tizx8bns-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/cHejodfp/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/tizx8bns-320.jpg
14 KB
14 KB
Image
General
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/tizx8bns-320.jpg
Protocol
H2
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
24119db902da97bc3b8146f969460330f3a604ba437b3e09ed6ae448ff87694f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:56 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
266
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
14200
x-served-by
cache-iad-kiad7000147-IAD, cache-sof1510032-SOF
last-modified
Fri, 22 Dec 2023 02:01:26 GMT
server
nginx
x-timer
S1703588816.170128,VS0,VE112
etag
"0e186f3826667fc9df89636673a6eebc"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
14423, 1

Redirect headers

date
Tue, 26 Dec 2023 11:06:56 GMT
via
1.1 00f66bc6263192200d1a0cdb83e969f8.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P1
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/tizx8bns-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
Qq2_9lp3dCKYqcOn5XvDiV_tH4fqbscXh8qYvAQH3pTEzMSdMqZuyw==
dchHpZtp.js
cdn.jwplayer.com/libraries/
109 KB
41 KB
Script
General
Full URL
https://cdn.jwplayer.com/libraries/dchHpZtp.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/836d4e0fd22a7dc68a052.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:238d:c000:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
4e93349a514cb1b31c42ac8b669bc4f97815ab51c85be009491a03200ccb7d34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:04:02 GMT
content-encoding
gzip
via
1.1 00f66bc6263192200d1a0cdb83e969f8.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P1
age
173
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180
x-robots-tag
noindex, indexifembedded
content-length
41658
x-amz-cf-id
xDaENcmU4H63PRgQdepDuEjQVuW19sPuFAWvbYN4qaTb_Cbhvub14w==
segment
api.permutive.com/adv/v2/
14 B
69 B
XHR
General
Full URL
https://api.permutive.com/adv/v2/segment?new-session=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Tue, 26 Dec 2023 11:06:56 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14
content-type
application/json
JQkbLqiZ
cdn.jwplayer.com/v2/playlists/
60 KB
10 KB
Fetch
General
Full URL
https://cdn.jwplayer.com/v2/playlists/JQkbLqiZ
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/836d4e0fd22a7dc68a052.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:238d:c000:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
4dd577f309137a387d124abf60edfc3b34cc540160e7bae285a908d3414a2b73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:56 GMT
content-encoding
gzip
via
1.1 ca1ae3b3ff3d7a9e41b26e307972401e.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P1
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-robots-tag
noindex, indexifembedded
content-length
9342
x-amz-cf-id
lgnpUpbrXQ1qJZChRavr30HQ8B_9XRa5LlAofdG5Alhqsz31wk4sog==
expires
Tue, 26 Dec 2023 11:09:56
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.6.9/
121 KB
34 KB
Script
General
Full URL
https://vidstat.taboola.com/lite-unit/4.6.9/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231225-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f01bab0378512e79c7734165866170b7a671fe06892b91e1d45252cdfc746043

Request headers

Referer
https://torontosun.com/
Origin
https://torontosun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:56 GMT
via
1.1 9bd86598a7f45cc948aa2f9674ece0b2.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P5
age
13960
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, HIT
content-length
34315
x-served-by
cache-fra-etou8220058-FRA
last-modified
Tue, 26 Dec 2023 07:13:11 GMT
server
AmazonS3
x-timer
S1703588816.262136,VS0,VE0
etag
"9c4491a253629b597d78f6068c6cb274"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
2EtpWGqqpqQcDX6fr9JyhuaBr6QwSFqp0BTpWp8X9FK410nBZI-wGw==
x-cache-hits
3889
feed-card-placeholder.20231225-6-RELEASE.es6.js
cdn.taboola.com/libtrc/
5 KB
2 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20231225-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/postmedia1-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b4065ca4ba0da361babbc67ba6f4311ff70ccadb30fdbab5eaa4f42d5066ad29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
fHkAbNfYQjuuNvLPXwmm20zyuHo_dGRe
content-encoding
gzip
via
1.1 varnish
date
Tue, 26 Dec 2023 11:06:56 GMT
x-amz-request-id
PP1J0JP2QX8H0438
age
247
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1262
x-amz-id-2
QhCYyrEI9NyWMam2yzYAb4HarlhOORAGqnDi1YjgG7Rg4fe9Jsme8jhi/JRIrvu8DY2kP7waBVI=
x-served-by
cache-fra-etou8220039-FRA
last-modified
Tue, 26 Dec 2023 11:02:49 GMT
server
AmazonS3
x-timer
S1703588816.182349,VS0,VE0
etag
"69943339a3c19fa48f54c6f418b0462b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
45
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
470
userx.20231225-6-RELEASE.es6.js
cdn.taboola.com/libtrc/
17 KB
6 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/userx.20231225-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/postmedia1-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ed6f9599a4cb0dc41abedce3c3419faf4abcb9760c7aece6ac2e6b5ffe2504a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
XEB0q9XY8CjACsCtl_tSp46QVba_fxp3
content-encoding
gzip
via
1.1 varnish
date
Tue, 26 Dec 2023 11:06:56 GMT
x-amz-request-id
XGSGTA15DVX5R0H6
age
221
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5397
x-amz-id-2
iz8dxI779jqPQpvxVVYoJZWJ2clMqpOXl+i+5ZB96yCqPKMGnorKKzGHFGJWM3LKCBtt1/cK7L0=
x-served-by
cache-fra-etou8220039-FRA
last-modified
Tue, 26 Dec 2023 11:03:15 GMT
server
AmazonS3
x-timer
S1703588816.192864,VS0,VE0
etag
"51174102d418446ec692f531484b786a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
55
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
96
distance-from-article.20231225-6-RELEASE.es6.js
cdn.taboola.com/libtrc/
2 KB
2 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20231225-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/postmedia1-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1ddd68e74225f588c69529a2e2928613c35958acb39f1a7a3bcf8e19691c9c9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
fp1kLjCZWzr_peVRwo3hQfXFiTdrZvxG
content-encoding
gzip
via
1.1 varnish
date
Tue, 26 Dec 2023 11:06:56 GMT
x-amz-request-id
BNSH7AZY00C32B6W
age
252
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1132
x-amz-id-2
wzHAoQuwUfPQKmRk9AKa+GkKAmAW4JrhVsNsDhfs78LjQREcNPRzpn/PItmyZ9ylVaTRd5LCXEI=
x-served-by
cache-fra-etou8220039-FRA
last-modified
Tue, 26 Dec 2023 11:02:44 GMT
server
AmazonS3
x-timer
S1703588816.195077,VS0,VE0
etag
"7176353a26f2460db754b58ef0c2a3e9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
69
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
516
article-detection.20231225-6-RELEASE.es6.js
cdn.taboola.com/libtrc/
3 KB
2 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/article-detection.20231225-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/postmedia1-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5249fada11494c9985a415da427a9177cbd1fa91e604ad957fb5b8a868ba25ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
U38rJK.LKBXMfK86YwQvWVkPNshR3PjP
content-encoding
gzip
via
1.1 varnish
date
Tue, 26 Dec 2023 11:06:56 GMT
x-amz-request-id
ZS0W23SXD5BDFT22
age
259
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1291
x-amz-id-2
eAm48qKHPRBtpW8vs5fad/gGVQY1c5QRyqcKbytCRdPU24ev9/SoUNCsuBinHaW6OhnF64hjVnU=
x-served-by
cache-fra-etou8220039-FRA
last-modified
Tue, 26 Dec 2023 11:02:37 GMT
server
AmazonS3
x-timer
S1703588816.195021,VS0,VE0
etag
"f9e65fe728e81716657ab18d818593f3"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
79
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
524
abtests
am-trc-events.taboola.com/postmedia-torontosun/log/3/
0
245 B
Ping
General
Full URL
https://am-trc-events.taboola.com/postmedia-torontosun/log/3/abtests?route=AM:AM:V&tvi50=14608&lti=deflated&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22hp4u-excludeUrl%22%2C%22type%22%3A%22module%20initialized%22%2C%22eventTime%22%3A1703588816196%7D&tim=12%3A06%3A56.196&id=5170&llvl=2&ri=bf3fa5def036910ef0335bb4f7c4f841&sd=v2_95870bf8eda3b2fe8f77d0bcbb61d45f_e613968c-393a-40c7-a6df-effe7dbc92fa-tuctc84394f_1703588815_1703588815_CIi3jgYQuIdjGPPEua7KMSABKAEwODib4wlAh4oQSO7Y2ANQ____________AVgAYABo06-UtbOljN4acAA&ui=e613968c-393a-40c7-a6df-effe7dbc92fa-tuctc84394f&pi=/&wi=3351448824570609430&pt=home&vi=1703588815475&
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231225-6-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
https://torontosun.com
pragma
no-cache
date
Tue, 26 Dec 2023 11:06:56 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
am-trc-events.taboola.com/postmedia-torontosun/log/3/
0
230 B
Image
General
Full URL
https://am-trc-events.taboola.com/postmedia-torontosun/log/3/abtests?route=AM:AM:V&tvi50=14608&lti=deflated&ri=bf3fa5def036910ef0335bb4f7c4f841&sd=v2_95870bf8eda3b2fe8f77d0bcbb61d45f_e613968c-393a-40c7-a6df-effe7dbc92fa-tuctc84394f_1703588815_1703588815_CIi3jgYQuIdjGPPEua7KMSABKAEwODib4wlAh4oQSO7Y2ANQ____________AVgAYABo06-UtbOljN4acAA&ui=e613968c-393a-40c7-a6df-effe7dbc92fa-tuctc84394f&pi=/&wi=3351448824570609430&pt=home&vi=1703588815475&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1703588816170%7D&tim=12%3A06%3A56.170&id=6342&llvl=2&cv=20231225-6-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 26 Dec 2023 11:06:56 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/
4 KB
2 KB
Image
General
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Tue, 26 Dec 2023 11:06:56 GMT
x-amz-request-id
Y1PG8J215N22T8P1
age
27
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
Uw5tFQx0SXBhUtt7LR3tzPg4AwJsLw0b0pfPCtMtj2dH9WxEQG/AKgaWCN1zlzUHI1DQ4s8JfL8=
x-served-by
cache-fra-etou8220039-FRA
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1703588816.224552,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
17
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
31
9bdd1e6ffc7e7781f63a24272458fba4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
57 KB
58 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9bdd1e6ffc7e7781f63a24272458fba4.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f1bae7aed8994abd3673afcabec628b719e13a663ae74c3983bcb9871278f7b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 26 Dec 2023 11:06:56 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9bdd1e6ffc7e7781f63a24272458fba4.jpg
age
1464794
edge-cache-tag
630770987720074874774246095262411355979,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
630770987720074874774246095262411355979,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
252
req-referer
https://www.all-in.de/
content-length
58192
x-request-id
9f5db1e39676edba18b478e292803f19
x-served-by
cache-iad-kiad7000031-IAD, cache-iad-kjyo7100086-IAD, cache-lga21931-LGA, cache-iad-kjyo7100041-IAD, cache-fra-etou8220039-FRA
last-modified
Sat, 09 Dec 2023 12:13:40 GMT
server
nginx
surrogate-reporting
width=1000,height=500,bytes=102478,owidth=1000,oheight=560,obytes=654097
x-timer
S1703588816.238120,VS0,VE0
etag
"ce2e51f827a9c69b429e35b7c8f6649d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 0, 52
bobbie-jean-carter.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/
7 KB
7 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/bobbie-jean-carter.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b421e722a5b85284f2aa4281c9c9184ed0ebb1b9c5433a998877df450c84b405

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 26 Dec 2023 11:06:56 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/bobbie-jean-carter.jpg
age
215637
edge-cache-tag
408666724172090235398110283261439025381,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
cache-tag
408666724172090235398110283261439025381,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
347
req-referer
https://torontosun.com/
content-length
6774
x-request-id
ee3c48c0ffcdb556a684854dd2cfc537
x-served-by
cache-iad-kjyo7100155-IAD, cache-iad-kjyo7100140-IAD, cache-ewr18135-EWR, cache-iad-kjyo7100132-IAD, cache-fra-etou8220039-FRA
last-modified
Sat, 23 Dec 2023 22:12:57 GMT
server
nginx
surrogate-reporting
width=380,height=212,bytes=10599,owidth=1000,oheight=750,obytes=61014,ef=(1,13,17,23,30)
x-timer
S1703588816.238219,VS0,VE1
etag
"091c9d36bdc009085503b6bee88714da"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 74, 1
billie-eillish.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2021/06/
5 KB
6 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2021/06/billie-eillish.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e514ff21e53b0e836a3ec46c15c06a4c7652d732c4013298915a499a0ed367c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Tue, 26 Dec 2023 11:06:56 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2021/06/billie-eillish.jpg
age
491647
edge-cache-tag
426840081984310874981524942780009284082,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
cache-tag
426840081984310874981524942780009284082,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
481
req-referer
https://torontosun.com/
content-length
5308
x-request-id
cb4de08827bff83df3032ec0a24bb08d
x-served-by
cache-iad-kcgs7200040-IAD, cache-iad-kiad7000089-IAD, cache-bur-kbur8200118-BUR, cache-iad-kiad7000071-IAD, cache-fra-etou8220039-FRA
last-modified
Wed, 20 Dec 2023 18:27:29 GMT
server
nginx
surrogate-reporting
width=380,height=212,bytes=9469,owidth=1000,oheight=750,obytes=33833,ef=(1,13,17,23,30)
x-timer
S1703588816.238310,VS0,VE2
etag
"5250a4b52090e6b321d68353c54d62a7"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 69, 1
ab7ec63b5e45273e9d0685b92e871cac.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
14 KB
14 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ab7ec63b5e45273e9d0685b92e871cac.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d7625192ef2328a875ce7364023722aeb5e093bf8ceae8013917e005763ae234

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 26 Dec 2023 11:06:56 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ab7ec63b5e45273e9d0685b92e871cac.jpg
age
2843170
edge-cache-tag
491672595259720921679951174822222721209,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
491672595259720921679951174822222721209,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time
110
expiration
expiry-date="Mon, 18 Dec 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.fussballtransfers.com/
content-length
14048
x-served-by
cache-iad-kcgs7200073-IAD, cache-iad-kiad7000070-IAD, cache-lax-kwhp1940092-LAX, cache-iad-kiad7000078-IAD, cache-fra-etou8220039-FRA
last-modified
Fri, 17 Nov 2023 11:44:18 GMT
server
nginx
surrogate-reporting
width=1067,height=533,bytes=47501,owidth=1067,oheight=600,obytes=60107
x-timer
S1703588816.238104,VS0,VE0
etag
"15081d00cc93491a0f4e5b5682238cb0"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 4, 1, 0, 7
3cd946682bb54ffc192c330f6cd78c67.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
12 KB
13 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3cd946682bb54ffc192c330f6cd78c67.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1f62ab462132d30e96e4b5138be4866b37ba0f6268ed5e9890815621f9f1d42a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 26 Dec 2023 11:06:56 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3cd946682bb54ffc192c330f6cd78c67.jpg
age
1465111
edge-cache-tag
365613285388987769532952377643884752202,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
cache-tag
365613285388987769532952377643884752202,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
402
req-referer
https://www.direktweg.com/
content-length
12390
x-request-id
bf68964e108756a966e60a20240c883b
x-served-by
cache-iad-kjyo7100021-IAD, cache-iad-kiad7000106-IAD, cache-lax-kwhp1940082-LAX, cache-iad-kjyo7100097-IAD, cache-fra-etou8220039-FRA
last-modified
Sat, 09 Dec 2023 11:30:11 GMT
server
nginx
surrogate-reporting
width=380,height=212,bytes=21108,owidth=1000,oheight=600,obytes=355661
x-timer
S1703588816.243192,VS0,VE0
etag
"c6dc991ab9811467de43025647c8150e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 3
d1sslrl2lsscinl2o04r.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1702295933/
5 KB
6 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1702295933/d1sslrl2lsscinl2o04r.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0f2c9c52886409123745e7e3ca3a33cb7bd73d7d12b7294ac5824988bcc52131

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 26 Dec 2023 11:06:56 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1702295933/d1sslrl2lsscinl2o04r.jpg
age
1292868
edge-cache-tag
565491132591805189440235802691306685081,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
565491132591805189440235802691306685081,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, MISS, MISS, HIT
x-envoy-upstream-service-time
322
req-referer
https://www.4players.de/
content-length
5174
x-request-id
6af84561d450bbc66a2f6c3d59d6b1c4
x-served-by
cache-iad-kcgs7200153-IAD, cache-iad-kcgs7200120-IAD, cache-lax-kwhp1940105-LAX, cache-iad-kiad7000108-IAD, cache-fra-etou8220039-FRA
last-modified
Mon, 11 Dec 2023 11:59:07 GMT
server
nginx
surrogate-reporting
width=800,height=444,bytes=19717,owidth=800,oheight=450,obytes=19304
x-timer
S1703588816.258500,VS0,VE0
etag
"53113ca1857ebde07e84e664d4555b1c"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 0, 2
2f87776b3580b772c988979fccc36347.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
55 KB
56 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2f87776b3580b772c988979fccc36347.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4308515be876a760c144eab91d83c80b4942d460d1a4d63b60159f1a2f0a8517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Tue, 26 Dec 2023 11:06:56 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2f87776b3580b772c988979fccc36347.png
age
3630658
edge-cache-tag
539264722275397693898618951167535693130,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
539264722275397693898618951167535693130,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
196
req-referer
https://www.selbstversorger.de/
content-length
56628
x-request-id
0f5f49d196f67e62743b8b7aa48a3f6b
x-served-by
cache-iad-kiad7000036-IAD, cache-iad-kjyo7100021-IAD, cache-iad-kiad7000123-IAD, cache-fra-etou8220039-FRA
last-modified
Thu, 10 Aug 2023 01:55:26 GMT
server
nginx
x-timer
S1703588816.291293,VS0,VE2
etag
"acd0bc56b0057258db7e148a76fe5165"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 24, 1
supply-feature
am-trc-events.taboola.com/postmedia-torontosun/log/3/
0
231 B
Image
General
Full URL
https://am-trc-events.taboola.com/postmedia-torontosun/log/3/supply-feature?route=AM:AM:V&tvi50=14608&lti=deflated&ri=bf3fa5def036910ef0335bb4f7c4f841&sd=v2_95870bf8eda3b2fe8f77d0bcbb61d45f_e613968c-393a-40c7-a6df-effe7dbc92fa-tuctc84394f_1703588815_1703588815_CIi3jgYQuIdjGPPEua7KMSABKAEwODib4wlAh4oQSO7Y2ANQ____________AVgAYABo06-UtbOljN4acAA&ui=e613968c-393a-40c7-a6df-effe7dbc92fa-tuctc84394f&pi=/&wi=3351448824570609430&pt=home&vi=1703588815475&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%2235%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=12%3A06%3A56.271&id=1307&llvl=2&cv=20231225-6-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 26 Dec 2023 11:06:56 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
googima.js
ssl.p.jwpcdn.com/player/v/8.30.1/
74 KB
22 KB
Script
General
Full URL
https://ssl.p.jwpcdn.com/player/v/8.30.1/googima.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/dchHpZtp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
80c9671594b35dca109b7ecf4d7ca12db35663ba90b6e591fee421a3d3a6816a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:56 GMT
content-encoding
gzip
via
1.1 varnish
age
45501
x-cache
HIT
content-length
22454
x-served-by
cache-sof1510032-SOF
last-modified
Mon, 13 Nov 2023 20:12:26 GMT
server
AmazonS3
x-timer
S1703588816.349427,VS0,VE0
etag
"016fdad688d9003e0b0c4157e803cf37"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, immutable
accept-ranges
bytes
x-cache-hits
12712
bidding.js
ssl.p.jwpcdn.com/player/v/8.30.1/
448 KB
141 KB
Script
General
Full URL
https://ssl.p.jwpcdn.com/player/v/8.30.1/bidding.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/dchHpZtp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b3587ccc786d72c7d352e3cd589f1c34a6d5f99944560a6c2e7f6f69f0a69b9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:56 GMT
content-encoding
gzip
via
1.1 varnish
age
2407
x-cache
HIT
content-length
144290
x-served-by
cache-sof1510032-SOF
last-modified
Thu, 14 Dec 2023 13:42:51 GMT
server
AmazonS3
x-timer
S1703588816.350030,VS0,VE0
etag
"20b62ce1e7993cc814efa737c197c766"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600, immutable
accept-ranges
bytes
x-cache-hits
18
jwpsrv.js
ssl.p.jwpcdn.com/player/v/8.30.1/
65 KB
20 KB
Script
General
Full URL
https://ssl.p.jwpcdn.com/player/v/8.30.1/jwpsrv.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/dchHpZtp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3c5ff38a6b645121ae055d1bb18885c2f185331f58f6229443c2f031684216f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:56 GMT
content-encoding
gzip
via
1.1 varnish
age
122
x-cache
HIT
content-length
19890
x-served-by
cache-sof1510032-SOF
last-modified
Thu, 14 Dec 2023 19:59:18 GMT
server
AmazonS3
x-timer
S1703588816.350015,VS0,VE0
etag
"1a96e7c0d0040b922d2458e3bc2cfe7f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, immutable
accept-ranges
bytes
x-cache-hits
209
jwplayer.core.controls.js
ssl.p.jwpcdn.com/player/v/8.30.1/
318 KB
83 KB
Script
General
Full URL
https://ssl.p.jwpcdn.com/player/v/8.30.1/jwplayer.core.controls.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/dchHpZtp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3626395a3596984e23ef3c2e882eee1fe93e4830f6c6b90ba9aad5028d2b6c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:56 GMT
content-encoding
gzip
via
1.1 varnish
age
3587920
x-cache
HIT
content-length
85284
x-served-by
cache-sof1510032-SOF
last-modified
Mon, 13 Nov 2023 20:12:20 GMT
server
AmazonS3
x-timer
S1703588816.350150,VS0,VE0
etag
"95e4ba794923b67ae5be72627198a8b3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
917560
JQkbLqiZ
cdn.jwplayer.com/v2/playlists/
60 KB
10 KB
XHR
General
Full URL
https://cdn.jwplayer.com/v2/playlists/JQkbLqiZ
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/dchHpZtp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:238d:c000:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
4dd577f309137a387d124abf60edfc3b34cc540160e7bae285a908d3414a2b73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:56 GMT
content-encoding
gzip
via
1.1 ca1ae3b3ff3d7a9e41b26e307972401e.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P1
x-cache
Hit from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-robots-tag
noindex, indexifembedded
content-length
9342
x-amz-cf-id
55y7EpoXUUIsi_Zh8mTCFuH8CYZExSJv3urBE-itYfXfsUJ8WWuH8A==
expires
Tue, 26 Dec 2023 11:09:56
provider.hlsjs.js
ssl.p.jwpcdn.com/player/v/8.30.1/
413 KB
123 KB
Script
General
Full URL
https://ssl.p.jwpcdn.com/player/v/8.30.1/provider.hlsjs.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/dchHpZtp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a6a936bf89e1100e04af426880bbbbcdf995f6501eb58a5e7ca3382b0ce74ac3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:56 GMT
content-encoding
gzip
via
1.1 varnish
age
3587921
x-cache
HIT
content-length
126154
x-served-by
cache-sof1510032-SOF
last-modified
Mon, 13 Nov 2023 20:12:23 GMT
server
AmazonS3
x-timer
S1703588816.401883,VS0,VE0
etag
"c735ce7c150fe5e0fdf3e61f12fd8527"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
892766
EP4j6LNJEeu2Q2J+7u8ONQ.json
entitlements.jwplayer.com/
69 B
249 B
XHR
General
Full URL
https://entitlements.jwplayer.com/EP4j6LNJEeu2Q2J+7u8ONQ.json
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/dchHpZtp.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.243 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frb/67A5) /
Resource Hash
5427e10c23520fbca480e8750c7e03dc2858eee594081879ea72a559bbd9fa81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:56 GMT
content-encoding
gzip
last-modified
Tue, 26 Dec 2023 09:18:05 GMT
server
ECAcc (frb/67A5)
age
6532
vary
Accept-Encoding
x-cache
HIT
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1800, s-maxage=18480
accept-ranges
bytes
content-length
80
ima3.js
imasdk.googleapis.com/js/sdkloader/
367 KB
126 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/dchHpZtp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dac9ce6b163b009d3fae39abc37e728afa2476e5dd0b5e5ac9480a9969fbbe6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128925
x-xss-protection
0
expires
Tue, 26 Dec 2023 11:06:56 GMT
view
overlay-track.sailthru.cloud/v1/overlay/ Frame
0
0
Preflight
General
Full URL
https://overlay-track.sailthru.cloud/v1/overlay/view
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.169.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-169-247.compute-1.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-lib-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
13
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
1800
allow
POST,OPTIONS
content-type
text/plain
date
Tue, 26 Dec 2023 11:06:56 GMT
server
envoy
x-envoy-upstream-service-time
1
view
overlay-track.sailthru.cloud/v1/overlay/
17 B
422 B
Fetch
General
Full URL
https://overlay-track.sailthru.cloud/v1/overlay/view
Requested by
Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.169.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-169-247.compute-1.amazonaws.com
Software
envoy /
Resource Hash
5f4871b277dbebec4d8490673a48154537dc6f1969140f67c333e85704b50564

Request headers

Accept
application/json
Referer
https://torontosun.com/
X-Lib-Version
v1.0.1
accept-language
de-DE,de;q=0.9
Authorization
Bearer b9d3df2fccd108b5eff3c44f573b2cd6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 26 Dec 2023 11:06:56 GMT
allowedorigins
*
server
envoy
vary
Origin
content-type
application/json
access-control-allow-origin
*
allowedmethods
GET,OPTIONS
access-control-allow-credentials
true
allowedheaders
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
x-envoy-upstream-service-time
1
Connection
keep-alive
Content-Length
17
6584928f9dad1.jpg
media.sailthru.com/5r6/1k7/c/l/
58 KB
58 KB
Image
General
Full URL
https://media.sailthru.com/5r6/1k7/c/l/6584928f9dad1.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.164.68.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-68-88.lhr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c7bd8af3991b2b07f72de49ee508285834e404e5aedb27ceb96f83c9139c8bb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Mon, 25 Dec 2023 18:37:03 GMT
Via
1.1 49e8093d0b1ec293275e8b264631ad18.cloudfront.net (CloudFront)
Last-Modified
Thu, 21 Dec 2023 19:31:28 GMT
Server
AmazonS3
X-Amz-Cf-Pop
LHR50-P4
Age
59394
ETag
"96803d6cc9460c944ec014947e1dccca"
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
58969
X-Amz-Cf-Id
RoZjcPMSTd8c_PoqLoOPYZBJF-4DpzDkYzIU_aTQ56S091x6-r3JHg==
W1v3pshE.srt
assets-jpcust.jwpsrv.com/tracks/
Redirect Chain
  • https://cdn.jwplayer.com/tracks/W1v3pshE.srt
  • https://assets-jpcust.jwpsrv.com/tracks/W1v3pshE.srt
9 KB
4 KB
XHR
General
Full URL
https://assets-jpcust.jwpsrv.com/tracks/W1v3pshE.srt
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
45543a8d92a90f639dbbca228dcb74d64f95dc652d0f0f85045db8749d6e7843

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:57 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
154
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
3966
x-served-by
cache-iad-kjyo7100029-IAD, cache-sof1510021-SOF
last-modified
Fri, 22 Dec 2023 02:17:02 GMT
server
nginx
x-timer
S1703588817.906555,VS0,VE109
etag
"84b4fe305bc6e68a1e66c6839a1914e9"
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
21398, 1

Redirect headers

date
Tue, 26 Dec 2023 11:06:56 GMT
via
1.1 ca1ae3b3ff3d7a9e41b26e307972401e.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P1
x-cache
Miss from cloudfront
content-type
text/html
location
https://assets-jpcust.jwpsrv.com/tracks/W1v3pshE.srt
access-control-allow-origin
*
x-robots-tag
noindex, indexifembedded
content-length
166
x-amz-cf-id
8SvSqwmHWEyed09g8ZJrxOPGKaOR2mHowRL7bXFA0aqG50ymxEj9pg==
polyfills.webvtt.js
ssl.p.jwpcdn.com/player/v/8.30.1/
11 KB
5 KB
Script
General
Full URL
https://ssl.p.jwpcdn.com/player/v/8.30.1/polyfills.webvtt.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/dchHpZtp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f955bad4911e135ef8894618754dbed63059322adf7404c619734960cce6adc0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:56 GMT
content-encoding
gzip
via
1.1 varnish
age
3587216
x-cache
HIT
content-length
4510
x-served-by
cache-sof1510032-SOF
last-modified
Mon, 13 Nov 2023 20:12:22 GMT
server
AmazonS3
x-timer
S1703588817.556907,VS0,VE0
etag
"4ecf1daa69f7252ad15b34ff4485ec7a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
138528
cHejodfp-120.vtt
assets-jpcust.jwpsrv.com/strips/
Redirect Chain
  • https://cdn.jwplayer.com/strips/cHejodfp-120.vtt
  • https://assets-jpcust.jwpsrv.com/strips/cHejodfp-120.vtt
5 KB
1 KB
XHR
General
Full URL
https://assets-jpcust.jwpsrv.com/strips/cHejodfp-120.vtt
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
caff1d6c79cb935e326f76b59565cd12aa0d1f2cdcb6d03c63ab2e40a468dcfb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:57 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
232
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
927
x-served-by
cache-iad-kiad7000171-IAD, cache-sof1510021-SOF
last-modified
Fri, 22 Dec 2023 02:01:49 GMT
server
nginx
x-timer
S1703588817.906548,VS0,VE113
etag
"a4aca55a9d24e79dae2c615f7cd82fe6"
vary
Accept-Encoding
content-type
text/vtt
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
21655, 1

Redirect headers

date
Tue, 26 Dec 2023 11:06:56 GMT
via
1.1 ca1ae3b3ff3d7a9e41b26e307972401e.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P1
x-cache
Miss from cloudfront
content-type
text/html
location
https://assets-jpcust.jwpsrv.com/strips/cHejodfp-120.vtt
access-control-allow-origin
*
x-robots-tag
noindex, indexifembedded
content-length
166
x-amz-cf-id
DmxMLkVPkCQmOeSB64LBNXKTkOSvePvlhCAgLQc-A96diCHhMUdbdg==
provider.cast.js
ssl.p.jwpcdn.com/player/v/8.30.1/
30 KB
10 KB
Script
General
Full URL
https://ssl.p.jwpcdn.com/player/v/8.30.1/provider.cast.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/dchHpZtp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1e11545f37f9b79411db316051568e9232e4306b7b86a1fc28195596d21a8839

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:56 GMT
content-encoding
gzip
via
1.1 varnish
age
3587493
x-cache
HIT
content-length
10035
x-served-by
cache-sof1510032-SOF
last-modified
Mon, 13 Nov 2023 20:12:23 GMT
server
AmazonS3
x-timer
S1703588817.592880,VS0,VE0
etag
"11ee85ad71debb9f00a186341c5562fb"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
543447
related.js
ssl.p.jwpcdn.com/player/v/8.30.1/
103 KB
25 KB
Script
General
Full URL
https://ssl.p.jwpcdn.com/player/v/8.30.1/related.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/dchHpZtp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f9d9f5036d0bd2be56f58b96153837812b097932175127c8b0261eb0ba7b58de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:56 GMT
content-encoding
gzip
via
1.1 varnish
age
3587919
x-cache
HIT
content-length
25137
x-served-by
cache-sof1510032-SOF
last-modified
Mon, 13 Nov 2023 20:12:25 GMT
server
AmazonS3
x-timer
S1703588817.592967,VS0,VE0
etag
"e6b820b0a7ae68bd30c9a97e44e1ea55"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
463582
cHejodfp.m3u8
cdn.jwplayer.com/manifests/
2 KB
779 B
XHR
General
Full URL
https://cdn.jwplayer.com/manifests/cHejodfp.m3u8
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.30.1/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:238d:c000:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
50d56f47e3a7ff81df5f654f63b9a3d04d305fbdc915e0d3f88151fcb81fe780

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:56 GMT
content-encoding
gzip
via
1.1 ca1ae3b3ff3d7a9e41b26e307972401e.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P1
x-cache
Miss from cloudfront
content-type
application/vnd.apple.mpegurl; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180
x-robots-tag
noindex, indexifembedded
content-length
428
x-amz-cf-id
OX4ZDgaRndfGZdbV3gw7pSefC4yAuwVwpw-KByqQg3J6QPJk6MaQrQ==
tizx8bns-720.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/cHejodfp/poster.jpg?width=720
  • https://assets-jpcust.jwpsrv.com/thumbnails/tizx8bns-720.jpg
44 KB
44 KB
Image
General
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/tizx8bns-720.jpg
Protocol
H2
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8a4674f46ae8fd1c444b894e0ad7ac9fce087aecbaf7cd00ca15e78b3c845c37

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:56 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
246
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
45258
x-served-by
cache-iad-kiad7000140-IAD, cache-sof1510032-SOF
last-modified
Fri, 22 Dec 2023 02:01:26 GMT
server
nginx
x-timer
S1703588817.779316,VS0,VE109
etag
"121ece781e40fcc6dc220eb35cddac56"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
16102, 1

Redirect headers

date
Tue, 26 Dec 2023 11:06:56 GMT
via
1.1 00f66bc6263192200d1a0cdb83e969f8.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P1
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/tizx8bns-720.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
KOQoIIRA1DYso6X6yxbz7WNqX1PEl_Vd_s_fI1FZLwwjJYfjX-RN_A==
tizx8bns-640.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/cHejodfp/poster.jpg?width=640
  • https://assets-jpcust.jwpsrv.com/thumbnails/tizx8bns-640.jpg
37 KB
37 KB
Image
General
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/tizx8bns-640.jpg
Protocol
H2
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4068de3bd61fed0d55abb8a2071f58236f12778d0705754a1bf2f8a38e190cb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:56 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
428
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS
content-length
37670
x-served-by
cache-iad-kiad7000081-IAD, cache-sof1510032-SOF
last-modified
Fri, 22 Dec 2023 02:01:26 GMT
server
nginx
x-timer
S1703588817.752601,VS0,VE108
etag
"b52b090f537415f1be579611a61e417e"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
10651, 0

Redirect headers

date
Tue, 26 Dec 2023 11:06:56 GMT
via
1.1 00f66bc6263192200d1a0cdb83e969f8.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P1
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/tizx8bns-640.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
g0Kd_wvu_xN5efgzTTHMQnzBcVNEZi-igdlAXISyLhZBjQh9j46J9Q==
ping.gif
prd.jwpltx.com/v1/jwplayer6/
0
203 B
Image
General
Full URL
https://prd.jwpltx.com/v1/jwplayer6/ping.gif?h=1958841615&e=e&n=5623173673038482&abc=0&aid=EP4j6LNJEeu2Q2J%2B7u8ONQ&amp=0&ask=z3leKtY8&at=1&c=1&ccp=0&cp=0&d=0&eb=0&ed=6&emi=146if3f70qbu&i=0&id=cHejodfp&lid=1je3x521i4hg&lsa=read&mt=0&pbd=1&pbr=1&pgi=13eg3qm1p9q9&ph=1&pid=dchHpZtp&pii=0&pl=282&plc=20&pli=1oew4671vz66&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&pu=https%3A%2F%2Ftorontosun.com%2F&pv=8.30.1&pyc=0&s=0&sdk=0&stc=1&stpe=0&t=NFL%20Breakdown%3A%20Week%2016%20picks&tv=3.43.2&vb=1&vi=1&vl=90&wd=501&ab=1&bpv=7.5.0&cae=0&cb=1&cdid=leadVideoIFrameHeadline&cme=0&dd=1&fed=JQkbLqiZ&flc=0&fv=&ga=0&lng=en-CA&mk=hls&mu=https%3A%2F%2Fcdn.jwplayer.com%2Fmanifests%2FcHejodfp.m3u8&pbc=0&pd=2&pdr=&plng=en-CA&plt=1450&pni=1&po=0&pogt=%20Toronto%20Sun&rf=%2F%2Fcdn.jwplayer.com%2Fv2%2Fplaylists%2F4KFQF7jC%3Frelated_media_id%3DMEDIAID&sn=%7B%22controlbar%22%3A%7B%22background%22%3A%22rgba(0%2C0%2C0%2C0)%22%2C%22icons%22%3A%22rgba(255%2C255%2C255%2C0.8)%22%2C%22iconsActive%22%3A%22%23FFFFFF%22%2C%22text%22%3A%22%23FFFFFF%22%7D%2C%22menus%22%3A%7B%22background%22%3A%22%23333333%22%2C%22text%22%3A%22rgba(255%2C255%2C255%2C0.8)%22%2C%22textActive%22%3A%22%23FFFFFF%22%7D%2C%22timeslider%22%3A%7B%22progress%22%3A%22%23F2F2F2%22%2C%22rail%22%3A%22rgba(255%2C255%2C255%2C0.3)%22%7D%2C%22tooltips%22%3A%7B%22background%22%3A%22%23FFFFFF%22%2C%22text%22%3A%22%23000000%22%7D%7D&sp=0&st=240&sa=1703588816570
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:c000:1b:6b7c:c940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:56 GMT
via
1.1 9a81383d5a4095cd87ee33985e4b2bf8.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
AMS58-P2
x-amz-cf-id
hk5Q1Yt_HX7eWi3cEzFERHvGG56e8uYab6LffJES-UrMXDJAn_2yLQ==
x-cache
Miss from cloudfront
auction
prebid-server.rubiconproject.com/openrtb2/
173 B
465 B
XHR
General
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.30.1/bidding.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
80e4d77c6f8d99a01410ff4a1b3c8d950f8a960192eb1c748716874d3e45ddc6

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.5.0
Content-Type
application/json
access-control-allow-origin
https://torontosun.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
168
Expires
0
translator
hbopenbid.pubmatic.com/
0
56 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.30.1/bidding.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://torontosun.com
date
Tue, 26 Dec 2023 11:06:57 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/
36 B
311 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=1031514
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.30.1/bidding.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e8a87361b0f4af1609f3daaf069258ce24c3b4018b86cf6f21ce471891a49d0

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 11:06:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qq8JGKAtD5rdXlni2DyI2jFAAs1yWD7AdacuEKt4cZCifcbRZUyozAUB9%2FKZayzsH4lwGXGZFq87DpUFf57VftgPWOEne45wYG5lmX0wbNfcCzQytDkpP%2FGN1QHLOneJe1dQSAID"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://torontosun.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
83b8db77cf73453a-TXL
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
ping.gif
prd.jwpltx.com/v1/clienta/
0
201 B
Image
General
Full URL
https://prd.jwpltx.com/v1/clienta/ping.gif?h=-2023085958&e=abq&n=7521586308958441&abc=0&aid=EP4j6LNJEeu2Q2J%2B7u8ONQ&amp=0&ask=z3leKtY8&at=1&c=1&ccp=0&cp=0&d=0&eb=0&ed=6&emi=146if3f70qbu&i=0&id=cHejodfp&lid=1je3x521i4hg&lsa=read&mt=0&pbd=1&pbr=1&pgi=13eg3qm1p9q9&ph=1&pid=dchHpZtp&pii=0&pl=282&plc=20&pli=1oew4671vz66&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&pu=https%3A%2F%2Ftorontosun.com%2F&pv=8.30.1&pyc=0&s=0&sdk=0&stc=1&stpe=0&t=NFL%20Breakdown%3A%20Week%2016%20picks&tv=3.43.2&vb=1&vi=1&vl=90&wd=501&ab=1&abid=lbcjgzpwjijf&apid=lbcjgzpwjijf&awi=1&awc=1&p=-1&pc=0&pi=0&pr=0&aml=0&flpy=USD&vpb=%7B%22pubmatic.id%22%3A%225353002%22%2C%22pubmatic.pubid%22%3A%22160305%22%2C%22rubicon.pubid%22%3A%2214648%22%2C%22rubicon.siteId%22%3A%22505096%22%2C%22rubicon.zoneId%22%3A%223013902%22%2C%22indexexchange.id%22%3A%221031514%22%7D&vto=3000&bpv=7.5.0&rtp=%7B%7D&tpi=&sa=1703588816576
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:c000:1b:6b7c:c940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:56 GMT
via
1.1 9a81383d5a4095cd87ee33985e4b2bf8.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
AMS58-P2
x-amz-cf-id
STP4ip40AGdzbbut9Y7C3QwC04IMGSCmJdfMw1G3ohXlOi9sbt2Nhg==
x-cache
Miss from cloudfront
st
imprammp.taboola.com/ Frame 63DC
439 B
357 B
Document
General
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8B_MCLAbc-tIUe7hsfRG49aUp9nDZ-ioAAABgYID-AAnOjMPlbjdza1bO4Vo0sq3cCudmsBZOjCPnbuWbzCaLISDBmXG43O1mbs3KOVyLRraVW-HcDNbCiXHk3K18k9lkMQUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0u0HQ6fK57vehv-dtNf8_rbtf43X45AAAAAHjw____DwEAAAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwPD___-vAQCKAwI67Ha_7WX5BwAAAAAQAAAAACQAEg4ISgDIdB2c-P________-PMUCfeSPj_____4ZBD4AHHwAPQgAAAD6GXHF32SskGTwRKSgswggAAAAA1P9B25FJOkHFosr__3-_FYArAAABjKXOYrZZdAcl3sIAAAAAjFmgh8XvNzvsGr_bZf7_________zfyf-UcjFPXIlSaIg7lZzS8gAMCaX0AAADbjBgDgjQCcoEPQisFgdQJidgAAAADu_P___-sBydVwN5jYjCuTwzOxzFzGmW83Mkw8FottMTKtZt4Do7a6JS0ajtZHRFhmv-8g5LtdhofPZRAVXW-L3eE0ew7ig4ZhORkE8zNhi9FqMtksh7PlYjIYjoaj0f4MxGQwQBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCKZsi81yNty4NcvNwi0abHxrhW1kc6tsNpdvZPE4JzOHW_T6mD7G0WY5mnmRYADKXiRPi3QisXlmDtfIZTNsZsvFYGUzbDaricU0821MM-NoMRFLNCeLdCK77Jur4W4wsRlXJodnYpm5jDPfbmSYeCwW22JkWs38Ldtis5wNN27NcrNwiwYb31phG9ncKpvN5RtZPM7JzOEWvT6mj3G0WY5m_sZusFkNh8PFat_YDTar4XC4WO07TKZn6nM2Wk-S1UcotFgP35bNaVC4DBbvT2JaTLuzg2jaOzp93rKyoDP6_X6_3-_3-_1-v0HrOZgNCt8wW6tKFz_ZaictPA4GRSwRXKQTwd9zertMTodb9Lf87aa_53W3iCVK00U60Rf9bpfh4XP5K2KJ4HSRToR-t8ui_iMGHMwlq9VcN1cMlqsEAAAAAAAAAGAJppluAgAAAOBkUMvFbDJYp4PZDAazxWq5ADCGcXUBgwAAAAAAAOxyEeSV_3f7syjW2GMU8Pec3i6T0-EW_S1_u-nved2tDACjc4fZZp8RxFqtljUAAAABbAAAAAHcdONNwJkU9____z8OAACAjBx6AAAA9PuAqOj0wo9cKfgVxGg2GO4fgAqxVqvV7cZarVZAgtgNNxP4____TxAAAAAAACAHAg!&cmcv=&pix=undefined&cb=1703588816618&uv=3371&tms=1703588816618&abt=adxsub-out_vA!adxsub-out_vB!dfrc_vB!t45!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=8f88977f-3e98-4d6e-a930-8b8d97e72621&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.6.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d0f038abf190d8f1442efbbd3fe43ab45498a0d68d12663103e6ae99007472a2

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Tue, 26 Dec 2023 11:06:56 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-etou8220039-FRA
x-timer
S1703588817.636641,VS0,VE10
sync
am-match.taboola.com/ Frame 8B69
577 B
671 B
Document
General
Full URL
https://am-match.taboola.com/sync?dast=V8B_MCLAbc-tIUe7hsfRG49aUp9nDZ-ioAAABgYID-AAnOjMPlbjdza1bO4Vo0sq3cCudmsBZOjCPnbuWbzCaLISDBmXG43O1mbs3KOVyLRraVW-HcDNbCiXHk3K18k9lkMQUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0u0HQ6fK57vehv-dtNf8_rbtf43X45AAAAAHjw____DwEAAAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwPD___-vAQCKAwI67Ha_7WX5BwAAAAAQAAAAACQAEg4ISgDIdB2c-P________-PMUCfeSPj_____4ZBD4AHHwAPQgAAAD6GXHF32SskGTwRKSgswggAAAAA1P9B25FJOkHFosr__3-_FYArAAABjKXOYrZZdAcl3sIAAAAAjFmgh8XvNzvsGr_bZf7_________zfyf-UcjFPXIlSaIg7lZzS8gAMCaX0AAADbjBgDgjQCcoEPQisFgdQJidgAAAADu_P___-sBydVwN5jYjCuTwzOxzFzGmW83Mkw8FottMTKtZt4Do7a6JS0ajtZHRFhmv-8g5LtdhofPZRAVXW-L3eE0ew7ig4ZhORkE8zNhi9FqMtksh7PlYjIYjoaj0f4MxGQwQBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCKZsi81yNty4NcvNwi0abHxrhW1kc6tsNpdvZPE4JzOHW_T6mD7G0WY5mnmRYADKXiRPi3QisXlmDtfIZTNsZsvFYGUzbDaricU0821MM-NoMRFLNCeLdCK77Jur4W4wsRlXJodnYpm5jDPfbmSYeCwW22JkWs38Ldtis5wNN27NcrNwiwYb31phG9ncKpvN5RtZPM7JzOEWvT6mj3G0WY5m_sZusFkNh8PFat_YDTar4XC4WO07TKZn6nM2Wk-S1UcotFgP35bNaVC4DBbvT2JaTLuzg2jaOzp93rKyoDP6_X6_3-_3-_1-v0HrOZgNCt8wW6tKFz_ZaictPA4GRSwRXKQTwd9zertMTodb9Lf87aa_53W3iCVK00U60Rf9bpfh4XP5K2KJ4HSRToR-t8ui_iMGHMwlq9VcN1cMlqsEAAAAAAAAAGAJppluAgAAAOBkUMvFbDJYp4PZDAazxWq5ADCGcXUBgwAAAAAAAOxyEeSV_3f7syjW2GMU8Pec3i6T0-EW_S1_u-nved2tDACjc4fZZp8RxFqtljUAAAABbAAAAAHcdONNwJkU9____z8OAACAjBx6AAAA9PuAqOj0wo9cKfgVxGg2GO4fgAqxVqvV7cZarVZAgtgNNxP4____TxAAAAAAACAHAg!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.6.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
53150c8ae5d96d5a4da28b98735b1515da09ee253769f17c1584b8937ba228ee

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Tue, 26 Dec 2023 11:06:57 GMT
machineid
3408
server
nginx
cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_7_1/assets/css/
60 KB
8 KB
Stylesheet
General
Full URL
https://vidstat.taboola.com/vpaid/units/33_7_1/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.6.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
b9deac08511b98fa127fcf0d07e132b58d85b56662aabeafd82029d6257cdd2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-meta-mtime
1703498556
date
Tue, 26 Dec 2023 11:06:56 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
4HWKAPBTBQ2BJB0M
age
90190
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1703498557
x-amz-meta-mode
33188
content-length
7921
x-amz-id-2
nCgKcnAPMFXRw0/eA5ji2HYZr1TAmLnfId9PgPGQyha+ZWsb8soQ+8UtVQieyMwynQyTa7t2aSA=
x-served-by
cache-fra-etou8220039-FRA
last-modified
Mon, 25 Dec 2023 10:02:38 GMT
server
AmazonS3-br
x-timer
S1703588817.642852,VS0,VE0
etag
"f7b7155f1c129d09779b1ec80bc9bb24"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
21966
cmTagFEED_MANAGER.js
vidstat.taboola.com/vpaid/units/33_7_1/infra/
525 KB
109 KB
Script
General
Full URL
https://vidstat.taboola.com/vpaid/units/33_7_1/infra/cmTagFEED_MANAGER.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.6.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
77fcd880ebe3aee63f04c8dc20987dcab651fa8713a658ecea617b2ab85311c9

Request headers

Referer
https://torontosun.com/
Origin
https://torontosun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-meta-mtime
1703498543
date
Tue, 26 Dec 2023 11:06:56 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
4HWWS10CD603PGFG
age
90190
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1703498544
x-amz-meta-mode
33188
content-length
111029
x-amz-id-2
w48rTCuRQMbdpYB9rZLin1cy8TPqQxurT+wyiyi+BHlm2onrydZrRRBUPgImsTL7ICj0a3TsyIY=
x-served-by
cache-fra-etou8220058-FRA
last-modified
Mon, 25 Dec 2023 10:02:25 GMT
server
AmazonS3-br
x-timer
S1703588817.642749,VS0,VE0
etag
"e9905cd2cc1de1e829889183020357f1"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
17463
st
am-vid-events.taboola.com/
0
43 B
Image
General
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8B_MCLAbc-tIUe7hsfRG49aUp9nDZ-ioAAABgYID-AAnOjMPlbjdza1bO4Vo0sq3cCudmsBZOjCPnbuWbzCaLISDBmXG43O1mbs3KOVyLRraVW-HcDNbCiXHk3K18k9lkMQUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0u0HQ6fK57vehv-dtNf8_rbtf43X45AAAAAHjw____DwEAAAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwPD___-vAQCKAwI67Ha_7WX5BwAAAAAQAAAAACQAEg4ISgDIdB2c-P________-PMUCfeSPj_____4ZBD4AHHwAPQgAAAD6GXHF32SskGTwRKSgswggAAAAA1P9B25FJOkHFosr__3-_FYArAAABjKXOYrZZdAcl3sIAAAAAjFmgh8XvNzvsGr_bZf7_________zfyf-UcjFPXIlSaIg7lZzS8gAMCaX0AAADbjBgDgjQCcoEPQisFgdQJidgAAAADu_P___-sBydVwN5jYjCuTwzOxzFzGmW83Mkw8FottMTKtZt4Do7a6JS0ajtZHRFhmv-8g5LtdhofPZRAVXW-L3eE0ew7ig4ZhORkE8zNhi9FqMtksh7PlYjIYjoaj0f4MxGQwQBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCKZsi81yNty4NcvNwi0abHxrhW1kc6tsNpdvZPE4JzOHW_T6mD7G0WY5mnmRYADKXiRPi3QisXlmDtfIZTNsZsvFYGUzbDaricU0821MM-NoMRFLNCeLdCK77Jur4W4wsRlXJodnYpm5jDPfbmSYeCwW22JkWs38Ldtis5wNN27NcrNwiwYb31phG9ncKpvN5RtZPM7JzOEWvT6mj3G0WY5m_sZusFkNh8PFat_YDTar4XC4WO07TKZn6nM2Wk-S1UcotFgP35bNaVC4DBbvT2JaTLuzg2jaOzp93rKyoDP6_X6_3-_3-_1-v0HrOZgNCt8wW6tKFz_ZaictPA4GRSwRXKQTwd9zertMTodb9Lf87aa_53W3iCVK00U60Rf9bpfh4XP5K2KJ4HSRToR-t8ui_iMGHMwlq9VcN1cMlqsEAAAAAAAAAGAJppluAgAAAOBkUMvFbDJYp4PZDAazxWq5ADCGcXUBgwAAAAAAAOxyEeSV_3f7syjW2GMU8Pec3i6T0-EW_S1_u-nved2tDACjc4fZZp8RxFqtljUAAAABbAAAAAHcdONNwJkU9____z8OAACAjBx6AAAA9PuAqOj0wo9cKfgVxGg2GO4fgAqxVqvV7cZarVZAgtgNNxP4____TxAAAAAAACAHAg!&cmcv=&pix=31589837&cb=1703588816618&uv=3371&tms=1703588816618&abt=adxsub-out_vA!adxsub-out_vB!dfrc_vB!t45!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1703588814532.8!ts:1703588816618&mntl=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:56 GMT
content-length
0
server
nginx
events
api.permutive.com/v2.0/batch/
101 B
127 B
XHR
General
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
2b4cd100aba98763c8b3a495a4a89c2bccd7d4f2fc634383b483bfe8d16f99f9

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 26 Dec 2023 11:06:56 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
109
ca852450ddef2c05d8cb.js
fem.gprod.postmedia.digital/v93.0/chunks/
3 KB
1 KB
Script
General
Full URL
https://fem.gprod.postmedia.digital/v93.0/chunks/ca852450ddef2c05d8cb.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v93.0/fem.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b1631a16b9a272828ad99cdb2ff9beb5ca3f1bcfe33741fc51fb9fb1e764e227

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 20:00:55 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1702321262
age
572761
x-guploader-uploadid
ABPtcPqetObUg85kbuxEzW7010yELMXCFX2GJ48SNlysrbR5U4RXAwU8h24g9fV4YU2lGe21uCM
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1109
last-modified
Mon, 11 Dec 2023 19:02:01 GMT
server
UploadServer
etag
W/"b8c89500a3911a44ff74904e79f8d535"
vary
Accept-Encoding
x-goog-generation
1702321321293267
x-goog-hash
crc32c=5hc1ug==, md5=uMiVAKORGkT/dJBOefjVNQ==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
3199
accept-ranges
none
cast_sender.js
www.gstatic.com/cv/js/sender/v1/
4 KB
2 KB
Script
General
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/dchHpZtp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 26 Dec 2023 11:06:56 GMT
ads
securepubads.g.doubleclick.net/gampad/
430 KB
38 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3008162381316004&correlator=1771105064598057&eid=31079956%2C31080121%2C31079963%2C31079527&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&iu_parts=3081%2CSMCO_ENUR_TSUN_EN_WEB%2Cindex&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=1200x90%7C970x90%7C728x90%2C6x6%7C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C320x50%2C7x7%7C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C320x50%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C320x50%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C320x50%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C320x50%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C320x50%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C320x50%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C320x50%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250&fluid=0%2C0%2Cheight%2C0%2Cheight%2C0%2Cheight%2C0%2Cheight%2C0%2Cheight%2C0%2Cheight%2C0%2Cheight%2C0%2Cheight%2C0&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1703588816680&lmt=1703588636&adxs=200%2C797%2C768%2C797%2C768%2C200%2C768%2C200%2C768%2C200%2C768%2C200%2C768%2C200%2C768%2C200%2C768%2C200&adys=202%2C1663%2C2231%2C3344%2C4175%2C5212%2C6166%2C5938%2C6512%2C6279%2C6848%2C6620%2C7144%2C6961%2C7530%2C7302%2C7826%2C7643&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7C10%7C11%7C12%7C13%7C14%7C15%7C16%7C17&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg%7Ch%7Ci&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ftorontosun.com%2F&vis=1&psz=1600x90%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250&msz=1600x-1%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1&fws=4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4&ohw=1600%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600&ga_vid=1530872099.1703588817&ga_sid=1703588817&ga_hid=243631979&ga_fc=false&a3p=EhsKDDMzYWNyb3NzLmNvbRjYyrmuyjFIAFICCG8SOwoKcHViY2lkLm9yZxIkNmM1YTQwZWMtMDhjMy00MTIzLTg5NmItZTFkNTkxYzJhNGM1GMDIua7KMUgA&dlt=1703588814843&idt=533&prev_scp=loc%3D1%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3De19b91b2-a3de-11ee-8b37-02a8f35b7e47%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%2C90%7Cloc%3D2%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3De19b91b3-a3de-11ee-8b37-02a8f35b7e47%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%7Cslot%3Dinfeed%26loc%3D2%26amznbid%3D2%26amznp%3D2%26id%3De19b91b4-a3de-11ee-8b37-02a8f35b7e47%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%7Cloc%3D3%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3De19b91b5-a3de-11ee-8b37-02a8f35b7e47%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%2C80%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.23%26hb_adid%3D299cae4e3af1ba28%26hb_bidder%3Drubicon%7Cslot%3Dinfeed%26loc%3D3%26amznbid%3D2%26amznp%3D2%26id%3De19b91b6-a3de-11ee-8b37-02a8f35b7e47%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%2C80%7Cloc%3D4%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3De19b91b7-a3de-11ee-8b37-02a8f35b7e47%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.23%26hb_adid%3D30092d20f1c3da63%26hb_bidder%3Drubicon%7Cslot%3Dinfeed%26loc%3D4%26amznbid%3D2%26amznp%3D2%26id%3De19b91b8-a3de-11ee-8b37-02a8f35b7e47%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%7Cloc%3D5%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3De19b91b9-a3de-11ee-8b37-02a8f35b7e47%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%7Cslot%3Dinfeed%26loc%3D5%26amznbid%3D2%26amznp%3D2%26id%3De19b91ba-a3de-11ee-8b37-02a8f35b7e47%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%7Cloc%3D6%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3De19b91bb-a3de-11ee-8b37-02a8f35b7e47%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%7Cslot%3Dinfeed%26loc%3D6%26amznbid%3D2%26amznp%3D2%26id%3De19b91bc-a3de-11ee-8b37-02a8f35b7e47%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%7Cloc%3D7%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3De19b91bd-a3de-11ee-8b37-02a8f35b7e47%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%7Cslot%3Dinfeed%26loc%3D7%26amznbid%3D2%26amznp%3D2%26id%3De19b91be-a3de-11ee-8b37-02a8f35b7e47%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%7Cloc%3D8%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3De19b91bf-a3de-11ee-8b37-02a8f35b7e47%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%7Cslot%3Dinfeed%26loc%3D8%26amznbid%3D2%26amznp%3D2%26id%3De19b91c0-a3de-11ee-8b37-02a8f35b7e47%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%7Cloc%3D9%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3De19b91c1-a3de-11ee-8b37-02a8f35b7e47%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.23%26hb_adid%3D301d158f1b755db9%26hb_bidder%3Drubicon%7Cslot%3Dinfeed%26loc%3D9%26amznbid%3D2%26amznp%3D2%26id%3De19b91c2-a3de-11ee-8b37-02a8f35b7e47%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%7Cloc%3D10%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3De19b91c3-a3de-11ee-8b37-02a8f35b7e47%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40&cust_params=permutive%3D96400%252Crts%26prmtvvid%3Daff5aa98-56bf-4b87-a6d1-bc7812a53dd0%26prmtvwid%3D23dc09d6-b664-425a-a76e-0eed6a6cc102%26no_pol%3Dtrue%26page%3Dindex%26pr%3Dtsun%26sensitive%3Dn%26negative%3Dn%26et%3Dsm%26ck%3Dindex%26imp%3Dindex%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3Dlow%26ias-kw%3D%26prmtvsdk%3Dweb&adks=913967088%2C1205333068%2C3841865906%2C4150895342%2C3841865917%2C225519802%2C3841865916%2C225519797%2C3841865919%2C225519796%2C3841865918%2C225519799%2C3841865913%2C225519798%2C3841865912%2C225519793%2C3841865915%2C3169864135&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e9b1ef7dc055f01207c9b97fd68f8ce1fa4c7eb77525093435a919f393235487
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:57 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38698
x-xss-protection
0
google-lineitem-id
6320689129,-1,-2,-1,-2,6320689129,-2,6404573011,-2,6404573011,-2,-2,-2,-2,-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138435367041,-1,-2,-1,-2,138435367035,-2,138454355355,-2,138455016757,-2,-2,-2,-2,-2,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://torontosun.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312060101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8ce622cace1448ea25f5b845aea414dd58a5209330a0c57c8d644dab7f36b57a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:56 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12166
x-xss-protection
0
container.html
649c6ddf19c652098f9be9c57d14c43c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2F75
6 KB
3 KB
Document
General
Full URL
https://649c6ddf19c652098f9be9c57d14c43c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 26 Dec 2023 11:06:56 GMT
expires
Wed, 25 Dec 2024 11:06:56 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
generic
match.adsrvr.org/track/cmf/ Frame 63DC
70 B
149 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8B_MCLAbc-tIUe7hsfRG49aUp9nDZ-ioAAABgYID-AAnOjMPlbjdza1bO4Vo0sq3cCudmsBZOjCPnbuWbzCaLISDBmXG43O1mbs3KOVyLRraVW-HcDNbCiXHk3K18k9lkMQUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0u0HQ6fK57vehv-dtNf8_rbtf43X45AAAAAHjw____DwEAAAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwPD___-vAQCKAwI67Ha_7WX5BwAAAAAQAAAAACQAEg4ISgDIdB2c-P________-PMUCfeSPj_____4ZBD4AHHwAPQgAAAD6GXHF32SskGTwRKSgswggAAAAA1P9B25FJOkHFosr__3-_FYArAAABjKXOYrZZdAcl3sIAAAAAjFmgh8XvNzvsGr_bZf7_________zfyf-UcjFPXIlSaIg7lZzS8gAMCaX0AAADbjBgDgjQCcoEPQisFgdQJidgAAAADu_P___-sBydVwN5jYjCuTwzOxzFzGmW83Mkw8FottMTKtZt4Do7a6JS0ajtZHRFhmv-8g5LtdhofPZRAVXW-L3eE0ew7ig4ZhORkE8zNhi9FqMtksh7PlYjIYjoaj0f4MxGQwQBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCKZsi81yNty4NcvNwi0abHxrhW1kc6tsNpdvZPE4JzOHW_T6mD7G0WY5mnmRYADKXiRPi3QisXlmDtfIZTNsZsvFYGUzbDaricU0821MM-NoMRFLNCeLdCK77Jur4W4wsRlXJodnYpm5jDPfbmSYeCwW22JkWs38Ldtis5wNN27NcrNwiwYb31phG9ncKpvN5RtZPM7JzOEWvT6mj3G0WY5m_sZusFkNh8PFat_YDTar4XC4WO07TKZn6nM2Wk-S1UcotFgP35bNaVC4DBbvT2JaTLuzg2jaOzp93rKyoDP6_X6_3-_3-_1-v0HrOZgNCt8wW6tKFz_ZaictPA4GRSwRXKQTwd9zertMTodb9Lf87aa_53W3iCVK00U60Rf9bpfh4XP5K2KJ4HSRToR-t8ui_iMGHMwlq9VcN1cMlqsEAAAAAAAAAGAJppluAgAAAOBkUMvFbDJYp4PZDAazxWq5ADCGcXUBgwAAAAAAAOxyEeSV_3f7syjW2GMU8Pec3i6T0-EW_S1_u-nved2tDACjc4fZZp8RxFqtljUAAAABbAAAAAHcdONNwJkU9____z8OAACAjBx6AAAA9PuAqOj0wo9cKfgVxGg2GO4fgAqxVqvV7cZarVZAgtgNNxP4____TxAAAAAAACAHAg!&cmcv=&pix=undefined&cb=1703588816618&uv=3371&tms=1703588816618&abt=adxsub-out_vA!adxsub-out_vB!dfrc_vB!t45!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=8f88977f-3e98-4d6e-a930-8b8d97e72621&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:56 GMT
server
Kestrel
content-length
70
content-type
image/gif
e613968c-393a-40c7-a6df-effe7dbc92fa-tuctc84394f
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 63DC
43 B
426 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/e613968c-393a-40c7-a6df-effe7dbc92fa-tuctc84394f?gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8B_MCLAbc-tIUe7hsfRG49aUp9nDZ-ioAAABgYID-AAnOjMPlbjdza1bO4Vo0sq3cCudmsBZOjCPnbuWbzCaLISDBmXG43O1mbs3KOVyLRraVW-HcDNbCiXHk3K18k9lkMQUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0u0HQ6fK57vehv-dtNf8_rbtf43X45AAAAAHjw____DwEAAAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwPD___-vAQCKAwI67Ha_7WX5BwAAAAAQAAAAACQAEg4ISgDIdB2c-P________-PMUCfeSPj_____4ZBD4AHHwAPQgAAAD6GXHF32SskGTwRKSgswggAAAAA1P9B25FJOkHFosr__3-_FYArAAABjKXOYrZZdAcl3sIAAAAAjFmgh8XvNzvsGr_bZf7_________zfyf-UcjFPXIlSaIg7lZzS8gAMCaX0AAADbjBgDgjQCcoEPQisFgdQJidgAAAADu_P___-sBydVwN5jYjCuTwzOxzFzGmW83Mkw8FottMTKtZt4Do7a6JS0ajtZHRFhmv-8g5LtdhofPZRAVXW-L3eE0ew7ig4ZhORkE8zNhi9FqMtksh7PlYjIYjoaj0f4MxGQwQBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCKZsi81yNty4NcvNwi0abHxrhW1kc6tsNpdvZPE4JzOHW_T6mD7G0WY5mnmRYADKXiRPi3QisXlmDtfIZTNsZsvFYGUzbDaricU0821MM-NoMRFLNCeLdCK77Jur4W4wsRlXJodnYpm5jDPfbmSYeCwW22JkWs38Ldtis5wNN27NcrNwiwYb31phG9ncKpvN5RtZPM7JzOEWvT6mj3G0WY5m_sZusFkNh8PFat_YDTar4XC4WO07TKZn6nM2Wk-S1UcotFgP35bNaVC4DBbvT2JaTLuzg2jaOzp93rKyoDP6_X6_3-_3-_1-v0HrOZgNCt8wW6tKFz_ZaictPA4GRSwRXKQTwd9zertMTodb9Lf87aa_53W3iCVK00U60Rf9bpfh4XP5K2KJ4HSRToR-t8ui_iMGHMwlq9VcN1cMlqsEAAAAAAAAAGAJppluAgAAAOBkUMvFbDJYp4PZDAazxWq5ADCGcXUBgwAAAAAAAOxyEeSV_3f7syjW2GMU8Pec3i6T0-EW_S1_u-nved2tDACjc4fZZp8RxFqtljUAAAABbAAAAAHcdONNwJkU9____z8OAACAjBx6AAAA9PuAqOj0wo9cKfgVxGg2GO4fgAqxVqvV7cZarVZAgtgNNxP4____TxAAAAAAACAHAg!&cmcv=&pix=undefined&cb=1703588816618&uv=3371&tms=1703588816618&abt=adxsub-out_vA!adxsub-out_vB!dfrc_vB!t45!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=8f88977f-3e98-4d6e-a930-8b8d97e72621&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:3813:6b17:e1ee:5ace Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:56 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58785/ Frame 63DC
0
125 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8B_MCLAbc-tIUe7hsfRG49aUp9nDZ-ioAAABgYID-AAnOjMPlbjdza1bO4Vo0sq3cCudmsBZOjCPnbuWbzCaLISDBmXG43O1mbs3KOVyLRraVW-HcDNbCiXHk3K18k9lkMQUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0u0HQ6fK57vehv-dtNf8_rbtf43X45AAAAAHjw____DwEAAAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwPD___-vAQCKAwI67Ha_7WX5BwAAAAAQAAAAACQAEg4ISgDIdB2c-P________-PMUCfeSPj_____4ZBD4AHHwAPQgAAAD6GXHF32SskGTwRKSgswggAAAAA1P9B25FJOkHFosr__3-_FYArAAABjKXOYrZZdAcl3sIAAAAAjFmgh8XvNzvsGr_bZf7_________zfyf-UcjFPXIlSaIg7lZzS8gAMCaX0AAADbjBgDgjQCcoEPQisFgdQJidgAAAADu_P___-sBydVwN5jYjCuTwzOxzFzGmW83Mkw8FottMTKtZt4Do7a6JS0ajtZHRFhmv-8g5LtdhofPZRAVXW-L3eE0ew7ig4ZhORkE8zNhi9FqMtksh7PlYjIYjoaj0f4MxGQwQBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCKZsi81yNty4NcvNwi0abHxrhW1kc6tsNpdvZPE4JzOHW_T6mD7G0WY5mnmRYADKXiRPi3QisXlmDtfIZTNsZsvFYGUzbDaricU0821MM-NoMRFLNCeLdCK77Jur4W4wsRlXJodnYpm5jDPfbmSYeCwW22JkWs38Ldtis5wNN27NcrNwiwYb31phG9ncKpvN5RtZPM7JzOEWvT6mj3G0WY5m_sZusFkNh8PFat_YDTar4XC4WO07TKZn6nM2Wk-S1UcotFgP35bNaVC4DBbvT2JaTLuzg2jaOzp93rKyoDP6_X6_3-_3-_1-v0HrOZgNCt8wW6tKFz_ZaictPA4GRSwRXKQTwd9zertMTodb9Lf87aa_53W3iCVK00U60Rf9bpfh4XP5K2KJ4HSRToR-t8ui_iMGHMwlq9VcN1cMlqsEAAAAAAAAAGAJppluAgAAAOBkUMvFbDJYp4PZDAazxWq5ADCGcXUBgwAAAAAAAOxyEeSV_3f7syjW2GMU8Pec3i6T0-EW_S1_u-nved2tDACjc4fZZp8RxFqtljUAAAABbAAAAAHcdONNwJkU9____z8OAACAjBx6AAAA9PuAqOj0wo9cKfgVxGg2GO4fgAqxVqvV7cZarVZAgtgNNxP4____TxAAAAAAACAHAg!&cmcv=&pix=undefined&cb=1703588816618&uv=3371&tms=1703588816618&abt=adxsub-out_vA!adxsub-out_vB!dfrc_vB!t45!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=8f88977f-3e98-4d6e-a930-8b8d97e72621&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:56 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
bridge3.609.1_en_ca.html
imasdk.googleapis.com/js/core/ Frame 28A8
750 KB
240 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.609.1_en_ca.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e7efb6ae6f9571dd815db7eee285ce5288648414d2ce024f97135625180c6af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
321402
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
245974
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 17:50:14 GMT
expires
Sat, 21 Dec 2024 17:50:14 GMT
last-modified
Mon, 18 Dec 2023 19:42:36 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/
44 KB
17 KB
Script
General
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 26 Dec 2023 11:06:56 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 5161
40 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 10:38:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1733
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 26 Dec 2023 11:38:03 GMT
manifest-audio_eng=112002-video_eng=156478.m3u8
videos-cloudfront-usp.jwpsrv.com/658b5c90_ba8bee6c4cb5e3eb9431826eb125ce9bf1ed0753/site/ReDAXyY4/media/cHejodfp/version/cHejodfp/manifest.ism/
6 KB
6 KB
XHR
General
Full URL
https://videos-cloudfront-usp.jwpsrv.com/658b5c90_ba8bee6c4cb5e3eb9431826eb125ce9bf1ed0753/site/ReDAXyY4/media/cHejodfp/version/cHejodfp/manifest.ism/manifest-audio_eng=112002-video_eng=156478.m3u8
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.30.1/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:244f:7e00:2:cecb:23c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
edf100c708eb45a6607c05590e6c277601f74c10408b74e84be519edb2709e6d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 02:37:29 GMT
via
1.1 e47c282d2c53705a367f9e376a2eab28.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG52-P4
age
376167
x-cache
Hit from cloudfront
content-length
6114
server
Apache
etag
"usp-BC8E5D28"
vary
Accept-Encoding
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
access-control-expose-headers
server,range,date,x-cdn-forward
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
origin, range, x-cdn-forward
x-amz-cf-id
ORZ5Uu_n80yjrmVVEbpaUYM1GiNqkgvHK34YuTZSRwyDhFUdlEpN2g==
login
postmedia.hub.loginradius.com/ssologin/
38 B
543 B
Fetch
General
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v93.0/fem.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.185.12.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-12-185.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
application/json

Response headers

Date
Tue, 26 Dec 2023 11:06:57 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Server
nginx
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS, POST, GET, PUT, OPTIONS, DELETE
Content-Type
application/json
Access-Control-Allow-Origin
https://torontosun.com
X-LoginRadius-Server
Primary - IDX - AWS
Access-Control-Allow-Credentials
true
X-Server
ms_idx_primary
Connection
keep-alive
Content-Length
38
login
postmedia.hub.loginradius.com/ssologin/ Frame
0
0
Preflight
General
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.185.12.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-12-185.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS POST, GET, PUT, OPTIONS, DELETE
Access-Control-Allow-Origin
https://torontosun.com
Connection
keep-alive
Date
Tue, 26 Dec 2023 11:06:57 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-LoginRadius-Server
Primary - IDX - AWS
X-Server
ms_idx_primary
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v15.8.6/
429 KB
81 KB
Script
General
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v15.8.6/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_7_1/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
68695c601fa95d4bb33373955d52ec3f8a5c0b8233df2019918276a1fe1f55e3

Request headers

Referer
https://torontosun.com/
Origin
https://torontosun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-meta-mtime
1702980075
date
Tue, 26 Dec 2023 11:06:56 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
PD5PWKHN6QA9H6A8
age
608683
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1702980088
x-amz-meta-mode
33188
content-length
82175
x-amz-id-2
3+ofQETv+AEUVl+bSb/ifEIAdKn95WRtjEl6U5JMIMv+tBAjq/kjrxNSYtb7G6R7QYGYCxf/WAs=
x-served-by
cache-fra-etou8220058-FRA
last-modified
Tue, 19 Dec 2023 10:01:29 GMT
server
AmazonS3-br
x-timer
S1703588817.921258,VS0,VE0
etag
"a41ed74a255098313081b378c4525c54"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
599467
sync
am-match.taboola.com/ Frame 9B74
439 B
533 B
Document
General
Full URL
https://am-match.taboola.com/sync?dast=V8B_MCLAbc-tIUe7hsfRG49aUp9nDZ-ioAAABgYID-AAnOjMPlbjdza1bO4Vo0sq3cCudmsBZOjCPnbuWbzCaLISDBmXG43O1mbs3KOVyLRraVW-HcDNbCiXHk3K18k9lkMQUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0u0HQ6fK57vehv-dtNf8_rbtf43X45AAAAAHjw____DwEAAAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwPD___-vAQCKAwI67Ha_7WX5BwAAAAAQAAAAACQAEg4ISgDIdB2c-P________-PMUCfeSPj_____4ZBD4AHHwAPQgAAAD6GXHF32SskGTwRKSgswggAAAAA1P9B25FJOkHFosr__3-_FYArAAABjKXOYrZZdAcl3sIAAAAAjFmgh8XvNzvsGr_bZf7_________zfyf-UcjFPXIlSaIg7lZzS8gAMCaX0AAADbjBgDgjQCcoEPQisFgdQJidgAAAADu_P___-sBydVwN5jYjCuTwzOxzFzGmW83Mkw8FottMTKtZt4Do7a6JS0ajtZHRFhmv-8g5LtdhofPZRAVXW-L3eE0ew7ig4ZhORkE8zNhi9FqMtksh7PlYjIYjoaj0f4MxGQwQBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCKZsi81yNty4NcvNwi0abHxrhW1kc6tsNpdvZPE4JzOHW_T6mD7G0WY5mnmRYADKXiRPi3QisXlmDtfIZTNsZsvFYGUzbDaricU0821MM-NoMRFLNCeLdCK77Jur4W4wsRlXJodnYpm5jDPfbmSYeCwW22JkWs38Ldtis5wNN27NcrNwiwYb31phG9ncKpvN5RtZPM7JzOEWvT6mj3G0WY5m_sZusFkNh8PFat_YDTar4XC4WO07TKZn6nM2Wk-S1UcotFgP35bNaVC4DBbvT2JaTLuzg2jaOzp93rKyoDP6_X6_3-_3-_1-v0HrOZgNCt8wW6tKFz_ZaictPA4GRSwRXKQTwd9zertMTodb9Lf87aa_53W3iCVK00U60Rf9bpfh4XP5K2KJ4HSRToR-t8ui_iMGHMwlq9VcN1cMlqsEAAAAAAAAAGAJppluAgAAAOBkUMvFbDJYp4PZDAazxWq5ADCGcXUBgwAAAAAAAOxyEeSV_3f7syjW2GMU8Pec3i6T0-EW_S1_u-nved2tDACjc4fZZp8RxFqtljUAAAABbAAAAAHcdONNwJkU9____z8OAACAjBx6AAAA9PuAqOj0wo9cKfgVxGg2GO4fgAqxVqvV7cZarVZAgtgNNxP4____TxAAAAAAACAHAg!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_7_1/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
d0f038abf190d8f1442efbbd3fe43ab45498a0d68d12663103e6ae99007472a2

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Tue, 26 Dec 2023 11:06:57 GMT
machineid
3401
server
nginx
blackScreen5.mp4
vidstatb.taboola.com/vid/
89 KB
89 KB
Media
General
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
https://torontosun.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=0-

Response headers

x-amz-meta-mtime
1497790207
date
Tue, 26 Dec 2023 11:06:56 GMT
via
1.1 795296520f6c881b9bc43c02feb87e9a.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
WAW51-P3
age
1018552
x-cache
Hit from cloudfront, HIT
Content-Range
bytes 0-90783/90784
x-amz-meta-mode
33188
Content-Length
90784
x-served-by
cache-fra-etou8220039-FRA
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
server
AmazonS3
x-timer
S1703588817.969366,VS0,VE0
etag
"b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
xtvdtXdg65Tse6z_ZJhus8xqGCETujMuNl_HaJqQ-1vnBjJJMisxCQ==
x-cache-hits
496298
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 26 Dec 2023 11:06:57 GMT
cx-overlay.js
tags.catapultx.com/cxo/
127 KB
43 KB
Script
General
Full URL
https://tags.catapultx.com/cxo/cx-overlay.js
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/cxo/cx-bootstrapper-init
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fe4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
9fba1b0797e04bb4e94dffcf9068f89e75b4fa5569dc9efcb5aa72275435457b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Dec 2023 15:58:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
94
etag
W/"121"
x-powered-by
Express
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fKKl2WCsa%2FGshzuVgMCZc%2F%2FPMoKbK5XV6EqzRUsWsi2%2B3XCI5aIZDtMYCtZcYpnROWw6gZmQVdBrSRD%2B7LNGQmN1kL2qF40FfaUiOmQjJFr4kJi%2BqLnexM9y3GluX5pk0HYAwwzp5NmTvn35%2FVa9Yg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=180
cf-ray
83b8db7a0fb91cab-FRA
cast_framework.js
www.gstatic.com/cast/sdk/libs/sender/1.0/
35 KB
12 KB
Script
General
Full URL
https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12197
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 23:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="chrome-dongle"
vary
Accept-Encoding
report-to
{"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type
text/javascript
cache-control
private, max-age=0
accept-ranges
bytes
expires
Tue, 26 Dec 2023 11:06:56 GMT
cast_sender.js
www.gstatic.com/eureka/clank/120/
50 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/eureka/clank/120/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 12:40:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80797
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14705
x-xss-protection
0
last-modified
Mon, 23 Oct 2023 15:04:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Tue, 26 Dec 2023 12:40:19 GMT
manifest-audio_eng=112002-video_eng=156478-1.ts
videos-cloudfront-usp.jwpsrv.com/658b5c90_ba8bee6c4cb5e3eb9431826eb125ce9bf1ed0753/site/ReDAXyY4/media/cHejodfp/version/cHejodfp/manifest.ism/
133 KB
133 KB
XHR
General
Full URL
https://videos-cloudfront-usp.jwpsrv.com/658b5c90_ba8bee6c4cb5e3eb9431826eb125ce9bf1ed0753/site/ReDAXyY4/media/cHejodfp/version/cHejodfp/manifest.ism/manifest-audio_eng=112002-video_eng=156478-1.ts
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.30.1/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:244f:7e00:2:cecb:23c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
c42ec0c9a7618f656cdf101174d4cb4871577ba4c75a718b2cbe8c5b27848014

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 02:37:30 GMT
via
1.1 e47c282d2c53705a367f9e376a2eab28.cloudfront.net (CloudFront)
x-usp-info1
t=1970-01-01T00:00:00Z lookahead=2
x-amz-cf-pop
CDG52-P4
age
376167
x-cache
Hit from cloudfront
content-length
135736
server
Apache
etag
"usp-50D2EA07"
content-type
video/MP2T
access-control-allow-origin
*
access-control-expose-headers
server,range,date,x-cdn-forward
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
link
<manifest-audio_eng=112002-video_eng=156478-2.ts>; rel="next"
access-control-allow-headers
origin, range, x-cdn-forward
x-amz-cf-id
-RcuUqTi42NXkDTvYWUJze3czErIGKRfJHQZrGdginh5IwFBpn-C-A==
ping.gif
prd.jwpltx.com/v1/clienta/
0
202 B
Image
General
Full URL
https://prd.jwpltx.com/v1/clienta/ping.gif?h=-1265658701&e=abr&n=8874453908484543&abc=0&aid=EP4j6LNJEeu2Q2J%2B7u8ONQ&amp=0&ask=z3leKtY8&at=1&c=1&ccp=0&cp=0&d=0&eb=0&ed=6&emi=146if3f70qbu&i=0&id=cHejodfp&lid=1je3x521i4hg&lsa=read&mt=0&pbd=1&pbr=1&pgi=13eg3qm1p9q9&ph=1&pid=dchHpZtp&pii=0&pl=282&plc=20&pli=1oew4671vz66&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&pu=https%3A%2F%2Ftorontosun.com%2F&pv=8.30.1&pyc=0&s=0&sdk=0&stc=1&stpe=0&t=NFL%20Breakdown%3A%20Week%2016%20picks&tv=3.43.2&vb=1&vi=1&vl=90&wd=501&ab=1&abid=lbcjgzpwjijf&apid=lbcjgzpwjijf&awi=1&awc=1&p=-1&pc=0&pi=0&pr=0&aml=0&flpy=USD&vpb=%7B%22pubmatic.id%22%3A%225353002%22%2C%22pubmatic.pubid%22%3A%22160305%22%2C%22pubmatic.result%22%3A0%2C%22pubmatic.code%22%3A0%2C%22pubmatic.timeForBidResponse%22%3A500%2C%22rubicon.pubid%22%3A%2214648%22%2C%22rubicon.siteId%22%3A%22505096%22%2C%22rubicon.result%22%3A0%2C%22rubicon.code%22%3A0%2C%22rubicon.timeForBidResponse%22%3A255%2C%22rubicon.zoneId%22%3A%223013902%22%2C%22indexexchange.id%22%3A%221031514%22%2C%22indexexchange.result%22%3A0%2C%22indexexchange.code%22%3A0%2C%22indexexchange.timeForBidResponse%22%3A193%7D&vto=3000&sa=1703588817082
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:c000:1b:6b7c:c940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:57 GMT
via
1.1 9a81383d5a4095cd87ee33985e4b2bf8.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
AMS58-P2
x-amz-cf-id
DVhAl3lqzWz2os-QscU4XrgmOnqkc1Xxq-veB3wtjqG0Urvg0X7SjA==
x-cache
Miss from cloudfront
cHejodfp-120.jpg
assets-jpcust.jwpsrv.com/strips/
Redirect Chain
  • https://cdn.jwplayer.com/strips/cHejodfp-120.jpg
  • https://assets-jpcust.jwpsrv.com/strips/cHejodfp-120.jpg
224 KB
223 KB
Image
General
Full URL
https://assets-jpcust.jwpsrv.com/strips/cHejodfp-120.jpg
Protocol
H2
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
51d101909ab68d28716e4de8ad358bd27e7ae3ff761d69eb413fd79fee2e7cc4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:57 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
236
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS
content-length
228527
x-served-by
cache-iad-kiad7000177-IAD, cache-sof1510032-SOF
last-modified
Fri, 22 Dec 2023 02:01:49 GMT
server
nginx
x-timer
S1703588817.271356,VS0,VE114
etag
"e907f46a49773964dfd90917d0194e78"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
11777, 0

Redirect headers

date
Tue, 26 Dec 2023 11:06:57 GMT
via
1.1 00f66bc6263192200d1a0cdb83e969f8.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P1
x-cache
Miss from cloudfront
content-type
text/html
location
https://assets-jpcust.jwpsrv.com/strips/cHejodfp-120.jpg
access-control-allow-origin
*
x-robots-tag
noindex, indexifembedded
content-length
166
x-amz-cf-id
KiHsrAqIjjkSL7y6VXJYO3AZZvcPjml6oi5gBYqpjYn38TDbOXeFew==
33645985
ads.stickyadstv.com/vast/vpaid-adapter/
796 B
1 KB
XHR
General
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/33645985?_fw_gdpr=1&schain=1.0,1!taboola.com,1613115,1,1846327758&_fw_us_privacy=1---
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.8.6/OvaMediaPlayer.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2607:ae80:192:1::172 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
1846a539045bba1996b0e43e5ac44f5010e37e55a8cf433f8f4c34c7244fd6b5

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 26 Dec 2023 11:06:57 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://torontosun.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1703588817320066-345
p-fc3a8e1a.system.js
tags.catapultx.com/cxo/
2 KB
1 KB
Script
General
Full URL
https://tags.catapultx.com/cxo/p-fc3a8e1a.system.js
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/cxo/cx-overlay.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fe4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
3e72ffa59a0684c988173f4ea0d75435f8ff50995c92974aa316288efe96a539

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Dec 2023 15:58:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
94
etag
W/"121"
x-powered-by
Express
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P7Cl8WqfTi4BhflkdZLPM3vrUVUK6lpkC44FjLyNdB8MymJTn4QeXX5%2F7crwIwsNvhoCMmqkh%2BL7mm0czv%2FYRiwvkH5xqGpngudbWw5pI64vunkuiCw4Qgl18hsO5Dy5nqIOjPUTudwWmFKtOk3ezg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=180
cf-ray
83b8db7b69501cab-FRA
state
api.permutive.com/v1.0/
0
34 B
XHR
General
Full URL
https://api.permutive.com/v1.0/state?fetch_unseen=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Tue, 26 Dec 2023 11:06:57 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DA00
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
40787
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 25 Dec 2023 23:47:10 GMT
expires
Tue, 24 Dec 2024 23:47:10 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C28E
829 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2fba8a4c6b1cabd80d5d8986c802c9d15fd1bedfd09117d46c71915b552ed7bf
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-uDdAjBSI_1EKzxZ6G9lNvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-uDdAjBSI_1EKzxZ6G9lNvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 26 Dec 2023 11:06:57 GMT
expires
Tue, 26 Dec 2023 11:06:57 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
3575aa3f-129b-40aa-9a5e-5e8ac51a6204
https://torontosun.com/
366 KB
0
Other
General
Full URL
blob:https://torontosun.com/3575aa3f-129b-40aa-9a5e-5e8ac51a6204
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
943030a2bb4a69de7b031fefa25844e7cfd27154a2ba1f4b05d180a55273ab21

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
374591
Content-Type
text/javascript
bulk
trc.taboola.com/postmedia-torontosun/log/3/
0
347 B
XHR
General
Full URL
https://trc.taboola.com/postmedia-torontosun/log/3/bulk?tvi50=14608&route=AM%3AAM%3AV&lti=deflated&bulkSize=5
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231225-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
10
date
Tue, 26 Dec 2023 11:06:57 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7262
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220039-FRA
pragma
no-cache
server
nginx
x-timer
S1703588817.234756,VS0,VE10
content-type
image/gif
access-control-allow-origin
https://torontosun.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
signinprompt
edge-auth.microsoft.com/v0.5/ Frame BEB7
472 B
851 B
Document
General
Full URL
https://edge-auth.microsoft.com/v0.5/signinprompt?uuid=00e95c4a-9fc2-4ce3-a8fb-dd3496dd584c&send_session_started=true&client_id=a2f5b229-db73-4076-8a05-f85b0fd8a6e8&locale=en-US&context=signin
Requested by
Host: edge-auth.microsoft.com
URL: https://edge-auth.microsoft.com/js/ms_auth_client.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.6.158 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
bingforbusiness.com
Software
/
Resource Hash
b2e010dce82b03b0a32ed72bbfd8b451ee07121179f71fa37bc8a89e1edbee93
Security Headers
Name Value
Content-Security-Policy script-src 'strict-dynamic' 'nonce-/BPMjDi/8Mf/uDFRqdMoQRzSz9IV3wf5SDvfNIiw1Y3/ZW5+nFDNFRFavnFgmb+p8BQIHFxA5XMs5NOjzSqITLtQJg/F/3wyQrOzyvB84QK7U/o3vF8FW6COwETHq/JheeWb9xsaL3SVVah6ijRYG6LygqY1Vq0bxvGCq3ffbl8=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
content-security-policy
script-src 'strict-dynamic' 'nonce-/BPMjDi/8Mf/uDFRqdMoQRzSz9IV3wf5SDvfNIiw1Y3/ZW5+nFDNFRFavnFgmb+p8BQIHFxA5XMs5NOjzSqITLtQJg/F/3wyQrOzyvB84QK7U/o3vF8FW6COwETHq/JheeWb9xsaL3SVVah6ijRYG6LygqY1Vq0bxvGCq3ffbl8=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';
content-type
text/html; charset=utf-8
date
Tue, 26 Dec 2023 11:06:56 GMT
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: C6E899701D8A4ED0AFDAC2A1AFC9E3D0 Ref B: AMS231032601025 Ref C: 2023-12-26T11:06:57Z
load
experience.tinypass.com/xbuilder/experience/
4 KB
2 KB
Script
General
Full URL
https://experience.tinypass.com/xbuilder/experience/load?aid=KlFb8Hg2nS
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v93.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:dff8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0876b1b660da79fad9471d3e15816803e4c8f066cba866063bca01f316f7ec93
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
date
Tue, 26 Dec 2023 11:06:57 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 26 Dec 2023 10:29:07 GMT
server
cloudflare
age
2270
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=1800
cf-ray
83b8db7c6e934d49-FRA
alt-svc
h3=":443"; ma=86400
x-request-id
yqdruzyubn
expires
Tue, 26 Dec 2023 11:36:57 GMT
vf-v2.js
cdn.viafoura.net/
860 KB
201 KB
Script
General
Full URL
https://cdn.viafoura.net/vf-v2.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v93.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:e800:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2196688d207f9a82188db611ae912978d9c8216c2b4315784871bce6d42846d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
YlbS_G4WAW7t_ds3W.YeUbIaDvXXT1Jm
content-encoding
br
via
1.1 d53a72f970327ac790782b2a7692e5f6.cloudfront.net (CloudFront)
date
Tue, 26 Dec 2023 11:05:56 GMT
x-amz-cf-pop
AMS58-P2
age
61
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 14 Dec 2023 16:08:26 GMT
server
AmazonS3
etag
W/"70684489be37a1b0f601e0e4dcb4baad"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
x-amz-cf-id
elvhlpCZFBOKuEYcxkiOYaeHtXXJb3ohOgZ4jeJ8Vx5Tcec1IEOcHw==
gtm.js
www.googletagmanager.com/
447 KB
124 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v93.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8211226dedc89e5283d9e07969eb21fbde7ef0ffb0430d4946dfb902e850db6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127246
x-xss-protection
0
last-modified
Tue, 26 Dec 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 26 Dec 2023 11:06:57 GMT
beacon.js
sb.scorecardresearch.com/
4 KB
2 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v93.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-53.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 05:41:31 GMT
content-encoding
gzip
via
1.1 14b30c40b56ef4c9699e1ca92d5cdc08.cloudfront.net (CloudFront)
last-modified
Thu, 07 Dec 2023 12:13:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P5
age
19532
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
AZBQolFIfufUe9kjw6paEci3AKpeKWTPJfuHtbz8Ul-Pvivg6ztyyg==
mparticle.js
jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/
294 KB
99 KB
Script
General
Full URL
https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v93.0/fem.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
967857a6f62c9b85fb14d10592b8c25dee539a4a1c4bf8e2f591af9ef30caad1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-served-by
cache-iad-kcgs7200117-IAD, cache-sof1510029-SOF
date
Tue, 26 Dec 2023 11:06:57 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
server
Kestrel
age
56
x-timer
S1703588817.406419,VS0,VE110
x-origin-name
fastlyshield--shield_ssl_cache_iad_kcgs7200117_IAD
x-cache
HIT, MISS
content-type
application/javascript
vary
Accept, Accept-Encoding
cache-control
public, max-age=3600
accept-ranges
bytes
content-length
100844
x-cache-hits
48, 0
gtm.js
www.googletagmanager.com/
153 KB
50 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v93.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2aae99495a2fa1709a29b136b8c6769e562deb182f3d5464a0caa1d360929364
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50358
x-xss-protection
0
last-modified
Tue, 26 Dec 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 26 Dec 2023 11:06:57 GMT
p-31c577a7.system.js
tags.catapultx.com/cxo/
14 KB
6 KB
Script
General
Full URL
https://tags.catapultx.com/cxo/p-31c577a7.system.js
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/cxo/cx-overlay.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fe4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
a87dab54792ca3697212f10ca3a1504a38c2c6d609612d0e3954824d2726a172

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Dec 2023 15:58:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
94
etag
W/"121"
x-powered-by
Express
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2rE2vSvDIzYQI9RFeK4HH23bqbNhOQzRTpzXFzC9uG7FpKfwkKDL4%2Fj3Xt6zhBzLrnh0Is1TJ%2Bfl6j7RhYMtfj%2FmKPR8X0Hv2YD1MyKJq4KNlrHvbpsizTJSMp9D%2BZ6i9%2BOqynAmsJZH75LAjAqUWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=180
cf-ray
83b8db7bfa051cab-FRA
TaOiBxoA-120.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/mnOdOa0o/poster.jpg?width=120
  • https://assets-jpcust.jwpsrv.com/thumbnails/TaOiBxoA-120.jpg
3 KB
3 KB
Image
General
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/TaOiBxoA-120.jpg
Protocol
H2
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c79380e504a585107d19c91f6b910df317af334f7340151359272454b91fe8f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:57 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
512
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
3118
x-served-by
cache-iad-kiad7000085-IAD, cache-sof1510032-SOF
last-modified
Fri, 22 Dec 2023 01:15:11 GMT
server
nginx
x-timer
S1703588817.457554,VS0,VE109
etag
"d4719f1d01df0b37251f4e9e1d3cee06"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
15446, 1

Redirect headers

date
Tue, 26 Dec 2023 11:06:57 GMT
via
1.1 00f66bc6263192200d1a0cdb83e969f8.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P1
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/TaOiBxoA-120.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
_WMBX-GkbgisilO22QKQAjFbXU6ynqR3dl82Ypw9faRR-MgvpoBtzQ==
9bdd1e6ffc7e7781f63a24272458fba4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
57 KB
58 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9bdd1e6ffc7e7781f63a24272458fba4.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f1bae7aed8994abd3673afcabec628b719e13a663ae74c3983bcb9871278f7b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 26 Dec 2023 11:06:57 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9bdd1e6ffc7e7781f63a24272458fba4.jpg
age
1464795
edge-cache-tag
630770987720074874774246095262411355979,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
630770987720074874774246095262411355979,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
252
req-referer
https://www.all-in.de/
content-length
58192
x-request-id
9f5db1e39676edba18b478e292803f19
x-served-by
cache-iad-kiad7000031-IAD, cache-iad-kjyo7100086-IAD, cache-lga21931-LGA, cache-iad-kjyo7100041-IAD, cache-fra-etou8220039-FRA
last-modified
Sat, 09 Dec 2023 12:13:40 GMT
server
nginx
surrogate-reporting
width=1000,height=500,bytes=102478,owidth=1000,oheight=560,obytes=654097
x-timer
S1703588817.287307,VS0,VE0
etag
"ce2e51f827a9c69b429e35b7c8f6649d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 0, 53
bobbie-jean-carter.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/
7 KB
7 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/bobbie-jean-carter.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b421e722a5b85284f2aa4281c9c9184ed0ebb1b9c5433a998877df450c84b405

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 26 Dec 2023 11:06:57 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/bobbie-jean-carter.jpg
age
215638
edge-cache-tag
408666724172090235398110283261439025381,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
cache-tag
408666724172090235398110283261439025381,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
347
req-referer
https://torontosun.com/
content-length
6774
x-request-id
ee3c48c0ffcdb556a684854dd2cfc537
x-served-by
cache-iad-kjyo7100155-IAD, cache-iad-kjyo7100140-IAD, cache-ewr18135-EWR, cache-iad-kjyo7100132-IAD, cache-fra-etou8220039-FRA
last-modified
Sat, 23 Dec 2023 22:12:57 GMT
server
nginx
surrogate-reporting
width=380,height=212,bytes=10599,owidth=1000,oheight=750,obytes=61014,ef=(1,13,17,23,30)
x-timer
S1703588817.287914,VS0,VE0
etag
"091c9d36bdc009085503b6bee88714da"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 74, 2
billie-eillish.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2021/06/
5 KB
6 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2021/06/billie-eillish.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e514ff21e53b0e836a3ec46c15c06a4c7652d732c4013298915a499a0ed367c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 26 Dec 2023 11:06:57 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2021/06/billie-eillish.jpg
age
491648
edge-cache-tag
426840081984310874981524942780009284082,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
cache-tag
426840081984310874981524942780009284082,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
481
req-referer
https://torontosun.com/
content-length
5308
x-request-id
cb4de08827bff83df3032ec0a24bb08d
x-served-by
cache-iad-kcgs7200040-IAD, cache-iad-kiad7000089-IAD, cache-bur-kbur8200118-BUR, cache-iad-kiad7000071-IAD, cache-fra-etou8220039-FRA
last-modified
Wed, 20 Dec 2023 18:27:29 GMT
server
nginx
surrogate-reporting
width=380,height=212,bytes=9469,owidth=1000,oheight=750,obytes=33833,ef=(1,13,17,23,30)
x-timer
S1703588817.287691,VS0,VE0
etag
"5250a4b52090e6b321d68353c54d62a7"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 69, 2
ab7ec63b5e45273e9d0685b92e871cac.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
14 KB
14 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ab7ec63b5e45273e9d0685b92e871cac.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d7625192ef2328a875ce7364023722aeb5e093bf8ceae8013917e005763ae234

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 26 Dec 2023 11:06:57 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ab7ec63b5e45273e9d0685b92e871cac.jpg
age
2843171
edge-cache-tag
491672595259720921679951174822222721209,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
491672595259720921679951174822222721209,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time
110
expiration
expiry-date="Mon, 18 Dec 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.fussballtransfers.com/
content-length
14048
x-served-by
cache-iad-kcgs7200073-IAD, cache-iad-kiad7000070-IAD, cache-lax-kwhp1940092-LAX, cache-iad-kiad7000078-IAD, cache-fra-etou8220039-FRA
last-modified
Fri, 17 Nov 2023 11:44:18 GMT
server
nginx
surrogate-reporting
width=1067,height=533,bytes=47501,owidth=1067,oheight=600,obytes=60107
x-timer
S1703588817.287628,VS0,VE0
etag
"15081d00cc93491a0f4e5b5682238cb0"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 4, 1, 0, 8
3cd946682bb54ffc192c330f6cd78c67.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
12 KB
13 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3cd946682bb54ffc192c330f6cd78c67.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1f62ab462132d30e96e4b5138be4866b37ba0f6268ed5e9890815621f9f1d42a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 26 Dec 2023 11:06:57 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3cd946682bb54ffc192c330f6cd78c67.jpg
age
1465113
edge-cache-tag
365613285388987769532952377643884752202,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
cache-tag
365613285388987769532952377643884752202,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
402
req-referer
https://www.direktweg.com/
content-length
12390
x-request-id
bf68964e108756a966e60a20240c883b
x-served-by
cache-iad-kjyo7100021-IAD, cache-iad-kiad7000106-IAD, cache-lax-kwhp1940082-LAX, cache-iad-kjyo7100097-IAD, cache-fra-etou8220039-FRA
last-modified
Sat, 09 Dec 2023 11:30:11 GMT
server
nginx
surrogate-reporting
width=380,height=212,bytes=21108,owidth=1000,oheight=600,obytes=355661
x-timer
S1703588817.287681,VS0,VE0
etag
"c6dc991ab9811467de43025647c8150e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 4
d1sslrl2lsscinl2o04r.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1702295933/
5 KB
6 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1702295933/d1sslrl2lsscinl2o04r.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0f2c9c52886409123745e7e3ca3a33cb7bd73d7d12b7294ac5824988bcc52131

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 26 Dec 2023 11:06:57 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1702295933/d1sslrl2lsscinl2o04r.jpg
age
1292869
edge-cache-tag
565491132591805189440235802691306685081,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
565491132591805189440235802691306685081,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, MISS, MISS, HIT
x-envoy-upstream-service-time
322
req-referer
https://www.4players.de/
content-length
5174
x-request-id
6af84561d450bbc66a2f6c3d59d6b1c4
x-served-by
cache-iad-kcgs7200153-IAD, cache-iad-kcgs7200120-IAD, cache-lax-kwhp1940105-LAX, cache-iad-kiad7000108-IAD, cache-fra-etou8220039-FRA
last-modified
Mon, 11 Dec 2023 11:59:07 GMT
server
nginx
surrogate-reporting
width=800,height=444,bytes=19717,owidth=800,oheight=450,obytes=19304
x-timer
S1703588817.337263,VS0,VE0
etag
"53113ca1857ebde07e84e664d4555b1c"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 0, 3
2f87776b3580b772c988979fccc36347.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
55 KB
56 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2f87776b3580b772c988979fccc36347.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4308515be876a760c144eab91d83c80b4942d460d1a4d63b60159f1a2f0a8517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 26 Dec 2023 11:06:57 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2f87776b3580b772c988979fccc36347.png
age
3630659
edge-cache-tag
539264722275397693898618951167535693130,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
539264722275397693898618951167535693130,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
196
req-referer
https://www.selbstversorger.de/
content-length
56628
x-request-id
0f5f49d196f67e62743b8b7aa48a3f6b
x-served-by
cache-iad-kiad7000036-IAD, cache-iad-kjyo7100021-IAD, cache-iad-kiad7000123-IAD, cache-fra-etou8220039-FRA
last-modified
Thu, 10 Aug 2023 01:55:26 GMT
server
nginx
x-timer
S1703588817.347954,VS0,VE0
etag
"acd0bc56b0057258db7e148a76fe5165"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 24, 2
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/
254 B
764 B
Image
General
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Tue, 26 Dec 2023 11:06:57 GMT
via
1.1 varnish
x-amz-request-id
1V3H9VCVPBG1B2M0
age
17116
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by
cache-fra-etou8220039-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1703588817.288823,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
16
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
6515
manifest-audio_eng=112002-video_eng=335908.m3u8
videos-cloudfront-usp.jwpsrv.com/658b5c90_ba8bee6c4cb5e3eb9431826eb125ce9bf1ed0753/site/ReDAXyY4/media/cHejodfp/version/cHejodfp/manifest.ism/
6 KB
6 KB
XHR
General
Full URL
https://videos-cloudfront-usp.jwpsrv.com/658b5c90_ba8bee6c4cb5e3eb9431826eb125ce9bf1ed0753/site/ReDAXyY4/media/cHejodfp/version/cHejodfp/manifest.ism/manifest-audio_eng=112002-video_eng=335908.m3u8
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.30.1/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:244f:7e00:2:cecb:23c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
35bdfe912d9f57df15a416a891058c2e75632e1d42d0620a32b1f34a17f5aec9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 02:17:29 GMT
via
1.1 e47c282d2c53705a367f9e376a2eab28.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG52-P4
age
377368
x-cache
Hit from cloudfront
content-length
6114
server
Apache
etag
"usp-A2206FAC"
vary
Accept-Encoding
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
access-control-expose-headers
server,range,date,x-cdn-forward
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
origin, range, x-cdn-forward
x-amz-cf-id
vMEkNx3wOb1EcBfDD7Jb0A5AgHIDbyh5MjbleGQQN0Lv5zo820jULA==
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame DA00
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 23:47:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
40787
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 24 Dec 2024 23:47:10 GMT
ms_auth_server_button.min.js
edge-auth.microsoft.com/v0.5/js/ Frame BEB7
26 KB
27 KB
Script
General
Full URL
https://edge-auth.microsoft.com/v0.5/js/ms_auth_server_button.min.js
Requested by
Host: edge-auth.microsoft.com
URL: https://edge-auth.microsoft.com/v0.5/signinprompt?uuid=00e95c4a-9fc2-4ce3-a8fb-dd3496dd584c&send_session_started=true&client_id=a2f5b229-db73-4076-8a05-f85b0fd8a6e8&locale=en-US&context=signin
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.6.158 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
bingforbusiness.com
Software
/
Resource Hash
7c8f24757683d5fece3f8af5853e19b1432c3d9110c3f6307b1ea434807eb4c7
Security Headers
Name Value
Content-Security-Policy script-src 'strict-dynamic' 'nonce-Yi/CHN2oW70XSkkCIzvnzunCg7CGY5B74kFIbzKqgvJEFaAqiGcr/H5S+4pXDIfnGY7JuRnS6kJ8SeTXtV4EJyMlUEfaQHrYTJzvjyCp8QvM+Of2Esg2cHQs1AXot46k74gJnbeZVVxCzbej6y4WtiyZvZCYugHhxO9eAey4fzw=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://edge-auth.microsoft.com/v0.5/signinprompt?uuid=00e95c4a-9fc2-4ce3-a8fb-dd3496dd584c&send_session_started=true&client_id=a2f5b229-db73-4076-8a05-f85b0fd8a6e8&locale=en-US&context=signin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
script-src 'strict-dynamic' 'nonce-Yi/CHN2oW70XSkkCIzvnzunCg7CGY5B74kFIbzKqgvJEFaAqiGcr/H5S+4pXDIfnGY7JuRnS6kJ8SeTXtV4EJyMlUEfaQHrYTJzvjyCp8QvM+Of2Esg2cHQs1AXot46k74gJnbeZVVxCzbej6y4WtiyZvZCYugHhxO9eAey4fzw=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';
date
Tue, 26 Dec 2023 11:06:56 GMT
last-modified
Sat, 11 Nov 2023 09:01:52 GMT
x-msedge-ref
Ref A: 178640965AB64449BF0EA649630E5630 Ref B: AMS231032601025 Ref C: 2023-12-26T11:06:57Z
etag
"1da147db622689d"
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
26781
p-cb52e3b0.system.entry.js
tags.catapultx.com/cxo/
553 KB
128 KB
Script
General
Full URL
https://tags.catapultx.com/cxo/p-cb52e3b0.system.entry.js
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/cxo/cx-overlay.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fe4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
4da325f33603cea1c0fb888724333710a30f485bd6bacd5bb5c3cf094c1048f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Dec 2023 15:58:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4
etag
W/"121"
x-powered-by
Express
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m7xoD9QQqnR%2FZ8b9DkiHipJeQxGkaTt4wvRdlXgO%2BhP5I1LxF3p70uDY5gqrZIbwcjxpVwPtGEFC1FL9gaBHd93qMXbTlbnAjItk2prn0XAxXaoCRzLTZJptYdAzkQ4XaMVWsWTu9YePjt7J%2BLfwgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=180
cf-ray
83b8db7c6a741cab-FRA
generic
match.adsrvr.org/track/cmf/ Frame 8B69
70 B
148 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8B_MCLAbc-tIUe7hsfRG49aUp9nDZ-ioAAABgYID-AAnOjMPlbjdza1bO4Vo0sq3cCudmsBZOjCPnbuWbzCaLISDBmXG43O1mbs3KOVyLRraVW-HcDNbCiXHk3K18k9lkMQUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0u0HQ6fK57vehv-dtNf8_rbtf43X45AAAAAHjw____DwEAAAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwPD___-vAQCKAwI67Ha_7WX5BwAAAAAQAAAAACQAEg4ISgDIdB2c-P________-PMUCfeSPj_____4ZBD4AHHwAPQgAAAD6GXHF32SskGTwRKSgswggAAAAA1P9B25FJOkHFosr__3-_FYArAAABjKXOYrZZdAcl3sIAAAAAjFmgh8XvNzvsGr_bZf7_________zfyf-UcjFPXIlSaIg7lZzS8gAMCaX0AAADbjBgDgjQCcoEPQisFgdQJidgAAAADu_P___-sBydVwN5jYjCuTwzOxzFzGmW83Mkw8FottMTKtZt4Do7a6JS0ajtZHRFhmv-8g5LtdhofPZRAVXW-L3eE0ew7ig4ZhORkE8zNhi9FqMtksh7PlYjIYjoaj0f4MxGQwQBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCKZsi81yNty4NcvNwi0abHxrhW1kc6tsNpdvZPE4JzOHW_T6mD7G0WY5mnmRYADKXiRPi3QisXlmDtfIZTNsZsvFYGUzbDaricU0821MM-NoMRFLNCeLdCK77Jur4W4wsRlXJodnYpm5jDPfbmSYeCwW22JkWs38Ldtis5wNN27NcrNwiwYb31phG9ncKpvN5RtZPM7JzOEWvT6mj3G0WY5m_sZusFkNh8PFat_YDTar4XC4WO07TKZn6nM2Wk-S1UcotFgP35bNaVC4DBbvT2JaTLuzg2jaOzp93rKyoDP6_X6_3-_3-_1-v0HrOZgNCt8wW6tKFz_ZaictPA4GRSwRXKQTwd9zertMTodb9Lf87aa_53W3iCVK00U60Rf9bpfh4XP5K2KJ4HSRToR-t8ui_iMGHMwlq9VcN1cMlqsEAAAAAAAAAGAJppluAgAAAOBkUMvFbDJYp4PZDAazxWq5ADCGcXUBgwAAAAAAAOxyEeSV_3f7syjW2GMU8Pec3i6T0-EW_S1_u-nved2tDACjc4fZZp8RxFqtljUAAAABbAAAAAHcdONNwJkU9____z8OAACAjBx6AAAA9PuAqOj0wo9cKfgVxGg2GO4fgAqxVqvV7cZarVZAgtgNNxP4____TxAAAAAAACAHAg!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:57 GMT
server
Kestrel
content-length
70
content-type
image/gif
e613968c-393a-40c7-a6df-effe7dbc92fa-tuctc84394f
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 8B69
43 B
425 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/e613968c-393a-40c7-a6df-effe7dbc92fa-tuctc84394f?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8B_MCLAbc-tIUe7hsfRG49aUp9nDZ-ioAAABgYID-AAnOjMPlbjdza1bO4Vo0sq3cCudmsBZOjCPnbuWbzCaLISDBmXG43O1mbs3KOVyLRraVW-HcDNbCiXHk3K18k9lkMQUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0u0HQ6fK57vehv-dtNf8_rbtf43X45AAAAAHjw____DwEAAAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwPD___-vAQCKAwI67Ha_7WX5BwAAAAAQAAAAACQAEg4ISgDIdB2c-P________-PMUCfeSPj_____4ZBD4AHHwAPQgAAAD6GXHF32SskGTwRKSgswggAAAAA1P9B25FJOkHFosr__3-_FYArAAABjKXOYrZZdAcl3sIAAAAAjFmgh8XvNzvsGr_bZf7_________zfyf-UcjFPXIlSaIg7lZzS8gAMCaX0AAADbjBgDgjQCcoEPQisFgdQJidgAAAADu_P___-sBydVwN5jYjCuTwzOxzFzGmW83Mkw8FottMTKtZt4Do7a6JS0ajtZHRFhmv-8g5LtdhofPZRAVXW-L3eE0ew7ig4ZhORkE8zNhi9FqMtksh7PlYjIYjoaj0f4MxGQwQBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCKZsi81yNty4NcvNwi0abHxrhW1kc6tsNpdvZPE4JzOHW_T6mD7G0WY5mnmRYADKXiRPi3QisXlmDtfIZTNsZsvFYGUzbDaricU0821MM-NoMRFLNCeLdCK77Jur4W4wsRlXJodnYpm5jDPfbmSYeCwW22JkWs38Ldtis5wNN27NcrNwiwYb31phG9ncKpvN5RtZPM7JzOEWvT6mj3G0WY5m_sZusFkNh8PFat_YDTar4XC4WO07TKZn6nM2Wk-S1UcotFgP35bNaVC4DBbvT2JaTLuzg2jaOzp93rKyoDP6_X6_3-_3-_1-v0HrOZgNCt8wW6tKFz_ZaictPA4GRSwRXKQTwd9zertMTodb9Lf87aa_53W3iCVK00U60Rf9bpfh4XP5K2KJ4HSRToR-t8ui_iMGHMwlq9VcN1cMlqsEAAAAAAAAAGAJppluAgAAAOBkUMvFbDJYp4PZDAazxWq5ADCGcXUBgwAAAAAAAOxyEeSV_3f7syjW2GMU8Pec3i6T0-EW_S1_u-nved2tDACjc4fZZp8RxFqtljUAAAABbAAAAAHcdONNwJkU9____z8OAACAjBx6AAAA9PuAqOj0wo9cKfgVxGg2GO4fgAqxVqvV7cZarVZAgtgNNxP4____TxAAAAAAACAHAg!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:3813:6b17:e1ee:5ace Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:57 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
generic
match.adsrvr.org/track/cmf/ Frame 9B74
70 B
148 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8B_MCLAbc-tIUe7hsfRG49aUp9nDZ-ioAAABgYID-AAnOjMPlbjdza1bO4Vo0sq3cCudmsBZOjCPnbuWbzCaLISDBmXG43O1mbs3KOVyLRraVW-HcDNbCiXHk3K18k9lkMQUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0u0HQ6fK57vehv-dtNf8_rbtf43X45AAAAAHjw____DwEAAAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwPD___-vAQCKAwI67Ha_7WX5BwAAAAAQAAAAACQAEg4ISgDIdB2c-P________-PMUCfeSPj_____4ZBD4AHHwAPQgAAAD6GXHF32SskGTwRKSgswggAAAAA1P9B25FJOkHFosr__3-_FYArAAABjKXOYrZZdAcl3sIAAAAAjFmgh8XvNzvsGr_bZf7_________zfyf-UcjFPXIlSaIg7lZzS8gAMCaX0AAADbjBgDgjQCcoEPQisFgdQJidgAAAADu_P___-sBydVwN5jYjCuTwzOxzFzGmW83Mkw8FottMTKtZt4Do7a6JS0ajtZHRFhmv-8g5LtdhofPZRAVXW-L3eE0ew7ig4ZhORkE8zNhi9FqMtksh7PlYjIYjoaj0f4MxGQwQBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCKZsi81yNty4NcvNwi0abHxrhW1kc6tsNpdvZPE4JzOHW_T6mD7G0WY5mnmRYADKXiRPi3QisXlmDtfIZTNsZsvFYGUzbDaricU0821MM-NoMRFLNCeLdCK77Jur4W4wsRlXJodnYpm5jDPfbmSYeCwW22JkWs38Ldtis5wNN27NcrNwiwYb31phG9ncKpvN5RtZPM7JzOEWvT6mj3G0WY5m_sZusFkNh8PFat_YDTar4XC4WO07TKZn6nM2Wk-S1UcotFgP35bNaVC4DBbvT2JaTLuzg2jaOzp93rKyoDP6_X6_3-_3-_1-v0HrOZgNCt8wW6tKFz_ZaictPA4GRSwRXKQTwd9zertMTodb9Lf87aa_53W3iCVK00U60Rf9bpfh4XP5K2KJ4HSRToR-t8ui_iMGHMwlq9VcN1cMlqsEAAAAAAAAAGAJppluAgAAAOBkUMvFbDJYp4PZDAazxWq5ADCGcXUBgwAAAAAAAOxyEeSV_3f7syjW2GMU8Pec3i6T0-EW_S1_u-nved2tDACjc4fZZp8RxFqtljUAAAABbAAAAAHcdONNwJkU9____z8OAACAjBx6AAAA9PuAqOj0wo9cKfgVxGg2GO4fgAqxVqvV7cZarVZAgtgNNxP4____TxAAAAAAACAHAg!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:57 GMT
server
Kestrel
content-length
70
content-type
image/gif
e613968c-393a-40c7-a6df-effe7dbc92fa-tuctc84394f
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 9B74
43 B
425 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/e613968c-393a-40c7-a6df-effe7dbc92fa-tuctc84394f?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8B_MCLAbc-tIUe7hsfRG49aUp9nDZ-ioAAABgYID-AAnOjMPlbjdza1bO4Vo0sq3cCudmsBZOjCPnbuWbzCaLISDBmXG43O1mbs3KOVyLRraVW-HcDNbCiXHk3K18k9lkMQUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0u0HQ6fK57vehv-dtNf8_rbtf43X45AAAAAHjw____DwEAAAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwPD___-vAQCKAwI67Ha_7WX5BwAAAAAQAAAAACQAEg4ISgDIdB2c-P________-PMUCfeSPj_____4ZBD4AHHwAPQgAAAD6GXHF32SskGTwRKSgswggAAAAA1P9B25FJOkHFosr__3-_FYArAAABjKXOYrZZdAcl3sIAAAAAjFmgh8XvNzvsGr_bZf7_________zfyf-UcjFPXIlSaIg7lZzS8gAMCaX0AAADbjBgDgjQCcoEPQisFgdQJidgAAAADu_P___-sBydVwN5jYjCuTwzOxzFzGmW83Mkw8FottMTKtZt4Do7a6JS0ajtZHRFhmv-8g5LtdhofPZRAVXW-L3eE0ew7ig4ZhORkE8zNhi9FqMtksh7PlYjIYjoaj0f4MxGQwQBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCKZsi81yNty4NcvNwi0abHxrhW1kc6tsNpdvZPE4JzOHW_T6mD7G0WY5mnmRYADKXiRPi3QisXlmDtfIZTNsZsvFYGUzbDaricU0821MM-NoMRFLNCeLdCK77Jur4W4wsRlXJodnYpm5jDPfbmSYeCwW22JkWs38Ldtis5wNN27NcrNwiwYb31phG9ncKpvN5RtZPM7JzOEWvT6mj3G0WY5m_sZusFkNh8PFat_YDTar4XC4WO07TKZn6nM2Wk-S1UcotFgP35bNaVC4DBbvT2JaTLuzg2jaOzp93rKyoDP6_X6_3-_3-_1-v0HrOZgNCt8wW6tKFz_ZaictPA4GRSwRXKQTwd9zertMTodb9Lf87aa_53W3iCVK00U60Rf9bpfh4XP5K2KJ4HSRToR-t8ui_iMGHMwlq9VcN1cMlqsEAAAAAAAAAGAJppluAgAAAOBkUMvFbDJYp4PZDAazxWq5ADCGcXUBgwAAAAAAAOxyEeSV_3f7syjW2GMU8Pec3i6T0-EW_S1_u-nved2tDACjc4fZZp8RxFqtljUAAAABbAAAAAHcdONNwJkU9____z8OAACAjBx6AAAA9PuAqOj0wo9cKfgVxGg2GO4fgAqxVqvV7cZarVZAgtgNNxP4____TxAAAAAAACAHAg!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:3813:6b17:e1ee:5ace Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:57 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58785/ Frame 9B74
0
38 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8B_MCLAbc-tIUe7hsfRG49aUp9nDZ-ioAAABgYID-AAnOjMPlbjdza1bO4Vo0sq3cCudmsBZOjCPnbuWbzCaLISDBmXG43O1mbs3KOVyLRraVW-HcDNbCiXHk3K18k9lkMQUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0u0HQ6fK57vehv-dtNf8_rbtf43X45AAAAAHjw____DwEAAAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwPD___-vAQCKAwI67Ha_7WX5BwAAAAAQAAAAACQAEg4ISgDIdB2c-P________-PMUCfeSPj_____4ZBD4AHHwAPQgAAAD6GXHF32SskGTwRKSgswggAAAAA1P9B25FJOkHFosr__3-_FYArAAABjKXOYrZZdAcl3sIAAAAAjFmgh8XvNzvsGr_bZf7_________zfyf-UcjFPXIlSaIg7lZzS8gAMCaX0AAADbjBgDgjQCcoEPQisFgdQJidgAAAADu_P___-sBydVwN5jYjCuTwzOxzFzGmW83Mkw8FottMTKtZt4Do7a6JS0ajtZHRFhmv-8g5LtdhofPZRAVXW-L3eE0ew7ig4ZhORkE8zNhi9FqMtksh7PlYjIYjoaj0f4MxGQwQBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCKZsi81yNty4NcvNwi0abHxrhW1kc6tsNpdvZPE4JzOHW_T6mD7G0WY5mnmRYADKXiRPi3QisXlmDtfIZTNsZsvFYGUzbDaricU0821MM-NoMRFLNCeLdCK77Jur4W4wsRlXJodnYpm5jDPfbmSYeCwW22JkWs38Ldtis5wNN27NcrNwiwYb31phG9ncKpvN5RtZPM7JzOEWvT6mj3G0WY5m_sZusFkNh8PFat_YDTar4XC4WO07TKZn6nM2Wk-S1UcotFgP35bNaVC4DBbvT2JaTLuzg2jaOzp93rKyoDP6_X6_3-_3-_1-v0HrOZgNCt8wW6tKFz_ZaictPA4GRSwRXKQTwd9zertMTodb9Lf87aa_53W3iCVK00U60Rf9bpfh4XP5K2KJ4HSRToR-t8ui_iMGHMwlq9VcN1cMlqsEAAAAAAAAAGAJppluAgAAAOBkUMvFbDJYp4PZDAazxWq5ADCGcXUBgwAAAAAAAOxyEeSV_3f7syjW2GMU8Pec3i6T0-EW_S1_u-nved2tDACjc4fZZp8RxFqtljUAAAABbAAAAAHcdONNwJkU9____z8OAACAjBx6AAAA9PuAqOj0wo9cKfgVxGg2GO4fgAqxVqvV7cZarVZAgtgNNxP4____TxAAAAAAACAHAg!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:57 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usync.html
eus.rubiconproject.com/ Frame AD0A
281 B
555 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8B_MCLAbc-tIUe7hsfRG49aUp9nDZ-ioAAABgYID-AAnOjMPlbjdza1bO4Vo0sq3cCudmsBZOjCPnbuWbzCaLISDBmXG43O1mbs3KOVyLRraVW-HcDNbCiXHk3K18k9lkMQUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0u0HQ6fK57vehv-dtNf8_rbtf43X45AAAAAHjw____DwEAAAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwPD___-vAQCKAwI67Ha_7WX5BwAAAAAQAAAAACQAEg4ISgDIdB2c-P________-PMUCfeSPj_____4ZBD4AHHwAPQgAAAD6GXHF32SskGTwRKSgswggAAAAA1P9B25FJOkHFosr__3-_FYArAAABjKXOYrZZdAcl3sIAAAAAjFmgh8XvNzvsGr_bZf7_________zfyf-UcjFPXIlSaIg7lZzS8gAMCaX0AAADbjBgDgjQCcoEPQisFgdQJidgAAAADu_P___-sBydVwN5jYjCuTwzOxzFzGmW83Mkw8FottMTKtZt4Do7a6JS0ajtZHRFhmv-8g5LtdhofPZRAVXW-L3eE0ew7ig4ZhORkE8zNhi9FqMtksh7PlYjIYjoaj0f4MxGQwQBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCKZsi81yNty4NcvNwi0abHxrhW1kc6tsNpdvZPE4JzOHW_T6mD7G0WY5mnmRYADKXiRPi3QisXlmDtfIZTNsZsvFYGUzbDaricU0821MM-NoMRFLNCeLdCK77Jur4W4wsRlXJodnYpm5jDPfbmSYeCwW22JkWs38Ldtis5wNN27NcrNwiwYb31phG9ncKpvN5RtZPM7JzOEWvT6mj3G0WY5m_sZusFkNh8PFat_YDTar4XC4WO07TKZn6nM2Wk-S1UcotFgP35bNaVC4DBbvT2JaTLuzg2jaOzp93rKyoDP6_X6_3-_3-_1-v0HrOZgNCt8wW6tKFz_ZaictPA4GRSwRXKQTwd9zertMTodb9Lf87aa_53W3iCVK00U60Rf9bpfh4XP5K2KJ4HSRToR-t8ui_iMGHMwlq9VcN1cMlqsEAAAAAAAAAGAJppluAgAAAOBkUMvFbDJYp4PZDAazxWq5ADCGcXUBgwAAAAAAAOxyEeSV_3f7syjW2GMU8Pec3i6T0-EW_S1_u-nved2tDACjc4fZZp8RxFqtljUAAAABbAAAAAHcdONNwJkU9____z8OAACAjBx6AAAA9PuAqOj0wo9cKfgVxGg2GO4fgAqxVqvV7cZarVZAgtgNNxP4____TxAAAAAAACAHAg!&excid=22&docw=0&cijs=1&nlb=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.211.9.109 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-211-9-109.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://am-match.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 26 Dec 2023 11:06:57 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sodar
pagead2.googlesyndication.com/pagead/ Frame C28E
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312060101&jk=3008162381316004&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

metric
edge-auth.microsoft.com/ Frame BEB7
0
0
Fetch
General
Full URL
https://edge-auth.microsoft.com/metric
Requested by
Host: edge-auth.microsoft.com
URL: https://edge-auth.microsoft.com/v0.5/js/ms_auth_server_button.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.6.158 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
bingforbusiness.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'strict-dynamic' 'nonce-2vdch0y7ydDBkd79xnqQoqLDhccC/+ybSU8XxGALB80DJilihQxmkyGzWkt90UqbLvQNqpE+LR65G1cUMwZ6y1fT+RnH9cC8fpKM/q58oRjyHemHxgCgj4sRu1l8I3lpW0iMdSpelvZKKtZZ+xhLgKmBAOHK3d0zOoR3OYw4N/k=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';

Request headers

Referer
https://edge-auth.microsoft.com/v0.5/signinprompt?uuid=00e95c4a-9fc2-4ce3-a8fb-dd3496dd584c&send_session_started=true&client_id=a2f5b229-db73-4076-8a05-f85b0fd8a6e8&locale=en-US&context=signin
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
script-src 'strict-dynamic' 'nonce-2vdch0y7ydDBkd79xnqQoqLDhccC/+ybSU8XxGALB80DJilihQxmkyGzWkt90UqbLvQNqpE+LR65G1cUMwZ6y1fT+RnH9cC8fpKM/q58oRjyHemHxgCgj4sRu1l8I3lpW0iMdSpelvZKKtZZ+xhLgKmBAOHK3d0zOoR3OYw4N/k=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Tue, 26 Dec 2023 11:06:56 GMT
x-msedge-ref
Ref A: 489C085AD37E428B88F55482F2255753 Ref B: AMS231032601025 Ref C: 2023-12-26T11:06:57Z
content-length
0
x-cache
CONFIG_NOCACHE
metric
edge-auth.microsoft.com/ Frame BEB7
0
0
Fetch
General
Full URL
https://edge-auth.microsoft.com/metric
Requested by
Host: edge-auth.microsoft.com
URL: https://edge-auth.microsoft.com/v0.5/js/ms_auth_server_button.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.6.158 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
bingforbusiness.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'strict-dynamic' 'nonce-5KZvaPeqPpBbOekFnp5qXOVGFWRjnl7Ip/yJeww/c4vazJxKK/HksnxiGYAfQ4VEZbB43kuMIFohgy7LczwADyY7Vy8ZpoY4fR3KcJDTn24RWsJhvG6rB3tqINhigY5ojmMS8obfzKJ6CasCRc57CElZVbckN4bND7P8q4aJOVs=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';

Request headers

Referer
https://edge-auth.microsoft.com/v0.5/signinprompt?uuid=00e95c4a-9fc2-4ce3-a8fb-dd3496dd584c&send_session_started=true&client_id=a2f5b229-db73-4076-8a05-f85b0fd8a6e8&locale=en-US&context=signin
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
script-src 'strict-dynamic' 'nonce-5KZvaPeqPpBbOekFnp5qXOVGFWRjnl7Ip/yJeww/c4vazJxKK/HksnxiGYAfQ4VEZbB43kuMIFohgy7LczwADyY7Vy8ZpoY4fR3KcJDTn24RWsJhvG6rB3tqINhigY5ojmMS8obfzKJ6CasCRc57CElZVbckN4bND7P8q4aJOVs=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Tue, 26 Dec 2023 11:06:56 GMT
x-msedge-ref
Ref A: D381C600C2574B9D823EC968CDEDBF02 Ref B: AMS231032601025 Ref C: 2023-12-26T11:06:57Z
content-length
0
x-cache
CONFIG_NOCACHE
tinypass.min.js
cdn.tinypass.com/api/
388 KB
115 KB
Script
General
Full URL
https://cdn.tinypass.com/api/tinypass.min.js?version=2
Requested by
Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=KlFb8Hg2nS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:dff8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec18ebaedb655fd8c94eb9c8160e218920dbe41c7059171f06c03d0dedd5010a
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:57 GMT
x-amz-version-id
0QIZetJ_7irXXHtLgdmNhkMj0U1YDIAl
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=86400; includeSubDomains
x-amz-request-id
PF4BXS06CM5CRHBQ
age
8912
x-amz-server-side-encryption
AES256
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
fcQCE2fphQjNh3RgODYDOddbIrzXYDG+z1KTi3mIyHKk9jiaCu3ZrL76qatpmtprcXcuy96S2Ok=
last-modified
Tue, 19 Dec 2023 11:23:13 GMT
server
cloudflare
etag
W/"f8312bff3c7ba81de4b41efef3dbdb77"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
83b8db7d0f704d49-FRA
expires
Tue, 26 Dec 2023 15:06:57 GMT
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame 2FEF
446 KB
104 KB
Script
General
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.8.6/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2449:fa00:19:c363:bec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
2587c21e92433883573fb9a7d23f3219f7263fb61cc36e0cedc4dec4a3841b6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 22:10:44 GMT
content-encoding
br
via
1.1 2e6275c73445d58429e5205e011d70ba.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P6
x-cache-status
MISS
x-cache
Hit from cloudfront
last-modified
Thu, 06 Jul 2023 01:58:31 GMT
server
CloudFront
etag
W/"64a61fc7-6f992"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
x-amz-cf-id
PWRK7dc_AIcZcs8o0FJ_LJjkdYdXNo1pFw55MrhycsXuCDU6hgtWlg==
expires
Tue, 26 Dec 2023 22:10:44 GMT
usync.js
eus.rubiconproject.com/ Frame AD0A
45 KB
13 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.211.9.109 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-211-9-109.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b1621e07b5dfd008521714aeb973aeedcf047028a0bfddf14bc65f965f82bccd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Tue, 26 Dec 2023 11:06:57 GMT
Content-Encoding
gzip
Last-Modified
Tue, 26 Dec 2023 08:17:55 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=76165
Connection
keep-alive
Content-Length
13200
Expires
Wed, 27 Dec 2023 08:16:22 GMT
jload
pixel.adsafeprotected.com/ Frame 95E6
47 KB
13 KB
Script
General
Full URL
https://pixel.adsafeprotected.com/jload?anId=928934&campId=728x90&pubId=4811995650&chanId=165440461&placementId=6320689129&pubCreative=138435367041&pubOrder=3214528277&cb=228111808&custom=index&custom2=1&adsafe_par&impId=e19b91b2-a3de-11ee-8b37-02a8f35b7e47
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.40.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-40-41.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c45801418e5c916487727ceb005201010ee7ab365dcfd291800b1177542a27f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 11:06:58 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 238F
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvpp-K33F1zBWeoqms3jJiXqcoX9nrpE-Gb4AJWpEIrl8rfCZCv_3RKZ5ZXoR2HoabNfr3uKF62QD-wYzxjdyFD2hfMulZXoYQ1kRG-JVKYlhmcRmmDi5rUrN7xktTrYYm-z69kbxadAlsiV1rmMse0KAOFv772FWSfI_PDwUoQJg_e8LfkBfxPIsjpl-svTrttXJJ8mNKpK6LT3_XICHyKIVVLLjWiCETya-rP2ePl0uUgpVwU-lQ57uUSkBW6MANNt79PvzGh7S2vtAo_6UppJASnNQWVimV9KpmWKmUHcfVQbepjhpiG5FoY-vJa0pUj6RmK8u3Y8NFIOqotH0df1PFiKpGVzmtjwbCSw2RzNCOUmXTxpKByA3dWosf-&sai=AMfl-YRTSxq8rJ9PUJl7SkFtxDyXJ6Cfznsu2JCAxQlUlCYOaywk74XOAQSLmTRQLb7SdVVB2kLW-J0_nSJjWjti9dQINqPy_sBmZDDxuoH9pPUGjH6PJuiw0I_72Eep9KjNm6zxxHwXyvgrsi_NWyQyUM0&sig=Cg0ArKJSzFY1q2ljy8_AEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 26 Dec 2023 11:06:57 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 238F
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 20:41:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
51898
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 08 Jan 2024 20:41:59 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 238F
203 KB
65 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Dec 2023 11:06:57 GMT
9652936438462743070
tpc.googlesyndication.com/simgad/ Frame 238F
36 KB
36 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/9652936438462743070
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
39ec75c6ac932686734c2364194a647078df28ff2a262c86316d2ca132cead0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Mon, 23 Dec 2024 17:07:29 GMT
date
Sun, 24 Dec 2023 17:07:29 GMT
x-content-type-options
nosniff
age
151168
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36460
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 20:40:21 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
v2
api.viafoura.co/v2/torontosun.com/bootstrap/ Frame
0
0
Preflight
General
Full URL
https://api.viafoura.co/v2/torontosun.com/bootstrap/v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4848:c843:e803:e83b:7cec Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
access-control-allow-origin
https://torontosun.com
access-control-max-age
1728000
cache-control
max-age=0
date
Tue, 26 Dec 2023 11:06:58 GMT
expires
Tue, 26 Dec 2023 11:06:58 GMT
server
nginx/1.18.0 (Ubuntu)
v2
api.viafoura.co/v2/torontosun.com/bootstrap/
7 KB
3 KB
XHR
General
Full URL
https://api.viafoura.co/v2/torontosun.com/bootstrap/v2
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4848:c843:e803:e83b:7cec Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1fb22ef43572c937a20d2f26ce44c5bb6a08c5a98aea2917b0347870bc81acca

Request headers

Accept
application/json, text/plain, */*
Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

x-instance-id
i-019f1caace51caa33
pragma
no-cache
date
Tue, 26 Dec 2023 11:06:58 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://torontosun.com
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Tue, 26 Dec 2023 11:06:58 GMT
player-event
events.qortex.ai/api/v1/ Frame
0
0
Preflight
General
Full URL
https://events.qortex.ai/api/v1/player-event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
83b8db7edea82bba-FRA
date
Tue, 26 Dec 2023 11:06:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gSZlwnlBVIHk6%2FG%2FiIEvZ0MaSC1hES%2FI%2BbwniWw8oixRyOZfHCa2Ox%2Bbj6udBZtNtWUSwsbPQULIfBTUe3vvhQ30jTwl7HiRkbGAyhTZBti1H2Bv8dv9vMWroxCkHeMpQF9tN5nVUzwkJVptAMY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
player-event
events.qortex.ai/api/v1/
0
254 B
XHR
General
Full URL
https://events.qortex.ai/api/v1/player-event
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/cxo/p-cb52e3b0.system.entry.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 26 Dec 2023 11:06:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d40yccsvwNCU6SyuAHwCLSYKPiU5uuNr3DoT5ro3lqf9rUVcbv%2BP6fLBCrVt41NEyzVVzh7faFJMrGL7heL2rDUnsYlp20Oj59ikgtZtSPachdgVn0EKW9AeJKpsVjbN7SfEjQXO6vcKntnwmUk%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
83b8db7faf8c2bba-FRA
content-length
0
torontosun.com
demand.qortex.ai/api/v1/group/configs/QiUOkGRFYUWNdgFd8CThQ/
20 KB
5 KB
XHR
General
Full URL
https://demand.qortex.ai/api/v1/group/configs/QiUOkGRFYUWNdgFd8CThQ/torontosun.com
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/cxo/p-cb52e3b0.system.entry.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868dc1a214586522e2cb21b54833c5937b8f095b2026698dc7fbd59bb67d669e

Request headers

Accept
application/json, text/plain, */*
Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:57 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=32qt0CdumufAXgK3tLA25%2F6OztlgfdMWjeySX3iRfT1txZ71%2BgmJGlWknPR1boqeBvW5JRRzILKB9e%2B4Fv4mve%2FccU1z9ncenImoLbBRk9xGj0LxSpokNhMIM9bC1rWZeADiGd30S%2Fl%2FSvFLhX8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
83b8db7edeb32bba-FRA
truncated
/ Frame 238F
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5071d5383b1f71b98f5ba48543dbde7565b041fb8f7617b0a47b42f6eca80ff9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
gtm.js
www.googletagmanager.com/
118 KB
45 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KJC8VVB&l=gtm_data_layer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fb33053840768d71ba04773d80919994344f4c9803205be7e695ce4e69c1d82e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46065
x-xss-protection
0
last-modified
Tue, 26 Dec 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 26 Dec 2023 11:06:57 GMT
gtm.js
www.googletagmanager.com/
304 KB
91 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
132c2a6ecf622f3b8acdbdd6bf49625af7eac850691c30203ba442b1219765b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
92913
x-xss-protection
0
last-modified
Tue, 26 Dec 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 26 Dec 2023 11:06:57 GMT
player-event
events.qortex.ai/api/v1/ Frame
0
0
Preflight
General
Full URL
https://events.qortex.ai/api/v1/player-event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
83b8db7f3f222bba-FRA
date
Tue, 26 Dec 2023 11:06:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PyE1A3fwvH0wXV2cE3tqlGpkkprJybO45GcNniI8Uah6MsVjitql8xFT6qu4%2BHx1%2BdoOVJq88RJMxBWwR8zkgDzyXbDVw0%2FnEyJh1ILjD4Y7ABpU9QbEbuIipxJiJb7LGcNdhhLUrqddbixoZAs%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
player-event
events.qortex.ai/api/v1/
0
283 B
XHR
General
Full URL
https://events.qortex.ai/api/v1/player-event
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/cxo/p-cb52e3b0.system.entry.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 26 Dec 2023 11:06:58 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WYwSvoYE2LpbBQrGBpVJv8MUuYnndiAGRhKkqKZN0agc9kmP4WSehdz6ovOKeF4e%2BzJXHG8lPSjH%2Bp6vWNJhaEKpKPWHho9fmq%2BAFz32ClYCHiN83%2B16Or65bsluzh1YaPHYQ39ifpUHqMhkh6o%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
83b8db80a8b92bba-FRA
content-length
0
cx.cce.js
cdn.cxense.com/
23 KB
6 KB
Script
General
Full URL
https://cdn.cxense.com/cx.cce.js
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js?version=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:983::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4b80e46450200d3fabd65323bf5a91b8d31e919438a8cd48b9f8e8bd8b23edac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Tue, 26 Dec 2023 11:06:58 GMT
Content-Encoding
gzip
Last-Modified
Fri, 01 Dec 2023 11:02:02 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6055
Expires
Tue, 26 Dec 2023 12:06:58 GMT
execute
c2.piano.io/xbuilder/experience/
2 KB
2 KB
XHR
General
Full URL
https://c2.piano.io/xbuilder/experience/execute?aid=KlFb8Hg2nS
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js?version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c376 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5feffb6fa92b882b635843312b847816019ed9f5b45779b94c844633db91152
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 26 Dec 2023 11:06:58 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400
x-request-id
mofnntre0c
pragma
no-cache
server
cloudflare
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://torontosun.com
access-control-expose-headers
Composer-Request-Control-Policy
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
83b8db80dab465ce-FRA
khaos.json
token.rubiconproject.com/ Frame AD0A
7 B
380 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
generate_204
tpc.googlesyndication.com/ Frame DA00
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?-LMoMg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:57 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
identify
identity.mparticle.com/v1/ Frame
0
0
Preflight
General
Full URL
https://identity.mparticle.com/v1/identify
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-mp-key
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type,x-mp-key
access-control-allow-methods
POST
access-control-allow-origin
*
age
3396
date
Tue, 26 Dec 2023 11:06:58 GMT
server
Kestrel
strict-transport-security
max-age=900
via
1.1 varnish
x-cache
HIT
x-cache-hits
2086
x-fastly-trace-id
2991928406
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by
cache-sof1510023-SOF
x-timer
S1703588818.071630,VS0,VE0
gtm.js
www.googletagmanager.com/
229 KB
67 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5KMC8ND&l=dl_mparticle
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1b7f180151a58930c395149324b27201ddb9642c3d5053002cdf9fa7c1df813d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68119
x-xss-protection
0
last-modified
Tue, 26 Dec 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 26 Dec 2023 11:06:57 GMT
identify
identity.mparticle.com/v1/
175 B
292 B
XHR
General
Full URL
https://identity.mparticle.com/v1/identify
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
121c622cb437f1c793da9e12ad1ff93906bb02bb8b33b8811c1422f52781c819
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

x-mp-key
us1-99b65fde89a1a145894d2d51d283cc83
Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

x-served-by
cache-sof1510023-SOF
date
Tue, 26 Dec 2023 11:06:58 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=900
server
Kestrel
x-timer
S1703588818.129808,VS0,VE123
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-cache
MISS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
x-fastly-trace-id
2991929068
accept-ranges
bytes
x-cache-hits
0
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame 2FEF
25 KB
25 KB
XHR
General
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1703588817869
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2449:fa00:19:c363:bec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 02:41:59 GMT
via
1.1 2fb699a7d2ee3ddd9b1caad139f90e76.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P6
x-cache-status
MISS
x-cache
Hit from cloudfront
content-length
25600
last-modified
Thu, 06 Jul 2023 01:58:30 GMT
server
CloudFront
etag
"64a61fc6-6400"
content-type
application/octet-stream
access-control-allow-origin
https://torontosun.com
cache-control
max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
fhg1wAEB9Riy1A-lrWIJwnXCY1fyDcb_8tpTznlOjOCulkm_m_vhIQ==
expires
Wed, 27 Dec 2023 02:41:59 GMT
auto-user-sync
ads.stickyadstv.com/
43 B
498 B
Image
General
Full URL
https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null&gpp_string=&gpp_sid=
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2607:ae80:192:1::172 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Dec 2023 11:06:57 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1703588817873048-337
js
www.googletagmanager.com/gtag/
262 KB
89 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-72QH41ZTMR&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e23c50bfd5886cfd03f4dfd836ac028a398b796db5250ba161fde7372bc8642b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90608
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 26 Dec 2023 11:06:57 GMT
ribn.min.js
assets.ribn.com/production/
10 KB
4 KB
Script
General
Full URL
https://assets.ribn.com/production/ribn.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:91b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d22c2b457592d1f744afe93fdca6657e1985e47f0fade89674ae45ebce1d6428

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:58 GMT
content-encoding
gzip
via
1.1 055d899361491602a9ef1eb0cdc5e336.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA50-C1
age
2430
x-cache
Hit from cloudfront
last-modified
Wed, 28 Oct 2020 14:49:59 GMT
server
cloudflare
etag
W/"6b213f30955b664fd78dc9e388b17e54"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
83b8db816fc13a76-FRA
x-amz-cf-id
DDWcU7UdS76X-gqbLN6LIBYRZSGbdFbqxkxvlCWLGLBGMCnkmI8pvw==
expires
Tue, 26 Dec 2023 15:06:58 GMT
ribn-postmedia.min.js
assets.ribn.com/v2/production/
13 KB
4 KB
Script
General
Full URL
https://assets.ribn.com/v2/production/ribn-postmedia.min.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:91b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c81cab8c63d469329c0e0724770c6c8622f0d5d1fb8b6f919b6d7dddfadba190

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:58 GMT
content-encoding
gzip
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA50-C1
age
5129
x-cache
Hit from cloudfront
last-modified
Wed, 01 Sep 2021 18:06:03 GMT
server
cloudflare
etag
W/"baaa6497dd2dea88d8fdb6d6cca08cf2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
83b8db816fbd3a76-FRA
x-amz-cf-id
jU6lqN799vbP4SUA_UvmGotXfeggyx8kkwQLB710YekeKrlgt3aLJQ==
expires
Tue, 26 Dec 2023 15:06:58 GMT
publishertag.prebid.139.js
static.criteo.net/js/ld/
95 KB
31 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.139.js
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:58 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 26 Oct 2023 13:53:27 GMT
server
nginx
etag
W/"653a6f57-17cae"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 27 Dec 2023 11:06:58 GMT
/
ads.stickyadstv.com/additional-scripts/ Frame 2FEF
301 B
605 B
XHR
General
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=33645985&loc=https%3A%2F%2Ftorontosun.com%2F
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2607:ae80:192:1::172 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept
application/xml, text/xml
Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Dec 2023 11:06:57 GMT
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Origin
https://torontosun.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1703588817913076-427
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 2FEF
67 B
0
XHR
General
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=33645985&_fw_gdpr=1&_fw_us_privacy=1---&schain=1.0%2C1!taboola.com%2C1613115%2C1%2C1846327758&vav=679d642e45e272777478d4fd92b8e121&vaviv=192acb40eb2f449d96b6310de9bdd4ae&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.8.1&focus=true&componentId=vpaid-adapter&loc=https%3A%2F%2Ftorontosun.com%2F&playerSize=700x393&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2607:ae80:192:1::172 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
application/xml, text/xml
Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Dec 2023 11:06:58 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://torontosun.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1703588817954079-418
view
securepubads.g.doubleclick.net/pcs/ Frame 238F
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuohBjWtdFkPf6Mv3E57JBhv-IDDFFcs1vM4yZsF-Iax7ceABQfFNXu6mcczeLlTSinQ132IK_czaS97QtWchzGFjugO0FWfQx3a5cn1gEFMuu36EcLPayD15Y_kcBkg4ayUSqhm9qFJdBYxAUBSZqUms2-SuVjM9uyw23v-qvVyXppx0Jg8FT5Cr8a9R6PZ6-mGkLC32VuH9XFAbRKmCTPMUUxaFMke6UU9TURWnwCCxsWFzsgiGyhLHusyFTx21vZorBo7NIfWvBCjAPcunbbTo8FvWmSnsH_7mfSVDy28FeIAbrXf4gqrIngTFrGJ-x16D3XmdwjlF7NO-OiLyVv0dJOsTqxIsKtHCHgFZbdJ1sEYCujaX1DWtEOpLrQXus&sai=AMfl-YRqx7zevcFllQEt4eaYs28oym_mnZf5k7SkxyV_MoExpRCPen3FdwP4Zfmy4Kqz7sD38hp0F27X9D8lhf4QizzkllMuMkrB8GZ4GoJ1t_oQ7UXSXrwBbvBjQU9GUnq4A7Uj-50gIORdTW9OyzZQrCo&sig=Cg0ArKJSzFB3mpDFw7giEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 26 Dec 2023 11:06:58 GMT
js
www.googletagmanager.com/gtag/
262 KB
89 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-H792QCFZPV&l=gtm_data_layer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
77bc185a2131f1956cae54e9ddf0af75f8d9439332ad1c650872470bd8416a5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90631
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 26 Dec 2023 11:06:58 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 26 Dec 2023 09:48:17 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4721
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 26 Dec 2023 11:48:17 GMT
marfeel-sdk.js
sdk.mrf.io/statics/
154 KB
45 KB
Script
General
Full URL
https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:9fa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd03a9c9d704f813ac04c47055e0b8acc1d4183550d4625f3ef08017586cb6e4

Request headers

Referer
https://torontosun.com/
Origin
https://torontosun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-response-time
1ms
date
Tue, 26 Dec 2023 11:06:58 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Tue, 26 Dec 2023 10:23:00 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=1800
x-envoy-upstream-service-time
8
accept-ranges
bytes
cf-ray
83b8db81ab8f9150-FRA
alt-svc
h3=":443"; ma=86400
content-length
45303
fbevents.js
connect.facebook.net/en_US/
202 KB
54 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 26 Dec 2023 11:06:58 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
1OBenVkvQt2xD8MH3tdwlAAqrJMC23xg/XsjDyXOP+UdcYHUYQ+dMMtKfrigVWxfZ/G4DNXiPBAZPO/vyIt7iw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
tag.min.js
get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/
33 KB
11 KB
Script
General
Full URL
https://get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/tag.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-53.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7fdeb1c6fd18e0f486055ae90b9c37c166cd1b455157daa7de08f4271ac696ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
XfYprRTzfIx5sUT1DKibUZklTDJ88StC
content-encoding
gzip
via
1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
date
Mon, 25 Dec 2023 17:33:01 GMT
last-modified
Thu, 24 Aug 2023 11:20:32 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-C1
age
63302
x-amz-server-side-encryption
AES256
etag
W/"10ba0dba424c8954df3533bfd881e874"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
31MFATB3doUULguI9-jB8oM_yfCUgIqKAkYIIwXeV6cn6FOoC9bvpg==
p.js
cdn.parsely.com/keys/torontosun.com/
58 KB
22 KB
Script
General
Full URL
https://cdn.parsely.com/keys/torontosun.com/p.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.107.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-107-62.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
3c5b584817a547de78b1d37a6c7e65fc36cb2f74abb5e7fb01e1d91579c59f05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
public
date
Mon, 25 Dec 2023 23:59:21 GMT
content-encoding
gzip
via
1.1 100385c151f051b6982bfdd5dfcd5bbc.cloudfront.net (CloudFront)
last-modified
Fri, 06 Oct 2023 19:46:20 GMT
server
nginx
x-amz-cf-pop
MRS52-C1
age
40057
etag
W/"6520640c-e74f"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
emXnUsqohEJOsbFxizk7tq-4PmlKkyXSeX94-GyoBxi1vUlckFZ-Rg==
expires
Tue, 26 Dec 2023 23:59:21 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=N2M2YjI3Zjc3NDZmZmFlMzQxMzFlYzlhZjVhZjJmNzM=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
170 B
409 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=N2M2YjI3Zjc3NDZmZmFlMzQxMzFlYzlhZjVhZjJmNzM=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Protocol
H2
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 11:06:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 26 Dec 2023 11:06:58 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=N2M2YjI3Zjc3NDZmZmFlMzQxMzFlYzlhZjVhZjJmNzM=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1703588818128000-424
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=7c6b27f7746ffae34131ec9af5af2f73&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=7c6b27f7746ffae34131ec9af5af2f73&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Dec 2023 11:06:58 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
AAPYKK2HSVVHBQQ1YMXG
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 26 Dec 2023 11:06:58 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=7c6b27f7746ffae34131ec9af5af2f73&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1703588818159019-393
player-event
events.qortex.ai/api/v1/ Frame
0
0
Preflight
General
Full URL
https://events.qortex.ai/api/v1/player-event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
83b8db8169732bba-FRA
date
Tue, 26 Dec 2023 11:06:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P31x5JRsF4ftCkuAzFBaXjsU3R4rSzAG9zix6%2F03OrNPDCFsiB%2B%2BWPMo%2BhPuvqpwYX29nEdn2coyKV2qNmjtN5%2BYRIY1EFAJcBBioPr%2FLf5ayeNnKvuzUZR12%2BAru7DQ9NESrBAfxDEVtl1ARPA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
pwt.js
ads.pubmatic.com/AdServer/js/pwt/161089/5500/
212 KB
64 KB
Script
General
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/161089/5500/pwt.js
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/cxo/p-cb52e3b0.system.entry.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4dcf78b31f69c1674cb5a75cd5fd5744538b50eaf34076396d9cf54acebee6e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:58 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 00:43:34 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=126351
accept-ranges
bytes
content-length
65407
expires
Wed, 27 Dec 2023 22:12:49 GMT
player-event
events.qortex.ai/api/v1/
0
261 B
XHR
General
Full URL
https://events.qortex.ai/api/v1/player-event
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/cxo/p-cb52e3b0.system.entry.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 26 Dec 2023 11:06:58 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eTroaGbu16lHnGk2ABlqOGfOek%2FQaq%2BRVSzMTW6c6GMwoa6UHqS1FqckNt8pSUbys6O4G4juPSCNKV2C5BphNzc9j8RnM0v84wnZB%2FZKwLFZxUfeAXBO6SP5RQ3XgC5%2B5PfVtoSRSww3L7MbMuw%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
83b8db826b1f2bba-FRA
content-length
0
user-sync
sync.adkernel.com/ Frame 35D9
0
134 B
Document
General
Full URL
https://sync.adkernel.com/user-sync?zone=202197&r=https%3A%2F%2Fdemand.qortex.ai%2Fsync%3Fakuid%3Dhttps%3A%2F%2Ftorontosun.com%7C%7BUID%7D
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/cxo/p-cb52e3b0.system.entry.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store
Connection
close
Content-Length
0
Date
Tue, 26 Dec 2023 11:06:58 GMT
Server
nginx
player-event
events.qortex.ai/api/v1/ Frame
0
0
Preflight
General
Full URL
https://events.qortex.ai/api/v1/player-event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
83b8db8189aa2bba-FRA
date
Tue, 26 Dec 2023 11:06:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P7uliLloY3I3tUz5UO%2ByY3jLwaEuJY7X%2BijDQ467LPrwpjfAfYGEdxsvEDVN9JGxEYGMgM2ua0lm1tIpVC7oTdR8tonTziclf7TWqd0kMQWiJssb2780rp5koSItBMmmYT5NL7LvP4Er%2F%2Bp4plQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
player-event
events.qortex.ai/api/v1/
0
258 B
XHR
General
Full URL
https://events.qortex.ai/api/v1/player-event
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/cxo/p-cb52e3b0.system.entry.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 26 Dec 2023 11:06:58 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=noqjlKzOD6RkERoSDA1LuoEq24438lONPrIvMctAQqQj0cURrmI%2Fwft%2FS9d8rTt0Kuz8gaPPObA0rpagX4nlqLfiYJO6htG%2FQnDfvI8heTtfQHqVyHlvtqUeocEVLQJFeShlIKHftLJ2e4i6k%2B4%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
83b8db826b222bba-FRA
content-length
0
ixmatch.html
js-sec.indexww.com/um/ Frame A0AD
3 KB
2 KB
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.30.1/bidding.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
368
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
83b8db81fc714522-TXL
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 26 Dec 2023 11:06:58 GMT
expires
Tue, 26 Dec 2023 15:06:58 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CBA1
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.30.1/bidding.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=42056
content-encoding
gzip
content-length
5622
content-type
text/html
date
Tue, 26 Dec 2023 11:06:58 GMT
expires
Tue, 26 Dec 2023 22:47:54 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 54BB
281 B
555 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.30.1/bidding.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.211.9.109 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-211-9-109.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 26 Dec 2023 11:06:58 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
gtm.js
www.googletagmanager.com/
229 KB
73 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NFGNKKG&l=mpartical
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6808945595dee427943d31e39e11884dfd304d8188afb970e74d19eea9373018
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74394
x-xss-protection
0
last-modified
Tue, 26 Dec 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 26 Dec 2023 11:06:58 GMT
collect
region1.analytics.google.com/g/
0
244 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-72QH41ZTMR&gtm=45je3bt0v880952817z879194588&_p=1703588817238&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1530872099.1703588817&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1703588818&sct=1&seg=0&dl=https%3A%2F%2Ftorontosun.com%2F&dt=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&en=page_view&_fv=1&_ss=1&tfd=3686
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-72QH41ZTMR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 11:06:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://torontosun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
244 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-72QH41ZTMR&cid=1530872099.1703588817&gtm=45je3bt0v880952817z879194588&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-72QH41ZTMR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1d::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 11:06:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://torontosun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/
0
45 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-72QH41ZTMR&gtm=45je3bt0v880952817&_p=1703588817238&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1530872099.1703588817&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEI&_s=2&sid=1703588818&sct=1&seg=0&dl=https%3A%2F%2Ftorontosun.com%2F&dt=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&en=ad_impression&_c=1&ep.query_id=CMCikfL6rIMDFWf8EQgd0oYFAQ&_et=4&tfd=3694
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-72QH41ZTMR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 11:06:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://torontosun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
408 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-72QH41ZTMR&cid=1530872099.1703588817&gtm=45je3bt0v880952817z879194588&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=995042504
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 11:06:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cds-pips.js
cdn.taboola.com/scripts/
3 KB
2 KB
Script
General
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231225-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding
gzip
via
1.1 varnish
date
Tue, 26 Dec 2023 11:06:58 GMT
x-amz-request-id
9T8G4R1J257WC6ZV
age
3415
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1347
x-amz-id-2
EtXJZix6twxSRBOalXcDTYlF3ZXZJ0GOcu33LsL8+Qu9Bt435W8ywVX2VgQgr71/qWQ468QSryk=
x-served-by
cache-fra-etou8220039-FRA
last-modified
Sun, 29 Oct 2023 14:06:32 GMT
server
AmazonS3
x-timer
S1703588818.249023,VS0,VE0
etag
"c52aa1ea682aef8ad5ebf7aff9662e35"
vary
Accept-Encoding
content-type
application/javascript
abp
20
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
19475
usync.js
eus.rubiconproject.com/ Frame 54BB
45 KB
13 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.211.9.109 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-211-9-109.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b1621e07b5dfd008521714aeb973aeedcf047028a0bfddf14bc65f965f82bccd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Tue, 26 Dec 2023 11:06:58 GMT
Content-Encoding
gzip
Last-Modified
Tue, 26 Dec 2023 08:17:55 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=76164
Connection
keep-alive
Content-Length
13200
Expires
Wed, 27 Dec 2023 08:16:22 GMT
cx.js
cdn.cxense.com/
111 KB
37 KB
Script
General
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.cce.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:983::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
baa1e321fd815ef7c8bec6e9daa2ef002aadb656cc27cfdf6661dfdac33e0cda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Tue, 26 Dec 2023 11:06:58 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Dec 2023 12:22:49 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
37123
Expires
Tue, 26 Dec 2023 12:06:58 GMT
syncframe
gum.criteo.com/ Frame 3DBE
14 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=torontosun.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 26 Dec 2023 11:06:58 GMT
server
Kestrel
server-processing-duration-in-ticks
420661
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
publishertag.prebid.139.js
static.criteo.net/js/ld/
94 KB
30 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.139.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
17882276150f09461415088bd161e0242ce0327673dc9233e11bf1f7cbe28762
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:58 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Jul 2023 13:25:47 GMT
server
nginx
etag
W/"64ad585b-17893"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 27 Dec 2023 11:06:58 GMT
collect
region1.analytics.google.com/g/
0
54 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-H792QCFZPV&gtm=45je3bt0v880952819&_p=1703588817244&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1530872099.1703588817&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEI&_s=1&dl=https%3A%2F%2Ftorontosun.com%2F&sid=1703588818&sct=1&seg=0&dt=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&en=ad_impression&_fv=1&_ss=1&_c=1&ep.debug_mode=false&ep.gtm_version=55&ep.gtm_container_id=GTM-P3Q4QHW&ep.ad_blocker_enabled=false&ep.user_status=anonymous&ep.page_type=index&ep.platform=Cheetah&ep.platform_version=15.1.1&ep.fem_version=v93.0&ep.brand=Toronto%20Sun&ep.timestamp=2023-12-26T12%3A06%3A58.060%2B01%3A00&ep.query_id=CMCikfL6rIMDFWf8EQgd0oYFAQ&tfd=3860
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H792QCFZPV&l=gtm_data_layer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 11:06:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://torontosun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
54 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-H792QCFZPV&cid=1530872099.1703588817&gtm=45je3bt0v880952819&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H792QCFZPV&l=gtm_data_layer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1d::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 11:06:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://torontosun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-H792QCFZPV&cid=1530872099.1703588817&gtm=45je3bt0v880952819&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=187161127
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 11:06:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Forwarding
jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/
0
198 B
XHR
General
Full URL
https://jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/Forwarding
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-sof1510026-SOF
date
Tue, 26 Dec 2023 11:06:58 GMT
via
1.1 varnish
server
Kestrel
x-timer
S1703588819.649791,VS0,VE39
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
x-cache-hits
0
PugMaster
image6.pubmatic.com/AdServer/ Frame CBA1
0
42 B
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=56256906&p=160305&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:58 GMT
content-length
0
usermatch
ssum-sec.casalemedia.com/ Frame 4485
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
870 B
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e973d2df27d7015bf89fb49c491c1cc7ad70792dd52acc1b7a06e45d54408c42

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
83b8db84ee3d453a-TXL
content-encoding
br
content-type
text/html
date
Tue, 26 Dec 2023 11:06:58 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CZU0aEoy8w9gbE9bcX1Oki8%2FfFLTCCWg63pZnYITbAhdev2H%2B%2B96%2FEkDbAZM9rvpsd5Vv8PO2TpdaTW03mq6Zm2VxEmZZQne%2FWkGehUZzWE96cCSclwpbmV9XOKsoObAWDZmk%2BwwTt2aCg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
83b8db847d23453a-TXL
content-length
0
date
Tue, 26 Dec 2023 11:06:58 GMT
expires
0
location
/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MlqdgLuPw%2FOfw29vKlkueUXGu2aNK3gJp83YOjKC9LcshJnLm07m40c8g6UtM85kDc5pIZgPRbmVxwYZB%2B9vtAMcK%2FHLPF%2BEdxgpTjvQRbGNGgijTTkX24pYbiQFhbPJ3RexV9L0Cb%2FxDA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
collect
www.google-analytics.com/j/
4 B
208 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=243631979&t=pageview&_s=1&dl=https%3A%2F%2Ftorontosun.com%2F&ul=en-us&de=UTF-8&dt=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACAABBAAAACAEK~&jid=233805411&gjid=982717000&cid=1530872099.1703588817&tid=UA-213173459-5&_gid=429414004.1703588819&_r=1&_slc=1&gtm=45He3bt0n81P3Q4QHWv854753396&cd2=2023-12-26T12%3A06%3A58.066%2B01%3A00&cd7=anonymous&cd17=0&cd23=Toronto%20Sun&cd24=Cheetah&cd25=15.1.1&cd26=v93.0&cd27=0&cd28=GTM-P3Q4QHW&cd29=55&cd31=index&cd52=index&cd65=false&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd1=1530872099.1703588817&z=382425704
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 11:06:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://torontosun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
15 B
83 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=243631979&t=pageview&_s=1&dl=https%3A%2F%2Ftorontosun.com%2F&ul=en-us&de=UTF-8&dt=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACAABBAAAACAEK~&jid=1154253655&gjid=1427007950&cid=1530872099.1703588817&tid=UA-114648105-14&_gid=429414004.1703588819&_r=1&_slc=1&gtm=45He3bt0n81P3Q4QHWv854753396&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=148777814
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
07e6168cc4f12c66e03b1c278e8edba4e031a0ce6577aaee54e3cfbe73f2b3b9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 11:06:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://torontosun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-geo.s-onetag.com/
555 B
971 B
Fetch
General
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-42.ams54.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 04:35:59 GMT
via
1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront), 1.1 51d16867ea09d1b4c52eca0e090ad4a2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2, AMS54-C1
age
23459
x-amzn-requestid
9456ca49-9daf-4a5d-a3be-d0cc1915f133
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
QiK3dEQGCYcEBIA=
content-length
555
x-amz-cf-id
_2LVNn_vwZfVdPeRZkDzFOiOdyPM-lzCC6wXX5WrzU80S1SDZTu4VQ==
beacon.min.js
signal-beacon.s-onetag.com/
22 KB
7 KB
Script
General
Full URL
https://signal-beacon.s-onetag.com/beacon.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-87.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b0a16378462c7afcb27d8e14cf50e2cd3a8980af2895d20622640b096920719e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
bto3eb0o1YxjKQVMPWidTjdqvOBrBN1F
content-encoding
gzip
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
date
Tue, 26 Dec 2023 04:45:48 GMT
last-modified
Tue, 13 Jun 2023 14:58:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
22871
x-amz-server-side-encryption
AES256
etag
W/"565eb88b90415391668a5cb7cfb4557a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
iRCpZZDDL8_7R2cwZv6sNEO9R6rsS4wYZqwrnihhYf9DKdrCf0IhXA==
khaos.json
token.rubiconproject.com/ Frame 54BB
7 B
380 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
sid
mug.criteo.com/ Frame 3DBE
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=torontosun.com&sn=ChromeSyncframe&so=0&topUrl=torontosun.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=xODTV3xUb2FKdmN3bkZkTkhxUm16bEVKblpYTldIWitreEhIdXhpZThUOHJwSWVaWkEzZXVWdDFDMG1mYXh5WFNtOUtpWDhRMGk3UUtiYXc3TjhZNEJWdnQ5ZlNMdWs0dTBEdWZtMTJ6c0JEbmdPYnluT3RNdzlBR1VoTj...
436 B
665 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=xODTV3xUb2FKdmN3bkZkTkhxUm16bEVKblpYTldIWitreEhIdXhpZThUOHJwSWVaWkEzZXVWdDFDMG1mYXh5WFNtOUtpWDhRMGk3UUtiYXc3TjhZNEJWdnQ5ZlNMdWs0dTBEdWZtMTJ6c0JEbmdPYnluT3RNdzlBR1VoTjFiWitpSmpHSFhHY2Z1MzduRDhQYXRyVzZDVXRxZGdHY2ZodGFTbm5YN1dXRHB2ZGpZSlNhQ0pPekhXcmRkNzZIR1o2VTVPL1ZHNlBINmhWS0I1bUc2azQ5RGM5aVNRdDZFTE1oa25sUnZ5UFRndUV5T3RsR2kxRzBqRVkwNWFSZjF2OUxiT0g0MWhTbWsrQTdEKzBzWEN3dGNnM244RWQyQmpRVTE3RHNxNnFTWGo5ajEwRT18&cppv=2
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
fbbc0a66982c2da23a5e7deab77ebcd2fd3551c4ae1f2f1064190d5a3f7e4711
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 11:06:58 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1222261
expires
0

Redirect headers

pragma
no-cache
date
Tue, 26 Dec 2023 11:06:58 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=xODTV3xUb2FKdmN3bkZkTkhxUm16bEVKblpYTldIWitreEhIdXhpZThUOHJwSWVaWkEzZXVWdDFDMG1mYXh5WFNtOUtpWDhRMGk3UUtiYXc3TjhZNEJWdnQ5ZlNMdWs0dTBEdWZtMTJ6c0JEbmdPYnluT3RNdzlBR1VoTjFiWitpSmpHSFhHY2Z1MzduRDhQYXRyVzZDVXRxZGdHY2ZodGFTbm5YN1dXRHB2ZGpZSlNhQ0pPekhXcmRkNzZIR1o2VTVPL1ZHNlBINmhWS0I1bUc2azQ5RGM5aVNRdDZFTE1oa25sUnZ5UFRndUV5T3RsR2kxRzBqRVkwNWFSZjF2OUxiT0g0MWhTbWsrQTdEKzBzWEN3dGNnM244RWQyQmpRVTE3RHNxNnFTWGo5ajEwRT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
295947
content-length
0
expires
0
1685973801652415
connect.facebook.net/signals/config/
142 KB
37 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1685973801652415?v=2.9.138&r=stable&domain=torontosun.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c3a1e19ae447c458c806cec0f399a8b654602801a1b68e7c0341562c22b90f7e
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 26 Dec 2023 11:06:58 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
37725
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
Z/eDOLgZXYNi21085as50tmD6H6kXLYvRIiRlFe9MtorEhdXAqyzj+j3I5f0HKZ5lZEbm86BpqOFAaWEj/VBkQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
thirdpartycookie
api.viafoura.co/v2/torontosun.com/
45 B
648 B
XHR
General
Full URL
https://api.viafoura.co/v2/torontosun.com/thirdpartycookie?section=
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4848:c843:e803:e83b:7cec Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356

Request headers

Accept
application/json, text/plain, */*
Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-instance-id
i-0343858b0f6c5814a
pragma
no-cache
date
Tue, 26 Dec 2023 11:06:58 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://torontosun.com
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Tue, 26 Dec 2023 11:06:58 GMT
/
pips.taboola.com/
4 B
121 B
XHR
General
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-served-by
cache-fra-etou8220058-FRA
date
Tue, 26 Dec 2023 11:06:58 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://torontosun.com
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
/
p1.parsely.com/plogger/
43 B
258 B
Image
General
Full URL
https://p1.parsely.com/plogger/?rand=1703588818632&plid=1d76f3fb-df4e-4b64-8c75-1369d9c064c6&idsite=torontosun.com&url=https%3A%2F%2Ftorontosun.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22login_status%22%3A%22anonymous%22%7D&sid=1&surl=https%3A%2F%2Ftorontosun.com%2F&sref=&sts=1703588818627&slts=0&title=Home+%7C+Toronto+Sun+Home+Page+%7C+Toronto+Sun&date=Tue+Dec+26+2023+12%3A06%3A58+GMT%2B0100+(Central+European+Standard+Time)&action=pageview&pvid=7584f752-871d-4591-b80d-bceecb4446cf&u=pid%3Dd1a35e65-8e33-4a62-b97c-410b1ff7500c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.18.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-18-159.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Tue, 26 Dec 2023 11:06:58 GMT
Cache-Control
no-cache
Last-Modified
Tuesday, 26-Dec-2023 11:06:58 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
identify
identity.mparticle.com/v1/ Frame
0
0
Preflight
General
Full URL
https://identity.mparticle.com/v1/identify
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-mp-key
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type,x-mp-key
access-control-allow-methods
POST
access-control-allow-origin
*
age
3397
date
Tue, 26 Dec 2023 11:06:58 GMT
server
Kestrel
strict-transport-security
max-age=900
via
1.1 varnish
x-cache
HIT
x-cache-hits
2087
x-fastly-trace-id
2991935303
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by
cache-sof1510023-SOF
x-timer
S1703588819.663686,VS0,VE0
identify
identity.mparticle.com/v1/
175 B
240 B
XHR
General
Full URL
https://identity.mparticle.com/v1/identify
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
43c40582bfa08c02b31d1dac144ec36092e82ce88f5f15810db164b06d517306
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

x-mp-key
us1-99b65fde89a1a145894d2d51d283cc83
Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

x-served-by
cache-sof1510023-SOF
date
Tue, 26 Dec 2023 11:06:58 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=900
server
Kestrel
x-timer
S1703588819.722333,VS0,VE139
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-cache
MISS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
x-fastly-trace-id
2991936007
accept-ranges
bytes
x-cache-hits
0
Forwarding
jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/
0
59 B
XHR
General
Full URL
https://jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/Forwarding
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-sof1510026-SOF
date
Tue, 26 Dec 2023 11:06:58 GMT
via
1.1 varnish
server
Kestrel
x-timer
S1703588819.671083,VS0,VE38
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
x-cache-hits
0
identify
api.permutive.com/v2.0/
50 B
123 B
XHR
General
Full URL
https://api.permutive.com/v2.0/identify?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
edfe8fd9e5fd546323a16162a06d4eb2ff331ad230e1b3f48d2ec97862511d04

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 26 Dec 2023 11:06:58 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
main.19.8.466.js
static.adsafeprotected.com/ Frame 95E6
213 KB
67 KB
Script
General
Full URL
https://static.adsafeprotected.com/main.19.8.466.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=928934&campId=728x90&pubId=4811995650&chanId=165440461&placementId=6320689129&pubCreative=138435367041&pubOrder=3214528277&cb=228111808&custom=index&custom2=1&adsafe_par&impId=e19b91b2-a3de-11ee-8b37-02a8f35b7e47
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:5600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8acc1f1025dcaf26f8f860f726b3a05a701b77eb685301d4f25bc8339bbf891f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 20:53:12 GMT
x-amz-version-id
xzgJjX2ySahBlQ72zDUgnxljnut_sNmJ
content-encoding
gzip
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
1088026
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 13 Dec 2023 19:37:51 GMT
server
AmazonS3
etag
W/"eac384b0904b6f5677cb58a4d4e104c8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
elft8pyYcF3VfVsVBp-42D-YqPG4FcW9V0XpRtkRtDOQ3XhjaZ2sIw==
ingest.php
events.newsroom.bi/
50 B
850 B
XHR
General
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.19.56.86 , France, ASN16276 (OVH, FR),
Reverse DNS
haproxy01.cl13.ovh.mrf.io
Software
istio-envoy /
Resource Hash
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 26 Dec 2023 11:06:58 GMT
content-encoding
gzip
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://torontosun.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
66
e0a4db8779dc244a772e.js
sdk.mrf.io/statics/
50 KB
12 KB
Script
General
Full URL
https://sdk.mrf.io/statics/e0a4db8779dc244a772e.js
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:9fa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c615104d3516e49abe78a9102737c6aa04056c6a8090e5746a38921d3b3811ab

Request headers

Referer
https://torontosun.com/
Origin
https://torontosun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:58 GMT
content-encoding
gzip
via
1.1 9ddb4a7c37b01f2b5d90f99e9851b35c.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
LHR61-C1
age
3082
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-envoy-upstream-service-time
90
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 12 Dec 2023 09:09:46 GMT
server
cloudflare
etag
W/"44ac276b251e58c5c7f65bad76e76963"
access-control-max-age
3600
access-control-allow-methods
GET
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
vary
Accept-Encoding
timing-allow-origin
*
cf-ray
83b8db8518489150-FRA
x-amz-cf-id
YCvO4dC5TU1kOL1qMIGmnCUBqL7LMljO2Yont8tLQENzmqVGaNMnlg==
dw-check.html
experiences.mrf.io/marfeelpass/statics/ Frame 2847
3 KB
1 KB
Document
General
Full URL
https://experiences.mrf.io/marfeelpass/statics/dw-check.html?v=5
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:325a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fc487a75eea98b11319aafde13f978f28438e37cd8bcf0fca3ac4f86812a607

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2350112
alt-svc
h3=":443"; ma=86400
cache-control
max-age=86400, s-maxage=2592000
cf-cache-status
HIT
cf-ray
83b8db85bb79b767-AMS
content-encoding
gzip
content-type
text/html
date
Tue, 26 Dec 2023 11:06:58 GMT
last-modified
Thu, 23 Nov 2023 12:08:24 GMT
server
cloudflare
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
x-envoy-upstream-service-time
3
collect
stats.g.doubleclick.net/j/
4 B
25 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-213173459-5&cid=1530872099.1703588817&jid=233805411&gjid=982717000&_gid=429414004.1703588819&_u=YCDACAAABAAAACAEK~&z=423805276
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c1d::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 26 Dec 2023 11:06:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://torontosun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
228 KB
81 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-QZZLREHFVM&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7a4243ccdabcea5332aefbd4332ce61ca0f1af879b1c7420f0d90a720c39996c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83081
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 26 Dec 2023 11:06:58 GMT
/
cds.taboola.com/
0
82 B
XHR
General
Full URL
https://cds.taboola.com/?uid=e613968c-393a-40c7-a6df-effe7dbc92fa-tuctc84394f&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.230.50 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 26 Dec 2023 11:06:59 GMT
cache-control
no-store
server
nginx
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312060101&jk=3008162381316004&bg=!SkmlSQbNAAY3kmNgF5I7ADQBe5WfONoO0hM-WNFh0XTMBHHDGvrsw1JwqvF0OwPY3gdWiRMQiPxyXIfcQdR_BDoafi5GAgAAAolSAAAABGgBB5kC5e506iek-Xs8BD_9d6-_oAZK-OC62Jy1Dn42nMAq0DLQCZcR6G793mDW9v5PSziHtEGWpQZnwVWK-Ri7p1CGP54Gl-fZjhuaY-cE__CvoWx77TGwijFpI6jMXpOWh_KMFzM15Zos5lPlxeKCNB7Z2KRu7I4ukT9dOAbnSrLJ66MwBKHsEWsvXqIkiQVS-WV9wKwvVl3CV3BBo8qzknEP2IGrRvH1gugF4ZCmcrlmv5fqBE7DNBRv6XHHBN9EQ-dSEQ0CNvF53eNAmFbpWLlhj_SZAyCcvcQKOLWon-1CiuggSQ1WB7FQ3ohEfDGUX2wXrzp-ncVmb6j9hzuv6W3dv4477Mf1T8zFE-1qiYH0i8vUJI5DY0Q3yGzrVU9epgezK7aCQOPqkynYBZpbIktB0LSPuHpCHz_OFkgJ8uMzeO41OahRSjU0SKLcBkex8eaTxtSzjnpypCcZBvk6NQQPyNODlPdDaOKarlOpnNnfkwHTrrkswdpi20XmEFgWdSUC6wH3e1ftZ1EtRwzYWCmxSS1OPyEs40s7dHdo5abgcjO4wZaJMLn8VL3MEWrDlCvRputbDlBIJkjLh8cF1BwiIdDIFtegOOJYBikQT8R_1Sa4RFHCNkMsFSugof5V2MxejohOi9655PoyY_4iDe2JJdGxVV4RsfkHPHXNUCi3pgAqWSGfJJ_IKYrnoxMROS7ZUAp-8SwuB3kuzJXAwaiCsgCGZF96ZxPL6VtTOtY-aJcq9duO2RGyfGgNY_VCinIKqjNn20MxJ9fMjsh1VJQpfWP3kgTQiQvhNaMLNZAGK68O2q9hZnZj_05I3nKyjQN2hbTc8RSBdL3ssR5GkhUcTEP-aLaZlXK9NeSa1exNuKebotd9lFlnywo4WQVURMp_gTzRZaiv0vMnhf7bosyrpUAeEA9xzBqAbdC775tKmY5XBiRh4gOSgqaOjWrs6NInN7nZUrpmeE2UZqadUT15qFTG6a-Ujw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

sp1.html
cdn.cxense.com/ Frame 6939
456 B
659 B
Document
General
Full URL
https://cdn.cxense.com/sp1.html
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:983::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
1643f549380aeab61b23502d9f260f7350d9c2bd34dbc3cb0af73644332b6ef5

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Cache-Control
max-age=864000
Connection
keep-alive
Content-Encoding
gzip
Content-Length
289
Content-Type
text/html
Date
Tue, 26 Dec 2023 11:06:58 GMT
Expires
Fri, 05 Jan 2024 11:06:58 GMT
Last-Modified
Thu, 30 Nov 2023 11:55:50 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
intl-messageformat.1ffa056616fa00afbfc0.js
cdn.viafoura.net/chunks/defaultVendors~languages/
17 KB
5 KB
Script
General
Full URL
https://cdn.viafoura.net/chunks/defaultVendors~languages/intl-messageformat.1ffa056616fa00afbfc0.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:e800:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42716b1e53a7779105575276cedc2e75677bc64e77b0a712bc0d48e2479abd98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 16:08:40 GMT
x-amz-version-id
HO9xTEwUA9XX7mdUyeB5zFlGyaHcZJoU
content-encoding
br
via
1.1 d53a72f970327ac790782b2a7692e5f6.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P2
age
1018699
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 14 Dec 2023 16:07:47 GMT
server
AmazonS3
etag
W/"1c693504509bdbb60c6776720954c7c1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
YKSnIflY9WHRpuCoZELzqFS4Rh8WzIVFSXaNe7NbHGZ_3PyFWf6LgQ==
intl-messageformat.bba378369051b3ea02d6.js
cdn.viafoura.net/chunks/languages/
135 B
618 B
Script
General
Full URL
https://cdn.viafoura.net/chunks/languages/intl-messageformat.bba378369051b3ea02d6.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:e800:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
af979786c73f4c25357e6528bb264f3dffae203ec6ff1adced8b57c3532f6d4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 16:08:40 GMT
x-amz-version-id
UzLWjcfYom6uexWyVPi6r3Nw71PzbVar
via
1.1 d53a72f970327ac790782b2a7692e5f6.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P2
age
1018699
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
135
last-modified
Thu, 14 Dec 2023 16:07:56 GMT
server
AmazonS3
etag
"41f960d448b03a594d459a897779ddf6"
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
93FE8RdJMY5Uj_cQu1Db4R1IGHKebRZrMehiDG2CqEKDbxJUnQN5lw==
en-us-base-json.22dd055f6ebc67a95f1d.js
cdn.viafoura.net/chunks/languages/
19 KB
5 KB
Script
General
Full URL
https://cdn.viafoura.net/chunks/languages/en-us-base-json.22dd055f6ebc67a95f1d.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:e800:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b2d2f5d052658ef5589fe450a8654dbeb88d97511ce36f21f1c3bb3b38fa3c24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 16:08:40 GMT
x-amz-version-id
eMLa6OOnuDbIY213u_T07FIUE3Zk08lX
content-encoding
br
via
1.1 d53a72f970327ac790782b2a7692e5f6.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P2
age
1018699
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 14 Dec 2023 16:08:01 GMT
server
AmazonS3
etag
W/"dfb5516fd649a383d34843bb4b99126e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
zoH82g4JtGDaVJZI5REd9jJcRy8f8Wd8uJXSwk9g36dj2YrOOlfBqw==
audiences
api.permutive.com/audience-matching/v1/id/97355c81-b226-486f-adc7-d3b7cd630cff/
12 B
25 B
XHR
General
Full URL
https://api.permutive.com/audience-matching/v1/id/97355c81-b226-486f-adc7-d3b7cd630cff/audiences?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
/
Resource Hash
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 26 Dec 2023 11:06:58 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12
content-type
application/json
/
www.facebook.com/tr/
0
185 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1685973801652415&ev=PageView&dl=https%3A%2F%2Ftorontosun.com%2F&rl=&if=false&ts=1703588818759&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1703588818756.1287359000&cs_est=true&ler=empty&it=1703588818608&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 26 Dec 2023 11:06:58 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
dcm
s.amazon-adsystem.com/ Frame 4485
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZYqz0m6zenr_WnMW4Yv4egAACJAAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Dec 2023 11:06:58 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MRSDC885K89P3N7DJ7N0
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 4485
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZYqz0m6zenr-WnMW4Yv4egAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEAv7sBRsep8jsOYe1pNOI0&google_cver=1
43 B
734 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEAv7sBRsep8jsOYe1pNOI0&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 11:06:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V1BocW7G0WxmzkagkPJBhBO0yAITcLm0jpPhEgU0SYBoWWsZaOTUZsSpCYMEUSIvgdvHnZhp4VOY1N9%2ByN9ZlfFGnjzrs2ShA%2B4TQwE5Wye8i0V6VH72xggkDQWsiNm%2Fydv%2B2ONpk4Mt4g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83b8db869b234528-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 26 Dec 2023 11:06:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEAv7sBRsep8jsOYe1pNOI0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
501709.gif
idsync.rlcdn.com/ Frame 4485
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZYqz0m6zenr-WnMW4Yv4egAA%262192&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZYqz0m6zenr-WnMW4Yv4egAA%262192&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=8f1b489b12ca4be8b9e34bba424f9e06
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=8f1b489b-12ca-4be8-b9e3-4bba424f9e06
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=a5dab82f-85dd-4b75-b22a-c9c63ab14b98%3A1703588819.554331&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Da5dab82f-85dd-4b75-b22a-c9c63ab1...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5141210828919920119&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Da5dab82f-85dd-4b75-b2...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=a5dab82f-85dd-4b75-b22a-c9c63ab14b98%3A1703588819.554331&_=1703588819.557544
0
98 B
Image
General
Full URL
https://idsync.rlcdn.com/501709.gif?partner_uid=a5dab82f-85dd-4b75-b22a-c9c63ab14b98%3A1703588819.554331&_=1703588819.557544
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:07:00 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Redirect headers

date
Tue, 26 Dec 2023 11:06:59 GMT
via
1.1 aff6ac5c98fa897349204752e5877c80.cloudfront.net (CloudFront)
server
lighttpd/1.4.69
x-amz-cf-pop
FRA56-C2
vary
Cookie
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
location
https://idsync.rlcdn.com/501709.gif?partner_uid=a5dab82f-85dd-4b75-b22a-c9c63ab14b98%3A1703588819.554331&_=1703588819.557544
content-length
443
x-amz-cf-id
Xd_dCtwT9_1X9TeFPzui_me-s0-s_xSiddB_nSs7oZHhOCsSZTfI6A==
usermatchredir
ssum-sec.casalemedia.com/ Frame 4485
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZYqz0m6zenr_WnMW4Yv4egAACJAAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEOfTOiVRV6ATUDClEP1-Xoo&google_cver=1
43 B
770 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEOfTOiVRV6ATUDClEP1-Xoo&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 11:06:58 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nig50q%2BqRU4bcQdZwS8JsDyPYMoLGlSWIvvh4J5X6HXADoE5zqjQN%2FIOWWbNiSnJejRRKoqo4je8shDFksqE1TPDkZrnFvIKYr1QPzFng1NU%2FGjiRNhhoB4SVBsJzEnRiyktsJKEo7zCPw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83b8db85e99f4528-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 26 Dec 2023 11:06:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEOfTOiVRV6ATUDClEP1-Xoo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ZYqz0m6zenr_WnMW4Yv4egAACJAAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 4485
43 B
602 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZYqz0m6zenr_WnMW4Yv4egAACJAAAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:3813:6b17:e1ee:5ace Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:58 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
rum
dsum-sec.casalemedia.com/ Frame 4485
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=6z_Bwr85nZHwb8mR727Ulb89n8HwOMiR5DrcCGat
43 B
731 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=6z_Bwr85nZHwb8mR727Ulb89n8HwOMiR5DrcCGat
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 11:06:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y7rZfkLbsL0uex%2B2V6AK5lQ2WShRtEiKl4jFaEtavXea5V75jLOBhPXxZEglb0Gkwi8OjyGgKVub3nKZqNbZnWhsdR3nf8mQ%2BCYAJOJnWAZco5Uk5ISeOpPIiHxrVw0Z67a7bc69KiqQcg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83b8db869b2a4528-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 26 Dec 2023 11:06:58 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=6z_Bwr85nZHwb8mR727Ulb89n8HwOMiR5DrcCGat
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
tp_out
d.adroll.com/cm/index/ Frame 4485
42 B
181 B
Image
General
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe05:319d:70a4:7baa:2eae Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:58 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame 4485
Redirect Chain
  • https://trace.mediago.io/ju/cs/indexexchange
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=f5ef61ca1b1110322vw9lx00lqm8spn5
43 B
737 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=f5ef61ca1b1110322vw9lx00lqm8spn5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 11:06:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B3nxQ0oWkwVSLRzuhxjerSDDL7cv9m0XVwL2SL4CaREqR3iXsxoPZz2680FEO%2FxYQ3s6D3r3Av28x8UUt1vUxUi9upWDXBWCpcWBzHr6FwxP%2Bw3t2izxczeIvYSsVtagaZ%2Fr9bQA%2F%2FBz2w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83b8db883fad4528-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Tue, 26 Dec 2023 11:06:59 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=f5ef61ca1b1110322vw9lx00lqm8spn5
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
htw-pixel.gif
cdn.indexww.com/ht/ Frame 4485
43 B
230 B
Image
General
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZYqz0m6zenr-WnMW4Yv4egAA%262192
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:58 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
12239
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
83b8db858c3b4522-TXL
content-length
43
expires
Wed, 27 Dec 2023 11:06:58 GMT
ga-audiences
www.google.com/ads/
42 B
296 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-213173459-5&cid=1530872099.1703588817&jid=233805411&_u=YCDACAAABAAAACAEK~&z=1984208554
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 11:06:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-213173459-5&cid=1530872099.1703588817&jid=233805411&_u=YCDACAAABAAAACAEK~&z=1984208554
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 11:06:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cx.js
cdn.cxense.com/ Frame 6939
111 KB
37 KB
Script
General
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:983::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c024a500b6884e87cb923bdfab0b6303d5130c87bd4e00612ea410613e765faf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.cxense.com/sp1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Tue, 26 Dec 2023 11:06:58 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Dec 2023 12:22:49 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
37123
Expires
Tue, 26 Dec 2023 12:06:58 GMT
LoginRadiusV2.js
auth.lrcontent.com/v2/
211 KB
49 KB
Script
General
Full URL
https://auth.lrcontent.com/v2/LoginRadiusV2.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdd5eb5886d055428379d1938f01e5a186f7f8dbf3efc851ad9e04914302eb59
Security Headers
Name Value
Strict-Transport-Security max-age= 63072000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:58 GMT
strict-transport-security
max-age= 63072000; includeSubdomains; preload
via
1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
gzip
age
3863
x-amz-cf-pop
FRA56-C1
cf-polished
origSize=1336927
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cf-bgj
minify
last-modified
Mon, 04 Dec 2023 07:20:21 GMT
server
cloudflare
etag
W/"34dedade3a8f1aa4aa0db4d3bf475de7"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=14400
cf-ray
83b8db85ad321e3e-FRA
x-amz-cf-id
bfgmeJmAoHSSMl7sV8Lg-6rxbAPmn-3n8FbitMmpmJ56jSeHfPM6lA==
expires
Tue, 26 Dec 2023 15:06:58 GMT
ingest
i.viafoura.co/v3/torontosun.com/
67 B
391 B
Ping
General
Full URL
https://i.viafoura.co/v3/torontosun.com/ingest
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.25.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-25-219.compute-1.amazonaws.com
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://torontosun.com
date
Tue, 26 Dec 2023 11:06:59 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/png
content-length
67
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
45 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-QZZLREHFVM&gtm=45je3bt0v9124468815&_p=1703588817238&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=1530872099.1703588817&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Ftorontosun.com%2F&dt=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&sid=1703588818&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=4322
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QZZLREHFVM&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 11:06:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://torontosun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
svod-module-js.af0a0ec7f140c97a1728.js
cdn.viafoura.net/chunks/vuex_store/
7 KB
3 KB
Script
General
Full URL
https://cdn.viafoura.net/chunks/vuex_store/svod-module-js.af0a0ec7f140c97a1728.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:20a0:e800:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0a633cd18a8ef38d694ec323dfd22731854e161f2ebee27b2eb9870a7df78980

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 16:08:40 GMT
x-amz-version-id
oVcFYRVQ6xZnBh6.ADJboKZ1fI_ywaEX
content-encoding
br
via
1.1 ba01234d30a5778423f79c0c58d283ce.cloudfront.net (CloudFront)
age
1018698
x-amz-cf-pop
AMS58-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 14 Dec 2023 16:08:02 GMT
server
AmazonS3
etag
W/"29fcd3e8ac2266d59e9874ce666e077c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
4MJaoZdfsv7yOWcFxSnGewhoEascZqwKYs5lcylHWtRoVMhVBmkiaA==
p1.js
p1cluster.cxense.com/ Frame 6939
46 B
634 B
Script
General
Full URL
https://p1cluster.cxense.com/p1.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.235.124.60 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nue0038.cxense.com
Software
Jetty(9.4.28.v20200408) /
Resource Hash
9121f32692dbca92045c2acb38f7e954e4810cbb9320607ee469961b4bda4322

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.cxense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:58 GMT
last-modified
Mon, 26 Jun 2023 11:06:58 GMT
server
Jetty(9.4.28.v20200408)
etag
3jx3c6v50uedjyzzf0dkjrskr
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
text/javascript;charset=utf-8
cache-control
private, proxy-revalidate
content-length
46
expires
Thu, 26 Dec 2024 11:06:58 GMT
sca.17.6.2.js
static.adsafeprotected.com/ Frame FF95
91 KB
23 KB
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:5600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
8333868
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
EXdr_L6qC_UxxOwn0gWsW0KKyBlQxNRQMcD_qUi-MY7UpQwFih_MOw==
mon
pixel.adsafeprotected.com/
43 B
216 B
Image
General
Full URL
https://pixel.adsafeprotected.com/mon?anId=928934&campId=728x90&pubId=4811995650&chanId=165440461&placementId=6320689129&pubCreative=138435367041&pubOrder=3214528277&cb=228111808&custom=index&custom2=1&adsafe_par&impId=e19b91b2-a3de-11ee-8b37-02a8f35b7e47&adsafe_url=https%3A%2F%2Ftorontosun.com%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:5993e43a-1a6a-5d94-3e6e-99a0ea5bb720,c:xU5HYn,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-765c58974b-cc2j7,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:436.157.728.90,am:i,cc:436.157.728.90,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:240,mot:0,app:0,maw:0,fm:tZxH4mB+11%7C12%7C13%7C141%7C15%7C16%7C171%7C172%7C18%7C19%7C1a%7C1b%7C1c*.928934%7C1c1%7C1d1%7C1e%7C1f%7C1g%7C1h%7C1i,idMap:1c*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:291,oid:e30cadab-a3de-11ee-b417-d6ea29ab45d9,v:19.8.466,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.40.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-40-41.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 11:06:59 GMT
server
nginx
x-server-name
app15.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
events
jssdks.mparticle.com/v3/JS/us1-99b65fde89a1a145894d2d51d283cc83/
41 B
180 B
Fetch
General
Full URL
https://jssdks.mparticle.com/v3/JS/us1-99b65fde89a1a145894d2d51d283cc83/events
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
65cee00250fc5893a2dbde7cac97d40903c5c7599e243ff7db87133f7ed8f071

Request headers

Accept
text/plain;charset=UTF-8
Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-sof1510026-SOF
date
Tue, 26 Dec 2023 11:06:59 GMT
content-encoding
gzip
via
1.1 varnish
server
Kestrel
x-timer
S1703588819.003265,VS0,VE39
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-cache-hits
0
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=5993e43a-1a6a-5d94-3e6e-99a0ea5bb720&tv=%7Bc:xU5HZ0,pingTime:0,time:329,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:290%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:329,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:289,wc:0.0.1600.1200,ac:436.157.728.90,am:i,cc:436.157.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B85~100%5D,as:%5B85~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tZxH4mB+11%7C12%7C13%7C141%7C15%7C16%7C171%7C172%7C18%7C19%7C1a%7C1b%7C1c*.928934%7C1c1%7C1d1%7C1e%7C1f%7C1g%7C1h%7C1i,idMap:1c*,rmeas:1,rend:1,renddet:IMG.qs,siq:291%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6bfd:fba3:cd1a:18cf Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 11:06:59 GMT
server
nginx
x-server-name
dt15.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
rfv.php
compassdata.mrf.io/
27 B
470 B
XHR
General
Full URL
https://compassdata.mrf.io/rfv.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
57.128.96.95 Sartrouville, France, ASN16276 (OVH, FR),
Reverse DNS
haproxy07.cl11.ovh.mrf.io
Software
istio-envoy /
Resource Hash
79df73fd1377483384f7b7565e98c4a430889f0388db05634271f9f302faeac7

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryFjN0VTwCWz9Dcw7u

Response headers

date
Tue, 26 Dec 2023 11:06:59 GMT
content-encoding
gzip
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://torontosun.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
42
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=5993e43a-1a6a-5d94-3e6e-99a0ea5bb720&tv=%7Bc:xU5HZe,pingTime:-2,time:343,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1060,beZ:1061,mfA:1300,cmA:1302,inA:1302,inZ:1306,prA:1306,prZ:1342,si:1351,poA:1351,poZ:1369,cmZ:1369,mfZ:1369,loA:1394,loZ:1397,ltA:1402,ltZ:1402,mdA:1061,mdZ:1259%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:290%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:343,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:289,wc:0.0.1600.1200,ac:436.157.728.90,am:i,cc:436.157.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B99~100%5D,as:%5B99~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tZxH4mB+11%7C12%7C13%7C141%7C15%7C16%7C171%7C172%7C18%7C19%7C1a%7C1b%7C1c*.928934%7C1c1%7C1d1%7C1e%7C1f%7C1g%7C1h%7C1i,idMap:1c*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:IMG.qs,siq:291,slid:%5Bgoogle_ads_iframe_/3081/SMCO_ENUR_TSUN_EN_WEB/index_0,google_ads_iframe_/3081/SMCO_ENUR_TSUN_EN_WEB/index_0__container__,ad-1,ad__inner-1,main-content%5D,sinceFw:50,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6bfd:fba3:cd1a:18cf Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 11:06:59 GMT
server
nginx
x-server-name
dt01.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
appInfo
config.lrcontent.com/ciam/ Frame
0
0
Preflight
General
Full URL
https://config.lrcontent.com/ciam/appInfo?apikey=1a9a7ccf-c3f1-4ec9-a65f-2c3e8d9510a5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:5eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers
x-requested-with
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://torontosun.com
allow
GET, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
83b8db8789f93a54-FRA
date
Tue, 26 Dec 2023 11:06:59 GMT
server
cloudflare
vary
Origin
appInfo
config.lrcontent.com/ciam/
5 KB
2 KB
XHR
General
Full URL
https://config.lrcontent.com/ciam/appInfo?apikey=1a9a7ccf-c3f1-4ec9-a65f-2c3e8d9510a5
Requested by
Host: auth.lrcontent.com
URL: https://auth.lrcontent.com/v2/LoginRadiusV2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:5eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca8e011c30e88f7508e3aa362170192447703c3054a19d3df50335a6d9576640

Request headers

Referer
https://torontosun.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:06:59 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json
access-control-allow-origin
https://torontosun.com
cache-control
max-age=86400
cf-ray
83b8db87fab93a54-FRA
activeview
pagead2.googlesyndication.com/pcs/ Frame 238F
42 B
174 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuMcIUfokIDrliJzKXc6BabX3CnbvBHt9Rb6d226476mskCwWsFz40nG3v2XfF7RINmX9JCauK4R4UbiYZYwl51mMaxT-GfmIpPB_7CytQLXTx3rhgVJOh9Slk5p0vMrK9Y-kYNWC6Ob1cg8VQESzaggw&sig=Cg0ArKJSzK6Yr-C3RnGaEAE&id=lidar2&mcvt=1002&p=157,436,247,1164&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20231213&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=913967088&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703588817585&rpt=415&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 11:06:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rep.gif
comcluster.cxense.com/Repo/ Frame 6939
43 B
469 B
Image
General
Full URL
https://comcluster.cxense.com/Repo/rep.gif?ver=2.8.44&typ=pgv&rnd=lqm8solq2k2wpw6l&sid=1138596495834131576&loc=https%3A%2F%2Ftorontosun.com%2F&new=1&arf=0&ltm=1703588818669&ref=&tzo=-60&wsz=1600x1200&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=lqm8spbe6aqonsj7&ckp=lqm8solq6ld5w2yf&glb=&cp_userState=anon&cst=3jx3c6v50uedjyzzf0dkjrskr
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.235.124.60 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nue0038.cxense.com
Software
Jetty(9.4.28.v20200408) /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.cxense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date
Tue, 26 Dec 2023 11:06:59 GMT
server
Jetty(9.4.28.v20200408)
content-length
43
content-type
image/gif
id
id.cxense.com/public/user/
103 B
674 B
Script
General
Full URL
https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22lqm8solq6ld5w2yf%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%223jx3c6v50uedjyzzf0dkjrskr%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%223jx3c6v50uedjyzzf0dkjrskr%22%7D%5D%2C%22siteId%22%3A%221138596495834131576%22%2C%22location%22%3A%22https%3A%2F%2Ftorontosun.com%2F%22%7D&callback=cXJsonpCB1
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.235.124.60 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nue0038.cxense.com
Software
Jetty(9.4.28.v20200408) /
Resource Hash
7d669e46527496766417d8c2ac8cafb77587f73a0ead4cce92dc22a028354f85
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 11:06:59 GMT
x-content-type-options
nosniff
server
Jetty(9.4.28.v20200408)
content-type
text/javascript;charset=utf-8
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-store, no-cache, must-revalidate
content-length
103
expires
Mon, 26 Jul 1997 05:00:00 GMT
dt
dt.adsafeprotected.com/
43 B
216 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=5993e43a-1a6a-5d94-3e6e-99a0ea5bb720&tv=%7Bc:xU5I05,time:396,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:396,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:289,wc:0.0.1600.1200,ac:436.157.728.90,am:i,cc:436.157.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B152~100%5D,as:%5B152~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tZxH4mB+11%7C12%7C13%7C141%7C15%7C16%7C171%7C172%7C18%7C19%7C1a%7C1b%7C1c*.928934%7C1c1%7C1d1%7C1e%7C1f%7C1g%7C1h%7C1i,idMap:1c*,rmeas:1,rend:1,renddet:IMG.qs,siq:291,sis:380%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6bfd:fba3:cd1a:18cf Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 11:06:59 GMT
server
nginx
x-server-name
dt13.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
multimedia.php
events.newsroom.bi/
12 B
0
Fetch
General
Full URL
https://events.newsroom.bi/multimedia.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/e0a4db8779dc244a772e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.19.56.86 , France, ASN16276 (OVH, FR),
Reverse DNS
haproxy01.cl13.ovh.mrf.io
Software
istio-envoy /
Resource Hash

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 26 Dec 2023 11:06:59 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://torontosun.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
12
login
postmedia.hub.loginradius.com/ssologin/ Frame
0
0
Preflight
General
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.185.12.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-12-185.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
x-requested-with
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS POST, GET, PUT, OPTIONS, DELETE
Access-Control-Allow-Origin
https://torontosun.com
Connection
keep-alive
Date
Tue, 26 Dec 2023 11:06:59 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-LoginRadius-Server
Primary - IDX - AWS
X-Server
ms_idx_primary
login
postmedia.hub.loginradius.com/ssologin/
38 B
543 B
XHR
General
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Requested by
Host: auth.lrcontent.com
URL: https://auth.lrcontent.com/v2/LoginRadiusV2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.185.12.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-12-185.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://torontosun.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Tue, 26 Dec 2023 11:06:59 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Server
nginx
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS, POST, GET, PUT, OPTIONS, DELETE
Content-Type
application/json
Access-Control-Allow-Origin
https://torontosun.com
X-LoginRadius-Server
Primary - IDX - AWS
Access-Control-Allow-Credentials
true
X-Server
ms_idx_primary
Connection
keep-alive
Content-Length
38
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=5993e43a-1a6a-5d94-3e6e-99a0ea5bb720&tv=%7Bc:xU5I4d,pingTime:-10,time:652,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjEwOSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1703588819309%7C%7Ce404e079b004ab4945df8ff397e1f418%7C%7Cf5ef61ca1e560a2377dfd6c236fd3eb9%7C%7Ccba6b9af64c842da8ea136e772710ef1%7C%7Cc4ae1ef8659430438bb2b33bb26d5e9b%7C%7Cbbb3bf2041edb2361e60999a61d91170%7C%7C1e39f771a2ed7061d1f796389e824eb4%7C%7C6683da8b7dbced516b6b6619b2a24a80%7C%7C1663701684%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6bfd:fba3:cd1a:18cf Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 11:06:59 GMT
server
nginx
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
events
api.permutive.com/v2.0/batch/
101 B
128 B
XHR
General
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
245e3cc05fd1aa32ad40acd52eb045dbcb07fa005240e4a849a5610050a5d519

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 26 Dec 2023 11:06:59 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=5993e43a-1a6a-5d94-3e6e-99a0ea5bb720&tv=%7Bc:xU5If9,pingTime:1,time:1330,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:290%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1330,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:289,wc:0.0.1600.1200,ac:436.157.728.90,am:i,cc:436.157.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1086~100%5D,as:%5B1086~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:280,fm:tZxH4mB+11%7C12%7C13%7C141%7C15%7C16%7C171%7C172%7C18%7C19%7C1a%7C1b%7C1c*.928934%7C1c1%7C1d1%7C1e%7C1f%7C1g%7C1h%7C1i,idMap:1c*,rmeas:1,rend:1,renddet:IMG.qs,siq:291,sis:380%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6bfd:fba3:cd1a:18cf Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 11:07:00 GMT
server
nginx
x-server-name
dt16.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=5993e43a-1a6a-5d94-3e6e-99a0ea5bb720&tv=%7Bc:xU5If9,pingTime:1,time:1330,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:290%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1330,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:289,wc:0.0.1600.1200,ac:436.157.728.90,am:i,cc:436.157.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1086~100%5D,as:%5B1086~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:280,fm:tZxH4mB+11%7C12%7C13%7C141%7C15%7C16%7C171%7C172%7C18%7C19%7C1a%7C1b%7C1c*.928934%7C1c1%7C1d1%7C1e%7C1f%7C1g%7C1h%7C1i,idMap:1c*,rmeas:1,rend:1,renddet:IMG.qs,siq:291,sis:380,metricId:publ1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6bfd:fba3:cd1a:18cf Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 11:07:00 GMT
server
nginx
x-server-name
dt06.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=5993e43a-1a6a-5d94-3e6e-99a0ea5bb720&tv=%7Bc:xU5If9,pingTime:1,time:1330,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:290%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1330,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:289,wc:0.0.1600.1200,ac:436.157.728.90,am:i,cc:436.157.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1086~100%5D,as:%5B1086~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:280,fm:tZxH4mB+11%7C12%7C13%7C141%7C15%7C16%7C171%7C172%7C18%7C19%7C1a%7C1b%7C1c*.928934%7C1c1%7C1d1%7C1e%7C1f%7C1g%7C1h%7C1i,idMap:1c*,rmeas:1,rend:1,renddet:IMG.qs,siq:291,sis:380,metricId:grpm1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6bfd:fba3:cd1a:18cf Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 11:07:00 GMT
server
nginx
x-server-name
dt07.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sdk-runtime-config.js
buy.tinypass.com/api/v3/anon/assets/
266 B
510 B
XHR
General
Full URL
https://buy.tinypass.com/api/v3/anon/assets/sdk-runtime-config.js?aid=KlFb8Hg2nS
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js?version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:dff8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c44a49d32db2de65864bf1a48f32eab639a53725184e637025ffb3694b5c72ed
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:07:01 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
12313
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
x-request-id
Mo1k96s2nda
wn
prod-dash-10-0-95-32
last-modified
Tue, 26 Dec 2023 07:41:48 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
server-time
0.009
cache-control
public, max-age=14400
cf-ray
83b8db959f3d1d94-FRA
expires
Tue, 26 Dec 2023 15:07:01 GMT
p
sb.scorecardresearch.com/
43 B
299 B
Image
General
Full URL
https://sb.scorecardresearch.com/p?c1=19&c2=10276888&ns_ap_an=unknown&ns_ap_pn=js&ns_ap_pv=5&c12=_&name=foreground&ns_ap_ec=1&ns_ap_ev=start&ns_ap_device=Win32&ns_ap_id=1703588821289&ns_ap_csf=1&ns_ap_bi=unknown&ns_ap_pfm=webbrowser&ns_ap_pfv=Chrome%20120.0.6099.109&ns_ap_ver=unknown&ns_ap_sv=7.7.0%2B211006&ns_ap_bv=7.7.0%2B211006&ns_ap_smv=6.4&ns_type=view&ns_ap_gs=1703588816288&ns_ts=1703588816287&ns_ap_cfg=1110101-110-3C-7D0-A-1F-1E-1E-12C-A&ns_ap_env=0-0-2&ns_ap_ut=60000&ns_ap_ar=unknown&ns_ap_cs=1&ns_ap_fg=1&ns_ap_dft=0&ns_ap_dbt=0&ns_ap_dit=0&ns_ap_as=1&ns_ap_das=0&ns_ap_usage=0&ns_radio=unknown&ns_ap_install=1703588816288&ns_ap_ft=0&ns_ap_bt=0&ns_ap_it=0&ns_ap_res=1600x1200&ns_ap_sd=1600x1200&ns_ap_po=0x0&ns_ap_lang=en-US&ns_ap_jb=unknown&ns_c=UTF-8&c7=https%3A%2F%2Ftorontosun.com%2F&c8=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&c9=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-53.fra60.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:07:01 GMT
via
1.1 14b30c40b56ef4c9699e1ca92d5cdc08.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P5
x-cache
Miss from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
KtOGqPkPTyGvuPJ3PmvtLwAmpkGpcH1m2Tk0n0AlWX3Z3BT44h4egQ==
envelope
lexicon.33across.com/v1/
49 B
101 B
Fetch
General
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a0000344KfnAAE&gdpr=0&src=pbjs&ver=8.23.0&coppa=0
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 26 Dec 2023 11:07:01 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://torontosun.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
checksync.php
contextual.media.net/ Frame DA6D
23 KB
8 KB
Document
General
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUKB9454&prvid=2012%2C2034%2C2033%2C2055%2C172%2C2030%2C3020%2C251%2C233%2C2027%2C236%2C237%2C459%2C70%2C97%2C55%2C77%2C2023%2C2022%2C3012%2C262%2C461%2C244%2C201%2C2039%2C246%2C4%2C203%2C326%2C10000%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b6b5bd580386cb6b0a3413712315dd4d0c992a3ef2e78cf2727c53146c745c2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8363
content-type
text/html; charset=UTF-8
date
Tue, 26 Dec 2023 11:07:01 GMT
expires
Thu, 28 Dec 2023 11:07:01 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
usync.html
eus.rubiconproject.com/ Frame 943E
281 B
555 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.211.9.109 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-211-9-109.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 26 Dec 2023 11:07:01 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 2DD3
3 KB
1 KB
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
371
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
83b8db975ce74522-TXL
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 26 Dec 2023 11:07:01 GMT
expires
Tue, 26 Dec 2023 15:07:01 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 26A3
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=42053
content-encoding
gzip
content-length
5622
content-type
text/html
date
Tue, 26 Dec 2023 11:07:01 GMT
expires
Tue, 26 Dec 2023 22:47:54 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
pd
postmedia-d.openx.net/w/1.0/ Frame C38F
199 B
298 B
Document
General
Full URL
https://postmedia-d.openx.net/w/1.0/pd
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
151
content-type
text/html
date
Tue, 26 Dec 2023 11:07:01 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
async_usersync.html
acdn.adnxs.com/dmp/ Frame 9AD7
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
20115
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 26 Dec 2023 11:07:01 GMT
ETag
W/"623de86a-cf34"
Expires
Sun, 24 Dec 2023 05:31:43 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
362, 112684
X-Served-By
cache-lga13626-LGA, cache-fra-etou8220043-FRA
X-Timer
S1703588822.758114,VS0,VE0
usync.js
eus.rubiconproject.com/ Frame 943E
45 KB
13 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.211.9.109 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-211-9-109.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b1621e07b5dfd008521714aeb973aeedcf047028a0bfddf14bc65f965f82bccd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Tue, 26 Dec 2023 11:07:01 GMT
Content-Encoding
gzip
Last-Modified
Tue, 26 Dec 2023 08:17:55 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=76161
Connection
keep-alive
Content-Length
13200
Expires
Wed, 27 Dec 2023 08:16:22 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 940B
2 KB
1 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e3fba7a93258801b0c97146c66bcf79b35f989cbd9afe74793477b58f52225f

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
83b8db97faf44528-TXL
content-encoding
br
content-type
text/html
date
Tue, 26 Dec 2023 11:07:01 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1YA4CcRH%2BjL%2FbU8E%2Faf63wl%2BUZLXbjutkEdv5r2LOAZC351xeJylEyzhMmJuYXcjYkQPP05I4HkVAmOEDpw4hxp7nwXrPqxK%2BOrbsFXzjh5GE9m6T91JziXaDn5aXXtNgEDObh0JXxE8bQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 26A3
0
39 B
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=45030328&p=160305&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:07:00 GMT
content-length
0
event
prebid-a.rubiconproject.com/ Frame
0
0
Preflight
General
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.155.127 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-155-127.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Tue, 26 Dec 2023 11:07:01 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/
0
125 B
Fetch
General
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.155.127 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-155-127.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
*
date
Tue, 26 Dec 2023 11:07:02 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
async_usersync
ib.adnxs.com/ Frame 9AD7
0
594 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 11:07:01 GMT
an-x-request-uuid
b9eaf28b-eed5-4f62-9561-c36550e2f668
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.7.109; 80.255.7.109; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
khaos.json
token.rubiconproject.com/ Frame 943E
7 B
380 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
generic
match.adsrvr.org/track/cmf/ Frame 940B
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZYqz0m6zenr-WnMW4Yv4egAA%262192&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=8578811126011980186
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
70 B
148 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:07:02 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Date
Tue, 26 Dec 2023 11:07:02 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
3
casale
match.adsrvr.org/track/cmf/ Frame 940B
70 B
148 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:07:01 GMT
server
Kestrel
content-length
70
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame 940B
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4195899266418327305
43 B
734 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4195899266418327305
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 11:07:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tMaJCV4usk95MEQ8GRom7CQSX5tWYgoUtwKqH8UClmr6bEp7%2BCFUW9cyQCBsMKdeXJ%2BJ9wSxgq60uZig22C253iQWiSJ%2BPO4mrJc3xtUWY8hlbcc%2B2xHHSkEjN9ARfKAAhRNYHGF4oIMKA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83b8db98dcd04528-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 26 Dec 2023 11:07:01 GMT
an-x-request-uuid
eea33df1-bf9f-4bba-b9f4-2f334b2bc496
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4195899266418327305
x-proxy-origin
80.255.7.109; 80.255.7.109; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ups.analytics.yahoo.com/ups/55940/ Frame 940B
0
38 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZYqz0m6zenr_WnMW4Yv4egAACJAAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:07:01 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame 940B
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZYqz0m6zenr_WnMW4Yv4egAACJAAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=7c6b27f7746ffae34131ec9af5af2f73&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7b...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=uml1539_7317997515030696558&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://ads.stickyadstv.com/user-registering?userId=AAE6707LFWgAABSCbY5OJg&dataProviderId=817&gdpr=0
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0
70 B
148 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:07:02 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Tue, 26 Dec 2023 11:07:02 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1703588822693003-431
crum
dsum-sec.casalemedia.com/ Frame 940B
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5141210828919920119
43 B
732 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5141210828919920119
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 11:07:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GZ2QiNv0omh2Xm7CWqudzMcSpG5vrWRAuR%2Bpv1cFCYBBD%2B%2B6Ezpc2Nsa5wRiubIYEaX1lkO7VREIbuLjw8CnsfwS4W8bUd9HqecKoZM6Pq8CxOZm9idZdOn5gISifRirwbEAPLrgFQgguQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83b8db98dce34528-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5141210828919920119
Date
Tue, 26 Dec 2023 11:07:01 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rum
dsum-sec.casalemedia.com/ Frame 940B
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7427677541886537623
43 B
733 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7427677541886537623
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 11:07:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Flq0uqHLoQN3rFPOGoaG8qMwqfDxF2z48D4zfAgXpHk%2FXcT4EAdigPtA1PPLXuYkd5Yol6pY8lXSjhFSPNfGujboSluHo6L5x6VgzGi2nxQ0be0cuPOgLIwMxDH%2BokSkTCgZO866i6H2%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83b8db9e79ab4528-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7427677541886537623
pragma
no-cache
date
Tue, 26 Dec 2023 11:07:02 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 940B
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=FB17BF74C3C646839D3139755CDF1FFC
43 B
736 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=FB17BF74C3C646839D3139755CDF1FFC
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 11:07:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=skG1A9zTYvGxRj0KfDdU%2BAI5c%2FQB7xpBoeyARFzhocr1850e6V8BJgDHif5CU2RmitBTnBpFAD7LIi6x%2BOuBepFh9swbNhCMj%2BIAUf7Le%2BACp8elp9ZD9%2Fj3w3a3jgHfm3YtJECAICRQAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83b8db997e564528-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Tue, 26 Dec 2023 11:07:01 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=FB17BF74C3C646839D3139755CDF1FFC
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 25 Dec 2023 11:07:01 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 940B
43 B
132 B
Image
General
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZYqz0m6zenr-WnMW4Yv4egAA%262192
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 11:07:01 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
12242
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
83b8db989f704522-TXL
content-length
43
expires
Wed, 27 Dec 2023 11:07:01 GMT
OpportunityServlet
am-vid-events.taboola.com/
1 B
119 B
Ping
General
Full URL
https://am-vid-events.taboola.com/OpportunityServlet
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_7_1/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://torontosun.com
date
Tue, 26 Dec 2023 11:07:01 GMT
access-control-allow-credentials
true
server
nginx
content-length
1
cmAdService.js
vidstat.taboola.com/vpaid/units/33_7_1/infra/
46 KB
12 KB
Script
General
Full URL
https://vidstat.taboola.com/vpaid/units/33_7_1/infra/cmAdService.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_7_1/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7a4da18e8baeea4d9b2f6efa2cf38b32db7d139feb7a5b6d1a2045278f44d425

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-meta-mtime
1703498549
date
Tue, 26 Dec 2023 11:07:02 GMT
via
1.1 a51af242bb87a51c6b17ed13ee788db8.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P5
age
90194
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
x-amz-meta-ctime
1703498550
x-amz-meta-mode
33188
content-length
11556
x-served-by
cache-fra-etou8220039-FRA
last-modified
Mon, 25 Dec 2023 10:02:31 GMT
server
AmazonS3
x-timer
S1703588822.364677,VS0,VE0
etag
"395c2d3a29b53f05f31fcb3046a9dd43"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
LefJcU9SWi2MMGU7IUAUXX7AltGt4gDnb0much_IY5j14kayXWLHqQ==
x-cache-hits
20714
player-event
events.qortex.ai/api/v1/
0
260 B
XHR
General
Full URL
https://events.qortex.ai/api/v1/player-event
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/cxo/p-cb52e3b0.system.entry.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 26 Dec 2023 11:07:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V8MLzo1xrcHT5LCFax0CblKYhY1BCqCkxDo7XgaW%2F6lDvV19dCOjoqH8Ax5p9h20p3ipIHh34e73n4HFICz97Ub7p%2Buua%2FMfXosBBytJdGBCJTbfD2K4kI57c7kUeGstyYFb7s6encAF2qV%2BqtM%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
83b8db9edbed2bba-FRA
content-length
0
player-event
events.qortex.ai/api/v1/ Frame
0
0
Preflight
General
Full URL
https://events.qortex.ai/api/v1/player-event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
83b8db9dfaed2bba-FRA
date
Tue, 26 Dec 2023 11:07:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2A6beYLw9sgPQqeNGlXUt4xqmiGqNtz00GKmguu5MEWN49eHHp1WL4L1I12XOS3IN%2BSmn3WRPRLryxfa9HoynPGuL4b19%2B36ih94mvd%2F68Pj6EOM%2BRJ92Jutoj43%2F%2BPMqYCeuzJt%2Fu%2BQWZbfXpk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
async_usersync
ib.adnxs.com/ Frame 9AD7
0
594 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 11:07:02 GMT
an-x-request-uuid
92457968-ec8b-4400-8907-be900d3bf054
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.7.109; 80.255.7.109; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
collect
region1.analytics.google.com/g/
0
17 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-H792QCFZPV&gtm=45je3bt0v880952819z8854753396&_p=1703588817244&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1530872099.1703588817&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=2&dl=https%3A%2F%2Ftorontosun.com%2F&sid=1703588818&sct=1&seg=1&dt=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&en=page_view&ep.debug_mode=false&ep.gtm_version=55&ep.gtm_container_id=GTM-P3Q4QHW&ep.ad_blocker_enabled=false&ep.user_status=anonymous&ep.page_type=index&ep.platform=Cheetah&ep.platform_version=15.1.1&ep.fem_version=v93.0&ep.brand=Toronto%20Sun&ep.timestamp=2023-12-26T12%3A06%3A58.498%2B01%3A00&ep.ga_client_id=1530872099.1703588817&ep.main_category=index&ep.metered_content=false&_et=117&up.client_id=1530872099.1703588817&tfd=8981
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H792QCFZPV&l=gtm_data_layer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 11:07:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://torontosun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=5993e43a-1a6a-5d94-3e6e-99a0ea5bb720&tv=%7Bc:xU5JhF,pingTime:5,time:5330,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:290%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5330,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:289,wc:0.0.1600.1200,ac:436.157.728.90,am:i,cc:436.157.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5086~100%5D,as:%5B5086~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:201,fm:tZxH4mB+11%7C12%7C13%7C141%7C15%7C16%7C171%7C172%7C18%7C19%7C1a%7C1b%7C1c*.928934%7C1c1%7C1d1%7C1e%7C1f%7C1g%7C1h%7C1i,idMap:1c*,rmeas:1,rend:1,renddet:IMG.qs,siq:291,sis:380%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6bfd:fba3:cd1a:18cf Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 11:07:04 GMT
server
nginx
x-server-name
dt02.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
multimedia.php
events.newsroom.bi/
12 B
0
Fetch
General
Full URL
https://events.newsroom.bi/multimedia.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/e0a4db8779dc244a772e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.19.56.86 , France, ASN16276 (OVH, FR),
Reverse DNS
haproxy01.cl13.ovh.mrf.io
Software
istio-envoy /
Resource Hash

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 26 Dec 2023 11:07:04 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://torontosun.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
12

Verdicts & Comments Add Verdict or Comment

219 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| documentPictureInPicture function| setNptTechAdblockerCookie object| script object| modern_script_elem object| legacy_script_elem object| ytAdTargetingLoadEvent function| script_onload string| locSrc object| ytVideoAdTargetingConfig object| jwpServices object| jwplacements object| _comscore object| _taboola object| webpackJsonpFrontEndModules object| tp object| __iasPET object| FrontEndModules object| googletag object| permutive object| apstag object| pbjs object| diagPixSentCodes object| __iasAdRefreshConfig object| ggeac object| google_tag_data object| google_js_reporting_queue object| _aps boolean| apstagLOADED object| apscustom object| pbjsChunk object| _pbjsGlobals object| mnet object| BlockAdBlock object| blockAdBlock function| _typeof object| TRC object| _tblConsole undefined| msg object| LRNameSpace object| LoginRadiusDefaults function| LoginRadiusUtility function| LoginRadiusApiFramework function| setLoginRadiusDefaultSchema function| setLoginRadiusModuleFunctions function| LoginRadiusHooksModel function| SetLoginRadiusCommonFunctions function| LoginRadiusControllers function| LoginRadiusV2 function| FormValidator object| hash function| handleLiveTapResponse undefined| google_measure_js_timing object| webpackChunkdjango_content_services object| htmx object| COMSCORE object| ns_p object| ms function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id function| __spreadArray function| CXBootstrapLoader function| identifyRootURL function| generateDebugLog object| __permutive object| PublisherCommonId object| Criteo object| Sailthru function| CXBootstrapper string| iasScores object| _33across object| jwDefaults object| webpackChunkjwplayer function| jwplayer string| nam object| placementData object| ns_ object| cmTag object| jwpb object| _cm_wfCounters function| WebVTT number| google_unique_id object| gaGlobal object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| goog object| closure_lm_756303 object| webpackChunkadUnits function| Zepto function| $ object| Backbone function| startCMTagMain string| category object| GoogleGcLKhOms object| closure_lm_337438 function| OvaMediaPlayer object| System object| cast object| vf object| vfQ boolean| femCePnIdReadyTriggered object| dataLayer object| mParticle object| gtm_data_layer function| __extends function| __awaiter function| __generator function| __sc_import_cx_overlay object| gsapVersions object| google_tag_manager object| _vfP boolean| vfLoaded function| setImmediate function| clearImmediate object| viafoura boolean| pnFullTPVersion number| pnInitPerformance boolean| pnHasPolyfilled object| pn string| __tpVersion object| SWG function| ___tp function| postscribe object| google_tag_manager_external object| mpOneTrustKit object| GoogleTagManagerKit function| OptanonWrapper object| dl_mparticle function| onYouTubeIframeAPIReady object| Ribn string| GoogleAnalyticsObject function| ga function| e function| t object| marfeel function| fbq function| _fbq object| PARSELY function| autotrack function| gtag boolean| cxsyncadded-202197 object| mpartical object| cX object| PianoESPConfig function| cxCCE_callQueueExecute object| cxTest object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_139 object| Criteo_prebid_139 object| gaplugins object| gaData function| _ga_originalSendHitTask object| __connect object| ari object| owpbjsChunk object| owpbjs object| PWT object| webpackChunk_marfeel_marfeel_sdk object| __mrfCompass object| google_image_requests object| __IntegralASExec undefined| cXJsonpCB1

88 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: ChcKBgiiARDpFgoGCNIBEOkWCgUIChDpFg
.torontosun.com/ Name: pbjs_sharedId
Value: 6c5a40ec-08c3-4123-896b-e1d591c2a4c5
.torontosun.com/ Name: pbjs_sharedId_cst
Value: zix7LPQsHA%3D%3D
.torontosun.com/ Name: permutive-id
Value: 97355c81-b226-486f-adc7-d3b7cd630cff
.23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/ Name: pxid
Value: a9aa81cc-72ba-47a2-944c-54486f0fbc1d
torontosun.com/ Name: __adblocker
Value: false
torontosun.com/ Name: sailthru_pageviews
Value: 1
torontosun.com/ Name: political-ad-opt-out
Value: {"data":false,"exp":604800000,"ts":1703588815971,"mac":-1497735788}
.adnxs.com/ Name: icu
Value: ChgI5PFMEAoYASABKAEwz-eqrAY4AUABSAEQz-eqrAYYAA..
.adnxs.com/ Name: uuid2
Value: 4195899266418327305
torontosun.com/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3De613968c-393a-40c7-a6df-effe7dbc92fa-tuctc84394f
.rubiconproject.com/ Name: khaos
Value: LQM8SN4Q-26-CK6Y
.rubiconproject.com/ Name: audit
Value: 1|SDziDG3X/EgtsUg9/zuNFANb0fGVcfL/XWaA1sYWTLHiXIXbtn90w+cacFEUuVRfDo2K011bXXdE/84BBg91bSYbB5SW5XQ3bEZ4ejAm8TEijy0RC4Zd8Ri5j99IjSR+
torontosun.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
torontosun.com/ Name: sailthru_content
Value: 2daf89bab868e9ce42ab0131ed955a5b
torontosun.com/ Name: sailthru_visitor
Value: 623e04e8-bb3a-4e16-8bf0-b596abc552f8
torontosun.com/ Name: x-id
Value: {"data":{"adLight":false,"adLightDisabled":true,"id":"ldyac9t0kdmjtonjm0qor9fm7wab7tku","updated":1703588817239,"printSubscriber":false},"exp":604800000,"ts":1703588817239,"mac":1233750805}
fem.gprod.postmedia.digital/ Name: x-id
Value: {"data":{"adLight":false,"adLightDisabled":true,"id":"ldyac9t0kdmjtonjm0qor9fm7wab7tku","updated":1703588817239,"printSubscriber":false},"exp":604800000,"ts":1703588817255,"mac":1233752603}
.torontosun.com/ Name: __gads
Value: ID=5f6d7c340dc4380a:T=1703588816:RT=1703588816:S=ALNI_Ma3YhwNyQ8R5n3mGn8pT2mLsrt-Yg
.torontosun.com/ Name: __gpi
Value: UID=00000d2b3b11ac2a:T=1703588816:RT=1703588816:S=ALNI_MaNQNT_4QDuhz4qDrDetV6SmX7DZQ
.doubleclick.net/ Name: IDE
Value: AHWqTUnoP2k2H1cLGG3BspLoFIir1_3tOoGaYjIc5CvvBhaFCCdGGlgwE3kyUSiItys
.torontosun.com/ Name: _pctx
Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAEzIEYOBmADgFYAnADYALIP69uonh34B2YSAC%2BQA
.torontosun.com/ Name: _pcid
Value: %7B%22browserId%22%3A%22lqm8solq6ld5w2yf%22%7D
.torontosun.com/ Name: _pcus
Value: eyJ1c2VyU2VnbWVudHMiOm51bGx9
torontosun.com/ Name: __pnahc
Value: 0
.ads.stickyadstv.com/ Name: UID
Value: 7c6b27f7746ffae34131ec9af5af2f73
.ads.stickyadstv.com/ Name: uid-bp-159
Value: 1
.piano.io/ Name: __cf_bm
Value: wJE6_lcpz_befjZy2wPhu2QSB1Ycg.2mZyXD0pcELrE-1703588818-1-AW2KfVw71ZOloE50vHG9t/Mqi038NoK2msE4s9MT2YrIQm2Du+1aNcEdZuWMvk0DJpndbYMk2aYK7JXloDBuf6U=
.ads.stickyadstv.com/ Name: uid-bp-30833
Value: 1
.torontosun.com/ Name: _ga_72QH41ZTMR
Value: GS1.1.1703588818.1.0.1703588818.60.0.0
.torontosun.com/ Name: __tbc
Value: %7Bkpex%7DbvVu8tGhn1pm2n4haOxxv2gOUPsLRFLpEPqgFvqpNnYyusT-iX7iRgMPWy9VtxX7
.torontosun.com/ Name: __pat
Value: -18000000
.torontosun.com/ Name: __pvi
Value: eyJpZCI6InYtbHFtOHNvbHloZm1uMmU0cCIsImRvbWFpbiI6Ii50b3JvbnRvc3VuLmNvbSIsInRpbWUiOjE3MDM1ODg4MTgyNTN9
.torontosun.com/ Name: xbc
Value: %7Bkpex%7D2XN_1Nw5m64vZlm0JrC7mk4nc1ZAh6s-dDmMZQoYFpxAI_2iq27aSTRd4JFwLzzRCmznyVGBaEctAQ2mBLVQQrdeXIBxnDEI065goE6pG6U
.criteo.com/ Name: uid
Value: 0bc9267f-20d7-4954-a23f-90ae3261ea8f
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.torontosun.com/ Name: _ga_H792QCFZPV
Value: GS1.1.1703588818.1.1.1703588818.60.0.0
.viafoura.co/ Name: VfSess
Value: ebs02kqsjmqo0dgft7dcdb434d
.viafoura.co/ Name: vfThirdpartyCookiesEnabled
Value: true
.torontosun.com/ Name: _ga
Value: GA1.2.1530872099.1703588817
.torontosun.com/ Name: _gid
Value: GA1.2.429414004.1703588819
.torontosun.com/ Name: _gat_UA-213173459-5
Value: 1
.torontosun.com/ Name: _gat_UA-114648105-14
Value: 1
.torontosun.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://torontosun.com/%22%2C%22sref%22:%22%22%2C%22sts%22:1703588818627%2C%22slts%22:0}
.torontosun.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=d1a35e65-8e33-4a62-b97c-410b1ff7500c%22%2C%22session_count%22:1%2C%22last_session_ts%22:1703588818627}
.torontosun.com/ Name: _gcl_au
Value: 1.1.900236672.1703588819
.casalemedia.com/ Name: CMID
Value: ZYqz0m6zenr-WnMW4Yv4egAA
.casalemedia.com/ Name: CMPS
Value: 2192
.casalemedia.com/ Name: CMPRO
Value: 2192
.torontosun.com/ Name: ___nrbic
Value: %7B%22previousVisit%22%3A1703588818%2C%22currentVisitStarted%22%3A1703588818%2C%22sessionId%22%3A%22a11abb55-b7f7-4112-b51d-379097f6ad1c%22%2C%22sessionVars%22%3A%5B%5D%2C%22visitedInThisSession%22%3Atrue%2C%22pagesViewed%22%3A1%2C%22landingPage%22%3A%22https%3A//torontosun.com/%22%2C%22referrer%22%3A%22%22%7D
.torontosun.com/ Name: ___nrbi
Value: %7B%22firstVisit%22%3A1703588818%2C%22userId%22%3A%225f714bd9-d123-4605-bb6e-c5c8cb3a5a7f%22%2C%22userVars%22%3A%5B%5D%2C%22futurePreviousVisit%22%3A1703588818%2C%22timesVisited%22%3A1%7D
.torontosun.com/ Name: compass_uid
Value: 5f714bd9-d123-4605-bb6e-c5c8cb3a5a7f
.torontosun.com/ Name: cX_P
Value: lqm8solq6ld5w2yf
.torontosun.com/ Name: _fbp
Value: fb.1.1703588818756.1287359000
.torontosun.com/ Name: cto_bundle
Value: 2nA5pV9nOWE1ZWs0TVQxTUlreVFKJTJGZ2x2YjRkbUFtc09YJTJCRUpHYmxZUEhSS2RVJTJCR2NBTHUwdEYzZ2VUczJndmZFQksyMzZqZllFeTBTUko0Z2RCNSUyQlJPZ2FDSVVENWRKSlVoQzZDJTJCSzNVUWJ5aFNGTWs0UzYxSlQzNTZXblJSR21XUkJjUSUyRnJ3ZFZpTGRpcml2aGhuNTFIV2clM0QlM0Q
torontosun.com/ Name: _vfz
Value: torontosun%2Ecom.00000000-0000-4000-8000-d11b93482c8b.1703588819.1.medium=direct|source=|sharer_uuid=|terms=
.torontosun.com/ Name: _vfa
Value: torontosun%2Ecom.00000000-0000-4000-8000-d11b93482c8b.702f74bf-e373-41ba-843b-33d54464b387.1703588819.1703588819.1703588819.1
.torontosun.com/ Name: _vfb
Value: torontosun%2Ecom.00000000-0000-4000-8000-d11b93482c8b.2..1703588819....
.yahoo.com/ Name: A3
Value: d=AQABBNKzimUCEDjBF2Px0vmuVj7GUjqUyfsFEgEBAQEFjGWUZQAAAAAA_eMAAA&S=AQAAAob7E-64JfIS6kwim5Bi-Gk
.torontosun.com/ Name: _ga_QZZLREHFVM
Value: GS1.2.1703588818.1.0.1703588818.0.0.0
events.newsroom.bi/ Name: 1528_u
Value: 5f714bd9-d123-4605-bb6e-c5c8cb3a5a7f
events.newsroom.bi/ Name: 1528_s
Value: a11abb55-b7f7-4112-b51d-379097f6ad1c
events.newsroom.bi/ Name: 1528_lv
Value: null
events.newsroom.bi/ Name: 1528_ut
Value: 0
.quantserve.com/ Name: d
Value: EDEBDQHgKrjvsQA
.quantserve.com/ Name: mc
Value: 658ab3d2-e022d-6b7fb-21290
.torontosun.com/ Name: mprtcl-v4_4662F03F
Value: {'gs':{'ie':1|'dt':'us1-99b65fde89a1a145894d2d51d283cc83'|'av':'1.0.0'|'cgid':'3479a757-140e-45f8-70aa-ea0e5d2c8365'|'das':'5c933f9a-3754-4380-2430-a4dd0e8f1a15'|'csm':'WyI0MDU1Nzk0NzUxMjc3NjI5Mzc4Il0='|'sid':'3A14A737-6590-412F-AD80-69C107E18B18'|'les':1703588818977|'ssd':1703588817857}|'l':1|'4055794751277629378':{'fst':1703588818418|'ui':'eyIwIjoibGR5YWM5dDBrZG1qdG9uam0wcW9yOWZtN3dhYjd0a3UifQ=='}|'cu':'4055794751277629378'}
.cxense.com/ Name: gckp
Value: bxq1ele4r88lcg6m5j9a0eeq
.torontosun.com/ Name: cX_G
Value: cx%3A2ccb4wdpj97dc1b48x7osw73q0%3A1kya1vokwx56o
.viafoura.co/ Name: vfDeviceId
Value: 3022f07b-b121-454f-80c7-738d92076456
.mediago.io/ Name: __mguid_
Value: f5ef61ca1b1110322vw9lx00lqm8spn5
.liadm.com/ Name: lidid
Value: 8f1b489b-12ca-4be8-b9e3-4bba424f9e06
.rezync.com/ Name: zync-uuid
Value: a5dab82f-85dd-4b75-b22a-c9c63ab14b98:1703588819.554331
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_wXBwRGAMAgEwI_t4EjgksNuIEwKsXJ3v2smOovjCNEtXgtSY6Ts2NOy1Cv46noMJDVuwM30B8SReMc5AAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTQyNLAwsrA0tLQ0MjA0tBTiM9SN98tONwjyS3bOCQsBAKJC-jUlAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTQyNLAwsrA0tLQ0MjA0tBTiM9SN98tONwjyS3bOCQsBAKJC-jUlAAAA
live.rezync.com/ Name: sd-session-id
Value: .eJwNykkOwjAMAMC_-Nyg2Impnc9U2ZAiaEBNuVD17_Q40hywfOq2xl77DmHfvnWC_GqXBoQDRvut9QkBGD0SWiFRVCWLqHBOMOoY7d2XVq4TucQk9DDCpRifZjaJKJqs-e5iQp9UAs7WsYig3pi9cwjnH6QgJfE.ZYqz0w.pVYRjHFRY-fQTQKXBTZNvRdGBxM
.ads.pubmatic.com/ Name: KCCH
Value: YES
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1XLsQ2AMAwFUTFAKuYwwnac_LCNnYiBKCkZk4oKIcp70t1T4rqqARBGkWMubsMDshNsDMpRjULEqbde1INzNGzvxG0xy6p8zukzaL3-jQegBOC2aQAAAA
.ads.stickyadstv.com/ Name: uid-bp-34673
Value: ZYqz0m6zenr_WnMW4Yv4egAACJAAAAAB
.simpli.fi/ Name: suid
Value: FB17BF74C3C646839D3139755CDF1FFC
.fwmrm.net/ Name: _uid
Value: uml1539_7317997515030696558
.ads.stickyadstv.com/ Name: uid-bp-36033
Value: uml1539_7317997515030696558
.ads.stickyadstv.com/ Name: MRM_UID
Value: uml1539_7317997515030696558
.bidr.io/ Name: bito
Value: AAE6707LFWgAABSCbY5OJg
.bidr.io/ Name: bitoIsSecure
Value: ok
.ads.stickyadstv.com/ Name: uid-bp-26913
Value: AAE6707LFWgAABSCbY5OJg
.turn.com/ Name: uid
Value: 7427677541886537623

4 Console Messages

Source Level URL
Text
rendering warning URL: https://cdn.jwplayer.com/libraries/dchHpZtp.js(Line 9)
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 503)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://idsync.rlcdn.com/501709.gif?partner_uid=a5dab82f-85dd-4b75-b22a-c9c63ab14b98%3A1703588819.554331&_=1703588819.557544
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1f2e7.v.fwmrm.net
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co
649c6ddf19c652098f9be9c57d14c43c.safeframe.googlesyndication.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
ads.pubmatic.com
ads.rubiconproject.com
ads.stickyadstv.com
ak.sail-horizon.com
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
ap.lijit.com
api.fouanalytics.com
api.permutive.com
api.sail-personalize.com
api.viafoura.co
assets-jpcust.jwpsrv.com
assets.ribn.com
auth.lrcontent.com
bidder.criteo.com
btlr.sharethrough.com
buy.tinypass.com
c.amazon-adsystem.com
c2.piano.io
c2shb.pubgw.yahoo.com
cdn-ima.33across.com
cdn.adsafeprotected.com
cdn.cxense.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.jwplayer.com
cdn.parsely.com
cdn.permutive.com
cdn.stickyadstv.com
cdn.taboola.com
cdn.tinypass.com
cdn.viafoura.net
cds.taboola.com
cm.g.doubleclick.net
cms.quantserve.com
comcluster.cxense.com
compassdata.mrf.io
config.aps.amazon-adsystem.com
config.lrcontent.com
connect.facebook.net
contextual.media.net
d.adroll.com
d.turn.com
dcs-static.gprod.postmedia.digital
demand.qortex.ai
dsum-sec.casalemedia.com
dt.adsafeprotected.com
edge-auth.microsoft.com
entitlements.jwplayer.com
eus.rubiconproject.com
events.newsroom.bi
events.qortex.ai
experience.tinypass.com
experiences.mrf.io
fastlane.rubiconproject.com
fem.gprod.postmedia.digital
fonts.googleapis.com
fonts.gstatic.com
get.s-onetag.com
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.liadm.com
i.viafoura.co
ib.adnxs.com
id.cxense.com
identity.mparticle.com
idsync.rlcdn.com
image6.pubmatic.com
images.taboola.com
imasdk.googleapis.com
imprammp.taboola.com
js-sec.indexww.com
jssdkcdns.mparticle.com
jssdks.mparticle.com
lexicon.33across.com
live.rezync.com
match.adsrvr.org
match.prod.bidr.io
media.sailthru.com
micro.rubiconproject.com
mug.criteo.com
onetag-geo.s-onetag.com
overlay-track.sailthru.cloud
p.rfihub.com
p1.parsely.com
p1cluster.cxense.com
pagead2.googlesyndication.com
pips.taboola.com
pixel.adsafeprotected.com
placement-prd.jwpltx.com
postmedia-d.openx.net
postmedia.hub.loginradius.com
pr-bh.ybp.yahoo.com
prd.jwpltx.com
prebid-a.rubiconproject.com
prebid-server.rubiconproject.com
prebid.media.net
region1.analytics.google.com
region1.google-analytics.com
rtb.openx.net
s.amazon-adsystem.com
s0.2mdn.net
sb.scorecardresearch.com
sdk.mrf.io
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
signal-beacon.s-onetag.com
smartcdn.gprod.postmedia.digital
ssl.p.jwpcdn.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
storage.googleapis.com
sync.adkernel.com
tags.catapultx.com
token.rubiconproject.com
torontosun.com
tpc.googlesyndication.com
trace.mediago.io
trc.taboola.com
um.simpli.fi
ups.analytics.yahoo.com
videos-cloudfront-usp.jwpsrv.com
vidstat.taboola.com
vidstatb.taboola.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.npttech.com
104.18.35.167
104.18.36.155
104.18.38.76
13.107.6.158
13.227.219.42
13.32.22.213
13.32.27.50
13.32.27.99
141.226.228.48
141.226.230.50
143.204.98.87
151.101.1.108
151.101.129.44
151.101.193.44
152.199.22.243
162.19.56.86
167.235.124.60
172.217.16.194
172.64.151.101
18.134.84.26
18.164.68.88
18.185.12.185
18.239.83.116
18.245.60.53
18.66.138.185
184.30.16.195
184.30.20.22
184.30.211.26
185.64.189.112
193.0.160.131
198.47.127.19
2001:4860:4802:32::36
23.201.255.110
23.211.9.109
2600:1f13:800:7780:6bfd:fba3:cd1a:18cf
2600:1f18:44f0:4848:c843:e803:e83b:7cec
2600:9000:20a0:c000:1b:6b7c:c940:93a1
2600:9000:20a0:e800:8:2ae1:d740:93a1
2600:9000:211e:5600:8:48e:53c0:93a1
2600:9000:238d:c000:1:a3fa:7cc0:93a1
2600:9000:2449:fa00:19:c363:bec0:93a1
2600:9000:244f:7e00:2:cecb:23c0:93a1
2600:9000:25e8:1200:15:2b26:f200:93a1
2602:803:c003:200::45
2606:4700:20::681a:3e
2606:4700:20::681a:fe4
2606:4700:3030::6815:4222
2606:4700:3033::6815:325a
2606:4700:3033::ac43:9fa2
2606:4700:4400::6812:29aa
2606:4700:4400::ac40:91b1
2606:4700::6810:5914
2606:4700::6811:7711
2606:4700::6811:c376
2606:4700::6812:4eb
2606:4700::6812:5eb
2606:4700::6812:dff8
2606:4700:e6::ac40:c926
2607:ae80:192:1::172
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:800::2002
2a00:1450:4001:802::2008
2a00:1450:4001:803::200e
2a00:1450:4001:806::200a
2a00:1450:4001:812::2003
2a00:1450:4001:813::2003
2a00:1450:4001:813::201b
2a00:1450:4001:827::2002
2a00:1450:4001:828::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2006
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2001
2a00:1450:4001:831::200a
2a00:1450:400c:c1d::9d
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a02:26f0:7100:983::268b
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42:200::645
2a04:4e42:400::626
2a04:4e42:400::645
2a04:4e42::626
2a04:4e42::645
2a05:d018:cc3:fe05:319d:70a4:7baa:2eae
2a05:d018:d29:3602:3813:6b17:e1ee:5ace
3.75.62.37
34.107.254.252
34.111.249.109
34.117.54.29
34.120.63.153
34.149.157.221
34.98.64.218
35.157.104.62
35.157.246.167
35.169.223.36
35.186.253.211
35.204.74.118
35.208.249.213
35.241.9.51
35.244.174.68
35.244.193.51
35.71.131.137
37.252.173.215
46.228.164.11
46.228.164.13
52.202.25.219
52.209.227.166
52.209.40.41
52.28.155.127
52.46.128.147
52.7.169.247
54.155.18.159
54.228.167.94
54.230.107.62
57.128.96.95
65.9.86.53
69.173.144.137
69.173.144.138
77.245.57.72
99.83.154.140
99.86.4.128
00bb93abdc97dd79a59eb0df6b74fd066cc0159fce694133ab54ae20629d90cb
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
052ec17aa98d25dcc86bbb8110da92c57f8ee6bcb8e803cd9f730c8b6c7eeff7
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06f893db5bf54cbc2b8ef8831af4761923e0fb0e7cd3eecc4c9625bda3a27d9b
07e6168cc4f12c66e03b1c278e8edba4e031a0ce6577aaee54e3cfbe73f2b3b9
0876b1b660da79fad9471d3e15816803e4c8f066cba866063bca01f316f7ec93
0a633cd18a8ef38d694ec323dfd22731854e161f2ebee27b2eb9870a7df78980
0b3524719b834ad9b4945cff49f307c5e55185f5f12c861657f0e1ec3547b32b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bc0805d442ae7ead864b82381c168035e8d70535e6f6acea31f4f1caf65ae58
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0f2c9c52886409123745e7e3ca3a33cb7bd73d7d12b7294ac5824988bcc52131
0f3a04d1c8ced4e48ce226c76644ee587301359faa5b026099b747b56c0f9c42
0f68d66dce6c72cd87197dd2a9f1c8193fea1437a9ee52583951ca4eb6b2c37d
0fb13755f48f76d5f735ecd01a2587fcbf83c35331457319c8487d2d08fdfb9a
0ff5c88a64e768534d17ef7b357eb0dd7c284469fc56e492d3bdb8d99dcc928e
102879bcdf1bb8d7079cbf09cd33581139013f7a0b109c64fd2a8f9511f3cbf7
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
1185218883cb5ec765c3292aaaccf15869b99c089b1c938266134666608a6ba1
121c622cb437f1c793da9e12ad1ff93906bb02bb8b33b8811c1422f52781c819
130d4bb86f0b0e400a6ef02e6fa9e9275c3d678948cb62484b6a6b8c4b24f821
132c2a6ecf622f3b8acdbdd6bf49625af7eac850691c30203ba442b1219765b5
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
15e93eaa812cbd05284cb4ab89715ab362c63622e51a34f25ef9294c90719ec1
1643f549380aeab61b23502d9f260f7350d9c2bd34dbc3cb0af73644332b6ef5
17882276150f09461415088bd161e0242ce0327673dc9233e11bf1f7cbe28762
179c493864283938999b1e6cfb14839f78f9b25d1ec30faabbf9ea18216b23e5
1846a539045bba1996b0e43e5ac44f5010e37e55a8cf433f8f4c34c7244fd6b5
185113239a6613ca82207e73bb41dcc84ce2274da2732f6ece828c207f2f060c
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1961b82434a0e2c06ee4ba1e50943065c834c3856626c529482b2be9d46fd28b
1a72ba4069310896e76e39d400cfd4e2f0cf4272401a3e34c1d2e09ef50b8507
1ab6b413de460ca2460abd2aaccc8fbf68e60514ebdd44f882ba17045267d5b3
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1b7f180151a58930c395149324b27201ddb9642c3d5053002cdf9fa7c1df813d
1ddd68e74225f588c69529a2e2928613c35958acb39f1a7a3bcf8e19691c9c9c
1e11545f37f9b79411db316051568e9232e4306b7b86a1fc28195596d21a8839
1eee204af99428fc405720d3e11ba5f557948476544545dd1c995b8df0d1a9ff
1f62ab462132d30e96e4b5138be4866b37ba0f6268ed5e9890815621f9f1d42a
1fb22ef43572c937a20d2f26ce44c5bb6a08c5a98aea2917b0347870bc81acca
20582a562e7f2dc93433aacd707d211c81695c576a4b6e54d95815fa6bf9a21b
2196688d207f9a82188db611ae912978d9c8216c2b4315784871bce6d42846d8
22782db40fb576cceb88769b3ff6d1684b4e0a084f470044fb7477ff04ce8565
24119db902da97bc3b8146f969460330f3a604ba437b3e09ed6ae448ff87694f
245e3cc05fd1aa32ad40acd52eb045dbcb07fa005240e4a849a5610050a5d519
2587c21e92433883573fb9a7d23f3219f7263fb61cc36e0cedc4dec4a3841b6b
26ab1a7d07674c24ba2bc48d029538bbe28b2d1189fe1a296af1d968c516a662
276b5244682738d09b1f2ea556faf7d6d967c844fa95c762c121a0957ebe4503
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63
2aae99495a2fa1709a29b136b8c6769e562deb182f3d5464a0caa1d360929364
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78
2b4cd100aba98763c8b3a495a4a89c2bccd7d4f2fc634383b483bfe8d16f99f9
2c475544d1646769da7cf08fb9667703ef8fa9d14fe4fbdf4a8740af6df178d9
2dd999812bf3b4acbd83297aa3db1a4273c71c2f8d13b4fe14580814aa9055b3
2e25ca1505913933a4ce669a73fafd2d8f7c6420c64a9fb62ebeb12dd7a00d04
2e3fba7a93258801b0c97146c66bcf79b35f989cbd9afe74793477b58f52225f
2f212a930478b8afde146a869af520e293536fdbd2f39e76d5b8ebb4b269f0a2
2f28c008f0ce667d697ccc95a07377e8562c0c28dd910f864724a265f75671e4
2fba8a4c6b1cabd80d5d8986c802c9d15fd1bedfd09117d46c71915b552ed7bf
3073b7274232527e308fe8dde7ffa3f3e24a4b6041c33d26e9f14ba7cee9abe4
3110eaa86beb20727aa97ee97ce3de0cf5d2da465ad31a28cf69cfbd797dd009
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
35bdfe912d9f57df15a416a891058c2e75632e1d42d0620a32b1f34a17f5aec9
396239aacf6f37b643c5515d649e134b0bc4e6cd244d4eea3d7fce3c5d5af40e
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
39ec75c6ac932686734c2364194a647078df28ff2a262c86316d2ca132cead0d
3bdd66f75a3e158453a1841639637ab7385e2a39ff16d356925d1c6b3e52f6b9
3c5b584817a547de78b1d37a6c7e65fc36cb2f74abb5e7fb01e1d91579c59f05
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3e72ffa59a0684c988173f4ea0d75435f8ff50995c92974aa316288efe96a539
3fde76cacc186420d0405496f66f9cd00a7c14a38a9ffa4b626a09affe83cc2a
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4068de3bd61fed0d55abb8a2071f58236f12778d0705754a1bf2f8a38e190cb7
409d607542cc5168aba0c687341ce22f2b9226973601c3985a834bc86e6c9208
41fa01c782917e3f2c7ec4c60602f471ee628280908b71da13d4b127626ac85b
42716b1e53a7779105575276cedc2e75677bc64e77b0a712bc0d48e2479abd98
4308515be876a760c144eab91d83c80b4942d460d1a4d63b60159f1a2f0a8517
43a42702c59bc37d11cb776ffd904de25fe945c6028ef290dabfd0e977a88366
43c40582bfa08c02b31d1dac144ec36092e82ce88f5f15810db164b06d517306
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
45543a8d92a90f639dbbca228dcb74d64f95dc652d0f0f85045db8749d6e7843
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b80e46450200d3fabd65323bf5a91b8d31e919438a8cd48b9f8e8bd8b23edac
4d07fb45f295358e44b45f21d0af5da1fb53b4dfcc329ed52e4696105926a66e
4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c
4d3c6b7651cc2c0d12e13b65464ce70039d9fb715c71ed90e783f2c9d770e02c
4da325f33603cea1c0fb888724333710a30f485bd6bacd5bb5c3cf094c1048f2
4dcf78b31f69c1674cb5a75cd5fd5744538b50eaf34076396d9cf54acebee6e4
4dd577f309137a387d124abf60edfc3b34cc540160e7bae285a908d3414a2b73
4de084d8fca9ea129b962bb08ca954168391abd13473a0eb6f60a0cd4145a2be
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e93349a514cb1b31c42ac8b669bc4f97815ab51c85be009491a03200ccb7d34
505abb8f43b0c4e043d56584b03a3218652f378ff6ab3f5d9a7603bc71f6383d
5071d5383b1f71b98f5ba48543dbde7565b041fb8f7617b0a47b42f6eca80ff9
50d56f47e3a7ff81df5f654f63b9a3d04d305fbdc915e0d3f88151fcb81fe780
51d101909ab68d28716e4de8ad358bd27e7ae3ff761d69eb413fd79fee2e7cc4
5249fada11494c9985a415da427a9177cbd1fa91e604ad957fb5b8a868ba25ab
53150c8ae5d96d5a4da28b98735b1515da09ee253769f17c1584b8937ba228ee
531dd530899d5c89c1c766c0ca463c5e319a84044ebde699ec95b633807025a5
5339ae913d588db3d513c068ee315cd1a25de7eb53687d335d5d9dc1136ecbae
5427e10c23520fbca480e8750c7e03dc2858eee594081879ea72a559bbd9fa81
550fd53cfac71935fcb47df7167aa4341676df54b664ccfa036bb3b3e1cff9d9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
571997b2716e6c23f6913231d40bf28e7b83619df029822b91835780ee1860b5
58a4aa546c8d0abb76683f33ee34bc0b1f812c2a7d845e5a7d03c690a0d35a6c
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1
5d36841bf0a45aa9c54bc18eb777f48e12c4bcb6f879b4fec327d998029faa26
5d410b4aea9f38a035bdc4323315891f9e798d297e3e3db8d000f6e63f54cb51
5f4871b277dbebec4d8490673a48154537dc6f1969140f67c333e85704b50564
5f609d990d592b1748b7bd0625aa52f482f9de91c0c32ae4bf4ee4febd4a4790
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
628fc8670ba4c900abac8d77c8b90306670b5af7e1e79b46d5d6caa694ec2c41
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27
64bd62679fbefcfd46fb16c93bccda65b4716fdb1714a7d0912f14601dc082e2
65cee00250fc5893a2dbde7cac97d40903c5c7599e243ff7db87133f7ed8f071
6716529e24ce8352c5938829f7bdb7f466da42277269a7e54cc7e3867d12c248
6808945595dee427943d31e39e11884dfd304d8188afb970e74d19eea9373018
68695c601fa95d4bb33373955d52ec3f8a5c0b8233df2019918276a1fe1f55e3
690e6dbf49196d0ef5b3adcaedd735dd4493bbf1937fcec44125703db7d21f72
6be53e044a8e84e3c66d8eb5d2f359feba5b32c072ef3456830f32acedb163a0
6bff84e7d1f5c524b06d6b572ca20870ec894706e6f2b96f60e4cd18f238bfb7
6c4fd1fd8364038a4dbfecdbe0f2c5931cc7baf819d0d519aa95b5f02185f6f0
6f733263ba0d482063be46904102884233d3e14ebc2818968db52579a7bdaf83
711abdf8df8e27c3afad12c7218a827aea92e5b948b1019f4cbea4afefe78278
713cf1b92aef8138209b11f0be256ac040cf052e2337651ee8f1a332ec4ac41d
753bd1cc6fdb0a689669eca552f3c676c8153da4a886dd7f44f69487247c1a04
756fde2fa1e339c22573c19550f8d2a02925901ff2d51c43ff9273d6e66cea6c
7672a0db280b61f83892416822dc4ec77ee91b3da4117875cefcbce7e1c326d3
77bc185a2131f1956cae54e9ddf0af75f8d9439332ad1c650872470bd8416a5e
77f014b24f1d51b9e8feb12df701a957c14c0be286d6c914975afd019d15a79a
77fcd880ebe3aee63f04c8dc20987dcab651fa8713a658ecea617b2ab85311c9
7918980d5450a74e052a40d8fa9f5a8d43115eae68e4eb780128ff161a7a7c55
794b6178833d451edc8fa152ab07b01da4b25c88c4c17368e5e4cfd46ab8f956
79dee0042597950493e8956e9090ddc47c3decbfd1df6331349296d96ea51c0d
79df73fd1377483384f7b7565e98c4a430889f0388db05634271f9f302faeac7
7a4243ccdabcea5332aefbd4332ce61ca0f1af879b1c7420f0d90a720c39996c
7a4da18e8baeea4d9b2f6efa2cf38b32db7d139feb7a5b6d1a2045278f44d425
7a7befe39e6a83d97bda6cf9cc19df631dbc5df019e08f855b64f7d19359ab2a
7c8f24757683d5fece3f8af5853e19b1432c3d9110c3f6307b1ea434807eb4c7
7d669e46527496766417d8c2ac8cafb77587f73a0ead4cce92dc22a028354f85
7e323d52efd4a00b0b21c726fe5521ee57375307b7954a89701e5743738025ca
7f333fd1de797ec062a970352a8e371056a1ec444373b1f82666411c29939b3a
7fdeb1c6fd18e0f486055ae90b9c37c166cd1b455157daa7de08f4271ac696ce
80c9671594b35dca109b7ecf4d7ca12db35663ba90b6e591fee421a3d3a6816a
80e4d77c6f8d99a01410ff4a1b3c8d950f8a960192eb1c748716874d3e45ddc6
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
8211226dedc89e5283d9e07969eb21fbde7ef0ffb0430d4946dfb902e850db6e
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
868dc1a214586522e2cb21b54833c5937b8f095b2026698dc7fbd59bb67d669e
86b69c2cea3bc40279e996b911d5ed43bac1d0c3384c04180b4fbc8720dee5ab
87b03d0602d0cdebdc297ef41671ec80540ce25c54869bff9205720148532622
87b85c256b170188318d0d8c695f43153651f18ee7a4788101b65da65ae0b85d
8923b4f2bb98765736f23c71a08a37e09f44734e5ebff0bd587f4db5ab1c9c8a
8a30971a2612643e99ffd7bef876ef2047c0fb19cd0d86a3c525dfa180a28598
8a4674f46ae8fd1c444b894e0ad7ac9fce087aecbaf7cd00ca15e78b3c845c37
8acc1f1025dcaf26f8f860f726b3a05a701b77eb685301d4f25bc8339bbf891f
8ce622cace1448ea25f5b845aea414dd58a5209330a0c57c8d644dab7f36b57a
8d3d191d44b6a042adb3ac86d403f8eaa0f7d28056ce74fb3ec3bc65aff5178f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8e7efb6ae6f9571dd815db7eee285ce5288648414d2ce024f97135625180c6af
8ed1c626af66981552aac1e9cd693fb3bbf73411f1af5ad340723545258fab7e
9121f32692dbca92045c2acb38f7e954e4810cbb9320607ee469961b4bda4322
93c45b6c4d23d6de935cc95285dbd06307bb024640cb4c186ddb7cdbc091aac1
943030a2bb4a69de7b031fefa25844e7cfd27154a2ba1f4b05d180a55273ab21
949dda098b8a2b3932d0cad7fb83d84d48b51e4c12322df6e8b840bb64fa1095
959d0d916d267c94ec1d1bfb179a81166bbb5cb22d6a2e90ea35c4b57941cb8a
967857a6f62c9b85fb14d10592b8c25dee539a4a1c4bf8e2f591af9ef30caad1
98c70c0f61a5e4c27669e5369d8b2940cf1603d14a979b1f11cfd8f67ef96a9d
9b90d8f242030e61a9d4e6d32982768f442553d9f7c193b2c88bb65fc9351bdd
9d276edfca3d8bd9602377796da8f620f44d1ab1c84b97fcb7ccf0f768a37499
9d799961163bc310e9b528b76ced3dd459085488c92a0713ce48f2ee67c4a06b
9e8a87361b0f4af1609f3daaf069258ce24c3b4018b86cf6f21ce471891a49d0
9f490ec3ad15784474683b1b14ba067fcada18d17a4b59572477e97ed99890d2
9f85a8964e063aa66ae22e30e1e86722714e1fcca4a00ee718a34123620e98a1
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe
9fba1b0797e04bb4e94dffcf9068f89e75b4fa5569dc9efcb5aa72275435457b
9fc487a75eea98b11319aafde13f978f28438e37cd8bcf0fca3ac4f86812a607
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a075f92744836d04b6d6baea13c646a1376afa236c13827f37e52420050b3a64
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
a345a18e5d3f6c07451cb14dd480bfad123f03663912b581265d617d4725fe9a
a4b945ecae722e2d4c2f28474548e09fb6f570aa48299e54a59d0f3a7301d591
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5d0c40f6aae2be2b7568e73f385fe84a1ec23398d8dc786c2ef80a4123c02e9
a6a936bf89e1100e04af426880bbbbcdf995f6501eb58a5e7ca3382b0ce74ac3
a6e48a10869da4b9d1400d6d66e0a7a9ce143a5abfd49a43e15173396d41c48f
a7c06737ff8e146d47c8bc6dacafe0b4f5cbbade1b6d17e6fa3a6823b488bf99
a87dab54792ca3697212f10ca3a1504a38c2c6d609612d0e3954824d2726a172
ad4a3f8a6ec984242a523a715b85bb4711d363858ea3ff1ca884fcfe3f12852a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af979786c73f4c25357e6528bb264f3dffae203ec6ff1adced8b57c3532f6d4b
aff6c2743f2252279f0f406b7d452f213f551dfacc1f66b117822458796bbdc6
b0781b3a574a64e29f199af2e64bed3ce943042828f43a3466fd24a06c1236c1
b0a16378462c7afcb27d8e14cf50e2cd3a8980af2895d20622640b096920719e
b13b23619ccb23b7e4c2b9657571889ce1b778f8d73ea63b8bd5b15c7d47b034
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b157bf43c8e8076447c479262fd1eca97717ead9f21be7de6aa037d17870d2f8
b1621e07b5dfd008521714aeb973aeedcf047028a0bfddf14bc65f965f82bccd
b1631a16b9a272828ad99cdb2ff9beb5ca3f1bcfe33741fc51fb9fb1e764e227
b174ce5b49e067604583b662aca2fba1bc6ddfe36ca28f409e1cdc7821a6d52b
b28b20486a38d067590430bda71b788382d03a28c1c10f406842f281d3e6ebf8
b2d2f5d052658ef5589fe450a8654dbeb88d97511ce36f21f1c3bb3b38fa3c24
b2e010dce82b03b0a32ed72bbfd8b451ee07121179f71fa37bc8a89e1edbee93
b3587ccc786d72c7d352e3cd589f1c34a6d5f99944560a6c2e7f6f69f0a69b9a
b4065ca4ba0da361babbc67ba6f4311ff70ccadb30fdbab5eaa4f42d5066ad29
b421e722a5b85284f2aa4281c9c9184ed0ebb1b9c5433a998877df450c84b405
b510ee91066f77f938f78422378a73f44818d0ee661c0ccb5ad398cc7dd6b080
b52af4f6849257bb609f2078d51dc45ad49c0f9b5ff217cf6f9c1c8afcb9a8df
b5f80d2baceacb14ec5d88f52ad8e3ef64cffb0ae65661cc99ad55b439fa814e
b6b5bd580386cb6b0a3413712315dd4d0c992a3ef2e78cf2727c53146c745c2a
b79e9625008569a11ba68696878e72f8469621f61f4f8a805cfd2137192a8034
b9d563addef16ac42c163e80f3e0dbcac7cd2bbddfdaaae55a764060a9be8e89
b9deac08511b98fa127fcf0d07e132b58d85b56662aabeafd82029d6257cdd2f
ba7e0e72735ea304bac8a43e87c2da1b7ee2d6705e8548a2fde134beb08d7b48
baa1e321fd815ef7c8bec6e9daa2ef002aadb656cc27cfdf6661dfdac33e0cda
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
bf558863611ee0819dc7de3fdd8075de34aa52cbf73b57407099ead1f5dd9581
c024a500b6884e87cb923bdfab0b6303d5130c87bd4e00612ea410613e765faf
c0db3e9458387e2a421e00547f53e89b946c685d38ff7f9b2915cd05ccc268e1
c118232e8a98feecbf658394f8781178175ed831c2900270adb7983f03fa1e39
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2a7c80301032f20f90d00a75cef91a4af5a7fa04651eaac3281f66466c8e8dd
c3a1e19ae447c458c806cec0f399a8b654602801a1b68e7c0341562c22b90f7e
c42ec0c9a7618f656cdf101174d4cb4871577ba4c75a718b2cbe8c5b27848014
c44a49d32db2de65864bf1a48f32eab639a53725184e637025ffb3694b5c72ed
c45801418e5c916487727ceb005201010ee7ab365dcfd291800b1177542a27f8
c59f46722ece3cf30399960470954e8074c4ea661346d1d9ea6809f94a080d43
c615104d3516e49abe78a9102737c6aa04056c6a8090e5746a38921d3b3811ab
c69d6d08fbf8e708b5f1314c9cad09a2bcc1b2f14bea5d32d841831d890e0fdd
c707d5798e40035ef5aa307db04e295703514d654b1e65fa62b04492c687c255
c79380e504a585107d19c91f6b910df317af334f7340151359272454b91fe8f6
c7bd8af3991b2b07f72de49ee508285834e404e5aedb27ceb96f83c9139c8bb5
c81cab8c63d469329c0e0724770c6c8622f0d5d1fb8b6f919b6d7dddfadba190
c8e9c4ffb18fda87c5a80012347ba15fc4b2d948429d5097da3088cf88866fc2
c9e472aff2d93f3cac06b80e66f6ab2437e7214f8ea08e66e6796cde59bc91c0
ca8e011c30e88f7508e3aa362170192447703c3054a19d3df50335a6d9576640
cae693444d5c4b70988da3ee41b0c3809de3f7701f474183ed8a446be6c970a5
caff1d6c79cb935e326f76b59565cd12aa0d1f2cdcb6d03c63ab2e40a468dcfb
cb2d455bcc90dc41c124a6deede16900086c16c4c43cfa5ada9073d39bafba3b
cd03a9c9d704f813ac04c47055e0b8acc1d4183550d4625f3ef08017586cb6e4
ce0fc14328932a6e155917967a3272809b5410b626c3633cb452beb52c48b6dc
cf2a249b6acac994077c7d64187bed0156e339c3a5880fa55664c0537495720b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446
cfc0020fe9912d17a4468c6b13a3d8e0652045ede122b90c8e1506a92561843a
d00b4c8953cdf25f549728ad667759e6f7650b5bf6146ecd3ec7c087bd3265b8
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d0f038abf190d8f1442efbbd3fe43ab45498a0d68d12663103e6ae99007472a2
d220c2d57035de01bb651a92e1ee4595baffe75ac9536360938c859f73314445
d22c2b457592d1f744afe93fdca6657e1985e47f0fade89674ae45ebce1d6428
d23255ab7e396afbc76bafff1652ddba30d6aac53571dcda9f04b05fab9e3cea
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d3556e639754873dd0ba95e2eb78a0da1ad2f0b4714741890e6224fc6340fb17
d54fc1c2a96384ae7c1f3301deb6cc0a17760a4e6023825ad1062fa528859afb
d7625192ef2328a875ce7364023722aeb5e093bf8ceae8013917e005763ae234
dac9ce6b163b009d3fae39abc37e728afa2476e5dd0b5e5ac9480a9969fbbe6f
dae258bd59c5ef795f209e7f3e8839f4cf59290f04c9df464d38af8805dbd841
db208dc24768b12f6523669aab6675ed30e78c41af4b820adef78229b9d8275c
db8116b1dae2139b5c0bb53b1ade08c16fb96276991f128a7929de9d9c7c9f21
db954c9e00f68bb7532a4cd5b5f269465d2d421762d4388b0492fc512ccdb8ac
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de42a33c87ab66be436b99c0872c94b6eb3e321d31aa998e43ce752d118928a2
de60ce74dc51181fe850f249ae75cc015cbf18c96b9e44f5a40e9cc56b0ba85b
e03479d42a13b23253b2cc60ad422692550d5639cc2422d1bac97793386fc016
e13822da2ca587d1d53b050cb267bbfea098e785e496dfb833bf4ae38555a087
e23b0fe5f5a5a128b125349e044943ec78738cdca637bf24d2a98acc3ad35029
e23c50bfd5886cfd03f4dfd836ac028a398b796db5250ba161fde7372bc8642b
e2619d52cb1409d4d9e72a454e68893fbac6b5d340635a9e21502d4b14b9a658
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c5ff38a6b645121ae055d1bb18885c2f185331f58f6229443c2f031684216f
e3f16a99683ec813507fab742f11167db01a3c2ced3fdaa6f1ea859d2f9f4fe2
e4312c5a65078131ab9179720a03709fd63a2ab380413cb6c705022168889417
e47decd7b73d4691434071d58733d578d6d014d7c966c522bef3e7d1dc00aeeb
e514ff21e53b0e836a3ec46c15c06a4c7652d732c4013298915a499a0ed367c3
e5bab9427ec1d36c811e3ca40b2a1014b330dea0fc48b787041c572e1fdc4f28
e6214b2559f67192d41d07d928357497936f068d2953d63646bbfe104b1d68c5
e734bc18e7f9f3bffe6b448f97d2375d3f2b2c6ee916ca88f91a960894deea59
e77dd2c01cd1ae65aa2b4fbf5330522389a2688330bf3d8b8ac984eab9c31571
e973d2df27d7015bf89fb49c491c1cc7ad70792dd52acc1b7a06e45d54408c42
e9b1ef7dc055f01207c9b97fd68f8ce1fa4c7eb77525093435a919f393235487
eaa1fe6daa6d6efa271e07a942dd6cd521cf367b0f2a1470512f43dc315ad50c
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ec18ebaedb655fd8c94eb9c8160e218920dbe41c7059171f06c03d0dedd5010a
ed6f9599a4cb0dc41abedce3c3419faf4abcb9760c7aece6ac2e6b5ffe2504a9
edf100c708eb45a6607c05590e6c277601f74c10408b74e84be519edb2709e6d
edfe8fd9e5fd546323a16162a06d4eb2ff331ad230e1b3f48d2ec97862511d04
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee817657482702feff28665dbbc9a14faf3cd46fb981f379a066384697ae5937
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f01bab0378512e79c7734165866170b7a671fe06892b91e1d45252cdfc746043
f10125c259335f2674a873608114dd8a53b26047c966e048be9cfb26d1e7a86b
f1bae7aed8994abd3673afcabec628b719e13a663ae74c3983bcb9871278f7b4
f3626395a3596984e23ef3c2e882eee1fe93e4830f6c6b90ba9aad5028d2b6c5
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f4d8d5315f40f5ae7d8d715f4bff0d9f906432af559a01affe6a3b8095335e97
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5feffb6fa92b882b635843312b847816019ed9f5b45779b94c844633db91152
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f73f828d84fea8c32831ae88a4ddcc3a1811fd3028184c622a0327050e3c20c9
f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9
f8859622b014c35916f294efc76fdb684a5681149809636416851b765d4eaf39
f9238b6bdb43098f65ec6e26ea8ab4ec117bc94af8095e882725e56332ef54dc
f955bad4911e135ef8894618754dbed63059322adf7404c619734960cce6adc0
f9d9f5036d0bd2be56f58b96153837812b097932175127c8b0261eb0ba7b58de
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fb33053840768d71ba04773d80919994344f4c9803205be7e695ce4e69c1d82e
fbbc0a66982c2da23a5e7deab77ebcd2fd3551c4ae1f2f1064190d5a3f7e4711
fd7bfad3299520c2c005c414b9702c0f40a2094d24de148cdafd0af15bee12fe
fdd5eb5886d055428379d1938f01e5a186f7f8dbf3efc851ad9e04914302eb59
feae53d22286d941bf9257a5118cc4276b26e7db5d92560740453f0ebf87d94f
feb2160dccd8b0345096a272f9753c529fa2f32b843400805851dc714372d9d5
fec349607d764bfe018bd231f32f372195aba2bd2f88a6eb74ab4b70437ccd3a